last executing test programs:

1m0.167102892s ago: executing program 1 (id=1166):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r1 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r1, 0x4020565b, &(0x7f0000000180)={0x1, 0xffff})

55.022476079s ago: executing program 1 (id=1179):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000140)={0x4})
sendmsg$NFNL_MSG_CTHELPER_NEW(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB="ac000000000901010000000000000000010000020800064000000001480002000c00028005000100210000000c00028005000100880000000c000280050001003a00000014000180080001000000000008000200ffffffff0c00028005000100210000000800034000000bd20900010073797a310000000008000340ffffffd408000640000000000100"], 0xac}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2)
socket$inet_tcp(0x2, 0x1, 0x0)
r2 = syz_open_dev$swradio(&(0x7f00000004c0), 0x1, 0x2)
pread64(r2, &(0x7f0000000700)=""/115, 0x73, 0x5)
r3 = io_uring_setup(0x2340, &(0x7f00000001c0)={0x0, 0x483a, 0x4000, 0x2, 0x385})
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000300)={0x0, 0xf292, 0x0, 0x4, 0xb5, 0x0, r3}, &(0x7f0000000280)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r7 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
read(r7, &(0x7f00000000c0)=""/163, 0xd0140f23)
r8 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_CONTINUE(r8, 0xc020aa07, &(0x7f0000000100)={{&(0x7f00001a1000/0x3000)=nil, 0x3000}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000380)=0x76a, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0, 0x0, 0x12, 0x1, {0x1}})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$radio(&(0x7f0000000080), 0x1, 0x2)
close(r2)
r9 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_opts(r9, 0x0, 0x4, &(0x7f00000001c0)="441f0801000000e8c94ef56491ee54be0e1c2074ed27c1c6fe76cef3e2", 0x1d)

53.011610052s ago: executing program 1 (id=1188):
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYRESHEX=r0, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ccc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6b3f0000f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784753f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a748cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d9f95e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x8000}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000880)='./file0\x00', 0x103104, 0x1d5)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0xfffb}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
gettid()
timer_create(0x0, 0x0, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
readv(r4, &(0x7f0000000040)=[{&(0x7f00000000c0)=""/214, 0xd6}], 0x1)
sendmsg$netlink(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001e0001eb25bd700000"], 0x114}], 0x1}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000740)='./file0\x00', 0x0, 0x0)
link(&(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x42, 0x4, 0x0, 0x0, 0x0)

51.838233318s ago: executing program 1 (id=1192):
syz_open_dev$vim2m(&(0x7f00000000c0), 0x100c, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="12000000080000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xd, &(0x7f0000000f80)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000085000000a000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$netlink(0x10, 0x3, 0x10)
epoll_create1(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1e, 0x2, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0))
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYRES32, @ANYRES64=r1, @ANYRES64=0x0, @ANYBLOB="ed"], 0x20)

51.728750642s ago: executing program 1 (id=1193):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x13, &(0x7f0000000740)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x20)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2a}, 0xfffffff8}, 0x1c)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000003c0)={0x2c, &(0x7f0000000c40)=ANY=[@ANYBLOB='\x00\x00W'], 0x0, 0x0, 0x0, 0x0}, 0x0)
bind$alg(r2, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x0)
recvmmsg$unix(r4, &(0x7f0000003f40)=[{{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000340)=""/32, 0x20}], 0x1}}, {{0x0, 0x0, &(0x7f0000000dc0)=[{&(0x7f0000000c00)=""/240, 0xf0}], 0x1}}], 0x2, 0x100, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000e00)=ANY=[@ANYRES16=0x0, @ANYBLOB="17283fd49b45f3d6df2501000000100008800c00008008000a0001000100"], 0x24}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
r5 = accept4(r2, 0x0, 0x0, 0x0)
r6 = syz_genetlink_get_family_id$wireguard(0x0, r5)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000700)=ANY=[@ANYBLOB="14000000", @ANYRES16=r6, @ANYBLOB="010048bd7000fddbdf2501000008"], 0x14}, 0x1, 0x0, 0x0, 0x2081}, 0x20004080)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e24, 0xa, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x8}, 0x1c)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fff, 0xf3})

50.163305405s ago: executing program 1 (id=1198):
r0 = socket$unix(0x1, 0x1, 0x0)
unshare(0x20000400)
shutdown(r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
creat(&(0x7f0000000040)='./file0\x00', 0x4b)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x6e2, 0x3900, 0x1, 0x0, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f00000000c0)={0x1d, r5}, 0x18)
connect$can_j1939(r4, &(0x7f0000000140)={0x1d, r5, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x18)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmmsg(r4, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'vxcan1\x00', @remote})
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)=ANY=[@ANYBLOB="080000002b6d8a96108d174a04dd7311d105e2a804389bb22c3778fdb7576dafcc", @ANYRES16=r2, @ANYBLOB="01000000000000000000010000001c0002800c00018008000100040000000c000180080001000300000004000180"], 0x34}}, 0x4000000)

35.057442823s ago: executing program 32 (id=1198):
r0 = socket$unix(0x1, 0x1, 0x0)
unshare(0x20000400)
shutdown(r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
creat(&(0x7f0000000040)='./file0\x00', 0x4b)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(0xffffffffffffffff, 0x6e2, 0x3900, 0x1, 0x0, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f00000000c0)={0x1d, r5}, 0x18)
connect$can_j1939(r4, &(0x7f0000000140)={0x1d, r5, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x18)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmmsg(r4, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'vxcan1\x00', @remote})
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
sendmsg$ETHTOOL_MSG_STRSET_GET(r1, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000000c0)=ANY=[@ANYBLOB="080000002b6d8a96108d174a04dd7311d105e2a804389bb22c3778fdb7576dafcc", @ANYRES16=r2, @ANYBLOB="01000000000000000000010000001c0002800c00018008000100040000000c000180080001000300000004000180"], 0x34}}, 0x4000000)

13.788790658s ago: executing program 3 (id=1303):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xa, {"a2e39b214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324d078b089b3b0838681a0890e0878f0e1ac6e7049b3d6d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b343b0d076c0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0d9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c30900004288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef7becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda930b000000cbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe505003d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6ae4effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d71eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d471c8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949d9a92587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15aa82000000000000a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000", 0x1000}}, 0x1006)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
write$bt_hci(0xffffffffffffffff, 0x0, 0xa)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x16, 0x0, 0x8400, 0x1}, 0x48)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000020000000000fc000000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xb1, 0xbd, 0x2f, 0x8, 0x47d, 0x5003, 0x2f8c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa0, 0x58, 0xb7}}]}}]}}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@updpolicy={0xb8, 0x24, 0xcb23c9c9931e99e9, 0x1, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x9}, {}, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x4000)

11.152852114s ago: executing program 3 (id=1309):
ioprio_set$uid(0x3, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r1 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0)
r2 = syz_open_dev$vbi(0x0, 0x2, 0x2)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f0000004b00)={0x4, @pix_mp={0x5, 0xffffc000, 0x56555959, 0x0, 0x6, [{0x4e, 0x3}, {0xfffffffb, 0x3399}, {0xfff, 0x6}, {0x2, 0x5}, {0x7, 0x80000001}, {0x1, 0x6}, {0x40008000, 0xfffffff9}, {0x800, 0x200}], 0x0, 0x0, 0x0, 0x0, 0x4}})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
r5 = syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010200000000000000000100000009ef7d1a54b7d5cf300000000c010000160a0104000000000000000001000000c00003802c000380140001007767310000000000000000000000000014000100726f73653000000000000000000000009000038014000100766574683100000000000000000000001400010074756e6c3000000000000000000000001400010069703665727370616e300000000000001400010076657468305f746f5f68737200000000140001006970365f7674693000000000000000001400010076657468315f766c616e00000000000014000100000000000000000000000000000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010067656e65766530000000000000000000e8000000080a010200000000000000000a00000a08000940000000030c00034000000000000000020900020073797a32000000000c000340000000000000000489000740deacc1e31b1e496f0e61c41e98a5458002104290fff8cb49bdd5c9e4b4f7b2c80fdd2ca15f29ec41a6343a080d14eb90eacc7f112050e681f7816322db3b5ecfdedf4ba1e6641e40329c5484d8ad8e671dcbe7cc273c3741977ee1e37b8b3bcd4b71280bcb40da604952a2081d675c66cf6e4f7bd812813577f4467b44ee87f0d8786249fc0000000c000340000000000000000508000b400000000108000940000000022c000000030a010100000000000000000100000708000540ffffffff08000b400000000208000a400000000318010000180a010800000000000000000a000005e00003802c0003801400010063616966300000000000000000000000140001006970365f76746930000000000000000018000380140001007663616e3000000000000000000000000800014000000000900003801400010076657468305f766972745f7769666900140001007465616d30000000000000000000000014000100677265746170300000000000000000001400010076657468315f746f5f627269646765001400010076657468305f746f5f626f6e64000000140001006272696467655f736c6176655f3000001400010064756d6d7930000000000000000000000900020073797a32000000000900010073797a30000000000c0005400000000000000003140000001000010000000000000000000000000a"], 0x380}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r9, 0x1, 0x1a, &(0x7f0000000000)={0x2, &(0x7f00000000c0)=[{0x28, 0x0, 0x40, 0xfffff02c}, {0x6}]}, 0x10)
sendfile(r1, r0, 0x0, 0xffffffff)

9.825152722s ago: executing program 4 (id=1312):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
capset(&(0x7f0000000340)={0x19980330}, &(0x7f0000000040)={0x0, 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7000000ff020000bfa3000000000000070300c000feffff620af0fff8ffffff71a4f0ff000000002d040200000000001d400200000000004604000001ed000062030000000100001d440000000000007a0a00fe00ffffffc3030000a0000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0465f2f994114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840b08000000f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e82623951743283070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00a5b4f7e9ad0500000000000000"], &(0x7f00000001c0)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffffffbf}, 0x48)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/raw6\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
close(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="05000000010000000700"], 0x50)
sigaltstack(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x112080c, &(0x7f0000000400)=ANY=[@ANYRES64, @ANYRESOCT, @ANYBLOB, @ANYRESHEX, @ANYBLOB="50cf6dc11613086d84d39b981ca3e13aca40c0c6c5f09c5b83867ffb44012cc8d73e13ab3b5fe0834f12ef38b1ba9561bdc1205b09a156ba9060494778d21d0c83d3df1f75e0cb1d194a5f6d1a70f4ea8dce"])
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = gettid()
io_setup(0x6, &(0x7f0000000680)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x3000, 0x3, 0x1, 0x80, 0xffffffffffffffff, 0x0, 0xffffffffffffffef, 0x0, 0x0, 0x2}])
tkill(r2, 0x12)
io_setup(0x6, 0x0)
io_pgetevents(r3, 0x3, 0x3, &(0x7f0000000700)=[{}, {}, {}], 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={[0x20000000010e]}, 0x8})
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000440)=""/192, 0xc0}], 0x1, 0xda, 0x3)

8.723040543s ago: executing program 2 (id=1316):
r0 = syz_open_dev$admmidi(&(0x7f0000000240), 0x20000, 0x571ac2)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
connect$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x1a, 0x0, 0x1, 0xf, 0x6, @random='\rc]jRe'}, 0x14)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = fsopen(&(0x7f0000000000)='jfs\x00', 0x1)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000040)='re\xf3\\ze', 0x0, r4)
chdir(&(0x7f0000000080)='./file1\x00')
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000140)=0xe)
ioctl$FIONREAD(r5, 0x80047456, &(0x7f00000002c0))
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="900000000002010400000000000000000a0000003c0003800c00028004000100000000002c00018014000300fe8000000000000000000000000000bb14000400000000000000000000000000000000003c0002802c00018014000300fc00000000000000000000000000000014000400ff0200000000000000000000000000010c0002800500010000000000040001", @ANYRESDEC=r0, @ANYRESOCT=r6], 0x90}}, 0x80)
setsockopt$sock_linger(r6, 0x1, 0xd, &(0x7f0000000180)={0x5, 0xfffffffe}, 0x8)
close_range(r1, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x10, r7, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000002f80)=""/217, &(0x7f0000003080)=0xd9)

7.965013294s ago: executing program 3 (id=1318):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000000c0)={0x60001, 0x31c}, 0x8)
bind$bt_sco(r0, &(0x7f0000000140)={0x1f, @none}, 0x8)
listen(r0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000340), 0x206, 0x8401)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
syz_open_dev$vim2m(&(0x7f0000000100), 0x1358, 0x2)
unshare(0x24020400)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

7.666698472s ago: executing program 2 (id=1319):
socketpair$unix(0x1, 0x4, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x80002, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, &(0x7f00000000c0)=0x3)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000100)={{0x100}, 'syz1\x00'})
ioctl$UI_SET_LEDBIT(r3, 0x40045569, 0x4)
ioctl$UI_SET_LEDBIT(r3, 0x40045569, 0x3)
ioctl$UI_DEV_CREATE(r3, 0x5501)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000000580)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
preadv(r4, 0x0, 0x0, 0x3, 0x75)
ioctl$UI_DEV_DESTROY(r3, 0x5502)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000200), 0x48000, 0x0)
ioctl$TIOCMGET(r5, 0x5415, &(0x7f0000000280))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TCFLSH(0xffffffffffffffff, 0x80047437, 0x10004000000006)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)

7.528915906s ago: executing program 3 (id=1321):
socketpair$unix(0x1, 0x4, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x80002, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, &(0x7f00000000c0)=0x3)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_SET_EVBIT(r3, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r3, 0x405c5503, &(0x7f0000000100)={{0x100}, 'syz1\x00'})
ioctl$UI_SET_LEDBIT(r3, 0x40045569, 0x4)
ioctl$UI_SET_LEDBIT(r3, 0x40045569, 0x3)
ioctl$UI_DEV_CREATE(r3, 0x5501)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, &(0x7f0000000580)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, 0x0)
preadv(r4, 0x0, 0x0, 0x3, 0x75)
ioctl$UI_DEV_DESTROY(r3, 0x5502)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000200), 0x48000, 0x0)
ioctl$TIOCMGET(r5, 0x5415, &(0x7f0000000280))
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TCFLSH(0xffffffffffffffff, 0x80047437, 0x10004000000006)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)

7.528669063s ago: executing program 4 (id=1322):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r0}, 0x18)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r5, 0x4008ae9c, &(0x7f0000000000)={0x15, 0x7, 0xd})
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009302"])
r6 = syz_open_procfs(0x0, &(0x7f00000001c0)='ns\x00')
r7 = open_tree(r6, &(0x7f00000000c0)='.\x00', 0x9801)
fchdir(r7)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x0)
r9 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r9, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
listen(r9, 0xd)
umount2(&(0x7f0000000180)='./mnt\x00', 0x1)
r10 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r10])

6.20079988s ago: executing program 4 (id=1325):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0xd, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000cebc0000000000002500000000002020207b1af8ff0009000000a108000000000147010000f6ffffffb702000008000000b70300000000000085000000720000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0xc}, 0x94)
r0 = openat$drirender128(0xffffffffffffff9c, 0x0, 0x400000, 0x0)
ioctl$DRM_IOCTL_GET_MAP(r0, 0xc0286404, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x4, 0x4, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0xa, 0x17, &(0x7f0000000880)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0xa0}}, {{0x6, 0x0, 0x2, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@llx, {0x5, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x4, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2}}}, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
set_mempolicy(0x1, 0x0, 0x8000000000000)
bind$netlink(0xffffffffffffffff, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000280)={'\x00', 0x7e, 0x1000, 0x5c8, 0x80000003, 0x6})
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_int(r4, 0x29, 0x3e, &(0x7f0000000000)=0x6c99, 0x4)
sendto$inet6(r4, 0x0, 0xfffffffffffffd2f, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000040)={@private1, <r5=>0x0}, &(0x7f0000000080)=0x14)
ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000140)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @empty, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x25}}, 0xe5, 0xe, 0x0, 0x400, 0x0, 0xc0090000, r5})
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x4b, 0x800000, 0x8, 0x5, 0x80})
write$bt_hci(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x6)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

5.642259981s ago: executing program 2 (id=1329):
chown(0x0, 0x0, 0xee01)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x4020aeb2, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6(0xa, 0x1, 0x8010000000000084)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000006380)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000340)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0x34808521, 0x401, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xa4001f7e}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000041c0)="412e450a2a7b9586d1e6e9de257afc4fd60c8de430c0d6348b2cf1db8d070a539de9c1e91a178f9240dbcfe303566018f6c20c55d643a2ed46aaacf49ca491ee2f06184bdb548778a2c56e56f6b40b994419428bbbb9dfa5f9593511ca8ae1c088fb0ee5da72f505000000000000002c04754204f194ae6ceff4570d44496eeffe619998eafc7167d22e1c6aa73e89ad19224e35130a37cf68d5c41ccafe59b4b753a26e06c4306d31d78de6cede97c06e3ca2cc4af66b7548268efa91621ffca2655d2c8f1a9bb019b88fa729cb3d32f72c098c44898d42c42f39feb4faead93980726c236129acdf31c01f1cabb5ca3ec4e45eb5e6e59912792b4976e3f2b560c861d49b539d8e1870040a8cf190a8a767ec067a8048aac53336b44669d3d425843ae80681a7c02a5d5a3d90f355fd4a6ac277e75230d558f0df20cb323cc65e9b5a258cdd669c8a9534e4aff09a8fe89b124748c9e756c28789c2152a5142bc0bb205e339d43bb980b3f04a3c1a424a2a093966b20600a5410e0528fb35937c998eea19f01eaf2f39e16d85563a6737ddab3213ca1832f0afdf891e34a582f6a4ac81fda70ebc3fedac2fb3a492fdb40b91021e5d371d990064cd1f7c2c1a6472dec7505f9a4940057a3e57fd53aa3cd2eb914e073a19b6e925f8553e6875c093c7d19de25861fd9640f0eca4cda0467f12126daa2e0c6df7d4e4babe5a6e59e8391be7700790315b6b8a8aa74cd6d3f054aceaeda79430676b67fe25c9029e0894b413377fc4d8300d9f9338fadd07e4c80cac08113df8971a868458c47c06fff0c1c4bfd48ea583e9e76ef103d42c233b6de10b30612cdbeb6b60a6a4dbbe2da63cc2dd4fb93cac65af3c1279274f4af0e2c5b96e6068aa5b41f7548fb72b0c142351f64446db7425115b89132b5589ee642ebbde655adb2d7d1117456a6e4f2886879b42baf85e05d53e2aceea9c3830673bdc4d081675fe76b994651af9c3f16b7513834fce4654f84558a8308fa677d05bffcc893d9813bf87c5ec520cd66ad58dc06f0c47d253cd36dfec82980fc8dbdcd4b1c037c2b30bef455984f3e8ed19d69e185fe4fbdda2c2517ec9abfbb4841252e650b6bf56fdeca9a4ee3c311de3c6859ec14cc00e95323c57c02fa894d83ea17944f3112fc19a7e11335d7951ec6dd5b4f06fb9b637313a230341ea5da6a7a959e707d0cd5fca60a6649c8df8d6c17e9a49d230e5775df14e4b43aa3420bd0b8814ec7360ab1910e69fab8932f7646d7998bdc2e8ec354c52da21ed83fb7582cb9d37bb95f144974f72c7b0ae7b42945768fa8ec0dd6daba72d05809670506ef1054282201b00906c8af64e3e13a10f180688c96549b2d3d6b04403fd571e7b132891dd4b7cf37aec25ca1e9190c17aaefbc31e059915c12c232fb7097e9fa6f35fbb265c7102db62e2264590c583ea90f1aee3f166af81430d9084eb0c760ebbb16049c9fd1fee6ce33c8ac205e3ac9c275531feadfa4054e0c027c26beb009f54aa72b864d39bb11753f77931bb960276db33021c65671e57b3708bbf979be222e8439d71f58ca87cec7a054517af398a42735b580717377a54f139e2c46813cbb03d98e49c26f4ed54d75e48573cd06145f913f4e313eeee837496dfff75aa722fd8486c45f9c959da12ae48ba4a10712120a203e2476c7b96031d8f8773f68344e6fa21831287655aabbd594e9f272eb1a7315d2d79b8bcd5e63004cd106f80b1e40a5d9e428a01bc58264f4d63c2ee9db6efa70607a642aeb883bf4b9fe009d7f09c16b05a2c9b73573e9019e161ebbdc1fc9b9cd0c5fe1b57adcba2d0f3a767ad59aafa159b3dd181f0601ff95e8af8b5410e56c81ffb8ab35b1e04af35dabf69f08572e69260b72bfd502c5a0de627fd3fee44bf1d4a261bd356056c5739398e3ff161beec1240a089625daffbc61dc5e660c274565477a0ff1797fefff04a98704802ab0674ab72d400686229608cbfd2ca20f4e62495e8b09de9d180c47375bbad72f4474b67d56104b4b466192be60f7aa668fd0a4338b856f114311842ee806d6488ab09098ed9de0e21bcc8b42a5d5713d15eca108fcc7a65d6b414a112524a6e1418644508dd957147a92d4399d13faaf01cacef40549cd11900f9aa32a8333f55796ef25d33c554a308da9797cd0ac25888311b0ac88eff0be7a36ddedcfc2b095abb4d5a6a4edbbad67b70cdf60c7ed0c5e040ced90edb3322ef684332358942ede9191b431c99b3abf8f9c50206479f0ac118c0a99df61fb9c90d846f41caa6a2448fb7e15640965e051c2af4ee72a5cc7c962bacff7019615c10e6c3054e2e5792df3aa6e2c33425552148466a88568cc79b6edebf0107b7d3d24423a665d20c3a1c0f1a6b34eb475bf875912115914cfabcf394f8a096d64e5dc95705074fe5e985497dcf052b9f748b9d4688859c0200fa43719e4722ed6c064c0efa7e07beb2a26fd724b63537fa0eb506365d5c029cd8dce7dd0a1cb9d9058c061739734af6be9e880fe7e28a211a4c368a7babd1107110ecbb384b274cc092b9511c4abde2ddd863162e2739984a9f3c0a76e3c530a27d5e385f4a3b87607b2a944e09d28239661d27719e22c0a657ea383c30859ca29cdb8fbc79bc83e995dcb361743a7e195650c37e570b768a0a1f0b118fa5be9b3c838326343ec5b376d5ee040ee29dfd868cccf9cfa4591151f519cd6e2ae1453a58aa92f90ee5be11ceb8511ab743f399be0a190eeddfd112336866831c3255ef6520d88b2581ea3767f3df01a38d9b4656f2a89c5df41443291a795da45c8a846015cd041bea0dfbe648348b10ae73ce43d9017182792cd9172eee642c549a530cc1f537f9aa70ca63792ba4a86a713ae09b917136e5bf1506ad7f367d8d2f77f47a2318facd109bba9b1327b5db9e4aeffbdcf414db761eeacc227a15cd72aa52c8ede33bdbab9de9aa1e8f470a388013d07f08777e2131bbd4856ab5c1c38d03ef407197ccf24e8b2a8db69e78f9d6623033c453541bb79f9e0be9a55588e2e54fce65fb785467064a146c4bf218068b5e3efdafaf93a98253becaef226cd79468ff1bbe0c9d43877f5cbb5844fd8957f15d3ef208aac11816585cdccf039c36b429d3d7fb634054fd0f09c8abea3746a6b7379142abde26d998ac7e39b94746c60c09f86ddbd7497849d1ef839730672449f35a3c3253666e9fc053ac1c518e44e0b84555be507f7c00fa9e4864b4bf40ac3d93f12001eb780a779e655d0633803268c094ae161a0efd652003d6ac47f9a6c28d866b56233f371627b01e0fe9361dca611a28841968d4e12cb73d49ce08fe25de4a90b2d34607202b20e71f5e1eed38e17d0a2748f548cf61735f4c9cead1cb93b11929d906d65fc60f88e6919b7b5a1014e6d408bce9c8cc832eecf9147708fe451891717d2ed99dee70773feaa97985102abd3dd05c904c28898afe060621db6564887bc4afe158fbe1d819136a1ac1dc9d8674798a93daf5255460b50c34496205834c668db4c764e76ebb6cdaf5fc44b881cc2ae87b4a7cc045143f96b1620abfd0f116e673b335beefdafa1e58d9194e010cb78956044646da5ba853ce981667f2b8e5001c2df437c9d597ccd2be7d2887f5cb7aad0539abb3f9db1c8f5cd4d7d831946ba1c1aa8737c114fec1ac9a82519f57cb48c49b7f62e9eaa89f448df33fb307cd0036c70b490ac340f7d04e14f32bfeebb08a9d5bc7bbef8f231ea09311d4c82cc55c90eb53c6c003cc98a34dd3c4ec2d8b3a655a78e16e908f368733d0a02b36fe963e2d80b5e6f7b2e3aae3013c900c76e4d56e8348bef221f8a642e692c23b12520fb68c793e789eeeceb4efb2097a4d5952d144094cd7be6edc933d257f6230e962d70ba42e1b07ad9eca0ccd60d3d9a6e06b73ccf96a8aa490ed3bd58bf4d79db65355ae145b54be004e464f4dd23fb8b1bf15e13838116083da67186513652608e37c8f847b2bcafb57bcefc7efc8c8182c7d708cce5d14695b4e618e77f8e7be81f27a05e415fd37ac21507a665b2558daee5c0b0859fedfede8c03f181ef5e0ec0da6caa3edf402dd73bcb4026c489a7cca8ab700d3e9f050006c36768a16e8a48e48ed5750b8cdb7ad1fd12d4cc8333d324d6c83905303fa7013fc02553b587544affe38f1a95e0c4c39740d63b6d387fc89b30bd5fd745cb64844b13897ccf5cca135f7d39e03ce8adcda919d86b25b52764b0a0c4f07f88df68868415de13863df84a7e8d355b09cf90e482eb4174fd01f1b371a4dc52f3c89fc3a70c71657aa5d7573ef9acf4d2b0b321c41ff2640515bb43637ba2288ca0bff2e2a3a998ad8294c52f9edfe0a4ee0a3f8ed5b4b5c43319bb9c58dd07ea3237d7bb62cb086e7ea4a81cba2cdeb28794a09c275a704963110b64720bd089e3737ee1a91e348b5e97b63e1724de1fa9f49961d653bbb47b6fa993b035cf59659bcd0306180645162568abf51127845cbe6e37cc3c19b9d69657db4258fa5e8428a73eff6506bff474c2e302ad5559ac8de44c6f0baba5e2e579e7d7f9d9ebf540674432ac11d92bfc9abdc24126888b533f43bd6f293b0bc315915743114a35308a0ee2e710522137918a2b09ddbbc7a2313a2a6b85a1ad26f14dd70072651c8300ddf6de29704b716ce1bc431c66ccc96731f46359a9f6850976c96dcb5e0ee47446f50b6b3ba90d45224066e123ad3854d877c0cdd9325000ac0d6813c30cd43d3e150335601724ca3666458dc4c04f6562296982353e155d5255c9008c0b46d21a678c8fcb3aa8d6574476e0458eb0a76a6cb50f929ed218cc4654cb4f95fb3afbc2548b74acc312563375a19e55d488599488dfed4dd31b39f29ad61dad343dfca3b45b316a34e7a7bebd2b0f562a9e69848d13fc80a4fa52d0f17bd15d9e1fd39a7dcc86128d14493805d105a745673bddea68ca74ac09d95cc7412d5be2cbd0a247a81dc9e148111e22cdf3375805469226ca3538f960a6ba6aa0eeeb87c784ffb1bfc09180a61be3c7c535fc6d593c3b3f4de21b8c3eccc9021e80fb07dce0aeb3b023bd55f24356f646791ba80e5ca21ac092a069ae0a22cfefc08c23cc7aa69b570bd17cce9de15871d363f167288f99f04761caa67f12c949466493f661d39ee4280c955446ff5a9bb14f2d1ae21cdb91a5868e0c52097cf380f571935b140562922763f1b79c3709b949c57a00b08828ce9e685f6b234b5fe3c62d9feb249ce75e81f5efd556c14d5da24dc0554723fdbe52659969a39f470e82c50c4777c908628436e31177af1125d5f70ff627462247e5bc20c47ef75f369174586d43d42f7eefdd47fefa745badebca2a881ccc018ea411cc8a7a0881422bee8704bb98e6bea9fbec63441fb45d7ccfd436909b57a2b60b788e15bda3ca7663b19bd84d0879deb639f10def9a99d42a4b9a4fd7fecbf6d2e7598678307ba9a5b6f143c27cf1ca41e3c904007bb762cd5df6e63c4cf422c2ba959e53bd8e5664cf5df6a91a4bc8cebc52b22f30060fcbc5ead53d38eabd160c1da4cab8aa95c3640ffd78074aa2cbb05cb8ea90a0c95a4a1b2be1ee94f238000f1faffa069d87039f13f5f84ff368aec5a0b10020232b9fc954a6c22573ef48459e574d48a4845837e1d6ef386738ccedd093d4d5bf3a3f790c875ba7449d03397642feb71100f2c25ab2cadf0b0802544a2095a51b19cdece623b17d420b173a99c081f8e229b6de3c680d6bb39bb98b479517d77cca581b81cf856753a44ebd64cff111fb8ca37ea45d217a3fca44a083e6c35b0fed9f8f7631178d15e88f86c85f1ce68c900afdd1f7e5b8bd4ef3f58c447b77d3befc49180df7a5eb2ae8ae33b4ef573f3a425da8a60cde84d8eeae6d6399b9fbbfa0fa8d448b25c7f79b7554d0b02b0decbc74ae8560f630af596313fb33d442a410061ace0aa7a440d5e31ca8bb2cc495c4f0b672edb011b0c5f16781836df7f4af8329143d5a1a99d7b18ef9f774c4199d635848cedebac82637a03a189c65be667503737c75b6639ac65ad424ca475285437e6f19830b36549f607ffc387c8b11a34a838159376a6335afaa045bd2bb04e279dd72436331d07dfbd72e2436b27f0df23a266fd15cf56d1a9e93aaac8901cfe49a3219ae36c5c65c75e5c708fb82cac4d6a50726509ec3a7d32d54cf584ae353a5bff75a6de77a0b240cf8a0a72817c9d37699ca89c96e0e0d96a7665ac3a7d1febca1a1d79e2cbde8025c271360e2f90048b2d9fd56f45c013e001dad4b7785be69dc01f8a954ef7a84455986fc5c9d5167d91808efdb4476ed79f99563d887cfd4e99809d9e388501dea228cbb3cf3770082dc566455251fd9c2c742963c33500618c6ec99e0bef007408a0462a081237be4c6e5db0258d4be5fc9cf63fd1ace1f4166c053b0fb84fe24917da1255cf40bbb1b45644f6a7699cf802a35a932c374b1d62013e6afca3787627469994c02f622ab877ed5491fc2a89eea60e4e1628da89e3ad600ff6442e4ebf20e47304176b6a1703c094b3cf6d7fbbddd8d8fa5a00f28b4d8f43d88487e9d4531071512f2027198714a8d1cef126775547fc74f2a35840510f325e50361be76557767560055e084f2ecaefa0dd8ca8215301a7a887d2eaddaeb1f5c3dfdbd2cc1ba5f02d4426b98c0f861c5f724405758f442560ea6cd1d953456cc4aac6642ad61c03dbaffc2364d8ec2ef9f483c70355139d1fbd9617ab3c7eedf0b8963c1cfdab769180db43c416a90d9fdf3fd0eb2f81187642b4e2a09d6462d27527fdfda31f7b262501749dcfc6c184983f9923424131d05cc811cacf5c2c87e8e6f135349e68cde0e8997bf1dde248e5124d5dca2681abdbe58d327a8edd585821f03fdd4515728f1336495ba25c9bba56a3f706d60c35cbd0b40d0ac0583a981f9af08510ed8ed0a726e5472f8995af3837fbf1e89587633d2ef944868a153919165778e963710872af12faf96c0919c638e5affa97104471ba6e178d27602f96b9546ebe52190d91be245be08742b96389080676a566d3229e593e4f56a76ae4c58113c6adc1088703b1b92dafe32a5600e14ac1e71df829dfef425911f16a2b91f693599ecabf93065c6c4f5fefca8d4ed095599113529f65d9120d5252f577af95b404979508c343df54e4d239720e7d3a861f1dcabfa69e12d655c8a026c10a4df279b139fd222e561d205ac9b45c1054f8699eca594fb23886e0de565186597766dd5e40f74a423d5708dac254f4172f1089270988fb18715813f13ee4d131b64dd517c7e77f27f804b229f5339ac2f483b14739ac33a9645044d3010bd77ed18fb117f7b11bb51c4ed683b59e28bf25a58f123dfbeb1f0f21f03d9b57d8e61d59b311037a5b757b03ca5c95e0eb73922c6918530c99de4d6733640f2b8d13bebce31d4f5e27aab201101e48cde23a0d7e87b9511949d812e3187ee5ff11bc5858c022ed7b00790eba32f9ef7e134ce5f73a01269ca971b40e62133eca9d596a768686d6390b2c74602f6dc597faec3ed9d9658102d99c9624c1a97d00d63853578afaccc7e30a77fe054ebc23eec45f608f996fd015cd6bd50a111360f0790eff6ffb1ea59d13c8e29480bd96217188f97e53a1f5d9eae0a2badb4fea52f2bb4f8cb04d0afd99e7371a978a7d7ef473f77ea6738ff84af655313a12db24cff692ec7e282245ae9a42338db814593448f7115df3dc3f4e2faa2c2fdbd68f679d6aba01a15031347bb17d8bf8f1fad0ecf365e9dcd32e69803c5c05f4b47adbf8a21af7e9fb327f267df1c914486389a9820edf0a03bde6ef388c255761e439b2f7e1f9c1c3c95bd30c502197ab37f76b52f0d0675f366e919be19329853767bba34a540fb75bcdcc9596a4cda254a660e11bed5af9d8646ac4b7d6d7aa5d7c0005879b6d08058a56c3d3a4d3d401b883153fa7f2f6a6d34dd010f6b9e7b4e457b9ff5a5802d7723abb35f9dca0afc10f6791824dbe0a7725d534e7753445b7268d90145b6438b93fc475f44d5d678d79da6c5770f3a9106f3cffbabe4b88cbe7eda9b8a495be4f6717b0fbee6fec78c86031b6d878d47e357b2089de3e6dd19a265552553d1f7da53884ef84d0eebe782791c48a9c68a28d8ea3bb70c922b01dc20b2cd05cfb276e326651398f766f5faaea54a41da597cf6b50f3d5ebc634185b99069126b8d935c6bc42c47f2109de42091ef4ade3d87cc44aeb78709255501e64f34ac2d4b2725cf7777315f8ca9424bc9d61a896a93500faa6cf5a5aee1fb888e17b47a38a667be2ffa3bae46afa88bfd8b5b6e1186d6e41b9a4e490591043372c23f36fb48d80caff74cc349adc92bb25f701738c809ccf74c47afa193795ee67bc58ea7fd85542fa7e70218490fff212163401cfde016df2f42496bae403d5391e53fe200f758bbcdead0fe72c77861889b9632a257229c35bdfe8fa78375b4f5c768b9c60cafbde1f00aff6ca1879f6472f28001f5f13d4d9d6c3a90e04d8df09873550daa8262d39efbe96a79c697fbcc9a7f27c9f6d782d5d5f6d024b291376e9cc40d902f809072e1f0f2c2ab88ce3d074e88461f5971853e7be749943ab6e25e25e8afa5042dd73407f49b50841c7782c54eece62ec2beef1f16caf1ca5989427bd2726ca0fee33e303702e9892e4382e92c3f3a03a6188f39762db81819c7e12b424be8fd964dcdbfbac00139e8c5a6200506f13f484ac34ef3d26e7cadd53cf402117419c1618205bfa5382486094bd55448f2b1aa4dbec2289189b601b1bbf5792b2a641c6f5dd19cf24abc72fc5264cf11f6b44a4929267a02cd1de1b602b9de65a6c06640aa0f76109baa90d66eeb17295b1711365b7d6835a2dd55b7fe868c59453613240643c847a5b48d27897a58dda63e579c1bba58350550e147b190f0a2c9a5ce719d627ce3302028b4b6801bbfa8cd74874ffba35817c0eca034d19210950796807125fe6065dcd47d7c870ed2db5c00cff235e4154e2d89ec2a09a87551f9b7ca25d519b5603c0c33d2cf72878199ffab567fc5e093529b89d1163587f3564ba8291d2d96cf9762e7f568e786ea90849f6312c1a10f45d61600cd45c48e6870a7d76c913f9c4497374fc04401cbd11f7710740148234fe8f041f24d0278fcfd48846e6aa49f05016fc332dc5d46b4a26574fed5c0751cebb9f7ab4cdbc1ee011d82d6ef95c52c9df8eedac3ab5cf30805f23d88d4f707601f8e6c606b58f2fe234e948d6756d430a5c4ec76a33874886c8fb484059b47a9bd198a61a1896419288a9e81d0969dec778a53e8233f0f63bd0134e5f29825e7817e7c8ccb7d9acd8f86ac9d3af78c43df3036d7934dd294f2bb12063bee52c547d27a218145befb0ca96cbfaabd39fa245b51c39f4cd4cf8db105f9dc46a7aaa8f7d06fa208120ce1ac49326179618fa2c8596c44e174eb7a141056b1d17689c10dee089c8b0867b8a757ae12251bbd68db5fba2be341275fb6ee379309f5cde9b31242b0b2bac44da74776fac141936bd96e3177161f057c820a8c22cca8cce29b158eb55aed0260253fbee70a6dd281d9fca23e0b0a38d46c76a95e1262f1cafcf0fc37b52e649a1ba1e2c0f97d10bbf4d2b5632cf340bce56736071d5885ec9b4e17910744d3e63e2ca6deb21e43fc21e89c6865d3ad424ef4a14efe8843ff3168c99ee395400dcc8755719d290c567c95a5e7d28ec1190ceee240084d444265cc801cd960f69b368359bbf06b8a4ec23b47c7bf9d4b16c701a1c4fb9e81abb55bf49d450b566ce03de939fc6f5c51291380086f8c995cdd4fa15a325601c4846a69f15c77f55c900270bc9ea5f406480cb0e3e89bc869fe8b7cec4fbef7e76283d50c25ab1b4d34d093a7df062990a925a9c44aa2661abd7d381a4d6cdb64821ef624dd51b72e99af914bca2f80c25b82ac6945df7c7582e6d0ce2cd073e35f1fc120a68ba210410db64592a9aa319b30f2b818c495750e1cea0610e27d52be31e52e501a3bd51b501bc51c2ec8592f679b6e55b9aa58d513fd2bebadc83ba76eb45e5676f130193e9a666b8c8132c9f5141681fbab324b555c5c890d488ac2dd00feead0a20fbd8a46391438e3193edc6fb89161cd864fca98f4f39a2893c933dcd13bc8c5d5a548d24862e8161c0fad7f33aca8c86791d620815fe3f0daddb5defd933d0c10097a7a98e67625420b6c0db7c3e17ab07ea64e6f0f53fdc670799e06a2e3a871d6be363a2639e35339361311e0f528cc433eacea4f79bf217108c7b1d657840253ffdea18bdd1f93cdee63e7a9b8dbcb4ee06162b253e09ea0641f2771bd9823dd210905e9ea495f43194bb471cdeb690e8890b03b50835d53dde1b572dd123ccc8507bb57a45e46c0efb8fb3d5596bddf9782d86dd911636eae2cf64b5829cf8893faf789be3fa22859accf688f5b5da6c29cacc96d477e23b63cc934f685b6e42e1655c9a9b94d6d78402de22b8d9776e3915391aa258e57467d770d65480ba2f6a94b0337965a8c659c42b4e90b14da4697d0c0a6d74774c94c52d8ecb694eee747bdaa6c3a6d60739db18c6446090eebba72e62ab88b0e8b88e728ba8cb133d8524eda89a2bff1c8414da3edfa6f83788331c8a7e5a8af2dd3682d4752190a3c689949abdad8350111373e7fb46151f54a10f79d91940e37efb05f9f157bddcfacf018b65a38ab614807c34a2786af4a1d48c4d1c1abd31815715f9d1b103992207fc664f12c82fd923c57d8e7cfb9f4af55182318d055c704865cf484206d60e34cf7fe9b6ce60b1772c5c7cdacb6695227d80da18ec1f98a434b1aaf9c6b6d082f5663aed2bf267e559dca6b93d3ce34273846fc677f529690482df0a8f782b8ad7269f344f5f2b4d320a7ce2d2fa02284f8db634dc930c3e2b9a629245364acf35d41e9a14c88efde4e742ef1ea4b43d0caf2e70d4a617278823e6403934524debbd933e7676e441a48f630dc8bcccd55d9032d6bf3dea97d1669c39fb865b0e619eeb3f5461e517000f5aee3ef2abdb87d3a76b88e140eb4644a9fbddbdc9e20972cdfacf00bffa3a1ca5f84122c2ebc54067cdaa23967eaeb7bbbfe44e5843382b834fae1f62a066688595e4ee67c7ff9858672355abf7893ebeb4bcf88a62b2237c6e6cec9aebe3f28bfc310ced3a590e88d4bd0f53289206deb9addbf6f3c02115ce4980dadfc112683ae250c2d438fd9c0f2a090dbf122a0072828db798bdb868dcd47384dd3f5eeebc0307a5b268683cd51f312e8f02b5a7746b11a97ac43287d9b9765f03c720503cfe6e0117660a4c00d67895224c4d42b032000a10d7a743054758a8f54941fd5eaf72498b678d1579b3de4e5518f90f1e3d32517d09d7f5da9d180215e66218e9dd64036819cf12638ce82712a6cc79a9ddb36e86814b797d72c2bc58b18ba439e99965f745b4fb7de2878e3186e3e7b835c746b0935f6c67e92e3770bd8d5eb4f66d8175ceb7850e418c55e574db891639aa77fc62bc45dcb734681ede8484d4d4109a9adb8c3d00", 0x2000, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x0, 0x0, {0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
io_setup(0x202, &(0x7f0000000200)=<r4=>0x0)
io_submit(r4, 0x2, &(0x7f0000000780)=[&(0x7f0000000440)={0xfffffffe, 0x20011004, 0x4, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000000c0)='!', 0xb7f40, 0x3000000000000000}])
dup3(0xffffffffffffffff, r2, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0xff)

4.221652925s ago: executing program 5 (id=1330):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0xf, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff), 0x0, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000002c0)={0x5, 0x1, 0x1, 0x0, 0xf})

4.218676007s ago: executing program 3 (id=1331):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000000c0)={0x60001, 0x31c}, 0x8)
bind$bt_sco(r0, &(0x7f0000000140)={0x1f, @none}, 0x8)
listen(r0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000340), 0x206, 0x8401)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
syz_open_dev$vim2m(&(0x7f0000000100), 0x1358, 0x2)
unshare(0x24020400)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

3.244614743s ago: executing program 2 (id=1332):
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1)
pipe(&(0x7f0000000380)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0xf3a, 0x0)
splice(r0, 0x0, r5, 0x0, 0x80, 0x6)
write(r5, &(0x7f0000003300)="ac", 0x1)
close(r4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@setlink={0x28, 0x13, 0x1, 0x70bd28, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x60c20, 0x8000}, [@IFLA_NET_NS_PID={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x400c854}, 0x4000)
write(r2, 0x0, 0x0)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$ARCH_SHSTK_LOCK(0x1e, r7, 0x1, 0x5003)

3.232869374s ago: executing program 5 (id=1333):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
fdatasync(r0)

3.125094052s ago: executing program 0 (id=1335):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x1, &(0x7f0000000000)=0x3af, 0x4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r0, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000940)="90de01448a0c6371e768df6929c7bb3d9b9926aa861837c7ee13254157b46d7d42faf29634e23bceebbb062be4de7c2e346c7eeaf88795cd34a19e0785e6252612618aedec85d393acdbdb6cf2155656ddf78a250cddc78297a227a74fa89a5c962f9f69ca73ead637b3482372e12992d5c793d4d7ef052f9c0ca8e86d83a230f6a878545f225a9cc71040772c0aeb34c5033f2e2435660c6d1ceab874225c6b8bdfa9d6713c341c368520d367ded6b3112a57d3c96b864a52fa75902534d60bd8d7ed6e2b4aa4965d87cc0e5f6bc1895e9fa61862456372358b97e739e5a7f1df5900c3556a632228ba0176b015e75546e5c6b5a77aca0a431166cf30bfc43f94bfbfd18a089d6a341f8ffe717d2e5d4268856321e9cf121e9d3693ec3e94f3d070e82717ceebf539f11f8d38d1b255f25cccfd0b5fbeb63fe2c6108c31a93cbc628e51e687e0c533e04642ca4ed4510d3e69dd8b6226a9ac13c0c014e62b02614df56bd20a66766e37c7a98cccb773efb6f3814b4401d1a779e7c0972159d98729591dd89bde12021cdb2ec7f084d11f9441d2c18bce651050ce0074715c1d4bd4d6638d8d346be7be886c3419a824a25f852d07a5afa511d13294e77bfd81773d46bd94c106d4bc7358fc2b5eaf4a4a15606b56f12b091ec6614c4f119961220204d2a485758930da578a5fb83c6d77530fc99ac82b330edc761abdca3703b39142d698fd5b6cfa8eba8c7c87449a7fb8e913ee412acd5ffb40e4b3b3a194f1d6b2d2fe384b7b8a3628c17fa5bed433e879ede672a6d3d35466b11efd030a45ac589bc89c5b784de8c246e10c2a8518bcbce5b406fe1cc67ccd36d627be652f0e82f3e9eed40e118c7de987cf23c79c88f77b840ad1558994781f5dfa4af96ee2cc27638612ed8af5a4cb9f14508d46051451a46d6913b3a0236115ed179632a9822e57951e7b40ebbdc015cac73914d5fae3415510cb0e0f66d715cf753e5441c850a0f27be75859f4a475110dd2490b121eac99f0a2e0655bc680ce8ea5f2c36ac08eb08df21a5f3e8d563a455f6562c229070a91e2a61a92cbadbc24c84c20298005cfe461b92eb0ddf8937e482e0a640b421f48ae66701fe0c152931d726c26155e93d787542c09a04f753d003397ef151862aa8007211d61a727979d2e34abcf574a95cf8ed4cb16c706524af00c61ff1693a79f89b5b8f205a54bbf45d88d47ed5170333b557b3eb3058501ceb572a4dcb900f2ab481f69281bc3f43784b00f4a6fff0b46a821b0f0104f3c563adfd787223d52cf500531fd48510cf0d457fbd985339df4f9e3edb0ea3e24d49c870d907e3ecb8e01abd1a640cd29860a41cdeda7cb7e02d5b8f2a4cc42657547c31394a2c16960401a8cc6cfea94fca228eab98babf3bfbc9323b6059fad3934962b4b5c169e43e860b2ffb25891343cc550b73c7579a02f87c6e455e0c727d14d3125b575f532ebc29758f615f58574c8f8cd49f30421bf6d4b3e709ddd32d3d87c06899cf64eb67858b1e9d76094386a949a8eecda5b5eac7d1ae4940ef03dfd4697837ea3ab04ef89e1fe0a06db33e3f9fd72ffa22e4441347a4940cb772feb7c88171fd02e7b3a2ff2559977d8818871dc28358a29d3099f0fe6eff6ddb1729782f043d35fac5a40aef41b95e8afd6a874e39a8a3a9296e73d28ce6ac8acb90b02d8a1fa1ac12fb9156f4f6e33578f71fb648d4f570beb33a1ca0869b27e85c5d7befd55127bf416eceec6b048416f279aa78f4b5e050bb9a1165c319a10f4cd58239e5f94e31da911ce9bd157bb62edc069d7568900a9757dc7eb6d672e1f07a5c708838806069c9504943509f022ee23a09dcd4f278f38a865c95f0197927591beebd4697d85ee19cc158fa19c93662d947cb7568c44ce93f7483cc25762729e2c7093f5ed2959393face02e1abd03157ce537d15be1e81d5f4739113f3f2619452066134d2402860e67b3379e444910609e74fc381c8aa42f55cd0ec896a0d386a921012f9d40b4db1c", 0x59f}], 0x1}}], 0x1, 0x44044800)
sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)

3.117081337s ago: executing program 5 (id=1336):
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', 0x0, 0x4800, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xa, &(0x7f0000000300)=0x8, 0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000001100)={0x3, 0x10, [0x0, 0x0, 0x0, 0x0]})
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_flowlabel\x00')
pread64(r2, &(0x7f0000001600)=""/4103, 0x1007, 0x9b)
pipe2$9p(&(0x7f0000000240), 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r3, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x25}}, 0x1c, 0x0, 0x0, 0x0, 0x30}, 0x0)
r4 = memfd_create(&(0x7f0000000100)='-B\xd5NI\xc5j\x98\b\x00\x00\x00\b\x84\xa2{\x00\v\x18\x004\x03\x96\x00\x00\xcf\xb0\x18\xd3\xad*\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb+Y\x9e\r\xc83\x12\xd7\xdb\x93\xcc]x\xaa\x8f~\xb90a\xa9\xb2\x041=\x9f\x99\xabQ\xf6\a\x81\x01\xe5\x98\t\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa9\xf0I{\x00\x00\xd7\x802\xf3\r|\x86\x82\xf1\xb2\x06\xb0\x1e\xd6l\xbc_\xcb\xec\x83#?\xf4\x81\x16+\x14\xd0\xb8\x88RW\xa9\xef\xe9\"]\xa8W?r\x88\xe6K\xc1gb\xc0\x9d\"*\xe2X\xb5#', 0x7)
r5 = dup(r4)
fanotify_init(0x2, 0x40000)
r6 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ppoll(&(0x7f0000000180)=[{r6, 0x1}], 0x1, 0x0, 0x0, 0x0)
close(0x3)
unshare(0x2a020480)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r5, 0xc0189377, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r7=>r0, {0x3, 0x6}}, './file0\x00'})
fanotify_mark(r7, 0x1, 0x48000010, r7, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x2004000, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')

2.976861173s ago: executing program 0 (id=1337):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/bus/input/devices\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r0, &(0x7f0000000040)={0x10000004})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="500000000900000000000000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0001000000000000000000050009000000000008000500", @ANYRES32=r1, @ANYBLOB], 0x50}}, 0x40011)
socket$netlink(0x10, 0x3, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000280)={0x60, 0x2, 0x6, 0x3, 0x0, 0x0, {0x5}, [@IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x6}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_FAMILY={0x39, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0x60}}, 0x80)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r5=>0x0})
r6 = syz_io_uring_setup(0x239, &(0x7f0000001080)={0x0, 0x0, 0x10100}, 0x0, &(0x7f00000001c0))
io_uring_enter(r6, 0x2def, 0x1a38, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6a72c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00'}, 0x94)
r10 = syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
preadv(r10, &(0x7f0000000bc0)=[{&(0x7f0000000140)=""/171, 0xab}], 0x1, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001c00010000000000001000000a000000", @ANYRES32=r5, @ANYBLOB="00005e0014000100fc02932a"], 0x30}}, 0x4000040)
socket$inet6_udplite(0xa, 0x2, 0x88)
r11 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r11, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90b, 0xf4c, '\x00', @p_u16=&(0x7f00000000c0)}})

2.976605773s ago: executing program 3 (id=1338):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000081}, 0x40048094)
socket$netlink(0x10, 0x3, 0x15)
prlimit64(0x0, 0x8, &(0x7f00000002c0)={0x2, 0x800000088}, 0x0)
r1 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r2, 0x29, 0x22, 0x0, 0x0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='jfs\x00', 0x1a0c000, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10010, 0xffffffffffffffff, 0xb3d68000)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000240)=0x2)
openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r3, &(0x7f0000000780), 0x0, 0x40012042, 0x0)
timer_settime(0x0, 0x236bd4336e4642df, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
r4 = socket$inet(0x2, 0x1, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000011ac0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000e80)={0x0, 0x0, &(0x7f0000000e40)={&(0x7f0000000740)={0x30, r6, 0x1, 0x70bd2a, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x280a}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac=@broadcast}]}, 0x30}, 0x1, 0x0, 0x0, 0x20004080}, 0x40000)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000740)={@rand_addr=0x64010101, @loopback}, 0xc)

2.427791851s ago: executing program 4 (id=1339):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
syz_open_procfs$pagemap(0xffffffffffffffff, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f000001b000)="2ed4dc0c2de827cdb1e444b08e461778252416906a16085fe3f9c8e0d4e31989c747975b08c221d030a1d24a748a9198947e4827f551bcc30882bbe56747547eb9ce179b5693020a2437de9ff1d2b18c749f1a3d14f14cbbc84a7857f421e1659daa610e29fc8c3304bbee13a103a563b281ceca1f75af6be472ddc68b7c9bd47ddb141495dcafc25069e63d981bf58271fd685e31ae4c985768f5019ed3ebe56e235a30f62323a7552e9f42fe4f6d8620a38df727cb4b5e3ab5a196f28dbff0629fd9510eb3060687ed552e5201c7d2557b92ff9e839bcd7a2ee05bf210d9f9c922666f388bc5b2d84608a44efd7959fe5113fb656a7ec838d4e700c63e5275a2930c47200b0425182394e8e8b7737c2f2921789ab36fcca250e3a1421b869b88df23ed9ead93d0d77a3de049e6fcefb5734ab1406565ab032b5ef25f2e4114e8a0beee6b8dc232709e945ed126376e750c6f3ccd941fe1362ed7a00b1ffeb33353170192e124ce41a2e6f94fb0b2d122674c05afbf0849b122dc3638e21ffc55da52fdd33d6fc895aa4e22bd71793ef6433fa2ae1ea26d2d2d6ec7c328439a7db8fab7a8510ae90e6dbb68b810447f780a0dabf47a3d3b6b93e8d4ace8658741de966e02c8a445ea90bf090401819ea807fc6250426bb45beed2790f41e6d22f0dc7192af5ce1517adba4040105c2a12ba561b9d54d66aa8e88a232c63621f7e6a7f2e1b6a0e4c3d3c77fa15a44a5bf51c0508ee9e8abf029ce7bb8a9cb4d9fddb75acd6cc55e503d5fdd1ba508066925af1f5000072aac0354591a537df2c3d32ade211a683b9ebcf0fff372342dedd9c05043beb20fa019d5b50014907664351199d24f462d1c67bdf65e6239723d849e381179b4108c70a83bbdc683a7a18bac354c8d18f38ea836d51c0ca7bb37b9d02474f9000784b508fb56a11ef320c0ddf9536b029c6a40ccd609a75b5b83a97f50ea9f50dd33387c5b08a9975e129d91836a781ae42f75aa789d8514c18080fa9b5e4b23489b7c7564a859fd5ff79bd1b923eff04bc1d422b6b9404c458d0976cf8c7768e267d0caf59142bf5ca4e6deb4c3fc1fc2c99482a88739aea83c20c62a7f967c84802ded36987d494adfacf6d14bbf5a411ac58cb3abc516e0a5490da1330719ad013e430efe1944a4a89f8c92a81c5b24bf0c8d9948f1f90de7e512e124d906ebc8ed3d0d53e8a99e572e9e325104010391e9686440874c5368f64cab45093c00422a91c21806dbf2003fc37822faa6c188305eacca1d958f0ed636c03ba2d7c93644975cc7f02de6454398b6ed511c27116dfaf61dca17f653f7c4aac2a56925ff57cacd87f9928e90b519988f0cdc44e751a8114613c6b984875dfc8f6b0ca5f65d490df6cf74da1f35b0d7cf3537ac93305ea14bcffdecb42b860cab0e16d31ea8c0aef94d89e4110cb4e154ad2609c933975676958aa6dd55b18dfc77dfd68bf821dd770d8212c62587b656f9dacb2d9c1e7d76b09733db4f631bd5627a900007fd2da7ca2249e171ba90409ff86b17dce2470ff3dbe5d04e013677f57305b337aec06f7f13e0f49fd7f497c5bdcabf805cde57a89e58f0177f1d2c39a0013d6065210e0bd4dc3110411a080a579c4d91f7ad77201d4517bf5f13782a2552c4ec8979003810596239a457da93de668627348adf0c2e1bc00593ec759f60cc40f7230b0aae308c2b658196ea08c2758dad4e193fc17bd0132efd3b12331d58b59f8d65e7d9cb683530ccaa79a85e9b5e3d22551aae8abc83ef6a25c0cf4cbc51ac3bb5425ac31ebd9224e967bd9a7123db7eda5644990d8d906d9f80a57a5942458eaff01df39d447ee92c06075bff5c2660cf628bdf0293b0b0d5f17a326637a300c6d774008ecfad08870bd5be4c7422ceb67df40fbf4358314717b982504be2c27389cf5080dcaef2d52297b83caa35e035fa0e275001baba578b144a4de8acc6f54ba0f36e05e6f8cadc768acad6ba1400e624fc7a153eb1841111b758ca80a0f5b6bbc4b5e4a441f72fd35ed45f5285c26af945f83e751ac920e17fa753b3349863889a753a6e47e4e086a2f2a5a96b7392570199827810c6a0261914a01f7f66201bb38c0fd6a71025c8f49589143c57737d58ca3e7bf0f84d516184dfe599ea554894c0002ca64786ecf66e2a5ca2597f6a511716823ce79ec0e399c8eea906d3e8d329c2a728ec9c6cea61baea56d4b3c6c78824926b688702ad524c9534679ed765ee484498701b3926d5a696544c86c560c4ba55a9b39512a8cce544d1b7f3f7d810bbf84985e43db34b93d349491914763dd68e2cff5cf26e3434cc1357438c10ed759961015165df77da072a4da5e2d4cebd68f2de2d47168ac2c3e7cbcb186eddfbdfcf0224098cdf35bcd7b0f992a19503e5eac9eca2d9021c0e12e5417eda3a881669b29eeeac3f27a0918c30f1e18a9cb97b642e9097d0531aca797f673332a9c39218d107b266b6a7cce6963d60cb3b5efa1f4a5b1bb972128d3c8f93d6baf3d2c3db9c2bc7f7bc146068f6736454d594192be6e7b937554d67bcf7afe68c8c982916f05146713716f7e8c85fb8e658cfd23b1fa9b5aff138403eae8f2efcb8e13ce500e59e0b8f6eea5f161993f9dda27a594f57f58871e25b969749e41e56df4f11612f93cca8642f280c9d0565b11997ca3b6e86f591128339571ca1baacbfba3306a8f1ba6aa58b75d3129eb4ae267f628b93cc172adacdf1c1b671947bb5fffea3eb838abd817a55bfdac7b2363d16e6bba669c8b1f82051705a237e4406bb0d61a4df8347fc341ce368deebf5427de4c6e92c94dbeea5dd2d346fe761957457daa96b6e9a771bb09e7be158616b57b33a98608ce7579d83926af3457f8d5619f2992f7b0bf7d4e835d58c15201eabf4bd1bc31bbaf0bcd3f180f89eb31d8909b289da6ed0c0b0fa03f94979049d6ec94d0975f690b68d27f48bebc8cd0fe00804044f4ec43d9fc3ac07496d78b9e98a36727a7de119593f97aae9941683ea014635c61fd5143bcb00f850fa9083c6dde254b96cbb517af310efb6d80cda06343725d031efe7f746f01e94d65d08283135b40b4e5f9f1d1a5d48f0d70936a68a9ba26972bd7f2744c7227b2bfa257985115ca878df9f497e5d97fb83ba8fc30b147ef1fdabfb314965f687fa0c70f6080fdfe9144f6b537799044644756653cf4aa661069bf63c4bcff2031d506463a19ee1343e227232e6c90d49ed28306d7bccb7679639bf089716340ff73b5a5742cccbab3b791eed16670000142b89c14ad3694afacc4c8cedd5d31b95583e81a7aa4a6a3d79ab3a3061373be33c96a64fc0ff702c9e5d9d136555571717b71f2a531fbdc151517a2f5782b24d403c8575a5fe7a269251824fb2fbffbf383fbfd0e8ff6d2b6d3cc1237af774dd92b9aab73f38c5f073b33a3342c9d61fa7df1515edecd5d17a2026a5c62f1b5dc789fd3916c3bf9abd49fe2333e132de79739ff5e2812aeb550905be9ebb40c20b3946dab4a52950dcfeb7460b630dacad425a0e79ab7483102f34985617b124b9b6a40cb1018a43b9dad1368a27b8f47ae4c8df5316cd8be169f7fdf231967ed34063178d227bf1bfacc7f2c190bf801a4f1719222680299e6a1088e139b2440de667b8e7ac4ef337ad2bc08f45ec0566997e9824000e16e96229ba2235ba8d2adc865c5105a8f4a4855bd8ac428f9d4e9459e0d8218c57842bd12f7e58aac6a46dd101c3829ac9c93649aff4e397e26bfc314281790a25274f3573d0ab9ab2dcb139625ac35e4dec2e36d52cb460797b0182e7c0b52f56a6f0db3ecf2e82931f87e7292a2d3b9a0f19f3d2ad1f8c8407a10423bb814190b4168995ce1d8559526374d62ba8a0ffff90d416b6ffb5d155d207292f7e01d4b247f1c835c23b0a86a386812449ed547b076634b6eafe0e3ce1e7d9b0cc4fe9e2c6f52e7f8afeb22b216f6471bc998afb08aecf106d6d80a44cd5846435ab4b81091b159abd246a0fed4a3b9824142c14dfa3868f7933beb503fe6788c0b09e5e9b24c4c4d59a516bba68c94e9506aa1d15ade9bc25530ae18e7e254d9533db66e77c24d5f63fb7ddac0016983fc7b6169cc2f7638e5fd6110ba09ddd7ece03e8a64ca0b00507b37c3d3714abcc73c671a43d0", 0xb8b)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'macvlan0\x00'})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(0xffffffffffffffff, 0xc0bc5351, &(0x7f00000001c0)={0x25, 0x0, 'client0\x00', 0x0, "fca77e7fbadd83c4", "fd6581ac4b8a5d32a2763732acee190e65e0f6d112d11261c517ef5eca53c5ee", 0x9, 0xfffffffa})
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$admmidi(&(0x7f0000000000), 0x2, 0x1a9882)
r2 = socket(0xa, 0x3, 0x3a)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
connect$packet(r2, &(0x7f0000000200)={0x11, 0xf8, 0x0, 0x1, 0xa, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = fsopen(&(0x7f0000000000)='jfs\x00', 0x1)
fsconfig$FSCONFIG_SET_FD(r4, 0x5, &(0x7f0000000240)='resize', 0x0, r4)
chdir(&(0x7f0000000080)='./file1\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)

1.688494295s ago: executing program 0 (id=1340):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e24, @rand_addr=0x64010102}]}, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000001340)=""/4096, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280))
syz_io_uring_complete(r3)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000300)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000100)={0x400, 0x4, 0x208, 0xf3c, 0x3, 0x7fffffff, 0x5, 0x0, r4}, &(0x7f0000000140)=0x20)

1.620721217s ago: executing program 5 (id=1341):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x4, 0x6, @multicast}, 0x14)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8982, &(0x7f0000000100))
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="020114008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0ab42e32a097dbd4be5ffca88faca"], 0xdd12}], 0x1, 0x0, 0x0, 0x44000}, 0x20040051)
unshare(0x20000400)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='io\x00')
fallocate(r4, 0x40, 0x3, 0x915)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0xffb)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
ioctl$sock_ifreq(0xffffffffffffffff, 0x8993, &(0x7f0000000000)={'vlan1\x00', @ifru_map={0x8, 0xfffffffffffffffb, 0x80, 0x81, 0x5c, 0x46}})
write$binfmt_aout(r5, &(0x7f0000000000)=ANY=[@ANYBLOB="03040000b50000000100fefffeefffff"], 0xc8)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfff}, 0x20, [0x8003, 0xc95a, 0xf, 0x8, 0x80, 0xffffffff, 0x3, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xff7fff01, 0x6, 0x3, 0x7, 0x7, 0xd1, 0x0, 0x7, 0x3c5e, 0x1, 0xfffffff7, 0x2, 0x1, 0x5, 0xffffffff, 0xe661, 0xffffebf2, 0x4007, 0x3, 0x8, 0x4c74, 0x10000, 0x242, 0x3, 0xb, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x1, 0x2, 0x106, 0x0, 0x5, 0x2, 0x8, 0x3ff, 0x9, 0x0, 0x5, 0x2006, 0x8, 0x4000074, 0xfffffffd, 0xe], [0x10000007, 0x9, 0x8000012f, 0x100, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6, 0x9, 0x384, 0x3, 0xfffffffc, 0xfffffffc, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x4007, 0x7ffd, 0x6, 0x400, 0x7992, 0x3, 0x1, 0xff, 0x5, 0x7, 0x5f31, 0xd, 0x4e0, 0x80000002, 0x4, 0xa, 0x4, 0x5662, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x23, 0xbc45, 0x48c93690, 0x80, 0x3], [0x7, 0x6, 0x4, 0x5, 0xfffffffe, 0x100, 0x4, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0x80b, 0x104, 0x5, 0x800, 0x0, 0x4d4, 0x5, 0x8, 0x4, 0x3, 0xc9, 0x3e7, 0xb, 0xbc, 0x8002, 0x2, 0x3, 0x2000000b, 0x4, 0x106d01, 0x6, 0x38, 0x800003, 0x10001, 0x80, 0x3, 0x5, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0xa, 0x10000ac8, 0xbf, 0x2, 0xffffffff, 0x9a, 0x12b, 0x4, 0x0, 0xa, 0x0, 0x5, 0x7, 0x120000, 0x3, 0x6, 0x712, 0xc, 0x25], [0x9, 0xbb35, 0x7b304120, 0x3ff, 0x5, 0x6, 0x5, 0x6, 0x0, 0x8, 0x7f, 0x1ff, 0x2, 0x57, 0x4, 0x3, 0x4000101, 0xf, 0x4, 0x1, 0xffff, 0xa620, 0x3, 0x5, 0x2000001, 0x2000002, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0x1, 0xfffff000, 0xa, 0x3, 0x7e, 0x110, 0xa, 0x7, 0xaf, 0x8, 0xa, 0x226, 0x6, 0x2, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x6, 0x0, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0x1000d5, 0x200, 0x9, 0xfff]}, 0x45c)
sched_setscheduler(0x0, 0x6, &(0x7f0000000140)=0x3)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

1.468800048s ago: executing program 2 (id=1342):
mount$binderfs(0x0, &(0x7f0000000100)='./binderfs\x00', 0x0, 0x4800, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xa, &(0x7f0000000300)=0x8, 0x4)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r0, 0xc008551a, &(0x7f0000001100)={0x3, 0x10, [0x0, 0x0, 0x0, 0x0]})
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_procfs(0x0, 0x0)
pread64(r2, &(0x7f0000001600)=""/4103, 0x1007, 0x9b)
pipe2$9p(&(0x7f0000000240), 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x1, 0x4)
sendmsg$inet6(r3, &(0x7f0000000600)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x25}}, 0x1c, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000000000029000000040000002b000000000000071200000000"], 0x30}, 0x0)
memfd_create(&(0x7f0000000100)='-B\xd5NI\xc5j\x98\b\x00\x00\x00\b\x84\xa2{\x00\v\x18\x004\x03\x96\x00\x00\xcf\xb0\x18\xd3\xad*\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb+Y\x9e\r\xc83\x12\xd7\xdb\x93\xcc]x\xaa\x8f~\xb90a\xa9\xb2\x041=\x9f\x99\xabQ\xf6\a\x81\x01\xe5\x98\t\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa9\xf0I{\x00\x00\xd7\x802\xf3\r|\x86\x82\xf1\xb2\x06\xb0\x1e\xd6l\xbc_\xcb\xec\x83#?\xf4\x81\x16+\x14\xd0\xb8\x88RW\xa9\xef\xe9\"]\xa8W?r\x88\xe6K\xc1gb\xc0\x9d\"*\xe2X\xb5#', 0x7)
r4 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ppoll(&(0x7f0000000180)=[{r4, 0x1}], 0x1, 0x0, 0x0, 0x0)
close(0x3)
unshare(0x2a020480)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000280)={{0x1, 0x1, 0x18, r0, {0x3, 0x6}}, './file0\x00'})
mount$9p_fd(0x0, 0x0, 0x0, 0x2004000, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')

892.952013ms ago: executing program 4 (id=1343):
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec080000000060000000100e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec0812080003000601ff1fbdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538a", 0x72}], 0x1}, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="06f7ff00000000007a030000000000000100000000000000881200c0000000000500000000004f00ab0b000000000000290f000000000000000009000000000000008c0a00000000000004efffffffffffffdf010000000000000400"/104])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000080)={0x5, 0xff})
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4d549b, 0x0, [0xffffffffffffffff, 0x7, 0x1000000, 0x0, 0x5, 0x3, 0xfffffffffffffffc, 0x800000]})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x1a, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

892.649698ms ago: executing program 0 (id=1344):
unshare(0x22020600)
socket$inet6(0xa, 0x3, 0x8000000003c)
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0x639)
pselect6(0x40, &(0x7f0000000100)={0x6400000000000000, 0x200000008, 0x0, 0x4cb, 0x8, 0x0, 0x1}, 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0x9, 0x0, 0x0, 0x10, 0x4}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

733.050732ms ago: executing program 2 (id=1345):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_freezer_state(r2, &(0x7f0000000080), 0x2, 0x0)
write$cgroup_freezer_state(r3, &(0x7f00000000c0)='THAWED\x00', 0x7)
write$tun(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="03011dfb1be10200065cce4700ffffffffffff3ce532cf8553810027000011"], 0x1f)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000340)=[{{&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0xfd, 0x0}}, 0x10, 0x0}}], 0x1, 0x4000000)
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={r6}, 0x8)
syz_usb_control_io$hid(r0, &(0x7f0000000240)={0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="00000c000000070001"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

717.705408ms ago: executing program 5 (id=1346):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x170\\\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})

543.137311ms ago: executing program 0 (id=1347):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffff1a, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$kcm(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmmsg$inet(r1, 0x0, 0x0, 0x81)
socket$tipc(0x1e, 0x2, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = eventfd2(0x0, 0x0)
fsopen(&(0x7f0000000040)='hugetlbfs\x00', 0x0)
ioctl$KVM_HYPERV_EVENTFD(r2, 0x4018aebd, &(0x7f00000000c0)={0x3, r3, 0x1})
r4 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3400000000000000, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000080)={0x5, 0x1, 0x2, "7ba10cae896f05a4095b544fda406ee9fb431f9d220c4e6b894e5bef8a5b6e29", 0x42474752})

542.494348ms ago: executing program 4 (id=1348):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="110c2dbd7000fedbdf256800000008000300", @ANYRES32=r3, @ANYBLOB="3000c70001020177"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r4, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0}, 0x8101}, {{0x0, 0x0, 0x0}, 0x50000}, {{0x0, 0x0, 0x0}, 0x40000e}, {{0x0, 0xffffffffffffff86, &(0x7f0000000440)=[{&(0x7f00000008c0)=""/257, 0x101}, {&(0x7f0000000580)=""/94, 0x5e}, {&(0x7f0000001400)=""/4103, 0x1007}, {0x0}], 0x4}, 0x80000010}], 0x4, 0x40000302, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r2, 0x200, 0x70bd2c, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x71}, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x3, 0x80}}}}, ["", "", "", ""]}, 0x30}, 0x1, 0x0, 0x0, 0x14000000}, 0x80)
close(r0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x170\\\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})

540.59818ms ago: executing program 5 (id=1349):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0xc73})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000001f40)={{0x14}, [@NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x10, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @cmp={{0x8}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x64}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f0000000040)=0x3)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x103080, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000180)={0x1, 0xaa4, 0x0, &(0x7f0000000340)})
ioctl$KVM_SET_CLOCK(r5, 0x4188aec6, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x20000000000000, 0x4})
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CAP_X86_USER_SPACE_MSR(r5, 0x4068aea3, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_INTERRUPT(r3, 0x4004ae86, &(0x7f0000000080)=0x8)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x5, 0x6], 0x0, 0xa340})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

0s ago: executing program 0 (id=1350):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$SO_BINDTODEVICE_wg(r1, 0x1, 0x19, &(0x7f0000000080)='wg1\x00', 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x38, &(0x7f0000000300)=[@in6={0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3}, @in6={0xa, 0x4e21, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3}]}, &(0x7f0000000040)=0x10)
sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x80}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@multicast2, 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r2, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ifreq(r4, 0x8932, &(0x7f0000000040)={'erspan0\x00', @ifru_names='dvmrp0\x00'})

kernel console output (not intermixed with test programs):

g 0 has no interface number 0
[  224.653363][   T24] usb 1-1: config 95 has no interface number 0
[  224.665787][ T5916] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  224.786563][   T24] usb 1-1: config 95 interface 86 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  224.810891][ T5916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.825772][ T5916] usb 3-1: Product: syz
[  224.830104][   T24] usb 1-1: config 95 interface 86 has no altsetting 0
[  224.840240][ T5916] usb 3-1: Manufacturer: syz
[  224.844858][ T5916] usb 3-1: SerialNumber: syz
[  224.960827][   T24] usb 1-1: language id specifier not provided by device, defaulting to English
[  225.068606][ T7559] netlink: 24 bytes leftover after parsing attributes in process `syz.4.438'.
[  225.653315][   T24] usb 1-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=88.93
[  225.669971][ T5916] usb 3-1: config 0 descriptor??
[  225.682040][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.693860][ T5916] smsc95xx v2.0.0
[  225.698466][   T24] usb 1-1: Product: syz
[  225.741648][   T24] usb 1-1: Manufacturer: syz
[  225.764750][   T24] usb 1-1: SerialNumber: syz
[  225.938995][ T5966] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  225.968020][ T7541] PM: Enabling pm_trace changes system date and time during resume.
[  225.968020][ T7541] PM: Correct system time has to be restored manually after resume.
[  226.118035][ T5966] usb 5-1: config 0 has an invalid interface number: 53 but max is 3
[  226.129189][ T5966] usb 5-1: config 0 contains an unexpected descriptor of type 0x2, skipping
[  226.145791][ T5966] usb 5-1: config 0 has an invalid interface number: 77 but max is 3
[  226.154087][ T5966] usb 5-1: config 0 has an invalid interface number: 5 but max is 3
[  226.163581][ T5966] usb 5-1: config 0 has an invalid interface number: 246 but max is 3
[  226.174332][ T7568] netlink: 'syz.3.440': attribute type 1 has an invalid length.
[  226.182588][ T5966] usb 5-1: config 0 has an invalid interface number: 85 but max is 3
[  226.195437][ T5966] usb 5-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  226.221140][ T5966] usb 5-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  226.233207][ T5966] usb 5-1: config 0 has 5 interfaces, different from the descriptor's value: 4
[  226.253626][ T5966] usb 5-1: config 0 has no interface number 0
[  226.267308][ T5966] usb 5-1: config 0 has no interface number 1
[  226.273543][ T5966] usb 5-1: config 0 has no interface number 2
[  226.280203][ T5966] usb 5-1: config 0 has no interface number 3
[  226.286687][ T5966] usb 5-1: config 0 has no interface number 4
[  226.293463][ T5966] usb 5-1: config 0 interface 53 altsetting 0 endpoint 0xC has invalid maxpacket 560, setting to 64
[  226.321660][ T5916] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  226.364154][ T5966] usb 5-1: config 0 interface 53 altsetting 0 has a duplicate endpoint with address 0xC, skipping
[  226.421337][ T5916] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  226.430954][ T5966] usb 5-1: config 0 interface 53 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  226.444345][ T5966] usb 5-1: config 0 interface 53 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  226.455677][ T5966] usb 5-1: config 0 interface 53 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  226.467189][ T5966] usb 5-1: config 0 interface 53 altsetting 0 endpoint 0x5 has invalid maxpacket 1023, setting to 64
[  227.444597][ T5966] usb 5-1: config 0 interface 53 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  227.458143][ T5966] usb 5-1: config 0 interface 53 altsetting 0 has a duplicate endpoint with address 0xE, skipping
[  227.487152][ T5966] usb 5-1: config 0 interface 53 altsetting 0 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  227.499971][ T5966] usb 5-1: config 0 interface 53 altsetting 0 has a duplicate endpoint with address 0x7, skipping
[  228.464630][ T5966] usb 5-1: config 0 interface 53 altsetting 0 has a duplicate endpoint with address 0x7, skipping
[  228.475869][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has an endpoint descriptor with address 0x7B, changing to 0xB
[  228.489228][ T5966] usb 5-1: config 0 interface 77 altsetting 0 endpoint 0xB has an invalid bInterval 246, changing to 11
[  228.500726][ T5966] usb 5-1: config 0 interface 77 altsetting 0 endpoint 0xB has invalid maxpacket 41155, setting to 1024
[  228.592633][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has a duplicate endpoint with address 0x7, skipping
[  228.618030][ T5966] usb 5-1: config 0 interface 77 altsetting 0 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  228.679675][ T5966] usb 5-1: config 0 interface 77 altsetting 0 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  228.750566][   T30] audit: type=1800 audit(1752405077.554:46): pid=7581 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.442" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  228.755823][ T5966] usb 5-1: config 0 interface 77 altsetting 0 endpoint 0xA has invalid maxpacket 1023, setting to 64
[  228.794948][ T7582] netlink: 36 bytes leftover after parsing attributes in process `syz.4.443'.
[  228.823273][ T7581] netlink: 44 bytes leftover after parsing attributes in process `syz.1.442'.
[  228.825880][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  229.037667][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has a duplicate endpoint with address 0xF, skipping
[  229.727387][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has a duplicate endpoint with address 0xE, skipping
[  229.729127][ T7581] syz.1.442: attempt to access beyond end of device
[  229.729127][ T7581] nbd1: rw=6144, sector=128, nr_sectors = 8 limit=0
[  229.738499][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has a duplicate endpoint with address 0x5, skipping
[  229.762413][ T7581] gfs2: error -5 reading superblock
[  229.763684][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  229.836987][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has a duplicate endpoint with address 0x8A, skipping
[  229.848202][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has a duplicate endpoint with address 0xE, skipping
[  229.859009][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has a duplicate endpoint with address 0xA, skipping
[  229.873181][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  229.885832][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[  229.896578][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has a duplicate endpoint with address 0x4, skipping
[  229.907366][ T5966] usb 5-1: config 0 interface 77 altsetting 0 has 17 endpoint descriptors, different from the interface descriptor's value: 16
[  229.922102][ T5966] usb 5-1: config 0 interface 5 altsetting 1 has a duplicate endpoint with address 0xD, skipping
[  230.010190][ T5966] usb 5-1: config 0 interface 5 altsetting 1 has a duplicate endpoint with address 0x6, skipping
[  230.023227][ T5916] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  230.058628][   T24] usb 1-1: USB disconnect, device number 10
[  230.105025][ T5916] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  230.144263][ T5966] usb 5-1: config 0 interface 5 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  230.299864][ T5916] usb 3-1: USB disconnect, device number 8
[  230.309610][ T5966] usb 5-1: config 0 interface 246 altsetting 140 has an invalid descriptor for endpoint zero, skipping
[  230.453446][ T5966] usb 5-1: config 0 interface 246 altsetting 140 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  230.474895][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has a duplicate endpoint with address 0xE, skipping
[  230.490062][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has a duplicate endpoint with address 0x4, skipping
[  230.504943][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has a duplicate endpoint with address 0xD, skipping
[  230.638117][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has a duplicate endpoint with address 0xD, skipping
[  230.651440][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  230.675923][ T5966] usb 5-1: config 0 interface 85 altsetting 1 endpoint 0x9 has invalid maxpacket 1024, setting to 64
[  230.687061][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[  230.702132][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has a duplicate endpoint with address 0x6, skipping
[  230.742850][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has a duplicate endpoint with address 0xA, skipping
[  230.793056][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has an endpoint descriptor with address 0xBB, changing to 0x8B
[  230.865952][ T5966] usb 5-1: config 0 interface 85 altsetting 1 endpoint 0x8B has an invalid bInterval 68, changing to 10
[  230.883610][ T5966] usb 5-1: config 0 interface 85 altsetting 1 endpoint 0x8B has invalid maxpacket 49536, setting to 1024
[  230.899132][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  230.914437][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  230.928818][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has a duplicate endpoint with address 0x8, skipping
[  230.945785][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has a duplicate endpoint with address 0xC, skipping
[  230.960254][ T5966] usb 5-1: config 0 interface 85 altsetting 1 has 14 endpoint descriptors, different from the interface descriptor's value: 13
[  230.981614][ T5966] usb 5-1: config 0 interface 5 has no altsetting 0
[  230.995763][ T5966] usb 5-1: config 0 interface 246 has no altsetting 0
[  231.003948][ T5966] usb 5-1: config 0 interface 85 has no altsetting 0
[  231.181995][ T5923] libceph: connect (1)[c::]:6789 error -101
[  231.197067][ T5923] libceph: mon0 (1)[c::]:6789 connect error
[  231.210225][ T5966] usb 5-1: string descriptor 0 read error: -71
[  231.223211][ T7594] ceph: No mds server is up or the cluster is laggy
[  231.331994][ T5966] usb 5-1: New USB device found, idVendor=12d1, idProduct=a01a, bcdDevice=ac.31
[  231.395746][ T5966] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.430297][ T5966] usb 5-1: config 0 descriptor??
[  231.446679][ T5966] usb 5-1: can't set config #0, error -71
[  231.477177][ T5966] usb 5-1: USB disconnect, device number 10
[  231.741429][ T7614] netlink: 5196 bytes leftover after parsing attributes in process `syz.3.450'.
[  231.750772][ T7614] openvswitch: netlink: Message has 16 unknown bytes.
[  232.427947][   T44] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  232.602768][ T7619] ALSA: seq fatal error: cannot create timer (-19)
[  232.615884][ T5846] Bluetooth: hci4: command 0x0405 tx timeout
[  232.688399][ T7619] pim6reg: entered allmulticast mode
[  232.705879][   T44] usb 2-1: device descriptor read/64, error -71
[  232.717372][ T7618] pim6reg: left allmulticast mode
[  232.806837][ T7634] netlink: 8 bytes leftover after parsing attributes in process `syz.3.455'.
[  232.864184][ T7635] netlink: 328 bytes leftover after parsing attributes in process `syz.1.456'.
[  232.864497][ T7637] netlink: 4 bytes leftover after parsing attributes in process `syz.0.457'.
[  233.299799][ T7635] QAT: failed to copy from user cfg_data.
[  233.455336][ T5916] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  233.531261][ T5916] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  233.680821][ T7656] netlink: 4 bytes leftover after parsing attributes in process `syz.2.462'.
[  233.760560][ T7659] misc userio: No port type given on /dev/userio
[  233.775674][ T7659] misc userio: The device must be registered before sending interrupts
[  233.791615][ T7659] misc userio: The device must be registered before sending interrupts
[  234.778798][ T7677] netlink: 3 bytes leftover after parsing attributes in process `syz.3.469'.
[  234.813600][ T7677] batadv1: entered promiscuous mode
[  234.831846][ T7677] batadv1: entered allmulticast mode
[  235.087551][ T7691] netlink: 4 bytes leftover after parsing attributes in process `syz.3.472'.
[  235.739535][ T7701] sg_write: data in/out 209/14 bytes for SCSI command 0x0-- guessing data in;
[  235.739535][ T7701]    program syz.0.474 not setting count and/or reply_len properly
[  236.522541][ T7708] misc userio: No port type given on /dev/userio
[  236.567872][ T7708] misc userio: The device must be registered before sending interrupts
[  236.588570][ T7711] IPVS: set_ctl: invalid protocol: 58 172.30.1.5:20003
[  236.596783][ T7708] misc userio: The device must be registered before sending interrupts
[  238.748369][ T7735] fuse: Unknown parameter '0x0000000000000003'
[  239.240543][ T7749] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(12)
[  239.247329][ T7749] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  239.256833][ T7749] vhci_hcd vhci_hcd.0: Device attached
[  239.319101][ T7750] vhci_hcd: connection closed
[  239.382497][ T6112] vhci_hcd: stop threads
[  239.563088][ T6112] vhci_hcd: release socket
[  239.659143][ T5923] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  239.681222][ T6112] vhci_hcd: disconnect device
[  239.784813][ T5923] usb 37-1: enqueue for inactive port 0
[  240.026182][ T5923] vhci_hcd: vhci_device speed not set
[  240.354868][ T7755] netlink: 48 bytes leftover after parsing attributes in process `syz.1.488'.
[  240.566458][ T7756] netlink: 48 bytes leftover after parsing attributes in process `syz.1.488'.
[  240.737588][ T7759] netlink: 36 bytes leftover after parsing attributes in process `syz.2.489'.
[  240.844419][ T7761] misc userio: No port type given on /dev/userio
[  240.859807][ T7761] misc userio: The device must be registered before sending interrupts
[  240.900114][ T7761] misc userio: The device must be registered before sending interrupts
[  241.454311][ T7772] FAULT_INJECTION: forcing a failure.
[  241.454311][ T7772] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  241.553566][ T7772] CPU: 0 UID: 0 PID: 7772 Comm: syz.3.494 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  241.553592][ T7772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  241.553609][ T7772] Call Trace:
[  241.553617][ T7772]  <TASK>
[  241.553625][ T7772]  dump_stack_lvl+0x189/0x250
[  241.553650][ T7772]  ? __pfx____ratelimit+0x10/0x10
[  241.553675][ T7772]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.553694][ T7772]  ? __pfx__printk+0x10/0x10
[  241.553715][ T7772]  ? __might_fault+0xb0/0x130
[  241.553749][ T7772]  should_fail_ex+0x414/0x560
[  241.553778][ T7772]  _copy_from_iter+0x1db/0x16f0
[  241.553800][ T7772]  ? rcu_is_watching+0x15/0xb0
[  241.553820][ T7772]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  241.553844][ T7772]  ? __pfx__copy_from_iter+0x10/0x10
[  241.553864][ T7772]  ? __build_skb_around+0x257/0x3e0
[  241.553887][ T7772]  ? netlink_sendmsg+0x642/0xb30
[  241.553905][ T7772]  ? skb_put+0x11b/0x210
[  241.553928][ T7772]  netlink_sendmsg+0x6b2/0xb30
[  241.553957][ T7772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  241.553986][ T7772]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  241.554008][ T7772]  ? __pfx_netlink_sendmsg+0x10/0x10
[  241.554028][ T7772]  __sock_sendmsg+0x219/0x270
[  241.554056][ T7772]  ____sys_sendmsg+0x505/0x830
[  241.554083][ T7772]  ? __pfx_____sys_sendmsg+0x10/0x10
[  241.554113][ T7772]  ? import_iovec+0x74/0xa0
[  241.554135][ T7772]  ___sys_sendmsg+0x21f/0x2a0
[  241.554159][ T7772]  ? __pfx____sys_sendmsg+0x10/0x10
[  241.554217][ T7772]  ? __fget_files+0x2a/0x420
[  241.554232][ T7772]  ? __fget_files+0x3a0/0x420
[  241.554259][ T7772]  __x64_sys_sendmsg+0x19b/0x260
[  241.554282][ T7772]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  241.554313][ T7772]  ? __pfx_ksys_write+0x10/0x10
[  241.554332][ T7772]  ? rcu_is_watching+0x15/0xb0
[  241.554355][ T7772]  ? do_syscall_64+0xbe/0x3b0
[  241.554376][ T7772]  do_syscall_64+0xfa/0x3b0
[  241.554391][ T7772]  ? lockdep_hardirqs_on+0x9c/0x150
[  241.554414][ T7772]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.554431][ T7772]  ? clear_bhb_loop+0x60/0xb0
[  241.554451][ T7772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.554468][ T7772] RIP: 0033:0x7f68c278e929
[  241.554483][ T7772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.554496][ T7772] RSP: 002b:00007f68c3583038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  241.554515][ T7772] RAX: ffffffffffffffda RBX: 00007f68c29b5fa0 RCX: 00007f68c278e929
[  241.554528][ T7772] RDX: 0000000000000010 RSI: 0000200000005d00 RDI: 0000000000000003
[  241.554544][ T7772] RBP: 00007f68c3583090 R08: 0000000000000000 R09: 0000000000000000
[  241.554554][ T7772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.554564][ T7772] R13: 0000000000000000 R14: 00007f68c29b5fa0 R15: 00007fff72884888
[  241.554596][ T7772]  </TASK>
[  242.925783][  T977] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  243.085980][  T977] usb 5-1: device descriptor read/64, error -71
[  243.153292][ T7794] fuse: Bad value for 'fd'
[  243.785776][  T977] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  244.115832][  T977] usb 5-1: device descriptor read/64, error -71
[  244.127207][ T7807] misc userio: No port type given on /dev/userio
[  244.149758][ T7807] misc userio: The device must be registered before sending interrupts
[  244.160209][ T7807] misc userio: The device must be registered before sending interrupts
[  244.236493][  T977] usb usb5-port1: attempt power cycle
[  244.485845][   T44] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  244.943285][   T44] usb 4-1: Using ep0 maxpacket: 8
[  244.951769][   T44] usb 4-1: config 0 has an invalid interface number: 200 but max is 0
[  244.970854][   T44] usb 4-1: config 0 has no interface number 0
[  244.981891][   T44] usb 4-1: config 0 interface 200 has no altsetting 0
[  244.999313][   T44] usb 4-1: New USB device found, idVendor=0b57, idProduct=8528, bcdDevice=6d.39
[  245.008817][   T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.030062][  T977] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  245.048242][   T44] usb 4-1: Product: syz
[  245.052404][   T44] usb 4-1: Manufacturer: syz
[  245.094616][   T44] usb 4-1: SerialNumber: syz
[  245.109480][  T977] usb 5-1: device descriptor read/8, error -71
[  245.122776][   T44] usb 4-1: config 0 descriptor??
[  246.484844][   T44] input: Hanwang Art Master III 0906 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.200/input/input12
[  246.525434][   T44] usb 4-1: USB disconnect, device number 10
[  246.834149][  T977] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  247.038377][ T7835] netlink: 240 bytes leftover after parsing attributes in process `syz.2.511'.
[  247.177859][  T977] usb 5-1: Using ep0 maxpacket: 32
[  247.190321][  T977] usb 5-1: no configurations
[  247.196153][  T977] usb 5-1: can't read configurations, error -22
[  247.202677][  T977] usb usb5-port1: unable to enumerate USB device
[  247.234321][ T7838] trusted_key: encrypted_key: insufficient parameters specified
[  247.426419][ T7849] fuse: Bad value for 'fd'
[  247.596032][ T5966] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  248.466296][ T5966] usb 1-1: Using ep0 maxpacket: 8
[  248.501511][ T5966] usb 1-1: config 6 has an invalid interface number: 2 but max is 0
[  248.519053][   T30] audit: type=1326 audit(1752405097.324:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.1.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62b718e929 code=0x7ffc0000
[  248.562315][ T5966] usb 1-1: config 6 has no interface number 0
[  248.618985][   T30] audit: type=1326 audit(1752405097.324:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.1.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62b718e929 code=0x7ffc0000
[  248.642668][ T5966] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  248.672175][ T5966] usb 1-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  248.694363][ T5966] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  248.724772][ T5966] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  248.740104][   T30] audit: type=1326 audit(1752405097.334:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.1.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f62b718e929 code=0x7ffc0000
[  248.768724][ T5966] usb 1-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  248.774322][   T30] audit: type=1326 audit(1752405097.334:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.1.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62b718e929 code=0x7ffc0000
[  248.787293][ T5966] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.799422][  T977] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  248.818619][   T30] audit: type=1326 audit(1752405097.334:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.1.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7f62b718e929 code=0x7ffc0000
[  248.845136][   T30] audit: type=1326 audit(1752405097.344:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.1.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62b718e929 code=0x7ffc0000
[  248.882630][ T5966] usb 1-1: Product: syz
[  248.886954][ T5966] usb 1-1: Manufacturer: syz
[  248.891565][ T5966] usb 1-1: SerialNumber: syz
[  248.902915][   T30] audit: type=1326 audit(1752405097.354:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.1.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f62b718e929 code=0x7ffc0000
[  248.982342][   T44] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  248.987824][   T30] audit: type=1326 audit(1752405097.354:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.1.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62b718e929 code=0x7ffc0000
[  249.066820][  T977] usb 5-1: Using ep0 maxpacket: 8
[  249.325592][ T5966] hso 1-1:6.2: Failed to find BULK IN ep
[  249.329146][  T977] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 13
[  249.383388][   T44] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  249.459716][   T30] audit: type=1326 audit(1752405097.354:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.1.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=287 compat=0 ip=0x7f62b718e929 code=0x7ffc0000
[  249.485890][  T977] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  249.491279][   T44] usb 3-1: Duplicate descriptor for config 0 interface 0 altsetting 0, skipping
[  249.511057][ T7844] syzkaller1: entered promiscuous mode
[  249.516591][ T7844] syzkaller1: entered allmulticast mode
[  249.536034][  T977] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.556863][   T44] usb 3-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  249.581567][   T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.595781][   T44] usb 3-1: Product: syz
[  249.599986][   T44] usb 3-1: Manufacturer: syz
[  249.626381][  T977] usb 5-1: Product: syz
[  249.634538][  T977] usb 5-1: Manufacturer: syz
[  249.645521][   T30] audit: type=1326 audit(1752405097.354:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7858 comm="syz.1.520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62b718e929 code=0x7ffc0000
[  249.669732][  T977] usb 5-1: SerialNumber: syz
[  249.677066][   T44] usb 3-1: SerialNumber: syz
[  249.689907][  T977] usb 5-1: config 0 descriptor??
[  249.709175][  T977] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  249.763962][   T44] usb 3-1: config 0 descriptor??
[  250.018354][  T977] gspca_zc3xx: reg_w_i err -71
[  250.044670][   T44] usb 3-1: USB disconnect, device number 9
[  250.492543][ T7884] FAULT_INJECTION: forcing a failure.
[  250.492543][ T7884] name failslab, interval 1, probability 0, space 0, times 0
[  250.511024][ T7884] CPU: 0 UID: 0 PID: 7884 Comm: syz.1.527 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  250.511050][ T7884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.511061][ T7884] Call Trace:
[  250.511068][ T7884]  <TASK>
[  250.511076][ T7884]  dump_stack_lvl+0x189/0x250
[  250.511100][ T7884]  ? __pfx____ratelimit+0x10/0x10
[  250.511124][ T7884]  ? __pfx_dump_stack_lvl+0x10/0x10
[  250.511143][ T7884]  ? __pfx__printk+0x10/0x10
[  250.511171][ T7884]  ? __pfx___might_resched+0x10/0x10
[  250.511194][ T7884]  should_fail_ex+0x414/0x560
[  250.511222][ T7884]  should_failslab+0xa8/0x100
[  250.511248][ T7884]  kmem_cache_alloc_noprof+0x73/0x3c0
[  250.511270][ T7884]  ? getname_flags+0xb8/0x540
[  250.511291][ T7884]  getname_flags+0xb8/0x540
[  250.511313][ T7884]  user_path_at+0x24/0x60
[  250.511333][ T7884]  __se_sys_mount+0x2d3/0x410
[  250.511357][ T7884]  ? __pfx___se_sys_mount+0x10/0x10
[  250.511371][ T7884]  ? rcu_is_watching+0x15/0xb0
[  250.511395][ T7884]  ? do_syscall_64+0xbe/0x3b0
[  250.511410][ T7884]  ? __x64_sys_mount+0x20/0xc0
[  250.511428][ T7884]  do_syscall_64+0xfa/0x3b0
[  250.511443][ T7884]  ? lockdep_hardirqs_on+0x9c/0x150
[  250.511466][ T7884]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.511483][ T7884]  ? clear_bhb_loop+0x60/0xb0
[  250.511503][ T7884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.511519][ T7884] RIP: 0033:0x7f62b718e929
[  250.511534][ T7884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.511548][ T7884] RSP: 002b:00007f62b7f83038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  250.511566][ T7884] RAX: ffffffffffffffda RBX: 00007f62b73b5fa0 RCX: 00007f62b718e929
[  250.511579][ T7884] RDX: 0000200000000000 RSI: 00002000000000c0 RDI: 0000000000000000
[  250.511594][ T7884] RBP: 00007f62b7f83090 R08: 0000200000000400 R09: 0000000000000000
[  250.511605][ T7884] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.511616][ T7884] R13: 0000000000000000 R14: 00007f62b73b5fa0 R15: 00007ffeb73d6258
[  250.511645][ T7884]  </TASK>
[  250.752798][  T977] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  250.759220][  T977] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  250.770555][  T977] usb 5-1: USB disconnect, device number 15
[  251.070288][  T977] usb 1-1: USB disconnect, device number 11
[  253.011059][ T7927] loop6: detected capacity change from 0 to 2098
[  253.215936][   T44] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  253.228801][ T5896] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  253.375897][   T44] usb 1-1: Using ep0 maxpacket: 8
[  253.384663][   T44] usb 1-1: config 6 has an invalid interface number: 2 but max is 0
[  253.405079][   T44] usb 1-1: config 6 has no interface number 0
[  253.418753][   T44] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  253.422925][ T5896] usb 4-1: Using ep0 maxpacket: 16
[  253.438665][   T44] usb 1-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  253.443170][ T5896] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[  253.463534][   T44] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  253.478777][ T5896] usb 4-1: config 0 has no interface number 0
[  253.484903][ T5896] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[  253.488835][   T44] usb 1-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  253.527526][ T5896] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xCB, changing to 0x8B
[  253.535008][   T44] usb 1-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  253.558630][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.563765][ T5896] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  253.582808][ T5896] usb 4-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  253.589334][   T44] usb 1-1: Product: syz
[  253.600311][ T5896] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[  253.603219][   T44] usb 1-1: Manufacturer: syz
[  253.611775][ T5896] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.628500][ T5896] usb 4-1: Product: syz
[  253.635150][   T44] usb 1-1: SerialNumber: syz
[  253.635476][ T5896] usb 4-1: Manufacturer: syz
[  253.988758][   T44] hso 1-1:6.2: Failed to find BULK IN ep
[  254.054239][ T5896] usb 4-1: SerialNumber: syz
[  254.122164][ T5896] usb 4-1: config 0 descriptor??
[  254.159018][ T7926] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  254.248323][ T7929] syzkaller1: entered promiscuous mode
[  254.253882][ T7929] syzkaller1: entered allmulticast mode
[  254.711645][ T7950] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  255.019274][  T977] usb 1-1: USB disconnect, device number 12
[  255.677454][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  255.684460][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  256.060207][ T5896] usb 4-1: USB disconnect, device number 11
[  256.386014][   T44] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  256.425405][ T7966] /dev/nullb0: Can't open blockdev
[  256.463472][ T7965] ALSA: seq fatal error: cannot create timer (-19)
[  256.516026][   T44] usb 5-1: device descriptor read/64, error -71
[  256.657700][ T7968] pim6reg: entered allmulticast mode
[  256.766082][   T44] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[  257.077352][ T7964] pim6reg: left allmulticast mode
[  257.138916][ T7974] netlink: 2384 bytes leftover after parsing attributes in process `syz.1.559'.
[  257.155946][   T44] usb 5-1: device descriptor read/64, error -71
[  257.275166][   T44] usb usb5-port1: attempt power cycle
[  258.175764][   T44] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[  258.227642][   T44] usb 5-1: device descriptor read/8, error -71
[  258.708765][   T44] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  258.783054][   T44] usb 5-1: device descriptor read/8, error -71
[  258.874022][ T7993] vivid-002: disconnect
[  258.914235][   T44] usb usb5-port1: unable to enumerate USB device
[  259.418303][ T7991] vivid-002: reconnect
[  259.680815][ T7999] FAULT_INJECTION: forcing a failure.
[  259.680815][ T7999] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.694021][ T7999] CPU: 1 UID: 0 PID: 7999 Comm: syz.1.565 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  259.694044][ T7999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  259.694056][ T7999] Call Trace:
[  259.694065][ T7999]  <TASK>
[  259.694072][ T7999]  dump_stack_lvl+0x189/0x250
[  259.694096][ T7999]  ? __pfx____ratelimit+0x10/0x10
[  259.694121][ T7999]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.694140][ T7999]  ? __pfx__printk+0x10/0x10
[  259.694162][ T7999]  ? __might_fault+0xb0/0x130
[  259.694196][ T7999]  should_fail_ex+0x414/0x560
[  259.694231][ T7999]  _copy_from_iter+0x1db/0x16f0
[  259.694254][ T7999]  ? rcu_is_watching+0x15/0xb0
[  259.694275][ T7999]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  259.694299][ T7999]  ? __pfx__copy_from_iter+0x10/0x10
[  259.694319][ T7999]  ? __build_skb_around+0x257/0x3e0
[  259.694343][ T7999]  ? netlink_sendmsg+0x642/0xb30
[  259.694361][ T7999]  ? skb_put+0x11b/0x210
[  259.694384][ T7999]  netlink_sendmsg+0x6b2/0xb30
[  259.694413][ T7999]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.694442][ T7999]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  259.694464][ T7999]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.694485][ T7999]  __sock_sendmsg+0x219/0x270
[  259.694513][ T7999]  ____sys_sendmsg+0x505/0x830
[  259.694540][ T7999]  ? __pfx_____sys_sendmsg+0x10/0x10
[  259.694570][ T7999]  ? import_iovec+0x74/0xa0
[  259.694593][ T7999]  ___sys_sendmsg+0x21f/0x2a0
[  259.694617][ T7999]  ? __pfx____sys_sendmsg+0x10/0x10
[  259.694676][ T7999]  ? __fget_files+0x2a/0x420
[  259.694690][ T7999]  ? __fget_files+0x3a0/0x420
[  259.694717][ T7999]  __x64_sys_sendmsg+0x19b/0x260
[  259.694736][ T7999]  ? schedule+0x165/0x360
[  259.694760][ T7999]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  259.694801][ T7999]  ? do_syscall_64+0xbe/0x3b0
[  259.694821][ T7999]  do_syscall_64+0xfa/0x3b0
[  259.694839][ T7999]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.694855][ T7999]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  259.694871][ T7999]  ? clear_bhb_loop+0x60/0xb0
[  259.694892][ T7999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.694909][ T7999] RIP: 0033:0x7f62b718e929
[  259.694925][ T7999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.694938][ T7999] RSP: 002b:00007f62b7f41038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.694957][ T7999] RAX: ffffffffffffffda RBX: 00007f62b73b6160 RCX: 00007f62b718e929
[  259.694969][ T7999] RDX: 0000000000000004 RSI: 0000200000000300 RDI: 0000000000000008
[  259.694980][ T7999] RBP: 00007f62b7f41090 R08: 0000000000000000 R09: 0000000000000000
[  259.694991][ T7999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.695001][ T7999] R13: 0000000000000000 R14: 00007f62b73b6160 R15: 00007ffeb73d6258
[  259.695030][ T7999]  </TASK>
[  260.128874][ T8001] netlink: 'syz.3.567': attribute type 29 has an invalid length.
[  260.475867][ T5903] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  261.967851][ T5903] usb 4-1: Using ep0 maxpacket: 8
[  261.977766][ T5903] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 13
[  262.022404][ T5903] usb 4-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  262.031793][ T5903] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.040825][ T5903] usb 4-1: Product: syz
[  262.045128][ T5903] usb 4-1: Manufacturer: syz
[  262.077157][ T5903] usb 4-1: SerialNumber: syz
[  262.099993][ T5903] usb 4-1: config 0 descriptor??
[  262.161440][ T8027] FAULT_INJECTION: forcing a failure.
[  262.161440][ T8027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  262.206441][ T5903] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  262.236003][ T8027] CPU: 0 UID: 0 PID: 8027 Comm: syz.0.573 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  262.236029][ T8027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  262.236040][ T8027] Call Trace:
[  262.236048][ T8027]  <TASK>
[  262.236056][ T8027]  dump_stack_lvl+0x189/0x250
[  262.236080][ T8027]  ? __pfx____ratelimit+0x10/0x10
[  262.236105][ T8027]  ? __pfx_dump_stack_lvl+0x10/0x10
[  262.236127][ T8027]  ? __pfx__printk+0x10/0x10
[  262.236147][ T8027]  ? __might_fault+0xb0/0x130
[  262.236182][ T8027]  should_fail_ex+0x414/0x560
[  262.236211][ T8027]  _copy_from_user+0x2d/0xb0
[  262.236231][ T8027]  do_ipv6_setsockopt+0x32d/0x2fb0
[  262.236265][ T8027]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  262.236285][ T8027]  ? __might_fault+0xb0/0x130
[  262.236309][ T8027]  ? _parse_integer_limit+0x1ae/0x1f0
[  262.236339][ T8027]  ? __lock_acquire+0xab9/0xd20
[  262.236366][ T8027]  ? get_pid_task+0x20/0x1f0
[  262.236400][ T8027]  ? rcu_read_lock_any_held+0xb3/0x120
[  262.236419][ T8027]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  262.236441][ T8027]  ? vfs_write+0x8d8/0xa90
[  262.236470][ T8027]  ipv6_setsockopt+0x59/0x170
[  262.236495][ T8027]  rawv6_setsockopt+0x23b/0x5b0
[  262.236515][ T8027]  ? __lock_acquire+0xab9/0xd20
[  262.236532][ T8027]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  262.236557][ T8027]  ? sock_common_setsockopt+0x36/0xc0
[  262.236574][ T8027]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  262.236592][ T8027]  do_sock_setsockopt+0x257/0x3e0
[  262.236615][ T8027]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  262.236639][ T8027]  ? __fget_files+0x2a/0x420
[  262.236661][ T8027]  __x64_sys_setsockopt+0x18b/0x220
[  262.236687][ T8027]  do_syscall_64+0xfa/0x3b0
[  262.236703][ T8027]  ? lockdep_hardirqs_on+0x9c/0x150
[  262.236724][ T8027]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.236741][ T8027]  ? clear_bhb_loop+0x60/0xb0
[  262.236761][ T8027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.236777][ T8027] RIP: 0033:0x7f222ff8e929
[  262.236793][ T8027] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  262.236807][ T8027] RSP: 002b:00007f2230d54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  262.236827][ T8027] RAX: ffffffffffffffda RBX: 00007f22301b5fa0 RCX: 00007f222ff8e929
[  262.236840][ T8027] RDX: 00000000000000cf RSI: 0000000000000029 RDI: 0000000000000003
[  262.236851][ T8027] RBP: 00007f2230d54090 R08: 0000000000000004 R09: 0000000000000000
[  262.236861][ T8027] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  262.236872][ T8027] R13: 0000000000000000 R14: 00007f22301b5fa0 R15: 00007fff73f446c8
[  262.236900][ T8027]  </TASK>
[  262.615851][ T5903] gspca_zc3xx: reg_w_i err -71
[  262.676662][ T8001] tmpfs: Bad value for 'nr_inodes'
[  263.766757][ T5903] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  263.778221][ T5903] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  264.238614][ T8041] binder_alloc: 8038: binder_alloc_buf size 8232 failed, no address space
[  264.249151][ T5903] usb 4-1: USB disconnect, device number 12
[  264.279586][ T8041] binder_alloc: allocated: 0 (num: 0 largest: 0), free: 8192 (num: 1 largest: 8192)
[  267.236101][ T5966] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  267.365823][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  267.365841][   T30] audit: type=1800 audit(1752405116.154:76): pid=8081 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.590" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  267.550846][ T5966] usb 2-1: Using ep0 maxpacket: 32
[  267.624108][ T5966] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  267.632790][ T5966] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  267.665739][ T5966] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  267.672980][ T8084] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  267.700658][ T5966] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  267.735797][ T5966] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  267.747703][ T5966] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  267.763315][ T5966] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  267.772878][ T8080] netlink: 8 bytes leftover after parsing attributes in process `syz.3.590'.
[  267.783601][ T8080] syz.3.590: attempt to access beyond end of device
[  267.783601][ T8080] nbd3: rw=6144, sector=128, nr_sectors = 8 limit=0
[  267.796747][ T8080] gfs2: error -5 reading superblock
[  267.813826][ T5966] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.851532][ T5966] usb 2-1: config 0 descriptor??
[  268.079787][ T5966] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 17 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  268.344926][  T977] usb 2-1: USB disconnect, device number 17
[  268.777120][  T977] usblp0: removed
[  269.102254][ T5966] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  269.468087][ T5966] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  269.508255][ T5966] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  269.625124][ T5966] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  269.695829][ T5966] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  269.703862][ T5966] usb 4-1: SerialNumber: syz
[  270.029571][ T5966] usb 4-1: 0:2 : does not exist
[  270.105890][ T5896] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  270.115387][ T5966] usb 4-1: USB disconnect, device number 13
[  270.187523][ T7463] udevd[7463]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  270.286193][ T5896] usb 3-1: Using ep0 maxpacket: 8
[  270.306812][ T5896] usb 3-1: config 0 has an invalid interface number: 154 but max is 0
[  270.371270][ T5896] usb 3-1: config 0 has an invalid descriptor of length 112, skipping remainder of the config
[  270.398389][ T5896] usb 3-1: config 0 has no interface number 0
[  270.404562][ T5896] usb 3-1: too many endpoints for config 0 interface 154 altsetting 202: 254, using maximum allowed: 30
[  270.418339][ T5896] usb 3-1: config 0 interface 154 altsetting 202 has 0 endpoint descriptors, different from the interface descriptor's value: 254
[  270.433094][ T5896] usb 3-1: config 0 interface 154 has no altsetting 0
[  270.452081][ T5896] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  270.467707][ T5896] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.480699][ T5896] usb 3-1: Product: syz
[  270.484877][ T5896] usb 3-1: Manufacturer: syz
[  270.490677][ T5896] usb 3-1: SerialNumber: syz
[  270.507640][ T5896] usb 3-1: config 0 descriptor??
[  271.394802][ T5896] streamzap 3-1:0.154: streamzap_probe: Unexpected desc.bNumEndpoints (0)
[  271.405216][ T8124] ALSA: seq fatal error: cannot create timer (-19)
[  271.421606][ T8129] pim6reg: entered allmulticast mode
[  271.427597][ T5896] usb 3-1: USB disconnect, device number 10
[  271.606593][ T8124] pim6reg: left allmulticast mode
[  271.646980][ T8134] FAULT_INJECTION: forcing a failure.
[  271.646980][ T8134] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.671789][ T8134] CPU: 0 UID: 0 PID: 8134 Comm: syz.0.604 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  271.671807][ T8134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  271.671814][ T8134] Call Trace:
[  271.671819][ T8134]  <TASK>
[  271.671824][ T8134]  dump_stack_lvl+0x189/0x250
[  271.671846][ T8134]  ? __pfx____ratelimit+0x10/0x10
[  271.671864][ T8134]  ? __pfx_dump_stack_lvl+0x10/0x10
[  271.671875][ T8134]  ? __pfx__printk+0x10/0x10
[  271.671887][ T8134]  ? __might_fault+0xb0/0x130
[  271.671906][ T8134]  should_fail_ex+0x414/0x560
[  271.671923][ T8134]  _copy_from_user+0x2d/0xb0
[  271.671935][ T8134]  ___sys_recvmsg+0x12e/0x510
[  271.671951][ T8134]  ? __pfx____sys_recvmsg+0x10/0x10
[  271.671976][ T8134]  ? __fget_files+0x3a0/0x420
[  271.671991][ T8134]  do_recvmmsg+0x307/0x770
[  271.672008][ T8134]  ? __pfx_do_recvmmsg+0x10/0x10
[  271.672026][ T8134]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  271.672045][ T8134]  __x64_sys_recvmmsg+0x190/0x240
[  271.672059][ T8134]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  271.672070][ T8134]  ? rcu_is_watching+0x15/0xb0
[  271.672086][ T8134]  ? do_syscall_64+0xbe/0x3b0
[  271.672097][ T8134]  do_syscall_64+0xfa/0x3b0
[  271.672105][ T8134]  ? lockdep_hardirqs_on+0x9c/0x150
[  271.672118][ T8134]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.672128][ T8134]  ? clear_bhb_loop+0x60/0xb0
[  271.672139][ T8134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.672148][ T8134] RIP: 0033:0x7f222ff8e929
[  271.672158][ T8134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.672166][ T8134] RSP: 002b:00007f2230d54038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  271.672178][ T8134] RAX: ffffffffffffffda RBX: 00007f22301b5fa0 RCX: 00007f222ff8e929
[  271.672185][ T8134] RDX: 0000000000000002 RSI: 00002000000023c0 RDI: 0000000000000004
[  271.672191][ T8134] RBP: 00007f2230d54090 R08: 0000000000000000 R09: 0000000000000000
[  271.672197][ T8134] R10: 0000000000010021 R11: 0000000000000246 R12: 0000000000000001
[  271.672203][ T8134] R13: 0000000000000000 R14: 00007f22301b5fa0 R15: 00007fff73f446c8
[  271.672219][ T8134]  </TASK>
[  271.887963][    C0] vkms_vblank_simulate: vblank timer overrun
[  273.715022][ T8151] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  273.927114][ T8162] netlink: 4 bytes leftover after parsing attributes in process `syz.1.615'.
[  274.083391][ T8170] xt_time: invalid argument - start or stop time greater than 23:59:59
[  274.204406][ T8170] netlink: 28 bytes leftover after parsing attributes in process `syz.4.613'.
[  274.775262][   T30] audit: type=1326 audit(1752405123.574:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8165 comm="syz.3.614" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f68c278e929 code=0x0
[  275.368941][ T8192] netlink: 256 bytes leftover after parsing attributes in process `syz.3.622'.
[  275.646950][ T8194] cgroup: Need name or subsystem set
[  276.115952][ T5896] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  276.394879][ T8208] fuse: Unknown parameter 'fcN��d'
[  276.628084][ T5896] usb 1-1: Using ep0 maxpacket: 8
[  276.659110][ T5896] usb 1-1: config index 0 descriptor too short (expected 231, got 164)
[  276.667766][ T5903] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  276.695911][ T5896] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  276.707225][ T5896] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  276.721702][ T5896] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  276.739457][ T5896] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  276.760919][ T5896] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.809406][ T5896] usb 1-1: Manufacturer: ೵侻ਙȯﺨ╹沛ꁋ
[  276.830987][ T5903] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD6, changing to 0x86
[  276.845748][ T5896] usb 1-1: SerialNumber: ယ㻚펵䀼珃텕痰凜湹湫몃ࢴ謄띫虴씉⅕ࣅ侗힞ඝ㍷⎙걤檗똒㺥䗒窝筌窇撕焢衵ꗮ㍏碩兓鳳艰椦딵퟽槩蟵㮛伌ꨑ昚Υꀛ亗㟐掄戊鍩ഡ꼤菘퐔뙦컨쥄ᙟ萋懩㹯컩䛷稿ᚊ쫂₞⍎ⰸ弳쇋웪셆ﮘ걪룾悈㵦攽◼鹱ટ谊蒘筻噣ᕐ굘앲硎㚡ꕦ朰緿ጥ県믞둱㽻몀鯷倷
[  276.881126][    C0] vkms_vblank_simulate: vblank timer overrun
[  276.905769][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  276.932217][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  276.948284][ T5903] usb 3-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24
[  276.957660][ T5903] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.968402][ T5903] usb 3-1: Product: syz
[  276.981989][ T5903] usb 3-1: Manufacturer: syz
[  276.990529][ T5903] usb 3-1: SerialNumber: syz
[  277.024102][ T5903] usb 3-1: config 0 descriptor??
[  277.096378][ T5966] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  277.120140][ T8216] xt_cgroup: invalid path, errno=-2
[  277.260875][ T5966] usb 4-1: Using ep0 maxpacket: 16
[  277.263409][ T5896] usb 1-1: 0:2 : does not exist
[  277.277884][ T5966] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  277.289226][ T5903] powermate: unknown product id 0240
[  277.289243][ T5903] powermate: Expected payload of 3--6 bytes, found 0 bytes!
[  277.289473][ T5903] powermate 3-1:0.0: probe with driver powermate failed with error -5
[  277.343737][ T5896] usb 1-1: USB disconnect, device number 13
[  277.348387][ T5966] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  277.350241][ T5903] usb 3-1: USB disconnect, device number 11
[  277.399934][ T5966] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  277.435259][ T5966] usb 4-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  277.480189][ T5966] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.513263][ T5966] usb 4-1: config 0 descriptor??
[  277.877488][ T5916] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  278.128402][ T5916] usb 5-1: Using ep0 maxpacket: 16
[  278.153692][ T5966] ryos 0003:1E7D:31CE.0005: unbalanced delimiter at end of report description
[  278.203776][ T5916] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  278.269700][ T5966] ryos 0003:1E7D:31CE.0005: parse failed
[  278.309475][ T5916] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  278.347551][ T5966] ryos 0003:1E7D:31CE.0005: probe with driver ryos failed with error -22
[  278.427653][ T5916] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  278.563125][ T5916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.624629][ T5916] usb 5-1: config 0 descriptor??
[  278.702603][ T8212] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  278.966072][ T5896] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  279.093768][ T8229] netlink: 8 bytes leftover after parsing attributes in process `syz.2.636'.
[  279.145075][ T5896] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  279.177306][ T5896] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  279.205851][ T5896] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  279.239025][ T5896] usb 1-1: New USB device found, idVendor=0525, idProduct=85a1, bcdDevice= 0.40
[  279.255901][ T5896] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.266179][ T5896] usb 1-1: Product: syz
[  279.275974][ T5896] usb 1-1: Manufacturer: syz
[  279.280598][ T5896] usb 1-1: SerialNumber: syz
[  279.742548][ T5916] usbhid 5-1:0.0: can't add hid device: -71
[  279.757721][ T5916] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  279.760181][ T5896] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[  279.777819][ T5966] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  279.793745][ T5916] usb 5-1: USB disconnect, device number 20
[  279.811838][ T5896] cdc_ncm 1-1:1.0: bind() failure
[  279.856450][ T5896] usb 1-1: USB disconnect, device number 14
[  280.075763][ T5966] usb 2-1: Using ep0 maxpacket: 16
[  280.084819][ T5966] usb 2-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  280.098049][ T5966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.108037][ T5966] usb 2-1: Product: syz
[  280.112226][ T5966] usb 2-1: Manufacturer: syz
[  280.117309][ T5966] usb 2-1: SerialNumber: syz
[  280.131141][ T5966] usb 2-1: config 0 descriptor??
[  280.140336][ T5966] ums-onetouch 2-1:0.0: USB Mass Storage device detected
[  280.272197][ T5838] Bluetooth: hci3: unexpected event for opcode 0x200d
[  280.382934][ T8243] mkiss: ax0: crc mode is auto.
[  280.406053][ T5896] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  280.606375][ T5896] usb 3-1: Using ep0 maxpacket: 8
[  280.616352][ T5838] Bluetooth: hci5: command 0x1003 tx timeout
[  280.623085][ T5842] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  280.641751][ T5903] usb 2-1: USB disconnect, device number 18
[  280.651221][ T5896] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  280.685964][ T5896] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.693987][ T5896] usb 3-1: Product: syz
[  280.712851][ T5896] usb 3-1: Manufacturer: syz
[  280.727451][ T5896] usb 3-1: SerialNumber: syz
[  280.746033][ T5896] usb 3-1: config 0 descriptor??
[  280.755957][ T5966] usb 4-1: USB disconnect, device number 14
[  280.901246][   T30] audit: type=1326 audit(1752405129.704:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8264 comm="syz.0.645" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f222ff8e929 code=0x0
[  280.975454][ T5896] usb 3-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  281.225778][ T5966] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  281.801002][ T5896] usb write operation failed. (-71)
[  281.913354][ T5896] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  281.978165][ T5896] dvbdev: DVB: registering new adapter (Terratec H7)
[  281.984937][ T5896] usb 3-1: media controller created
[  282.246833][ T5966] usb 4-1: config 0 has an invalid interface number: 46 but max is 0
[  282.254951][ T5966] usb 4-1: config 0 has no interface number 0
[  282.256177][ T5896] usb read operation failed. (-71)
[  282.370691][ T5966] usb 4-1: config 0 interface 46 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  282.387261][ T5896] usb write operation failed. (-71)
[  282.462510][ T5966] usb 4-1: config 0 interface 46 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  283.178677][ T5966] usb 4-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01
[  283.245189][ T5966] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.254665][ T5966] usb 4-1: Product: syz
[  283.259326][ T5966] usb 4-1: Manufacturer: syz
[  283.264024][ T5966] usb 4-1: SerialNumber: syz
[  283.405786][   T30] audit: type=1800 audit(1752405132.194:79): pid=8294 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.651" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  283.477715][ T5896] dvb_usb_az6007 3-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  283.508910][ T8294] syz.0.651: attempt to access beyond end of device
[  283.508910][ T8294] nbd0: rw=6144, sector=128, nr_sectors = 8 limit=0
[  283.522604][ T8294] gfs2: error -5 reading superblock
[  283.595002][ T5966] usb 4-1: config 0 descriptor??
[  283.769046][ T5966] ums-karma 4-1:0.46: USB Mass Storage device detected
[  283.811815][ T5896] usb 3-1: USB disconnect, device number 12
[  283.926096][ T5966] ums-karma 4-1:0.46: probe with driver ums-karma failed with error -5
[  284.005761][ T5966] usb 4-1: USB disconnect, device number 15
[  284.303290][ T8307] pim6reg: entered allmulticast mode
[  284.347162][ T8309] overlay: ./file0 is not a directory
[  284.355157][ T8298] ALSA: seq fatal error: cannot create timer (-19)
[  284.497350][ T5896] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  284.625507][ T8297] pim6reg: left allmulticast mode
[  284.656168][ T5923] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  284.769623][ T5896] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  284.783049][ T5896] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  284.795250][ T5896] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  284.805557][ T5896] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  284.819265][ T5896] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  284.831972][ T5896] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  284.841328][ T5923] usb 1-1: Using ep0 maxpacket: 8
[  284.847339][ T5896] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  284.856249][ T5896] usb 2-1: Product: syz
[  284.860688][ T5923] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  284.870596][ T5923] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  284.880369][ T5896] usb 2-1: Manufacturer: syz
[  284.891316][ T5923] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  284.907085][ T5896] cdc_wdm 2-1:1.0: skipping garbage
[  284.912303][ T5896] cdc_wdm 2-1:1.0: skipping garbage
[  284.920208][ T5923] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  284.934680][ T5923] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  284.945447][ T5896] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  284.951516][ T5896] cdc_wdm 2-1:1.0: Unknown control protocol
[  284.964611][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.988997][ T5923] usbtmc 1-1:16.0: bulk endpoints not found
[  285.016134][ T5966] usb 4-1: new low-speed USB device number 16 using dummy_hcd
[  285.111967][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  285.118704][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  285.125880][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  285.132477][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  285.138719][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  285.145297][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  285.151529][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  285.158116][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  285.164445][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  285.171037][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  285.177413][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  285.184015][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  285.193401][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  285.200024][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  285.206539][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  285.213140][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  285.221860][   T44] usb 2-1: USB disconnect, device number 19
[  285.228321][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  285.228334][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  285.228342][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  285.250790][ T5966] usb 4-1: Invalid ep0 maxpacket: 16
[  285.385874][ T5966] usb 4-1: new low-speed USB device number 17 using dummy_hcd
[  285.825838][ T5966] usb 4-1: Invalid ep0 maxpacket: 16
[  285.832187][ T5966] usb usb4-port1: attempt power cycle
[  285.848783][ T8328] overlayfs: failed to resolve './file0': -2
[  286.248115][ T5966] usb 4-1: new low-speed USB device number 18 using dummy_hcd
[  286.297143][ T5896] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  286.352960][ T5966] usb 4-1: Invalid ep0 maxpacket: 16
[  286.516223][ T5896] usb 2-1: device descriptor read/64, error -71
[  286.535759][ T5966] usb 4-1: new low-speed USB device number 19 using dummy_hcd
[  286.570163][ T5966] usb 4-1: Invalid ep0 maxpacket: 16
[  286.586450][ T5966] usb usb4-port1: unable to enumerate USB device
[  286.775794][ T5896] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  287.046804][ T5896] usb 2-1: device descriptor read/64, error -71
[  287.628061][ T5896] usb usb2-port1: attempt power cycle
[  287.754221][ T5966] usb 1-1: USB disconnect, device number 15
[  289.157030][ T8360] =======================================================
[  289.157030][ T8360] WARNING: The mand mount option has been deprecated and
[  289.157030][ T8360]          and is ignored by this kernel. Remove the mand
[  289.157030][ T8360]          option from the mount to silence this warning.
[  289.157030][ T8360] =======================================================
[  289.293940][ T8364] ALSA: seq fatal error: cannot create timer (-19)
[  290.188087][ T5896] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  290.512238][ T8372] pim6reg: entered allmulticast mode
[  290.814719][ T5896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  290.822318][ T8361] pim6reg: left allmulticast mode
[  290.875383][ T5896] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  290.915775][ T5896] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  290.930394][ T5896] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.943060][ T5896] usb 5-1: config 0 descriptor??
[  291.462872][ T8360] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  291.476318][ T8360] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  291.507696][ T5896] kone 0003:1E7D:2CED.0006: unknown main item tag 0x0
[  291.535785][ T5896] kone 0003:1E7D:2CED.0006: unknown main item tag 0x0
[  291.555756][ T5896] kone 0003:1E7D:2CED.0006: unknown main item tag 0x0
[  291.603364][ T5896] kone 0003:1E7D:2CED.0006: hidraw0: USB HID v0.00 Device [HID 1e7d:2ced] on usb-dummy_hcd.4-1/input0
[  291.708990][ T8360] bond0: option fail_over_mac: unable to set because the bond device has slaves
[  291.729543][ T5896] usb 5-1: USB disconnect, device number 21
[  291.905572][ T8388] fido_id[8388]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  293.086204][ T8408] overlayfs: overlapping lowerdir path
[  294.662285][ T8435] blktrace: Concurrent blktraces are not allowed on loop8
[  294.975887][ T5888] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  295.425888][ T5888] usb 1-1: Using ep0 maxpacket: 32
[  295.512745][ T5888] usb 1-1: config 3 has an invalid interface number: 171 but max is 29
[  295.521382][ T5888] usb 1-1: config 3 has 1 interface, different from the descriptor's value: 30
[  295.535779][ T5888] usb 1-1: config 3 has no interface number 0
[  295.546926][ T5888] usb 1-1: config 3 interface 171 altsetting 108 endpoint 0x1 has invalid wMaxPacketSize 0
[  295.572452][ T5888] usb 1-1: config 3 interface 171 has no altsetting 0
[  295.607716][ T8441] FAULT_INJECTION: forcing a failure.
[  295.607716][ T8441] name failslab, interval 1, probability 0, space 0, times 0
[  295.625088][ T5888] usb 1-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice= c.e5
[  295.643435][ T5888] usb 1-1: New USB device strings: Mfr=1, Product=10, SerialNumber=3
[  295.653719][ T5888] usb 1-1: Product: syz
[  295.667136][ T5888] usb 1-1: Manufacturer: syz
[  295.686734][ T8441] CPU: 0 UID: 0 PID: 8441 Comm: syz.2.693 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  295.686758][ T8441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.686769][ T8441] Call Trace:
[  295.686777][ T8441]  <TASK>
[  295.686784][ T8441]  dump_stack_lvl+0x189/0x250
[  295.686808][ T8441]  ? __pfx____ratelimit+0x10/0x10
[  295.686832][ T8441]  ? __pfx_dump_stack_lvl+0x10/0x10
[  295.686851][ T8441]  ? __pfx__printk+0x10/0x10
[  295.686877][ T8441]  ? __pfx___might_resched+0x10/0x10
[  295.686901][ T8441]  should_fail_ex+0x414/0x560
[  295.686930][ T8441]  should_failslab+0xa8/0x100
[  295.686953][ T8441]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[  295.686967][ T8441]  ? smk_parse_smack+0x1b1/0x1f0
[  295.686980][ T8441]  ? lockdep_hardirqs_on+0x9c/0x150
[  295.686998][ T8441]  kstrndup+0x80/0x160
[  295.687009][ T8441]  smk_parse_smack+0x1b1/0x1f0
[  295.687022][ T8441]  smk_import_entry+0x20/0x1d0
[  295.687034][ T8441]  smk_fill_rule+0xb6/0x630
[  295.687049][ T8441]  smk_parse_long_rule+0xbc3/0xee0
[  295.687064][ T8441]  ? __pfx_smk_parse_long_rule+0x10/0x10
[  295.687084][ T8441]  smk_write_rules_list+0x239/0x370
[  295.687098][ T8441]  ? __pfx_smk_write_change_rule+0x10/0x10
[  295.687114][ T8441]  vfs_write+0x27e/0xa90
[  295.687131][ T8441]  ? __pfx_vfs_write+0x10/0x10
[  295.687144][ T8441]  ? __fget_files+0x2a/0x420
[  295.687156][ T8441]  ? __fget_files+0x3a0/0x420
[  295.687164][ T8441]  ? __fget_files+0x2a/0x420
[  295.687178][ T8441]  ksys_write+0x145/0x250
[  295.687191][ T8441]  ? __pfx_ksys_write+0x10/0x10
[  295.687202][ T8441]  ? rcu_is_watching+0x15/0xb0
[  295.687216][ T8441]  ? do_syscall_64+0xbe/0x3b0
[  295.687227][ T8441]  do_syscall_64+0xfa/0x3b0
[  295.687235][ T8441]  ? lockdep_hardirqs_on+0x9c/0x150
[  295.687248][ T8441]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.687257][ T8441]  ? clear_bhb_loop+0x60/0xb0
[  295.687269][ T8441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.687278][ T8441] RIP: 0033:0x7fc7e618e929
[  295.687288][ T8441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.687296][ T8441] RSP: 002b:00007fc7e7051038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  295.687307][ T8441] RAX: ffffffffffffffda RBX: 00007fc7e63b5fa0 RCX: 00007fc7e618e929
[  295.687314][ T8441] RDX: 0000000000000015 RSI: 0000200000000340 RDI: 0000000000000003
[  295.687320][ T8441] RBP: 00007fc7e7051090 R08: 0000000000000000 R09: 0000000000000000
[  295.687326][ T8441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  295.687332][ T8441] R13: 0000000000000000 R14: 00007fc7e63b5fa0 R15: 00007ffef14c4178
[  295.687348][ T8441]  </TASK>
[  295.961020][ T5888] usb 1-1: SerialNumber: syz
[  297.297187][ T5888] as10x_usb: device has been detected
[  297.316325][ T5888] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[  297.461028][ T5888] usb 1-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[  298.111787][ T5888] as10x_usb: error during firmware upload part1
[  298.122987][ T5888] Registered device Sky IT Digital Key (green led)
[  298.128147][ T5888] usb 1-1: USB disconnect, device number 16
[  298.153574][ T5888] Unregistered device Sky IT Digital Key (green led)
[  298.155068][ T5888] as10x_usb: device has been disconnected
[  298.172317][ T7463] udevd[7463]: setting owner of /dev/dvb/adapter1/frontend0 to uid=0, gid=28 failed: No such file or directory
[  299.039504][ T8460] batadv_slave_1: entered allmulticast mode
[  299.090956][ T8458] batadv_slave_1: left allmulticast mode
[  301.710041][ T8484] blktrace: Concurrent blktraces are not allowed on loop8
[  302.431333][ T8492] netlink: 4 bytes leftover after parsing attributes in process `syz.4.707'.
[  302.490789][ T8492] netlink: 12 bytes leftover after parsing attributes in process `syz.4.707'.
[  302.803299][ T8498] pim6reg: entered allmulticast mode
[  302.814940][ T8498] pim6reg: left allmulticast mode
[  304.000388][ T5846] Bluetooth: hci4: command 0x0405 tx timeout
[  304.196882][ T8503] netlink: 960 bytes leftover after parsing attributes in process `syz.0.711'.
[  304.213153][ T8503] netlink: 8 bytes leftover after parsing attributes in process `syz.0.711'.
[  308.810077][   T30] audit: type=1326 audit(1752405157.604:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8559 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e618e929 code=0x7ffc0000
[  309.044040][   T30] audit: type=1326 audit(1752405157.604:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8559 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e618e929 code=0x7ffc0000
[  309.614023][   T30] audit: type=1326 audit(1752405157.604:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8559 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7fc7e618e929 code=0x7ffc0000
[  309.771083][   T30] audit: type=1326 audit(1752405157.604:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8559 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e618e929 code=0x7ffc0000
[  309.901769][   T30] audit: type=1326 audit(1752405157.604:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8559 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc7e618e929 code=0x7ffc0000
[  309.960428][   T30] audit: type=1326 audit(1752405157.604:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8559 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e618e929 code=0x7ffc0000
[  309.985156][   T30] audit: type=1326 audit(1752405157.614:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8559 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc7e618d290 code=0x7ffc0000
[  310.011301][   T30] audit: type=1326 audit(1752405157.614:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8559 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e618e929 code=0x7ffc0000
[  310.032811][   T30] audit: type=1326 audit(1752405157.614:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8559 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc7e618e929 code=0x7ffc0000
[  310.055084][ T8571] netlink: 36 bytes leftover after parsing attributes in process `syz.4.727'.
[  310.171419][   T30] audit: type=1326 audit(1752405157.614:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8559 comm="syz.2.725" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e618e929 code=0x7ffc0000
[  311.339381][ T8584] Invalid source name
[  311.343455][ T8584] UBIFS error (pid: 8584): cannot open "/dev/sg0", error -22
[  312.525954][ T8586] netlink: 24 bytes leftover after parsing attributes in process `syz.2.731'.
[  314.118068][ T8607] netlink: 8 bytes leftover after parsing attributes in process `syz.0.739'.
[  314.132264][ T8607] netlink: 4 bytes leftover after parsing attributes in process `syz.0.739'.
[  314.215795][ T5916] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  314.346789][ T8607] team0 (unregistering): Port device team_slave_0 removed
[  314.369868][ T8607] team0 (unregistering): Port device team_slave_1 removed
[  314.385865][ T5916] usb 2-1: Using ep0 maxpacket: 32
[  314.402208][ T5916] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  314.431200][ T5916] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  314.450829][ T5916] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  314.538631][ T5916] usb 2-1: Product: syz
[  314.588082][ T5916] usb 2-1: Manufacturer: syz
[  314.606526][ T5916] usb 2-1: SerialNumber: syz
[  314.973855][ T5916] usb 2-1: config 0 descriptor??
[  315.041783][ T8604] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  315.436592][ T5916] usb 2-1: USB disconnect, device number 23
[  315.625764][ T5923] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  315.637748][ T8604] binder: 8603:8604 ioctl c0306201 2000000003c0 returned -14
[  315.646889][ T8604] binder: 8603:8604 ioctl 89f0 2000000004c0 returned -22
[  315.805899][ T5923] usb 4-1: Using ep0 maxpacket: 16
[  315.818229][ T5923] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  315.829700][ T5923] usb 4-1: config 0 has no interface number 0
[  315.845287][ T5923] usb 4-1: New USB device found, idVendor=0c52, idProduct=2872, bcdDevice=b5.85
[  315.855199][ T5923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.863867][ T5923] usb 4-1: Product: syz
[  315.868683][ T5923] usb 4-1: Manufacturer: syz
[  315.873366][ T5923] usb 4-1: SerialNumber: syz
[  315.884070][ T5923] usb 4-1: config 0 descriptor??
[  315.894999][ T5923] ftdi_sio 4-1:0.41: FTDI USB Serial Device converter detected
[  315.904907][ T5923] ftdi_sio ttyUSB0: unknown device type: 0xb585
[  316.253715][ T5923] usb 4-1: USB disconnect, device number 20
[  316.288189][ T5923] ftdi_sio 4-1:0.41: device disconnected
[  317.110861][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  317.122876][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  317.742416][ T8645] netlink: 8 bytes leftover after parsing attributes in process `syz.3.752'.
[  317.880078][ T8646] FAULT_INJECTION: forcing a failure.
[  317.880078][ T8646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  318.000441][ T8646] CPU: 0 UID: 0 PID: 8646 Comm: syz.3.752 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  318.000467][ T8646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  318.000477][ T8646] Call Trace:
[  318.000485][ T8646]  <TASK>
[  318.000493][ T8646]  dump_stack_lvl+0x189/0x250
[  318.000517][ T8646]  ? __pfx____ratelimit+0x10/0x10
[  318.000545][ T8646]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.000564][ T8646]  ? __pfx__printk+0x10/0x10
[  318.000586][ T8646]  ? __might_fault+0xb0/0x130
[  318.000621][ T8646]  should_fail_ex+0x414/0x560
[  318.000650][ T8646]  _copy_from_user+0x2d/0xb0
[  318.000671][ T8646]  kstrtouint_from_user+0xc4/0x170
[  318.000699][ T8646]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  318.000742][ T8646]  proc_fail_nth_write+0x88/0x240
[  318.000760][ T8646]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  318.000776][ T8646]  ? __sanitizer_cov_trace_pc+0x37/0x70
[  318.000803][ T8646]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  318.000823][ T8646]  vfs_write+0x27e/0xa90
[  318.000855][ T8646]  ? __pfx_vfs_write+0x10/0x10
[  318.000879][ T8646]  ? __fget_files+0x2a/0x420
[  318.000900][ T8646]  ? __fget_files+0x3a0/0x420
[  318.000915][ T8646]  ? __fget_files+0x2a/0x420
[  318.000941][ T8646]  ksys_write+0x145/0x250
[  318.000966][ T8646]  ? __pfx_ksys_write+0x10/0x10
[  318.000985][ T8646]  ? rcu_is_watching+0x15/0xb0
[  318.001015][ T8646]  ? do_syscall_64+0xbe/0x3b0
[  318.001036][ T8646]  do_syscall_64+0xfa/0x3b0
[  318.001054][ T8646]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.001070][ T8646]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  318.001086][ T8646]  ? clear_bhb_loop+0x60/0xb0
[  318.001108][ T8646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.001125][ T8646] RIP: 0033:0x7f68c278d3df
[  318.001140][ T8646] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  318.001154][ T8646] RSP: 002b:00007f68c3562030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  318.001172][ T8646] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f68c278d3df
[  318.001185][ T8646] RDX: 0000000000000001 RSI: 00007f68c35620a0 RDI: 0000000000000006
[  318.001196][ T8646] RBP: 00007f68c3562090 R08: 0000000000000000 R09: 0000000000000014
[  318.001207][ T8646] R10: 0000000000000094 R11: 0000000000000293 R12: 0000000000000001
[  318.001217][ T8646] R13: 0000000000000001 R14: 00007f68c29b6080 R15: 00007fff72884888
[  318.001248][ T8646]  </TASK>
[  318.888473][ T8661] ptrace attach of "./syz-executor exec"[5834] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  320.647997][ T5916] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  321.007085][ T8683] ALSA: seq fatal error: cannot create timer (-19)
[  321.028051][ T8687] pim6reg: entered allmulticast mode
[  321.129738][ T5916] usb 3-1: config 1 interface 0 altsetting 15 bulk endpoint 0x1 has invalid maxpacket 32
[  321.140781][ T5916] usb 3-1: config 1 interface 0 altsetting 15 bulk endpoint 0x82 has invalid maxpacket 1024
[  321.151451][ T5916] usb 3-1: config 1 interface 0 has no altsetting 0
[  321.173166][ T5916] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  321.182862][ T5916] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.240049][ T5916] usb 3-1: Product: Ⰺ
[  321.448515][ T5916] usb 3-1: Manufacturer: ᠊
[  321.453268][ T5916] usb 3-1: SerialNumber: 폾彆䆫梧丛꠵ݿꟑ⹺澷ꤏᱶ㾕料偖ሊ㪨
[  321.897786][ T8680] pim6reg: left allmulticast mode
[  321.910829][ T8677] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  321.918172][ T8677] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  322.119279][ T5916] usblp 3-1:1.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 15 proto 3 vid 0x0525 pid 0xA4A8
[  322.195983][ T5916] usb 3-1: USB disconnect, device number 13
[  322.233353][ T5966] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  322.243780][ T5916] usblp0: removed
[  322.405703][ T5966] usb 2-1: Using ep0 maxpacket: 8
[  322.437936][ T5966] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  322.454159][ T5966] usb 2-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  322.464056][ T5966] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.484811][ T5966] usb 2-1: config 0 descriptor??
[  322.502005][ T5966] usb 2-1: bad CDC descriptors
[  322.507588][ T5966] cdc_acm 2-1:0.0: Control and data interfaces are not separated!
[  322.515544][ T5966] cdc_acm 2-1:0.0: This needs exactly 3 endpoints
[  322.523486][ T5966] cdc_acm 2-1:0.0: probe with driver cdc_acm failed with error -22
[  322.919579][ T8710] 9p: Unknown access argument 18446744073709551615: -34
[  323.346522][ T5966] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  323.669719][ T5835] usb 2-1: USB disconnect, device number 24
[  323.676040][ T5966] usb 1-1: device descriptor read/64, error -71
[  323.676820][ T8720] misc userio: Invalid payload size
[  324.358660][ T5966] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  324.558461][ T5966] usb 1-1: device descriptor read/64, error -71
[  324.666958][ T5966] usb usb1-port1: attempt power cycle
[  325.323407][ T5835] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  325.331240][ T5966] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  325.377304][ T5966] usb 1-1: device descriptor read/8, error -71
[  325.447663][ T5923] libceph: connect (1)[c::]:6789 error -101
[  325.454560][ T5923] libceph: mon0 (1)[c::]:6789 connect error
[  325.486383][ T8753] fuse: Bad value for 'user_id'
[  325.491276][ T8753] fuse: Bad value for 'user_id'
[  325.496938][ T8752] fuse: Bad value for 'user_id'
[  325.507990][ T8752] fuse: Bad value for 'user_id'
[  325.509505][ T5835] usb 2-1: New USB device found, idVendor=0547, idProduct=6801, bcdDevice=43.6f
[  325.522432][ T5835] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.533862][ T5835] usb 2-1: Product: syz
[  325.538316][ T5835] usb 2-1: Manufacturer: syz
[  325.542931][ T5835] usb 2-1: SerialNumber: syz
[  325.551736][ T5835] usb 2-1: config 0 descriptor??
[  325.569143][ T5835] gspca_main: touptek-2.14.0 probing 0547:6801
[  325.625817][ T5966] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  325.650211][ T5966] usb 1-1: device descriptor read/8, error -71
[  325.721593][ T8758] misc userio: Invalid payload size
[  325.769404][ T5966] usb usb1-port1: unable to enumerate USB device
[  325.770263][ T5923] libceph: connect (1)[c::]:6789 error -101
[  325.817293][ T5923] libceph: mon0 (1)[c::]:6789 connect error
[  325.823413][ T8759] blktrace: Concurrent blktraces are not allowed on loop8
[  326.250344][ T8745] ceph: No mds server is up or the cluster is laggy
[  326.261927][ T8762] netlink: 20 bytes leftover after parsing attributes in process `syz.1.782'.
[  326.376708][ T5923] libceph: connect (1)[c::]:6789 error -101
[  326.409955][ T5923] libceph: mon0 (1)[c::]:6789 connect error
[  326.551894][  T977] usb 2-1: USB disconnect, device number 25
[  326.642427][ T8765] fuse: Bad value for 'fd'
[  327.687102][ T8775] netlink: 'syz.2.793': attribute type 1 has an invalid length.
[  327.728648][ T8775] netlink: 'syz.2.793': attribute type 3 has an invalid length.
[  327.756118][ T8775] netlink: 224 bytes leftover after parsing attributes in process `syz.2.793'.
[  328.288060][ T5966] kernel write not supported for file /input/event2 (pid: 5966 comm: kworker/1:10)
[  328.999756][ T8797] netlink: 300 bytes leftover after parsing attributes in process `syz.2.802'.
[  329.495596][ T8808] fuse: Bad value for 'fd'
[  330.152100][ T5916] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  330.595343][ T5916] usb 4-1: Using ep0 maxpacket: 16
[  330.611056][ T5916] usb 4-1: New USB device found, idVendor=0fc5, idProduct=1227, bcdDevice=d9.10
[  330.735597][ T5835] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  330.753717][ T5916] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.773846][ T5916] usb 4-1: Product: syz
[  330.783299][ T5916] usb 4-1: Manufacturer: syz
[  330.820122][ T5916] usb 4-1: SerialNumber: syz
[  331.347193][ T5835] usb 2-1: Using ep0 maxpacket: 32
[  331.406716][ T5835] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[  331.613118][ T5916] usb 4-1: config 0 descriptor??
[  331.618849][ T5835] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  331.906080][ T5835] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  331.931279][ T5835] usb 2-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  331.951250][ T5916] usbsevseg 4-1:0.0: USB 7 Segment device now attached
[  331.969133][ T5835] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  332.005714][ T5835] usb 2-1: Product: syz
[  332.011521][ T5835] usb 2-1: Manufacturer: syz
[  332.016490][ T5835] usb 2-1: SerialNumber: syz
[  332.048166][ T5835] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input20
[  333.217352][ T5835] usb 2-1: USB disconnect, device number 26
[  333.223328][    C1] appletouch 2-1:1.0: atp_complete: usb_submit_urb failed with result -19
[  333.351955][ T5916] usb 4-1: USB disconnect, device number 21
[  333.362621][ T8838] misc userio: Invalid payload size
[  333.369608][ T5835] appletouch 2-1:1.0: input: appletouch disconnected
[  333.388369][ T5916] usbsevseg 4-1:0.0: USB 7 Segment now disconnected
[  333.396038][ T8838] misc userio: No port type given on /dev/userio
[  333.419967][ T8838] misc userio: The device must be registered before sending interrupts
[  333.463964][ T8838] misc userio: The device must be registered before sending interrupts
[  334.226404][ T8855] fuse: Bad value for 'fd'
[  334.368763][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  334.368779][   T30] audit: type=1326 audit(1752405183.174:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8852 comm="syz.3.820" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f68c278e929 code=0x0
[  336.675814][ T5835] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  337.650852][ T5835] usb 5-1: Using ep0 maxpacket: 32
[  337.670980][ T5835] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  337.682955][ T5835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.696282][ T5835] usb 5-1: config 0 descriptor??
[  337.738110][ T5835] as10x_usb: device has been detected
[  337.875064][ T8899] netlink: 4 bytes leftover after parsing attributes in process `syz.2.829'.
[  337.911319][ T8883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  337.920167][ T8883] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  337.930238][ T8883] x_tables: duplicate underflow at hook 1
[  337.940215][ T8883] /dev/nullb0: Can't open blockdev
[  338.106704][ T5835] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  338.348478][ T5835] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  338.395441][ T5835] as10x_usb: error during firmware upload part1
[  338.423361][ T5835] Registered device nBox DVB-T Dongle
[  338.443191][ T8904] sctp: [Deprecated]: syz.3.833 (pid 8904) Use of int in max_burst socket option.
[  338.443191][ T8904] Use struct sctp_assoc_value instead
[  338.520865][ T8905] vlan2: entered promiscuous mode
[  338.540750][ T8905] bond0: entered promiscuous mode
[  338.558642][ T8905] bond_slave_0: entered promiscuous mode
[  338.577886][ T8905] bond_slave_1: entered promiscuous mode
[  338.642013][ T8905] bridge0: entered promiscuous mode
[  338.701817][ T8905] vlan2: entered allmulticast mode
[  338.708782][ T8905] bond0: entered allmulticast mode
[  338.714426][ T8905] bond_slave_0: entered allmulticast mode
[  338.721083][ T8905] bond_slave_1: entered allmulticast mode
[  338.728853][ T8905] bridge0: entered allmulticast mode
[  339.229523][ T5835] usb 5-1: USB disconnect, device number 22
[  339.321109][ T5835] Unregistered device nBox DVB-T Dongle
[  339.368718][ T5835] as10x_usb: device has been disconnected
[  340.298506][ T8930] fuse: Bad value for 'fd'
[  342.056168][ T5835] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  345.029018][ T5835] usb 5-1: Using ep0 maxpacket: 8
[  345.811298][ T5835] usb 5-1: device descriptor read/all, error -71
[  347.895405][ T8983] fuse: Bad value for 'fd'
[  349.967724][ T8998] GUP no longer grows the stack in syz.0.861 (8998): 200000004000-20000000a000 (200000002000)
[  349.978749][ T8998] CPU: 0 UID: 0 PID: 8998 Comm: syz.0.861 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  349.978774][ T8998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  349.978785][ T8998] Call Trace:
[  349.978793][ T8998]  <TASK>
[  349.978800][ T8998]  dump_stack_lvl+0x189/0x250
[  349.978829][ T8998]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.978849][ T8998]  ? __pfx__printk+0x10/0x10
[  349.978868][ T8998]  ? find_vma+0xe7/0x160
[  349.978906][ T8998]  __get_user_pages+0x2a60/0x30b0
[  349.978974][ T8998]  ? __pfx___get_user_pages+0x10/0x10
[  349.979006][ T8998]  get_user_pages_remote+0x2f9/0xaa0
[  349.979027][ T8998]  ? __pfx_mtree_load+0x10/0x10
[  349.979060][ T8998]  ? __pfx_get_user_pages_remote+0x10/0x10
[  349.979091][ T8998]  __access_remote_vm+0x215/0x5f0
[  349.979123][ T8998]  ? __pfx___access_remote_vm+0x10/0x10
[  349.979149][ T8998]  ? alloc_pages_noprof+0xbe/0x190
[  349.979178][ T8998]  proc_pid_cmdline_read+0x440/0x840
[  349.979201][ T8998]  ? __asan_memset+0x22/0x50
[  349.979226][ T8998]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  349.979252][ T8998]  ? rw_verify_area+0x258/0x650
[  349.979276][ T8998]  vfs_readv+0x5a7/0x850
[  349.979294][ T8998]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  349.979321][ T8998]  ? __pfx_vfs_readv+0x10/0x10
[  349.979355][ T8998]  ? __fget_files+0x2a/0x420
[  349.979375][ T8998]  ? __fget_files+0x3a0/0x420
[  349.979389][ T8998]  ? __fget_files+0x2a/0x420
[  349.979416][ T8998]  __x64_sys_preadv+0x197/0x2a0
[  349.979443][ T8998]  ? __pfx___x64_sys_preadv+0x10/0x10
[  349.979465][ T8998]  ? rcu_is_watching+0x15/0xb0
[  349.979489][ T8998]  ? do_syscall_64+0xbe/0x3b0
[  349.979510][ T8998]  do_syscall_64+0xfa/0x3b0
[  349.979525][ T8998]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.979549][ T8998]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.979566][ T8998]  ? clear_bhb_loop+0x60/0xb0
[  349.979587][ T8998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.979603][ T8998] RIP: 0033:0x7f222ff8e929
[  349.979618][ T8998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.979633][ T8998] RSP: 002b:00007f2230d54038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  349.979650][ T8998] RAX: ffffffffffffffda RBX: 00007f22301b5fa0 RCX: 00007f222ff8e929
[  349.979658][ T8998] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000004
[  349.979664][ T8998] RBP: 00007f2230010b39 R08: 0000000000000000 R09: 0000000000000000
[  349.979670][ T8998] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  349.979676][ T8998] R13: 0000000000000000 R14: 00007f22301b5fa0 R15: 00007fff73f446c8
[  349.979693][ T8998]  </TASK>
[  352.457571][ T9036] netlink: 36 bytes leftover after parsing attributes in process `syz.2.871'.
[  353.181334][ T9042] sctp: [Deprecated]: syz.3.872 (pid 9042) Use of int in maxseg socket option.
[  353.181334][ T9042] Use struct sctp_assoc_value instead
[  353.911934][ T9052] netlink: 12 bytes leftover after parsing attributes in process `syz.4.874'.
[  353.927143][ T9052] netlink: 24 bytes leftover after parsing attributes in process `syz.4.874'.
[  354.843877][ T9063] blktrace: Concurrent blktraces are not allowed on loop8
[  355.487900][ T9070] netlink: 'syz.4.880': attribute type 7 has an invalid length.
[  355.516493][ T9070] netlink: 'syz.4.880': attribute type 5 has an invalid length.
[  355.619725][ T9070] netlink: 17 bytes leftover after parsing attributes in process `syz.4.880'.
[  355.899366][ T9081] netlink: 36 bytes leftover after parsing attributes in process `syz.4.883'.
[  356.294443][ T9087] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  356.303653][ T9087] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  356.314233][ T9087] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  356.322145][ T9087] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  357.229262][ T9103] netlink: 4 bytes leftover after parsing attributes in process `syz.0.888'.
[  357.362624][ T9110] netlink: 24 bytes leftover after parsing attributes in process `syz.1.890'.
[  358.076078][ T9122] netlink: 12 bytes leftover after parsing attributes in process `syz.0.892'.
[  358.208225][ T9119] netlink: 48 bytes leftover after parsing attributes in process `syz.4.893'.
[  358.685984][ T9133] netlink: 4 bytes leftover after parsing attributes in process `syz.0.892'.
[  358.730866][ T9121] netlink: 8 bytes leftover after parsing attributes in process `syz.0.892'.
[  358.773154][ T9134] input: syz1 as /devices/virtual/input/input21
[  358.846723][ T9139] netlink: 36 bytes leftover after parsing attributes in process `syz.4.897'.
[  359.256882][ T5846] Bluetooth: hci4: command 0x0405 tx timeout
[  359.481828][ T9134] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  362.360519][ T9172] netlink: zone id is out of range
[  362.537410][ T9172] netlink: set zone limit has 4 unknown bytes
[  362.794852][ T9184] delete_channel: no stack
[  362.800124][ T9194] netlink: 36 bytes leftover after parsing attributes in process `syz.0.911'.
[  362.816077][ T9184] delete_channel: no stack
[  362.957097][ T9184] delete_channel: no stack
[  362.962734][ T9184] delete_channel: no stack
[  362.967656][ T9184] delete_channel: no stack
[  362.972671][ T9184] delete_channel: no stack
[  362.977600][ T9184] delete_channel: no stack
[  362.982254][ T9184] delete_channel: no stack
[  362.990096][ T9184] delete_channel: no stack
[  362.997479][ T9184] delete_channel: no stack
[  363.002128][ T9184] delete_channel: no stack
[  363.007971][ T9184] delete_channel: no stack
[  363.019809][ T9184] delete_channel: no stack
[  363.029363][ T9184] delete_channel: no stack
[  363.037317][ T9184] delete_channel: no stack
[  363.042344][ T9184] delete_channel: no stack
[  363.057249][ T9184] delete_channel: no stack
[  363.071313][ T9184] delete_channel: no stack
[  363.088388][ T9184] delete_channel: no stack
[  363.120349][ T9184] delete_channel: no stack
[  363.138631][ T9184] delete_channel: no stack
[  363.165494][ T9184] delete_channel: no stack
[  363.180892][ T9184] delete_channel: no stack
[  363.196870][ T9184] delete_channel: no stack
[  363.214673][ T9184] delete_channel: no stack
[  363.228449][ T9184] delete_channel: no stack
[  363.244423][ T9184] delete_channel: no stack
[  363.257537][ T9184] delete_channel: no stack
[  363.271620][ T9184] delete_channel: no stack
[  363.282098][ T9184] delete_channel: no stack
[  363.289594][ T9184] delete_channel: no stack
[  363.295214][ T9184] delete_channel: no stack
[  363.321243][ T9184] delete_channel: no stack
[  365.498712][ T9228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.920'.
[  368.536751][ T9254] netlink: 'syz.3.928': attribute type 1 has an invalid length.
[  368.650666][ T9254] netlink: 224 bytes leftover after parsing attributes in process `syz.3.928'.
[  369.018857][ T9268] fuse: Invalid rootmode
[  369.984071][ T9282] netlink: 4 bytes leftover after parsing attributes in process `syz.2.935'.
[  370.255941][ T5923] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  370.431817][ T5923] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  370.473703][ T5923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.506540][ T5923] usb 4-1: Product: syz
[  370.519869][ T5923] usb 4-1: Manufacturer: syz
[  370.538498][ T5923] usb 4-1: SerialNumber: syz
[  370.575508][ T5923] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  370.639645][ T5903] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  371.380303][ T9308] blktrace: Concurrent blktraces are not allowed on loop8
[  371.973195][ T5903] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  372.002046][ T9286] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  372.014408][ T9314] pim6reg: entered allmulticast mode
[  372.027034][ T5903] ath9k_htc: Failed to initialize the device
[  372.094613][ T9286] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  372.113019][ T9301] ALSA: seq fatal error: cannot create timer (-19)
[  372.157492][ T5903] usb 4-1: ath9k_htc: USB layer deinitialized
[  372.211666][ T9304] netlink: 'syz.2.943': attribute type 3 has an invalid length.
[  372.240167][ T5923] usb 4-1: USB disconnect, device number 22
[  372.312993][ T9300] pim6reg: left allmulticast mode
[  372.663175][ T5835] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  372.859599][ T5835] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  372.879251][ T5835] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  373.457847][ T5835] usb 5-1: New USB device found, idVendor=0421, idProduct=0223, bcdDevice=43.58
[  373.477232][ T5835] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.499335][ T5835] usb 5-1: config 0 descriptor??
[  373.645203][ T9334] syz.3.949: attempt to access beyond end of device
[  373.645203][ T9334] loop3: rw=0, sector=0, nr_sectors = 1 limit=0
[  373.826865][ T9318] netlink: 'syz.4.944': attribute type 7 has an invalid length.
[  374.168187][ T9318] : entered promiscuous mode
[  374.394590][ T5903] usb 5-1: USB disconnect, device number 25
[  374.583751][ T9348] fuse: Bad value for 'fd'
[  376.422987][ T9365] ALSA: seq fatal error: cannot create timer (-19)
[  377.393476][ T9374] pim6reg: entered allmulticast mode
[  377.551236][ T9364] pim6reg: left allmulticast mode
[  377.741973][ T9394] fuse: Bad value for 'fd'
[  378.636488][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  379.834056][ T9406] loop7: detected capacity change from 0 to 7
[  380.139013][ T9411] netlink: 92 bytes leftover after parsing attributes in process `syz.2.970'.
[  380.310216][ T9406] Dev loop7: unable to read RDB block 7
[  380.351172][ T9406]  loop7: AHDI p1 p2
[  380.355136][ T9406] loop7: partition table partially beyond EOD, truncated
[  380.382893][ T9406] loop7: p1 start 1702000233 is beyond EOD, truncated
[  383.354463][ T9446] netlink: 2384 bytes leftover after parsing attributes in process `syz.2.978'.
[  383.398898][ T5842] Bluetooth: hci2: unexpected event for opcode 0x6572
[  383.484187][ T9452] fuse: Bad value for 'fd'
[  384.489020][ T9458] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  384.828294][ T5835] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  385.115693][ T5835] usb 3-1: Using ep0 maxpacket: 16
[  385.192666][ T9469] trusted_key: syz.4.985 sent an empty control message without MSG_MORE.
[  385.622500][ T5835] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  385.661083][ T5835] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  385.690702][ T5835] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  385.708272][ T5835] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.722121][ T5835] usb 3-1: Product: syz
[  385.728734][ T5835] usb 3-1: Manufacturer: syz
[  385.733532][ T5835] usb 3-1: SerialNumber: syz
[  387.031840][ T5835] usb 3-1: cannot find UAC_HEADER
[  387.412893][ T5835] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  387.441658][ T5835] usb 3-1: USB disconnect, device number 14
[  387.521471][ T7463] udevd[7463]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  387.571493][ T9490] fuse: Bad value for 'fd'
[  388.923946][ T5206] udevd[5206]: worker [5895] terminated by signal 33 (Unknown signal 33)
[  389.002877][ T5916] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[  389.202786][ T5206] udevd[5206]: worker [5895] failed while handling '/devices/platform/dummy_udc.1/udc/dummy_udc.1'
[  389.231957][ T9508] 9pnet_fd: Insufficient options for proto=fd
[  389.408141][ T5916] usb 2-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  389.437832][ T5916] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.469196][ T5916] usb 2-1: Product: syz
[  389.479310][ T5916] usb 2-1: Manufacturer: syz
[  389.489434][ T5916] usb 2-1: SerialNumber: syz
[  389.512604][ T5916] usb 2-1: config 0 descriptor??
[  389.517952][ T9497] syz.0.995 (9497) used greatest stack depth: 17992 bytes left
[  389.539176][ T5916] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  389.581683][ T5916] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  389.628047][ T5916] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) error while loading driver (-19)
[  389.656137][ T5923] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  389.788533][ T5966] usb 2-1: USB disconnect, device number 27
[  389.842206][ T5923] usb 3-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  389.855618][ T5923] usb 3-1: config 6 has 1 interface, different from the descriptor's value: 3
[  389.889696][ T5923] usb 3-1: New USB device found, idVendor=082d, idProduct=0300, bcdDevice=b5.17
[  390.083402][ T5923] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.111272][ T5923] usb 3-1: Product: syz
[  390.243152][ T5923] usb 3-1: Manufacturer: syz
[  390.247911][ T5923] usb 3-1: SerialNumber: syz
[  390.268537][ T9529] blktrace: Concurrent blktraces are not allowed on loop8
[  390.553816][ T5923] usb 3-1: active config #6 != 1 ??
[  390.575121][ T5923] usb 3-1: USB disconnect, device number 15
[  391.588914][ T9542] pim6reg: entered allmulticast mode
[  391.600632][ T9542] pim6reg: left allmulticast mode
[  391.637364][ T9544] 9pnet_fd: Insufficient options for proto=fd
[  392.210009][ T9547] sp0: Synchronizing with TNC
[  393.053670][ T9568] input: syz1 as /devices/virtual/input/input22
[  393.125662][ T5888] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  393.285652][ T5888] usb 1-1: Using ep0 maxpacket: 8
[  393.310435][ T5888] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  393.320459][ T5888] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[  393.330573][ T5888] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  393.343745][ T5888] usb 1-1: New USB device found, idVendor=110a, idProduct=1110, bcdDevice=ab.5d
[  393.358176][ T5888] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.392140][ T5888] usb 1-1: Product: syz
[  393.395832][ T5916] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  393.412749][ T5888] usb 1-1: Manufacturer: syz
[  393.440252][ T5888] usb 1-1: SerialNumber: syz
[  393.491205][ T5888] ti_usb_3410_5052 1-1:1.0: TI USB 3410 1 port adapter converter detected
[  393.589321][ T5916] usb 5-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  393.724853][ T9575] netlink: 'syz.2.1018': attribute type 10 has an invalid length.
[  393.734319][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.744577][ T5966] usb 1-1: USB disconnect, device number 21
[  393.784284][ T5916] usb 5-1: Product: syz
[  393.794012][ T5916] usb 5-1: Manufacturer: syz
[  393.822275][ T5916] usb 5-1: SerialNumber: syz
[  393.852657][ T5916] usb 5-1: config 0 descriptor??
[  393.878718][ T5916] gspca_main: sq905c-2.14.0 probing 2770:9052
[  394.289627][ T9572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  394.311118][ T9572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  394.608406][ T5916] gspca_sq905c: sq905c_command: usb_control_msg failed (-71)
[  394.709368][ T5916] sq905c 5-1:0.0: probe with driver sq905c failed with error -71
[  395.065222][ T5916] usb 5-1: USB disconnect, device number 26
[  395.622372][   T30] audit: type=1326 audit(1752405500.424:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9598 comm="syz.1.1029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62b718e929 code=0x7fc00000
[  397.153566][ T9632] input: syz1 as /devices/virtual/input/input23
[  397.945911][ T5916] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  401.695221][ T9660] syz_tun: refused to change device tx_queue_len
[  401.728337][ T9665] syz_tun: refused to change device tx_queue_len
[  403.385994][ T5916] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  403.636110][ T5916] usb 3-1: Using ep0 maxpacket: 8
[  403.664608][ T5916] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  403.674166][ T5916] usb 3-1: config 179 has no interface number 0
[  403.684517][ T5916] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  403.716167][ T5916] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  403.731338][ T5916] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 52, changing to 9
[  403.744749][ T5916] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 8241, setting to 1024
[  403.761105][ T5916] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  403.782024][ T5916] usb 3-1: config 179 interface 65 has no altsetting 0
[  403.791618][ T5916] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  403.817753][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.853699][ T5916] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input24
[  403.909754][ T5835] usb 2-1: new full-speed USB device number 28 using dummy_hcd
[  403.926166][ T5191] input input24: unable to receive magic message: -110
[  403.956806][ T5191] input input24: unable to receive magic message: -32
[  404.021758][ T9703] input: syz1 as /devices/virtual/input/input25
[  404.033832][ T5191] input input24: unable to receive magic message: -32
[  404.077463][ T5835] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  404.095907][ T5191] input input24: unable to receive magic message: -32
[  404.105828][ T5835] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.180406][ T9706] FAULT_INJECTION: forcing a failure.
[  404.180406][ T9706] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.194122][ T9706] CPU: 0 UID: 0 PID: 9706 Comm: syz.0.1062 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  404.194145][ T9706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  404.194155][ T9706] Call Trace:
[  404.194162][ T9706]  <TASK>
[  404.194177][ T9706]  dump_stack_lvl+0x189/0x250
[  404.194201][ T9706]  ? __pfx____ratelimit+0x10/0x10
[  404.194224][ T9706]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.194243][ T9706]  ? __pfx__printk+0x10/0x10
[  404.194275][ T9706]  should_fail_ex+0x414/0x560
[  404.194302][ T9706]  _copy_to_user+0x31/0xb0
[  404.194322][ T9706]  simple_read_from_buffer+0xe1/0x170
[  404.194352][ T9706]  proc_fail_nth_read+0x1df/0x250
[  404.194373][ T9706]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  404.194393][ T9706]  ? rw_verify_area+0x258/0x650
[  404.194415][ T9706]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  404.194435][ T9706]  vfs_read+0x200/0x980
[  404.194460][ T9706]  ? __pfx___mutex_lock+0x10/0x10
[  404.194471][ T9706]  ? __pfx_vfs_read+0x10/0x10
[  404.194483][ T9706]  ? __fget_files+0x2a/0x420
[  404.194494][ T9706]  ? __fget_files+0x3a0/0x420
[  404.194502][ T9706]  ? __fget_files+0x2a/0x420
[  404.194516][ T9706]  ksys_read+0x145/0x250
[  404.194532][ T9706]  ? __fget_files+0x2a/0x420
[  404.194550][ T9706]  ? __pfx_ksys_read+0x10/0x10
[  404.194577][ T9706]  ? do_syscall_64+0xbe/0x3b0
[  404.194599][ T9706]  do_syscall_64+0xfa/0x3b0
[  404.194613][ T9706]  ? lockdep_hardirqs_on+0x9c/0x150
[  404.194626][ T9706]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.194635][ T9706]  ? clear_bhb_loop+0x60/0xb0
[  404.194647][ T9706]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.194657][ T9706] RIP: 0033:0x7f222ff8d33c
[  404.194667][ T9706] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  404.194679][ T9706] RSP: 002b:00007f2230d33030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  404.194697][ T9706] RAX: ffffffffffffffda RBX: 00007f22301b6080 RCX: 00007f222ff8d33c
[  404.194710][ T9706] RDX: 000000000000000f RSI: 00007f2230d330a0 RDI: 0000000000000006
[  404.194721][ T9706] RBP: 00007f2230d33090 R08: 0000000000000000 R09: 0000000000000000
[  404.194731][ T9706] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  404.194743][ T9706] R13: 0000000000000000 R14: 00007f22301b6080 R15: 00007fff73f446c8
[  404.194769][ T9706]  </TASK>
[  404.431240][ T5835] usb 2-1: config 0 descriptor??
[  405.043267][ T5835] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  405.080775][ T5835] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  405.097841][ T5835] [drm] Initialized udl on minor 2
[  405.298589][ T5835] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[  405.330189][ T5835] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  405.519799][ T5966] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  405.590067][ T5966] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  405.598896][ T5835] usb 2-1: USB disconnect, device number 28
[  406.481284][ T5835] usb 3-1: USB disconnect, device number 17
[  406.487270][    C1] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  406.524023][   T30] audit: type=1326 audit(1752405511.314:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9715 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c278e929 code=0x7fc00000
[  406.593332][   T30] audit: type=1326 audit(1752405511.314:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9715 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f68c278e929 code=0x7fc00000
[  406.617035][   T30] audit: type=1326 audit(1752405511.314:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9715 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c278e929 code=0x7fc00000
[  406.708550][   T30] audit: type=1326 audit(1752405511.314:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9715 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c278e929 code=0x7fc00000
[  406.747098][ T9738] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1075'.
[  406.788531][   T30] audit: type=1326 audit(1752405511.314:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9715 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c278e929 code=0x7fc00000
[  407.074089][   T30] audit: type=1326 audit(1752405511.314:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9715 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c278e929 code=0x7fc00000
[  407.180717][   T30] audit: type=1326 audit(1752405511.314:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9715 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c278e929 code=0x7fc00000
[  407.311800][   T30] audit: type=1326 audit(1752405511.314:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9715 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c278e929 code=0x7fc00000
[  407.373800][   T30] audit: type=1326 audit(1752405511.314:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9715 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c278e929 code=0x7fc00000
[  407.439503][   T30] audit: type=1326 audit(1752405511.314:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9715 comm="syz.3.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68c278e929 code=0x7fc00000
[  409.545951][ T9779] CIFS: VFS: Malformed UNC in devname
[  409.630432][ T5835] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  410.126001][ T5835] usb 4-1: Using ep0 maxpacket: 16
[  410.134023][ T5835] usb 4-1: config 254 has an invalid interface number: 235 but max is 0
[  410.212076][ T5835] usb 4-1: config 254 has no interface number 0
[  410.225303][ T5835] usb 4-1: config 254 interface 235 altsetting 2 bulk endpoint 0x6 has invalid maxpacket 32
[  410.254717][ T5835] usb 4-1: config 254 interface 235 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  410.344433][ T5835] usb 4-1: config 254 interface 235 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  410.402979][ T5835] usb 4-1: config 254 interface 235 has no altsetting 0
[  410.448295][ T5835] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1
[  410.488594][ T5835] usb 4-1: New USB device strings: Mfr=1, Product=251, SerialNumber=3
[  410.521452][ T5835] usb 4-1: Product: syz
[  410.561695][ T5835] usb 4-1: Manufacturer: syz
[  410.579494][ T5835] usb 4-1: SerialNumber: syz
[  410.615340][ T9770] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  410.775982][ T9808] input: syz1 as /devices/virtual/input/input26
[  410.833386][ T9767] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  410.879460][ T5835] usbtest 4-1:254.235: Linux gadget zero
[  410.885743][ T5835] usbtest 4-1:254.235: high-speed {control in/out bulk-out int-in} tests (+alt)
[  411.789132][ T5923] usb 4-1: USB disconnect, device number 23
[  414.467963][ T9844] ALSA: seq fatal error: cannot create timer (-19)
[  414.530056][ T9852] pim6reg: entered allmulticast mode
[  414.663126][ T9857] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1110'.
[  414.712218][ T9858] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1110'.
[  415.622606][ T9843] pim6reg: left allmulticast mode
[  416.541547][ T9881] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1117'.
[  418.250677][ T9916] fuse: Bad value for 'fd'
[  420.101573][ T9946] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1140'.
[  420.226454][ T9948] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1138'.
[  422.777680][ T9968] netlink: 212376 bytes leftover after parsing attributes in process `syz.4.1143'.
[  422.896065][   T30] kauditd_printk_skb: 56 callbacks suppressed
[  422.962285][   T30] audit: type=1326 audit(1752406039.617:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9959 comm="syz.4.1143" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc31278e929 code=0x0
[  423.481963][ T9978] fuse: Bad value for 'fd'
[  428.721651][T10031] fuse: Bad value for 'fd'
[  430.506114][T10054] input: syz1 as /devices/virtual/input/input28
[  433.283466][T10088] blktrace: Concurrent blktraces are not allowed on loop8
[  434.369930][T10099] fuse: Bad value for 'fd'
[  435.672472][T10117] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1179'.
[  435.691303][T10117] netlink: 'syz.1.1179': attribute type 2 has an invalid length.
[  435.783602][T10117] netlink: 'syz.1.1179': attribute type 2 has an invalid length.
[  435.809879][T10117] netlink: 'syz.1.1179': attribute type 2 has an invalid length.
[  435.828210][T10117] netlink: 'syz.1.1179': attribute type 1 has an invalid length.
[  435.837334][T10117] netlink: 'syz.1.1179': attribute type 2 has an invalid length.
[  437.357862][T10137] input: syz1 as /devices/virtual/input/input29
[  437.371800][T10136] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1184'.
[  437.446329][T10140] veth3: entered promiscuous mode
[  437.469429][T10137] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  437.489933][T10140] veth3: entered allmulticast mode
[  437.726853][T10148] fuse: Bad value for 'fd'
[  438.535702][    C1] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  438.794194][T10157] input: syz1 as /devices/virtual/input/input30
[  440.046257][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  440.345736][ T5903] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  440.483525][T10179] vxcan1: entered allmulticast mode
[  440.535787][ T5903] usb 3-1: Using ep0 maxpacket: 32
[  440.548905][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  440.564604][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  440.586102][ T5903] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  440.597804][ T5903] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  440.608882][ T5903] usb 3-1: config 0 descriptor??
[  440.621755][ T5903] hub 3-1:0.0: USB hub found
[  441.592107][ T5903] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  441.941301][ T5903] usbhid 3-1:0.0: can't add hid device: -71
[  441.963998][ T5903] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  441.999258][T10190] fuse: Bad value for 'fd'
[  442.103486][ T5903] usb 3-1: USB disconnect, device number 18
[  442.961513][T10201] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1205'.
[  444.982608][T10231] fuse: Bad value for 'fd'
[  450.504079][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888029e5b400: Timeout. Failed to send simple message.
[  451.477464][T10288] fuse: Bad value for 'fd'
[  455.365975][T10317] ALSA: seq fatal error: cannot create timer (-19)
[  457.312037][T10344] xt_CT: You must specify a L4 protocol and not use inversions on it
[  457.843541][T10351] input: syz1 as /devices/virtual/input/input31
[  458.254528][T10359] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  458.620456][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  458.637562][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  458.647417][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  458.658546][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  458.670535][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  458.686133][T10358] binder: 10355:10358 ioctl 4004662b 200000000180 returned -22
[  459.315125][T10374] fuse: Bad value for 'fd'
[  460.783940][ T5846] Bluetooth: hci0: command tx timeout
[  461.343833][T10356] chnl_net:caif_netlink_parms(): no params data found
[  461.441172][T10405] Bluetooth: MGMT ver 1.23
[  462.870007][ T5846] Bluetooth: hci0: command tx timeout
[  463.104349][T10423] input: syz1 as /devices/virtual/input/input32
[  463.133852][T10409] ALSA: seq fatal error: cannot create timer (-19)
[  463.193167][T10356] bridge0: port 1(bridge_slave_0) entered blocking state
[  463.202325][T10356] bridge0: port 1(bridge_slave_0) entered disabled state
[  463.217659][T10356] bridge_slave_0: entered allmulticast mode
[  463.225216][T10356] bridge_slave_0: entered promiscuous mode
[  463.327376][T10356] bridge0: port 2(bridge_slave_1) entered blocking state
[  463.382532][T10356] bridge0: port 2(bridge_slave_1) entered disabled state
[  463.391182][T10356] bridge_slave_1: entered allmulticast mode
[  463.399179][T10356] bridge_slave_1: entered promiscuous mode
[  463.412719][T10421] pim6reg: entered allmulticast mode
[  463.418372][T10421] pim6reg: left allmulticast mode
[  463.633254][T10356] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  463.668719][T10356] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  463.812313][T10356] team0: Port device team_slave_0 added
[  463.836244][T10356] team0: Port device team_slave_1 added
[  463.955361][T10356] batman_adv: batadv0: Adding interface: batadv_slave_0
[  463.962571][T10356] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  464.095953][T10356] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  464.117995][T10356] batman_adv: batadv0: Adding interface: batadv_slave_1
[  464.125008][T10356] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  464.164750][T10432] fuse: Bad value for 'fd'
[  464.182859][T10356] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  464.269457][T10356] hsr_slave_0: entered promiscuous mode
[  464.935955][ T5846] Bluetooth: hci0: command tx timeout
[  465.043366][T10356] hsr_slave_1: entered promiscuous mode
[  465.091150][T10356] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  465.133693][T10356] Cannot create hsr debugfs directory
[  465.611319][T10444] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1267'.
[  465.805862][T10444] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511)
[  465.880643][T10444] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  466.521563][T10457] fuse: Unknown parameter 'NX��3g��.2V���Vgrou6��)00000000000000000000'
[  466.575797][T10457] syzkaller1: entered promiscuous mode
[  466.581309][T10457] syzkaller1: entered allmulticast mode
[  466.746465][T10356] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  467.009387][T10356] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  467.034649][T10356] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  467.060704][T10356] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  467.101395][ T5846] Bluetooth: hci0: command tx timeout
[  467.130055][T10477] fuse: Bad value for 'fd'
[  468.318726][T10495] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1281'.
[  468.336910][T10497] input: syz1 as /devices/virtual/input/input33
[  469.527766][T10356] 8021q: adding VLAN 0 to HW filter on device bond0
[  469.597072][T10495] netlink: 'syz.0.1281': attribute type 2 has an invalid length.
[  471.220717][T10495] netlink: 'syz.0.1281': attribute type 2 has an invalid length.
[  471.258324][T10495] netlink: 'syz.0.1281': attribute type 2 has an invalid length.
[  471.275302][T10495] netlink: 'syz.0.1281': attribute type 1 has an invalid length.
[  471.284112][T10495] netlink: 'syz.0.1281': attribute type 2 has an invalid length.
[  471.287113][T10356] 8021q: adding VLAN 0 to HW filter on device team0
[  471.370146][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.377356][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  471.441154][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.448302][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  472.531152][T10521] fuse: Bad value for 'fd'
[  472.533411][T10520] syz.0.1286 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  473.634044][T10356] 8021q: adding VLAN 0 to HW filter on device batadv0
[  474.463422][T10562] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1295'.
[  474.477183][T10562] netlink: 'syz.0.1295': attribute type 2 has an invalid length.
[  474.489954][T10562] netlink: 'syz.0.1295': attribute type 2 has an invalid length.
[  474.525632][T10562] netlink: 'syz.0.1295': attribute type 2 has an invalid length.
[  474.545165][T10562] netlink: 'syz.0.1295': attribute type 1 has an invalid length.
[  474.595602][T10562] netlink: 'syz.0.1295': attribute type 2 has an invalid length.
[  475.205028][T10579] fuse: Bad value for 'fd'
[  476.077245][T10356] veth0_vlan: entered promiscuous mode
[  476.659682][T10356] veth1_vlan: entered promiscuous mode
[  476.752265][T10356] veth0_macvtap: entered promiscuous mode
[  476.764145][T10356] veth1_macvtap: entered promiscuous mode
[  476.857521][T10356] batman_adv: batadv0: Interface activated: batadv_slave_0
[  476.877594][T10356] batman_adv: batadv0: Interface activated: batadv_slave_1
[  476.962475][T10356] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  477.055639][ T5958] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  477.066461][T10356] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  477.117746][T10356] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  477.189332][T10356] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  477.285851][ T5958] usb 4-1: Using ep0 maxpacket: 8
[  477.467724][ T5958] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  477.484392][ T5958] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.510242][ T5958] usb 4-1: Product: syz
[  477.525037][ T5958] usb 4-1: Manufacturer: syz
[  477.555723][ T5958] usb 4-1: SerialNumber: syz
[  477.907249][ T5958] usb 4-1: config 0 descriptor??
[  477.932547][ T5958] gspca_main: se401-2.14.0 probing 047d:5003
[  478.049673][ T6112] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  478.091656][ T6112] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  478.140807][T10594] netlink: 164 bytes leftover after parsing attributes in process `syz.3.1303'.
[  478.266047][ T1154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  479.022443][ T1154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  479.642123][T10622] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1309'.
[  480.164244][ T5958] gspca_se401: read req failed req 0x06 error -19
[  480.174071][ T5958] usb 4-1: USB disconnect, device number 24
[  480.684528][T10627] fuse: Bad value for 'fd'
[  481.583152][   T30] audit: type=1326 audit(1752406354.395:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.0.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222ff8e929 code=0x7ffc0000
[  481.641688][   T30] audit: type=1326 audit(1752406354.395:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.0.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f222ff8e929 code=0x7ffc0000
[  481.677856][   T30] audit: type=1326 audit(1752406354.395:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.0.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222ff8e929 code=0x7ffc0000
[  481.700481][   T30] audit: type=1326 audit(1752406354.395:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.0.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f222ff8e929 code=0x7ffc0000
[  481.760307][   T30] audit: type=1326 audit(1752406354.395:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.0.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222ff8e929 code=0x7ffc0000
[  481.815391][   T30] audit: type=1326 audit(1752406354.395:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.0.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f222ff8e929 code=0x7ffc0000
[  481.845669][   T30] audit: type=1326 audit(1752406354.395:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.0.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222ff8e929 code=0x7ffc0000
[  481.868916][   T30] audit: type=1326 audit(1752406354.395:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.0.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222ff8e929 code=0x7ffc0000
[  481.891707][   T30] audit: type=1326 audit(1752406354.395:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.0.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f222ff8e929 code=0x7ffc0000
[  482.555315][   T30] audit: type=1326 audit(1752406354.395:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10632 comm="syz.0.1311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f222ff8e929 code=0x7ffc0000
[  483.285058][T10659] input: syz1 as /devices/virtual/input/input34
[  483.520003][T10659] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  483.642866][T10668] input: syz1 as /devices/virtual/input/input35
[  487.928406][T10717] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1337'.
[  488.711642][T10721] syz.3.1338: attempt to access beyond end of device
[  488.711642][T10721] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  488.729366][T10721] syz.3.1338: attempt to access beyond end of device
[  488.729366][T10721] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  488.742682][T10721] Mount JFS Failure: -5
[  490.045787][ T5966] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  490.532804][T10757] ------------[ cut here ]------------
[  490.539886][T10757] WARNING: CPU: 1 PID: 10757 at ./include/linux/memcontrol.h:371 folio_memcg+0x1a8/0x310
[  490.550132][T10757] Modules linked in:
[  490.554374][T10757] CPU: 1 UID: 0 PID: 10757 Comm: syz.5.1349 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  490.567460][T10757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  490.577647][T10757] RIP: 0010:folio_memcg+0x1a8/0x310
[  490.582881][T10757] Code: 80 3c 28 00 74 08 4c 89 f7 e8 74 ca 1b 00 4d 8b 36 4c 89 f0 5b 41 5c 41 5d 41 5e 41 5f 5d e9 ff 55 65 09 cc e8 e9 74 ba ff 90 <0f> 0b 90 eb c5 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c fe fe ff ff
[  490.602803][T10757] RSP: 0018:ffffc900039df250 EFLAGS: 00010287
[  490.609580][T10757] RAX: ffffffff8205bd67 RBX: 0000000000000000 RCX: 0000000000080000
[  490.617741][T10757] RDX: ffffc9001dc8f000 RSI: 00000000000006b0 RDI: 00000000000006b1
[  490.627240][T10757] RBP: 0000000000000000 R08: ffffea000084f187 R09: 1ffffd4000109e30
[  490.635245][T10757] R10: dffffc0000000000 R11: fffff94000109e31 R12: ffffea000084f1b0
[  490.636906][T10764] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1351'.
[  490.644367][T10757] R13: dffffc0000000000 R14: ffff88802f5b1500 R15: 0000000000000002
[  490.660341][T10757] FS:  00007f2318ec96c0(0000) GS:ffff888125d4f000(0000) knlGS:0000000000000000
[  490.669324][T10757] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  490.676029][T10757] CR2: 0000000000000000 CR3: 000000007cb26000 CR4: 00000000003526f0
[  490.684021][T10757] Call Trace:
[  490.687366][T10757]  <TASK>
[  490.690320][T10757]  workingset_activation+0x5f/0x4a0
[  490.695681][T10757]  ? folio_mark_accessed+0x2a1/0x4a0
[  490.701046][T10757]  folio_mark_accessed+0x3b5/0x4a0
[  490.706227][T10757]  kvm_release_page_clean+0x9a/0xe0
[  490.711456][T10757]  kvm_tdp_page_fault+0x2dd/0x370
[  490.716614][T10757]  kvm_mmu_do_page_fault+0x2c5/0x640
[  490.721938][T10757]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[  490.729177][T10757]  ? vmx_handle_exit_irqoff+0x29e/0xad0
[  490.734756][T10757]  ? __pfx_current_save_fsgs+0x10/0x10
[  490.741475][T10757]  kvm_mmu_page_fault+0x22f/0xb70
[  490.746594][T10757]  ? __pfx_handle_ept_violation+0x10/0x10
[  490.752339][T10757]  vmx_handle_exit+0x1090/0x18a0
[  490.757352][T10757]  ? vcpu_run+0x361c/0x6f70
[  490.761899][T10757]  vcpu_run+0x432e/0x6f70
[  490.766303][T10757]  ? vcpu_run+0x361c/0x6f70
[  490.770887][T10757]  ? __pfx_vcpu_run+0x10/0x10
[  490.775949][T10757]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  490.781710][T10757]  ? rcu_is_watching+0x15/0xb0
[  490.786670][T10757]  kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[  490.792262][T10757]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  490.798108][T10757]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  490.804117][T10757]  ? rcu_is_watching+0x15/0xb0
[  490.808979][T10757]  ? trace_contention_end+0x39/0x120
[  490.814291][T10757]  ? __mutex_lock+0x330/0xe80
[  490.819057][T10757]  ? kasan_quarantine_put+0xdd/0x220
[  490.824371][T10757]  ? kvm_vcpu_ioctl+0x22e/0xe90
[  490.831119][T10757]  ? __pfx___mutex_lock+0x10/0x10
[  490.837418][T10757]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  490.843087][T10757]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  490.848866][T10757]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  490.854879][T10757]  kvm_vcpu_ioctl+0x95c/0xe90
[  490.859667][T10757]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  490.864899][T10757]  ? __lock_acquire+0xab9/0xd20
[  490.869870][T10757]  ? __asan_memset+0x22/0x50
[  490.874496][T10757]  ? smack_file_ioctl+0x302/0x340
[  490.879625][T10757]  ? __pfx_smack_file_ioctl+0x10/0x10
[  490.885039][T10757]  ? __fget_files+0x2a/0x420
[  490.889767][T10757]  ? __fget_files+0x3a0/0x420
[  490.894465][T10757]  ? __fget_files+0x2a/0x420
[  490.899139][T10757]  ? bpf_lsm_file_ioctl+0x9/0x20
[  490.904098][T10757]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  490.909440][T10757]  __se_sys_ioctl+0xf9/0x170
[  490.914066][T10757]  do_syscall_64+0xfa/0x3b0
[  490.918637][T10757]  ? lockdep_hardirqs_on+0x9c/0x150
[  490.923868][T10757]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.930442][T10757]  ? clear_bhb_loop+0x60/0xb0
[  490.936509][T10757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.942431][T10757] RIP: 0033:0x7f2317f8e929
[  490.947901][T10757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.967634][T10757] RSP: 002b:00007f2318ec9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  490.976152][T10757] RAX: ffffffffffffffda RBX: 00007f23181b5fa0 RCX: 00007f2317f8e929
[  490.984146][T10757] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009
[  490.992227][T10757] RBP: 00007f2318010b39 R08: 0000000000000000 R09: 0000000000000000
[  491.000258][T10757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  491.008327][T10757] R13: 0000000000000000 R14: 00007f23181b5fa0 R15: 00007ffc6a381c58
[  491.016391][T10757]  </TASK>
[  491.019437][T10757] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  491.026732][T10757] CPU: 1 UID: 0 PID: 10757 Comm: syz.5.1349 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  491.038807][T10757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  491.048882][T10757] Call Trace:
[  491.052178][T10757]  <TASK>
[  491.055128][T10757]  dump_stack_lvl+0x99/0x250
[  491.059742][T10757]  ? __asan_memcpy+0x40/0x70
[  491.064357][T10757]  ? __pfx_dump_stack_lvl+0x10/0x10
[  491.069581][T10757]  ? __pfx__printk+0x10/0x10
[  491.074205][T10757]  panic+0x2db/0x790
[  491.078130][T10757]  ? __pfx_panic+0x10/0x10
[  491.082586][T10757]  __warn+0x31b/0x4b0
[  491.086583][T10757]  ? folio_memcg+0x1a8/0x310
[  491.091174][T10757]  ? folio_memcg+0x1a8/0x310
[  491.095759][T10757]  report_bug+0x2be/0x4f0
[  491.100085][T10757]  ? folio_memcg+0x1a8/0x310
[  491.104669][T10757]  ? folio_memcg+0x1a8/0x310
[  491.109259][T10757]  ? folio_memcg+0x1aa/0x310
[  491.113839][T10757]  handle_bug+0x84/0x160
[  491.118079][T10757]  exc_invalid_op+0x1a/0x50
[  491.122578][T10757]  asm_exc_invalid_op+0x1a/0x20
[  491.127420][T10757] RIP: 0010:folio_memcg+0x1a8/0x310
[  491.132778][T10757] Code: 80 3c 28 00 74 08 4c 89 f7 e8 74 ca 1b 00 4d 8b 36 4c 89 f0 5b 41 5c 41 5d 41 5e 41 5f 5d e9 ff 55 65 09 cc e8 e9 74 ba ff 90 <0f> 0b 90 eb c5 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c fe fe ff ff
[  491.152390][T10757] RSP: 0018:ffffc900039df250 EFLAGS: 00010287
[  491.158463][T10757] RAX: ffffffff8205bd67 RBX: 0000000000000000 RCX: 0000000000080000
[  491.166429][T10757] RDX: ffffc9001dc8f000 RSI: 00000000000006b0 RDI: 00000000000006b1
[  491.174396][T10757] RBP: 0000000000000000 R08: ffffea000084f187 R09: 1ffffd4000109e30
[  491.182368][T10757] R10: dffffc0000000000 R11: fffff94000109e31 R12: ffffea000084f1b0
[  491.190337][T10757] R13: dffffc0000000000 R14: ffff88802f5b1500 R15: 0000000000000002
[  491.198320][T10757]  ? folio_memcg+0x1a7/0x310
[  491.202917][T10757]  workingset_activation+0x5f/0x4a0
[  491.208107][T10757]  ? folio_mark_accessed+0x2a1/0x4a0
[  491.213388][T10757]  folio_mark_accessed+0x3b5/0x4a0
[  491.218510][T10757]  kvm_release_page_clean+0x9a/0xe0
[  491.223719][T10757]  kvm_tdp_page_fault+0x2dd/0x370
[  491.228758][T10757]  kvm_mmu_do_page_fault+0x2c5/0x640
[  491.234056][T10757]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[  491.239876][T10757]  ? vmx_handle_exit_irqoff+0x29e/0xad0
[  491.245422][T10757]  ? __pfx_current_save_fsgs+0x10/0x10
[  491.250885][T10757]  kvm_mmu_page_fault+0x22f/0xb70
[  491.255920][T10757]  ? __pfx_handle_ept_violation+0x10/0x10
[  491.261641][T10757]  vmx_handle_exit+0x1090/0x18a0
[  491.266608][T10757]  ? vcpu_run+0x361c/0x6f70
[  491.271118][T10757]  vcpu_run+0x432e/0x6f70
[  491.275460][T10757]  ? vcpu_run+0x361c/0x6f70
[  491.279999][T10757]  ? __pfx_vcpu_run+0x10/0x10
[  491.284678][T10757]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  491.290402][T10757]  ? rcu_is_watching+0x15/0xb0
[  491.295171][T10757]  kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[  491.300720][T10757]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  491.306440][T10757]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  491.312424][T10757]  ? rcu_is_watching+0x15/0xb0
[  491.317182][T10757]  ? trace_contention_end+0x39/0x120
[  491.322464][T10757]  ? __mutex_lock+0x330/0xe80
[  491.327132][T10757]  ? kasan_quarantine_put+0xdd/0x220
[  491.332421][T10757]  ? kvm_vcpu_ioctl+0x22e/0xe90
[  491.337267][T10757]  ? __pfx___mutex_lock+0x10/0x10
[  491.342283][T10757]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  491.347917][T10757]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  491.353548][T10757]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  491.359532][T10757]  kvm_vcpu_ioctl+0x95c/0xe90
[  491.364208][T10757]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  491.369404][T10757]  ? __lock_acquire+0xab9/0xd20
[  491.374248][T10757]  ? __asan_memset+0x22/0x50
[  491.378833][T10757]  ? smack_file_ioctl+0x302/0x340
[  491.383853][T10757]  ? __pfx_smack_file_ioctl+0x10/0x10
[  491.389224][T10757]  ? __fget_files+0x2a/0x420
[  491.393801][T10757]  ? __fget_files+0x3a0/0x420
[  491.398469][T10757]  ? __fget_files+0x2a/0x420
[  491.403048][T10757]  ? bpf_lsm_file_ioctl+0x9/0x20
[  491.407973][T10757]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  491.413163][T10757]  __se_sys_ioctl+0xf9/0x170
[  491.417751][T10757]  do_syscall_64+0xfa/0x3b0
[  491.422251][T10757]  ? lockdep_hardirqs_on+0x9c/0x150
[  491.427447][T10757]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.433507][T10757]  ? clear_bhb_loop+0x60/0xb0
[  491.438178][T10757]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.444061][T10757] RIP: 0033:0x7f2317f8e929
[  491.448470][T10757] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.468068][T10757] RSP: 002b:00007f2318ec9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  491.476486][T10757] RAX: ffffffffffffffda RBX: 00007f23181b5fa0 RCX: 00007f2317f8e929
[  491.484452][T10757] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009
[  491.492415][T10757] RBP: 00007f2318010b39 R08: 0000000000000000 R09: 0000000000000000
[  491.500374][T10757] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  491.508339][T10757] R13: 0000000000000000 R14: 00007f23181b5fa0 R15: 00007ffc6a381c58
[  491.516313][T10757]  </TASK>
[  491.519465][T10757] Kernel Offset: disabled
[  491.523774][T10757] Rebooting in 86400 seconds..