last executing test programs:

26m54.780916647s ago: executing program 2 (id=1109):
futex(&(0x7f000000cffc)=0x4, 0x0, 0x4, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x5, 0x1, 0x0, &(0x7f0000048000)=0x1f00, 0x21000000)

26m54.170204669s ago: executing program 2 (id=1110):
set_mempolicy(0x2, 0x0, 0xf5)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r2, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000019100))
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
r5 = syz_clone(0x12800100, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r5, 0x39)
syz_clone3(&(0x7f00000004c0)={0x80000, 0x0, 0x0, &(0x7f0000000300), {0x15}, &(0x7f0000000340)=""/88, 0x58, &(0x7f00000003c0)=""/172, &(0x7f0000000480)=[0xffffffffffffffff, 0x0, 0x0], 0x3}, 0x58)
socket(0x10, 0x3, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
accept4(r6, 0x0, 0x0, 0x800)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

26m51.720462122s ago: executing program 2 (id=1117):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
r0 = socket(0x1e, 0x2, 0x0)
socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x4000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x1000000000, 0x7, 0xfa11, 0xffffffff}, 0x0)
socket(0x2, 0x80805, 0x0)
pipe2(0x0, 0x800)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r5, 0x5452, &(0x7f0000000040)=0xcd8)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r5, &(0x7f0000000100)={0x20000014})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000040)={0x0, &(0x7f0000000340)}, 0x8)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4000, @fd_index=0x4, 0x0, 0x0, 0x0, 0x8})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/profiling', 0x40042, 0x101)
ioctl$LOOP_CONFIGURE(0xffffffffffffffff, 0x4c0a, 0x0)

26m49.471731298s ago: executing program 2 (id=1123):
syz_open_dev$vbi(&(0x7f0000000340), 0x0, 0x2)
r0 = syz_open_dev$sndctrl(&(0x7f0000000080), 0xc, 0x0)
ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
gettid()
openat$kvm(0xffffffffffffff9c, 0x0, 0x400, 0x0)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f024})
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TCSETAW(r4, 0x5407, &(0x7f0000000040)={0x2, 0x8, 0x9, 0xfffd, 0x19, "1d510a00"})
ioctl$TIOCMSET(r4, 0x5418, &(0x7f0000000000)=0x8001)
openat$ttyS3(0xffffff9c, &(0x7f0000000140), 0x24400, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
r5 = socket$tipc(0x1e, 0x4, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000240)={0x42, 0x2, 0x3}, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), r2)
sendmsg$TIPC_NL_NET_SET(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000006c0)={0x20, r6, 0x1, 0x80, 0x25dfdbfe, {0xf, 0x0, 0x2d}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}]}]}, 0x20}, 0x1, 0x0, 0x0, 0xa801}, 0x0)

26m48.950669241s ago: executing program 2 (id=1125):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001c800500"], 0x270}, 0x1, 0x0, 0x0, 0x20008015}, 0x4)

26m48.801371021s ago: executing program 2 (id=1126):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair(0x1d, 0xa, 0x5, &(0x7f0000001300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair(0x5, 0xa, 0x4, &(0x7f0000001640))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f0000000380)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r2, &(0x7f0000000100), 0x8000287, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000140))
sched_setattr(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000280)=ANY=[@ANYBLOB="20000000040000000239f11c2739969f6ed5801863ab3c59f8", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="010000000500"/28], 0x50)
listen(0xffffffffffffffff, 0x0)
r4 = socket(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000040)="1400000052004f030e789e7e27286d000a4149f3", 0x14)
recvmmsg(r4, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r6, 0x0)
write$sndseq(r5, &(0x7f0000000000), 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000040)=@fragment={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x8)
bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000000)='wg1\x00', 0x4)
getsockopt$inet6_opts(r0, 0x29, 0x36, 0xfffffffffffffffe, &(0x7f0000000840))

26m33.105845693s ago: executing program 32 (id=1126):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair(0x1d, 0xa, 0x5, &(0x7f0000001300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair(0x5, 0xa, 0x4, &(0x7f0000001640))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f0000000380)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r2, &(0x7f0000000100), 0x8000287, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$TIOCSPTLCK(0xffffffffffffffff, 0x40045431, 0x0)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000000140))
sched_setattr(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x700000000000000, &(0x7f0000000280)=ANY=[@ANYBLOB="20000000040000000239f11c2739969f6ed5801863ab3c59f8", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="010000000500"/28], 0x50)
listen(0xffffffffffffffff, 0x0)
r4 = socket(0x10, 0x3, 0x0)
write(r4, &(0x7f0000000040)="1400000052004f030e789e7e27286d000a4149f3", 0x14)
recvmmsg(r4, &(0x7f0000005c80)=[{{0x0, 0x0, 0x0}}], 0x344, 0x10122, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
r6 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r6, 0x0)
write$sndseq(r5, &(0x7f0000000000), 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
shutdown(0xffffffffffffffff, 0x1)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000040)=@fragment={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x8)
bind$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e20, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f0000000000)='wg1\x00', 0x4)
getsockopt$inet6_opts(r0, 0x29, 0x36, 0xfffffffffffffffe, &(0x7f0000000840))

16.340900248s ago: executing program 0 (id=5721):
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r2, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x40, 0x6, 0x8}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x1, 0x0, r3, 0x200007af}, 0x50)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000540)={&(0x7f0000000200)="85", 0x0, 0x0, 0x0, 0x5, r4}, 0x38)
r5 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@gettaction={0x34, 0x32, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}, @action_gd=@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x20, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}]}, @action_gd=@TCA_ACT_TAB={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4081}, 0x24000850)
write$6lowpan_control(r5, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
r6 = openat$full(0xffffff9c, &(0x7f00000001c0), 0x40, 0x0)
ioctl$TIOCSERGETLSR(r6, 0x5459, &(0x7f0000000200))
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
r7 = inotify_init1(0x80800)
ioctl$TIOCGISO7816(r6, 0x80285442, &(0x7f00000002c0))
r8 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_int(r8, 0x29, 0x1000000000021, &(0x7f0000000000)=0xffffffc3, 0x4)
inotify_add_watch(r7, &(0x7f0000000180)='./control\x00', 0x64000ba6)
inotify_add_watch(r7, &(0x7f0000000180)='./control\x00', 0xa4000960)
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f0000000000)=0xffff0018)
mknod$loop(&(0x7f0000000100)='./control\x00', 0x40, 0x1)
mlockall(0x2)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000380)=ANY=[@ANYBLOB="1201000000000010ac05470200000000000109022400010000"], 0x0)

13.152426153s ago: executing program 0 (id=5732):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8b19, &(0x7f0000000040)={'wlan1\x00', @random="0100"})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r3 = syz_open_dev$radio(&(0x7f0000000080), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r3, 0x40305652, &(0x7f0000000000)={0x0, 0x1, 0x8000, 0x0, 0x0, 0x8fc3, 0x10000})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
io_submit(0x0, 0x0, &(0x7f0000002900))
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
io_uring_register$IORING_REGISTER_RING_FDS(r4, 0x14, 0x0, 0x0)
openat$procfs(0xffffff9c, &(0x7f00000001c0)='/proc/sysvipc/msg\x00', 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001cc0)={0x24, 0x0, 0x5, 0x1, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
fsmount(0xffffffffffffffff, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000140)=@raw=[@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0xfffffffffffffff4}, @exit], &(0x7f00000000c0)='GPL\x00', 0x7}, 0x94)
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000000)={'ipvlan1\x00', {0x2, 0x0, @broadcast=0xac141436}})
r7 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x19, 0x64, 0xd4, 0x8, 0x1a86, 0xe092, 0x533f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x2, 0x0, 0x10, 0x3, [{{0x9, 0x4, 0x1f, 0x2, 0x1, 0xe9, 0x17, 0xf3, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
socket$unix(0x1, 0x2, 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r7, &(0x7f0000000440)={0xc, 0x0, &(0x7f0000000200)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)

9.116661479s ago: executing program 3 (id=5740):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r1, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x2, 0x0, 0x14}, @ipv4=@tcp={{0x6, 0x4, 0x0, 0x8, 0xfc0, 0x68, 0x0, 0x3, 0x6, 0x0, @private=0xa010100, @remote, {[@end]}}, {{0x4e20, 0x4e22, 0x41424344, 0x41424344, 0x1, 0x0, 0x6, 0x10, 0x1, 0x0, 0x8, {[@mss={0x2, 0x4, 0xb}]}}, {"ff09eb92334ce7bdbce1cc8ea7c31c4233f717f38859083e7244d871b6582e4b77453efb5c862f933cb39161906e8b6c78ab07fe1b3fe07565e76f3049a8f11350ffa159ce18eb0ce3712cc785657be76b1587f708924c9feb2e292ab97040cca863de23b3b516cc537105bb0404f84119e4260762c50671dc5aab1358ab653fbfb4bbcd3b4664ec16d8f9ec7829cd1af4a5450585bb1de8f968728adf5dec1de9e1e4a8ababf331c67b6c63551249f96344f4f4656e7cd6bf657857a8af5d2df76f377033b968501e40ed92b801d6efaaa61bdc158a6194b1fd1d6380bb7300a70b1d36c1a76ca97d8aec866053ca0d0d4830f966f48a3461bc25fba4dec31acaa7571527df4164e4f6a96c48ac714f8a8e0a4cd14617b52de88f0bee1cffccc96655f4fc658b5a0510e050f6f40aa3d28453590c3af7a4460719f9106f81797c856d60ec8528cc0c9487e69aa50cea9f374fa68593421c48bae1999c875cb205cc55f3c991416ff38e4f093a4c86ad36f19d1b3578242eedcfafd2c931fd2868dc24d9892f790ed560f40a848dd0670f0f611a61640053a2641ddc8ea149145bc5669b176bf12f40d9e0664760a3e476a93a362dd7dfcc3fd9f8be8ee2cd7a0a5fe189031bacbc1ed8e7c15a2bae104b7650c38ed42128a21ad834bac63ed73159e680f90d41475f28567eef33b4c21860ea1cd7a3f56ca286f87608ed49b72d36a1e6b04e4e0ba9ba7f76bece6426a6cad503c8ab33f28772edee91ab52fa29ff4da3893fa0629d1084b2a87f00a468feed92e5fe5aef33ae040aeb89098033fa81bec4535683391297f750f184f06ccb58dfa50ae2d6c159a0208481450bf38bca83f26c50fffe1449895cb8c990aa1cc0dd4cd2d0b4b3cc0006626898fdf274ecfaa1650c61e17f303f41559d75d470da40196aa5dff545903db275a12166b1692f334c70e4c5cf2ca2410989b429e3bc6e2e630adc5d6a039ad7872c4b4754cceeec43a3323d4594fcc28623e65f3067444e098c8817c9eb3f6dc06b6ec407438c09f2c137009c06505d88e0337c765f6c3b16f53bb0d1b235dbdc509ea3fd0996c8cad5bce70eea4d8852e7adfc222b06552d250e70211228251bfb5b95dd3b09bc30fc52337505a6f0689bfca144db622dead3525fbb73056d1b7fa7b08535af3952a8d77a1f34655eb69616c963f4e8b34e88b8405e0e3cd5130c4f98c4e180bfe76ec6cd6ac5e8ccf5d1cf99fdd79bca0a227ee78d2037a55c8593f7ff10bd42d82cd6c4931df7fa6c0c6a8246cef83599095269fb7841aec2cf1afb41d1c7c54136b2737d2c2ae2be604058b657eec27669b99fa669c92a9ebc8e817ed6860070d2fe6bad743ee65d35633de56f026710729102ed175e2ec0af8cc2840af173c71862e90bd370cd3d277a7d2622a5f00946649c1d7894f2a69c3cf8e21276d72c4536149038f9967ec0c748de34376da7971495e0cd783056cdf20cddab2e2201ea43e657e36c54d42c47d1e6a1c9dede599e6c0baac06c2e3fcc5687c5d4706f32337ab639633822dd98089ba20c532fbe4a5e72963d53a86ec34d6a4aa536015a3272c0d4cc0a3a3ab2196ec7a92bf2daf638ba5957941ff0facfe6a161da6a6cbf8e6b40c8b6a601ee91e592f6bb9dc85f84c99e088004ed3f650404934c8b1d436500f3c83333b33be5532076d1a718f80c139db1ac28c953cc23394a5a137567cde82fc681f32e66aa415c2358d02486cb6cb4d6a77e5b27d729e0116773725410332c58b4cc3683fc9dc5235b19a60ea8794986e56e5e8e2ce65655f261ee0c33c8c0b99e7b5bc61fb55040d9e109a3a1182a0f81c2ca081b14cc207b11dad4592add90ff543d2d237421f938af8a010cd197502dbf42f14f1572aabc9f16593a735c07484d61bc43b5f300eb66abe2052cec153f89c1819512316ad728eca65949bf1f903a556ae67871a0d35b0fcb5485e8fae70695cf90547784da27450d6c3e6049bf2f1b923fab49cf4caebccc7a0171aee4364db173c795cc486475427fb92efdbf161ab7a35aecb8e1d5435ea2733cc8dc3f824b00c6d3e05e406de563d1fc6aa77ef76351a3be04557d915df5ed1fd52207872666bbff9ffb84a6e91ae863af42b3e9dd6da62115ab71c6db508875db1a83e631c4cd658a6492cb1a8bd4a42b4546afb74484d519cb5b1a8db29d91ea575a09dc45f63b51b0ace075511556116db62507ed8b163430eea2dcc171890c51afe0ffb22d6595c15112730ce041648d543abf1871bb62b40303b277b2084eaee4895a9e552bcb2d319cbf733d2682940050095fc9499f116e3c828727c2f0755e2c624891a794a1bd9ff52237f13ccf144e67b5311e556333c5b11816fecd78fffb72190480b93e7fe13682b465aad1c2cf564c16d3e8fb07aed4b415f781a52dda6822ed0023b93c07b61e7740470216f29cb9c770ffd33837a6a0bc2990899778c74af304996ec13c1fc935b6d67b23f5190bf8b1bb3cc4e42bb2b9f1e3b330f24fe172396da0c8b52cdb4351a80fcebfcc85e54436327d8ad72d288551540f9a7bda7ecf2f2c41c3e775e26313de86c1b41ea1199321d533abe105ebfd90c9defd30ce9c7ea7a342b310eeca3dd88732dd9d7751c0ae685fbaed556727d2ece266a66ec7adc3a20f377b386ca7c909aba90fef9605ac37d43dd89e4da8455f086c1d2ce9c5b0eb4296ac64b7c244b28b4fd66a8be0442cbeacc7ba871efb11069d7c28dcdaf5798d0025741e461adabb3f270d056b1fe961e6626fc9a533924364687e80aa10e8ae081d743487bcfa97c0e1938dd47fc9075c3b0772284d98e683f0314c4a261845a3e50106e9c0a529b77293c251472a8eb6213ae49b0cc9d569e0a0c4fa1fb10663e4e0b6b0f9cee796aace2a1b42e42758a0180c2ee89119bf9359c6a277a062eda92a932ccf4b72ec1f998224acbe9eb8d594b8861b65ac276f1d401418c7be4d9344b52eb07aa74ba352e347f06e7e923b86cae5c0beb9f7aa0201b6537a82ea8f9281ac6e82a327ea7b879209dd30c1d40c22c402d3e6f09f4b4146b28cac26532eafbb5f6a67f6f734601ab352c804083570087124b23d7d3bff4d31569fcb8c091f157336d11e0e388a91ddf82b05b22dc3cc2ba4355a9453d9329cbca9d52489f15da5849ba32eb11d91184c6a352fe064aae6e85de05288282f911ebf2a932d43413c9bff9cb50f86af7eecca5eb9e3ce7fe9bc1743bcf24d01d02961116a87e4b55ddc1f217fb488c002cd85bb79db625bded4360983abf1e4574a9a46cfe05f0e45da2dd28703599adbae4703aad3ba1cc44813bcdf2432f0e5e9dd67ee8c6b34a9107fb81f21d87dd8fdf270068528685ea3c989beddc08410a59b5ad68d2fd9b37f8b3fddef393433de51b01314e3d6bb08fd7ea5b9abb4d4ccc5a5a43820004ac3870491b8df621be5388e2c3e2c40843d6798c493b308bef505d9f2d2734990a30150b4cefcaeb590118d21f331f201569c778cd5e54e34ec30a73d1fd48cd5d64d444a2a58856a71fa8173713136bdaef1b9cf1776cd7d5be3179ae7a2a95d7138334add686c5b50ca87e41b4c3f5343387cc491e97c280becefd3d72ae959a4fb3e51c15d6dea3210c480342c1748a040879f005f98a8b0d6a32fad631f557694179d117f71ae5fa6d54d4208aca72c5d1e03d34e80b221522c04b1bc7bc1ee008550a1757a1b74a0fea1d22778fd7e7a5f58e41cf72edf60d751bc35223646397457e8f9036838fd3b72e2bc176acc3e1e99a392b1d496cbfbdaa641b2212ef41c1728dd587272849b3a5cbe3b66f7eaf622d2cdf72ada32ccd3e16dddba2c890beaa8dba3773c88415fbcb733084a9bac52b6844f28377ba01fa3a09f74a57d87f31468ee2c64ae05b35fe3d660bcc6ed908b710a1216974db0232d90a124a4e8ee30322a20455feb4d0bef13ce0fafb56f492a99c3fb1c57900330bf75246147b44f23c77554119f1d96a4558d8fff90922af4f9299407344d7292d29ce3446e39bd9277e513e6068394584a08b356e6a0c641108f6e89390290844548a6c8122d8a83cc6c7d7f0c10d330a537d832bc779ea245a37c850b85858885541da0f914e1a41ec5b49ad9b3b41814f66c50bd1f49cd514d027ecd1bd2f002f1989fc621f23d6d5f1b9976ce95c305fa34ebd3404919c3414fd97227a590684ce5af0a18fb4fa6f41d4a3951fb49cc8184b547e9aa2ceb4912975ecf8e956bb29389789b8ceab72e7ae88fb402795ba7712323409fc83cbaf10a523dd4602d9ae7c158a56fee8df04ba4c48cdd63b1ce09bc697ca138f01f261f51bdc05480b7cf5f64836bf8e029d4883d4bc2f53115129cee1d9a9e57b4a5fb4ebef2237a2bdad349baeab05e6b24167ba67ea94f808d9d1386b08b0fd3c92a80ed253db5bb40e6a0c308339c615af56e554ed0d78881228da41706acd8596c52e33abc8a4a3317847dd50b8d77b341063fb29dd02594a540fa737a4dcf9c57ca8717d36e8a8a84eecf9ebb7bb0f4d8cb0f247f982e4fb7a29a7072f08eb1479e278b1084f4faba3c75b6c33438e24e7b454f1e8ee7c64507ef34f37e8655f49cf6871e8012bbf80d2fe2ad9424464d0a408ca50037f1b1221c2d3dbe4dfa75c236f6b59b8a9c8e3a4b1ef73bae3f8d44affc10c72485dee42b73671867221778a6f9ba1ddd5715a6115845af2da8687e0e75f35cca527cb21a07bb2018a574a7e1eb626ad6939990038588cabc63aaafada2c88336f2c764d52cf5c3740371c79ed30f4b7325768c43b9daab5532b4778bdc380bc56bf656eaeea1f7987db28672850e46fce9c9d7dcc7df7b01e9f98ae98890491949c3a9af72cf35227fe88e79d1853ab46903dffd8ceb6060b5a2da5ee061db21e07124b510af4be93a2eda5c9469c73ef661e52d1d3ddf6d0dbd58715730485d26b731da17fb67b1bdedd400cdd472ab88c059e99452b932202fa8500e9b14ec63791857fc33fb97a21469dc318e9799d6b8d3155a9b9ddae7704457f9fbafd0756fcf8464e2398a88b2b4ea3f655cacd390f6df7b195b35b25c6873f0c53ba2939efe513e448ec1c406380ca4e0a6ef53cb183f05bfe99b003429aa5a4709dbf9b6da2fcbc243bcc6b6e8840ed0636af84b6dd3c3b9e50f19c7fda40185dd542f8ff32e7ca9fad274847238e05cf0db24cf7ac1e2cecbcb20bbfe4868b6245899d8e6717a1f9321fd38b87c0c02bb24ed937e9460d03a5a38fa8e0d222105c8527d898f889bbe298b368fff9b951d1b0780352ce8ad10a5dea883292d6cf149618406fc33ca1539da60a1922ee27b7b74aa3507e6a5731bf2c42c879e9efa0750c8bacc63e2225589eab7bf237c259f715248b61278e4ef6f6d238d5bc9bde650795243874b294f228597cf687df0aa8ab1e58548991a1bd903f70408cd4c23f2db7f2ad3f9a0b12a4e52f09270d8f79aa0cde1ffd268d50fcf47c5b2a41898a076e8467cc40de311c26a1f5ff5d1a6693402f927077083490b65e594d5f4e848dc76e03adb210826926ef65e1f63346ad6a14b732cd7a23bf393e72b3c264258d7ea827d03e67140c89ceaaad28cb7f229db"}}}}, 0xfce)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',default_permissions'], 0x0, 0x0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000008100)="58785f58471eb4b5b3ff3946acaad41068511507291e72541d949ffc8a54ff637ccef1fe8511899ea7f3c82cbc6539763a34f6760c1608c911801ca672e62708ba4fc023749076ff6a0daba0caa57000acbd9ecf5e97201f7f14e715bc8c089c3d65e92fd65dedb76d61715067ccf6dfec2b56a48f2b274b564d90c3d868f2bdc07b7e636ad78904bca826fa69b7783e7be2b8e7c997b99225467747875695f6d500cb82b479fe9486bb94e06f796f89906bbfccc964830f86986760ade90c3f7a9dde3172a5124c1889075ad30b5ee2a5f257a6ac790a8e89b247ccbc8d241b7b95f8fc649deffc1bc37d51a8c3dfae38ac968eb48695de38df941f9632ef9ad6779e41ccea8a3ff1cac4fa4b47a152a8f9a1bb0094f41580bbf60fa11cfaf2c535a12c866e9414ee9b58226fbdb0d221e1bdc50e3fa300351364f6350030383856f1f809aee19f337f3d3435ae6754916be1eec24643cec1bd1007ffa38418735988cc901603895f66bd6450d54f99e1246ded898499d2a447f899c00368ce1dd4a4f4cf9cdf7d4f8b38dcb98a598ac490f1086ec712b0cb94610abfdb25b0f6947b46e1dd628897ab68445568578049fa6140250a5d821d70f102fadc2fa273a6e486f250712ec847de3b02a121e19775311e8629045f3404bdfa3207aecdac43c3571b86a9423bd716aa67cb688f9ee4f2b14ea42c89f2766c78fd4ec41ab34eebb4256e885bd7e3abe4348772993bb630aa3397084bbc66cdad664d6a9d33767cc375a44dbc0b08931053a6780a796fd31e1d7c512599f9e010883a52c07ec0938ce1acb3fe3baac6af9fb7e9d7942662e41bd3626d240d5ed34ebcbcc0ccf1c3280c76fbf6cdfb04bdb2d3b4ec6a8961b1eb036b211eff6247b95039cc67d222f2ff122340c56d74b4fffa79a202144bb10ad766f1fd6b32abc3e09213da84b36698e5c67dbd76342baf2fdbd26e9563dadd01fce19d7ec025d05d0494e53229379d13c1cae48ec058cff0bc1ccdc94a74b11a9bc87c580bb6a3f45fe15d15d89bf6102dc1085bfe27b2ab462aaf642b8ceed519cf88b31e9e00fdc23e8f6967a72b4c38b2458656dbf26dd75586731bb519a97d0ff43f4358cd40c7ed371ae8a24f46e320d4c4c0a1b8c42f10908a1c283d8032d76f52d4509d78c2f3a0716c37bc0c786ce9174a88d468e88a6d154e4712778aecded0ca5de28e52c04e33672ecea5135438e908aa1bf00e65ba6dacc4bd018b7bb1c30aa5d9acc679220cb5e7207f1759bd7722d10469225aae24973031a21358532a63aab42f33b1f8f40d545fec7799703ba067592b34247fbc7375acdcb3883ace7d34cf33484f2cf662f3f0e18b5c475ae311fb20f6e6b85320b2bc37e56512dc27815b37bfd9f172be1a119197eb53b535c440fd7f24724e1d466309c0f8556965bd02d75c3dbe2baa0c6a515db07af1f77306577d0b38f0aa8cb188cf5523368951b8210f4bfc6afa0d058ad84656d27a46faef225e6268396ecb54a5182591bff3a86792db5454e238afe7c26eae85fd3c1c060760d89223bbdbe8966ae2558f47d799839cd959c974b69ad262cf8ab4fee554288e767ede9bc5d7f0cfba05966ef7858e41db363122680abe978345d45e4b52b73fe9f52ad26371a5b0539d88aa0c572aa01a41b079dde5a14e031ad903629d06c8d85ad82828c25a9ba7ce0fef2316eb011643e47feca7d280833f8b3008841fb2d88ea84df65b03aa5baaa29d6234ed5db8db461fc5df77aad38690277cd5dac1ed3c23c9f2778295578561f9a4d31159a826b4b62b2a867e6e8a9514edddaacad22106880e6633fb2f3b17c8d10bec633d6128489f7253b3e3e38e5942743ddd1547dfab27a152549f61891e3a5ad17f733b042f7ef915ad7423b9719fee9142407fe1d10ec8b64a21cd24fd39de4496ca3f394f07149bdbf1393181b5afee090ff40ee31d34a9c6a113e3823fac425fa85e212de1a9f7c4937ba64f3327961fccf85e6fa29be12de9589671d60d4658b1562ce7dedcde8ec79d265c13f5e197b66989c3f067d2801fcd78bb92b45e55fb4089a7cd3b179284af782ae0327ba56fc307a281772384448ee465dccefe41be8d75c8cd0eb5c0217d7ca706848f9b82500b77c2d838cbd536304556af87d3b6fb9183b5dc9cf2d0f7ecbb24d9f790151b9c6092dfb2c14decbe6448362cd7c13515f66a99c37b56134d12e8c7f1a5b75e14e47f84d8658f0b65ea91014e2e4fd361f03dbf8ca509d426ca1bba7e43ce918268393ff16b17d9e1bb49fb2b4f6eeb8b4b226c79303b19412a55b7ea7c8774ccebd8d66abe117a8be9a3c4faea730902136df57aff991b59dd71610ba4c8e1cded8287c21c56526f4fb6c502ea73ae310d56640990b3e695b278de6e1eebd51108cf7547c0e457e5fdf59691baf080dd3f5dc3c9a10bd4cc5e10ba42d4d3d9dc4f7ebe0bd2981a1d6fb06f7457dca1e56fac3f0fa7ca19ec2fb7940ee837e960d93a73bf085eaa2888fe3025aadd33cae85d63273be6ae3a92e35d78602d8e23b9460f04b7c0e0e710d10fdb0dd3fa9b880865603500d81dc7e968e8046569830b526e441f25f8b0af47d524aa80fd7dd9c3f72facec2032e2c06bc33c6b739c5368bf54e32b6acdca9d2d14276a8348ae92bfbd60f6aceecf98f3c6fe70747499b25667a96c52e21236421b27deafbc6b5e2b8a4ea2a0d3cd5ee1a10f3153b529b5c04a1961223a943842e17ee0cd114ce6983536400fc40f3d4708436954803fd60caf2b5ed7e4ce90bc75385e2424191c6a5038fa15d99aade49fa1affe63fb73078a6bb4ee560b0b521aeb33f507bdf876829f4d3f695197468e41503a10870a8e6df800608ac33dfdecc03f64d03fb6180287a684063c7edfc8db1366f6bb502fe446085f6acc4741b273a0b736f0f55da28967390bc7434db54ad0da9d1d002ceaa5c3e53efa95e7aaa792db32501a072e669da29fb734d771a6fa8c753fb2fcc204e31d668992473e7937fcf751bc79b125db1725f2a495bd2a4207e4db8d44810a4db5113705c5cb8733866ade3375d1bdbcb965cbd927e7d285f2933bf037911959088b64cfac0ff1e39244f2e9416653ed87ec564eb686af1062354a8bd7034c1022cb0d0b6996762ef4a0a3ab4f3deb459f023a867a38fcad2a10fcf0872862b386ff7c5ea7ce13abb112d1f0ed0723870eccc76d16f7e3cc00e28945bb93d9f2bd8e2017993102f0824867ec141f20df951202a2ab1cd796516ca0b4fdd9e6de8b82fcd30f9ab85cf0a5547e1ad1ef1ad5be7a878a16864d7c06b4ae002f3ba485a9bb36b8a591ecb64a4a5c0fd3b4beb015f58ea4cfe190f3b46cc4d9108d10c52a9de859814edac575d2a3d937a9b31db049e70aa76c085ab63d61c1317205c228f7027fa39125de8fec40ed7982e36a7cfa9fedca30f0b692bd4c7794f6b56d69ada1fed168cf03cc57321fe37e3a8cea4bd093e87b657fe5acb13d2591bebb52898362ddf0335810c70a4838faf8fff16301d16707eaa38e52f913f8aa3e27b2387ca1a217ac69966e287ad5cb0286535d5d00b7006661dbc7923a066945c1a2040a4e95d7b0de4dc8217bf1d4e9b6cccc671fdd9a5770c21e749b407df8c463a3bf17e47bfcba6a890a0435d3fbb7252fe072b149b7bfeb185b088686dd70e0c9cda275497b553aff2b319f7d7b0ed64002c5f9f6ccfc3d55d8c908d314487452f37a650f4561326a84c660b6111702a87db03595b5d080c60288203f091de9f78b997e47233f4bab9b044a98ab118a6c45b7ca746cc2fb90182a923d67216412e24a955c0c2307acc47bdd319955249d8412a5ccf444437f53f524c69ba0167c920f0c1f775cd1a225636200a9e4adf61f418d20f717339d0c8c5386af0936f628cc589a8d5581c1c8cad0b564a3f38b606473280a3fa586a5ba932fd38eeb23096df29a92ab54c409f88ef4f03217f0bb90fea539e629d8a025c802f6b5c3d735fe950c8ff7136e6db287851dfbffea1ef81491a50cb75a103367e85afa3484d6af865dfbca91dc05632b0d94aa384ee0c585424a5ddf80babe0b913b0a2eedda34c7ea7814642a69f8eae868274b16fe0f52fb60b201e6685dad3f419413d5b8186992855a25ffe0d4773a14c7977181a120cbc42af4f9acca3fee1d54ccc125ea49b62ab60c58a0ecdf50ee7c16f3b6b12b254fc08fcc85d409eef7c3f30cf705617f926a17e6588a9fd7e34be9fd863a7b157a2d9a336356d568c2d2dbaf76c2d2b2ff8703748b860e36f02b04d6e4f2fd49511f12ce395dc18622cd51948a32cc432cd797d8a68838cebbbdd9bcb6f2e85719785706012e894cb043bb9a53998131fd4aae3321d81fc001e718c4a99c0580af1d4a0c81665cc5adcf337c8bc00fc0fb3c7be0d5e5ff6a6fae5891858eafedbed69223170ccc71ce36ae439d769c3520972601fbab93f54808d6950cb7cf1e5a3b32d8c6a975e3adccca0b2ee28a4eb5ca3b0ceb9d31a8f767c3f4486a62215171738007675a55abf5916513f7eb9b21ff291f2b4b48bbfcf394cf861fe016b3680be422a8bff49963ce096d1bc17186822b1392e68b1a05fa6c70bd2d9a164f12301a6e78caa8f4cd43749704829f54c5d93637aeef80794d3f206741363e74fa181c9f1dc47557553de620794f096c59ccd74a178f5adb466ad5a62fffc1886f56ebceca4ed46ed2396bcbc31160b4eb1b7d69642e33315e3adbdbe1b9794931e7babf745ecfca37dd4190013793d530df12d6521bc069a05a94e0ffe91900a0c2209a6914d2f85bd161ff77284198129a9b1ba600bda3e52769d39c1bd61c4a70c627c3ad89aa0bdf0c93a2c35e166da9a08b4d2f92deacb6e9034274305b6d254c4052868ba32bec9aa3cec75debe24e78e43374efffe444722a983935f9007fe3de37dd83c52be16e034d09592a179275dd0c91281be579cd19c0162123886893713f25cdae19cf258926bf2070741111eee6b3df708c3fc416b7d046c948bf8500779c0cd5460e640bb1f860f58052b8087e6eb2f16e48f4984c9f9fc9fb2652ac5305861ece5362db08ae912ba055af766da1322057d0bfa647d98b8d4f1e7ed43ecdf1050c0eb19dae93b8014da57241cdab4ffacf0ec1348d4a89b3e8ff187098d83d8eba34e5c7ad4215f1977968a9d337d08fd1188754e7cf41baf0189ccaa5f3b1005f807b0255ce1920ca7d919e4684af70c3d089a99922727c607a2b06e713dd61122842a913036f6cd64dfb313fbdf639fcbd712852bb85337d056685b0a54225ae27e1e8c7ce5acd1f017b8f712c268b9cc0ee26d26c63955df0591f52ef3ef5e6f0a8b0a40fccec5f945431a2e81c35720d178feb481092e4f51978493c5fd502f252bc0152f145f268ead14932990069169483ecc7abc901657460c8730715c078b61059bd2621f50fb838376e0b808a3f118f761efea45bbac4274016960063cc67c428e72e516685552dc3bf473e442d76f2d3ed07b319694490054302a538b52e3b8496b7e37fbf4a2ffff2b484f98fdb14c66ecb8447834733f8a7a5a3c83de34b6647842dd56d8201f9d9240f3b3a5b5cbccf174a08853d06fd164fe74e04608ae12df8a35b73517d22a87c7ebca60942932d03102ff7e8644611b5520b5ebce950945498ce19210c866e48284d18fb7e049deaa43ee5283e3dfad7316ba85490e93182d13efe7ba64ee5ceeaabcff3eb24d46a3a129dd5a6b82e8c48210cb1e6564833f3e15dda4dec383b4319741cebf6374cf2c5d64722afccf7c4e2d81ae28d45f2c35b764281f1f08fec8f8e9277277ae1ae8a8981f85e041d2450afc9374e978f73b66da9aadb2087223f28e21e946eb07710ec86cdcad0948d4ca93827ea34e28806d172c3feb83471ed2d4d7ada2360b209d16b9d35861082d85b6be3c3589a6bdaf6f9b5d52ac8fd7388e32b24f1d5d34b5442c1ceebde311decd709f075d064f07bc60ab14c101ef51039eed56ae1e0a374e3e956603737b3a16db684a81e9b8998a0bb9b17a0876a92b2a3b9924f44b16ae4c7ff376ea8a8c91b504c1dbeb522cf846fc3ec6b9a01f452eeb35cade34c6a0463b92c46e013ee7906ee934141870ddd1464ae688805933504a2dc7cb1f947e28bf22f5eea6afb5de3b950056bf44065b84fd5589385d0feec4ef1db4fb4b595957130e575dc383e3686f4674143debb23e17b398f32683fb4805f297369d0e5f2e63af6891491e4e37186b4a3dffbbdcfff63d1fea4e12d24ef96fde3ed7a323a3605cdf5eaa43da738004556c2c20aa30c40079bc2e9ebe102c1fcf5259f1e3acc6b2a2bc9da4d0b1252433c58a1810581152a235e93deabf7f728eace350bcc4db4f249d4234bbd858c4e61a0eda4e3db0ae530c78eb63425502d651fd0cb986341ba69c44ede18eb3ebf25b2336cdda02447a9e20426d8206368c63b5fd6828612d3b99f627e331bab0009579de8270c36aa03861c300d34f2a3703870712325190073e6c17d8699f6744acb1b5468f93b57ab0366796181a4f543511d7ea2b32606c33cda61e81ed1c2194d305be47a3f1a9145d023620af12e79ec188573526ec35b9ce44e95fdb3530bd0431dd12a227d0ffe317cda1bbd787979261d6c9cf728b3d6bec3ba6ae15a595a30fc242bc5f25d837c1c642219afcfe043bb68a82965574b8b2139789235b262cf4af95a538e6954acf8e27ac3c95328df6e4bd615a376cd96bbc9e0d9802fbb40f80a848225e076219e26e0e63f57330b8bda69ec8dbd8b3272798cbfbb085b1885a1c22b3e2df2a879020ac1110b7af4f53ac97f556596ba0e164df0c85842026a87cf9631c9c9d851549efd8ca37e3b863e88436d5da5f4d3b5b5528e2d08d92b0d3ac6a06a0699653718e93a25b5afe254a068e300751eb6c67e3f5a1813d58d428f1ec108b88ec81444ccb50e8452941510c11f2e80bfd712f64b32b686c92ce922baf6c8eed1e9f0717a654d53b3ce1001880de80b5b15362b20286db9dfdf6c41f48aae84d5ab12ac45310f0eefc56e54113bcf95c1b2a259895af2ae9c679de4e2b898bf8a40a199a2059f8248c1303351dca3fb38906a682f66a94ee6ae6eafa7144758fabbaa60debd6eaaee7b2f1051781084b3c9d626263d011a3daf971b708750a77614753b89b5e1a77a52510ced5708083fb48c554dfd6aacfcf97650f3a3b3f97566050e76da968d4eceb83bc1e005ed1596d6e0ec5e2c90231e62496d7435ec5b28f805e3b7aefdd3718e4ff53065b8e4b15175d80eec59218d8278e711c6049bf6d62ae7069578e957135463d7616b37c1e4bf44d60dac6c7aa04cbbc4a64bb0cc0b059abb6b26f8ed5203232ddd8a6c5882e6e6c53068a71bc84c5834104e85bc96db2163798a3881929248b8c788e5bdc9e46e5f7f3f6ad43fad6fa381a0b924bd938702470b330fb90ba73d557c0d203d55edaed6e3a01aeb53b061dad57713ab27e1a9e0d06b534a65d85beb061bb5258bbb38179ea612a6f402affb8ca018ebf0d6f61d44d5a657c080c7d2dbc9b08c07713b17b0f173ada59b57abb401212f4f1fa026491b48d08cf46a704ab43e46de8ea596d68658523b61a156278b3b77bd1f4491381bfd874ed72b00675fd5b4b7c0ec13c6837434ba8e22230d32e7bb1287e488e14f5c5602cd4ca88012b244c7f23f4897e27027aa862ca139bc8b5fe14be7554832ab02e4ba19699a1e66825d94c7c44451062819a38d3376f0a3716b210c7adf4bfbbc303058aa2e054b3bd53539764f177b11b05451705550f90196997de3d1d480e500cd9d234078cb1a09c63d8911381d327402702c2765fe92b8ba3a0189b2b11b7460996c36eaae3ecb4f4e63bfafd7953ff086dfc0b12e616bbdca4707631467b830d244bd3f4371744bc8a4baac728a397818875d1b6a4a2f0d10be607122a6fe813f52e4456b8a5eb6c9ee0cf889f777a03cc26a055f9f259cfc4f8552b568a4b371260af062619dfb215ecfe7b318f8d627d2777bd5103d6ca2948d19d5812112962b63c2bf3d090ff19185dbc5ad49a580451de717c0baa288cd96669babe88a8b1ab6d0936c4c407878786695f46f59ef06c5c2166b661542c598b6e0551d490946182841184a7a0e669c6ccd73a342f65c4525dc7522dccab15fa72bd07588b5bca71635b9466ca72a504c74cca1c573e8d40d83d1b5c5326481ff8a2055a2e0fb997fe8e4787deaa2a8a57afe74a971e7f1f280895f2fc9d99c41416adef7b70ec47e7a12d0ca3c0ab1dba3c2d65bb172fde1fcd7f97692d3d8c9657e3277ce95947d59bf37dde3f35f7a5d76575f5c14caf7f0926c0896995a5f42efd0d38c42de202bea5b5db39bf697f9a96b54aefec723db523893186634763e7399bfa8029c2708dc817984528601c77a1d78bd4b2c85f10f5ca9363badcdab51a1b315cafa5c2ef64f60395f53efb9d60d89e1b2a5f147508c90d2b09476eee3cb9b5957669a77cd2c522909480dea9be3406d1779ffe4539f2e03efb5f8c2d040f0ea776ff869a36862246294d0ced556a129ef78327617052dc1ef5cfb4e5986ba2f0e063b90e1657d8977b58827a3c4e3d556eb3cf0540685f7c9eda461aa2ecc539fec3d2d56be99a518f11752f2be2f670c5fbe8010ac4eae0ede31c1a48f747ff2eac9fc069d3700a40bf5fcda80a3a4f5fa920f117a72de6da51195d2d7f0cc92ff7835bce2ba6b564832f582df56b24cf30c8297a826a4bbfe0afeb1da3e986b3d0a95509e0037d212a70178ecb246061e067238ea9238e4c4a9a7c6fc5dcba290970f50c52598423336c523f2de7580d059fb53934cb0beb208585e897fafeba30853e54badefa197478fe6b9f26ed0d33babb53acee7b7221d8e0cad7a6bd0d9383ced6391bf88ca7aa50c75c136075e87b92445f02fbbc92f7cb65fe2bbe0bf0c9fc2577da63a56f1efbeb276c1f4d01da6f6f7a842212d96dd45edcd2aee7f2c553ace15eb9336bb1804ec252998c5c8b25033894b05c01ce7c77b73ec0e239478c67d5378fe5a53fe6269025d54006e9bb1cbd09b81a39615517c609f3d74e377888f641587121f0f097b48d8be85800295ebab9407978a9cd379966577cb6e1f5261e4305696a2cdd50d8cb1964d3ae18ec730d40f9c782533efba47db8378c6aa15ce85985e211fff2659729599802a7b585cbef3a2762595f67e2054a0fb4457b146e7a656abb2c4b2387d760f7e5b8b7864132317d5ba29a662f50af8dc182d2fbe216db8e997ac856bc59855ca48999699cd6c5576cc47bf8a8c30638c7e08847e5083aa82068940409461d1065c2b53292d3ab145d5bb590bcd278e48ebd34920b18a2e1731c1855ae5a3ed637ff568d205a08cf98c58f5d79c99912e6c1ab257ece0d68ef13d69a56364419aac7df43f43d5faa9ad851c9810648f9050012e55475109ca3ada3452b78a7964377e0d862e022c73ca3ed6cee8c5fbb2d7c12f91c4851fea7c5b02e0a3c5364b7fcca110f20f8858465c498d7e9c6049417fc5c7d4e0059852a6d794af426e938a401cf43b2ba9f4f3f6f0f2eb710ecf3c0c36c4b3072597f805eca9cb14602292ec7d5601e6b1555c8d024aa4bb81a4cff98cb03725cb184ea7dbed6814106a1402bf68a2e51660af930a500d5530651a0dbf2fdc01a31a99be25350b5c8a5fe01155343d028c03e09009ef2c386a24eba8d842cac581402c8faec7dca1623afe25a230d8d4a8bd23df3cf12abedc2a50e387285acf1b3105011a2bdefb204a53b20be213b50f5244511f25852271e05c03fb9a799ac7ea675ffbde8de181368748a9707674e7e70f28a75e4036b6cf9e0693f91a65be4478b6630067ad8dae030a4b7b9784a206b2f7cfeeefc65aae11fc20190f4d6387bab05fa6e17f0bfbfb0c4f604878771aeace0676d12325e61b19a5317c4d4bb9fe6f3fc8b171f1116528b7cbcc4a91c26a729b512196828075f4d0aeac98887e2a6a19b4e1f1f66233962961c0d49df14c3e6123c9ec8dd7152ad045000107365fd5ed7ce6a6d65ae0736a7e227f77c9b0903d4589ac58ceb691583cdb93ae3fc792c886663cb7c5b0640deb66e29b3c69d2f1a3d1d47d7b672ee3c49e90bd406aa84a0189808924c4e67c5495b045e779c58ca65b42889f52d7315c66be3716dc8592b4875629cd0cb02c29d42bdf9ca5c16bc9051c2a6c09d0695bfba58c19a995838c022e9936c407d8999aa65e4a9d6d8eff99f8dcfac9b561375b6d1293441b9d32533161062c053c63ef09f6100cd748700a710f5bfc2a6297b15242b1f41e21bd004b885d6429a0d334a8c115f7d53d278dad24c9d295b97c50eb340d1e6d523f1757e2014c1605c3bd35f0cfdb74f79850423a37e2f95dfe41c56df09724d21065377f1818311f0c70aaf6fb2d4fc8d9eef576136617371d85481770ce9c390859eacfebba34e75a238ce80bcccadd6c42e8e186be3c15451131fbe9e345c05ab8e23f917d269686a9b5f06dd474f95757b9e5a3328416595539cbdfa69efa9702e5a268b1a70c6e5ff2c118a6e574bfecf17b1576e4f20fee566b0b2b5388476a68562991ac01412fa463b0f9e586ad4bde59e91a4b303268b5d8644cb7996cfbba422facd59875ed6ac057e563412255c412be0928a0b6fdb6f35d7008b5d5528ca796a4a69bd90b993a52da9c7d62f4b71a2763f822bb39f3ed39cc5ad5a4d51b5c27d31d105000f3f1e705ed5c42067106f3fe6d30151021bcab7f3a1ad9175b3d3644325aa676b9e057bf9d9aa3348b1d9b31bd639c59bb63f46a6c18794ae006db3b1ee20368160a82e26aee5a9fdc6b44df8be294f3ac0a1275e57ebf5e384b141ce89dd51aaf2248274468894645ba54bc4e6b9788b1eb5043c1f0dffe2e13c6179d0238d8cd037b6fe3e484445ab458fa09e4e8010d3288aa6e6cdbfba4b62c7984d058da8993d5de1df75a1ce8e3bd5875709fd2ede4cd5843e7102ed4031ed096a0c6e3ae9d522ad95ef4af83599507dd32fe3325819cdd7718c9797e921e6e365175e1dd53991edcd2baf27df8b1670d01967e97b3e3e75d297f908deedf2e3b91bd61973e8aa75a5a6f9db11525dd35556bbd13873602a320af74677832f93bd01f1e0631c882c8ab254a26b73a60a6c90cf9b96bd576e05b9befbce882c5d29198451bd15acaa894a5276ea9d870f49a33ee9d2429ef35a905b281deb75be54fa0c9e47be5876d7dce01986f2d0e7ae6df9b87a0ba6cfa55cec0c65dd386db5adc427eac18a00c9aded475417add4ebb8880ef3dd218a9ec3e6e13456f8de1630774e918fe5288dbaec3dd2a74698ec9e28ad573761b9e78af3d5c7a61e3eefc1a54c25bb841529b3fc9137836a2e7eff5ffae8e44f0257160da51ec0b3d144b92f1f43d2782513705baf5930903602d40cb4de87feca7243d2248a78a5d684e303ae147acc96e0b755eea77092b5f6efa723afc8a4240c75529dfe1c2fb75aa42d67e6b6c9a44c575738725815a9af1ced5", 0x2000, &(0x7f0000000340)={&(0x7f0000000180)={0x50, 0x0, 0x0, {0x7, 0x28, 0x0, 0x5040a, 0x7fff}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000002080)="6d797d42fb74562ec642068eb410c60f8cdc42cf09864b1dd1d244ec3ecfb9103306a02bd120cd2c684eee7cd734914ad7ec2bdd4402eeab7a2972f1672f126c4b5f6c5ff748548170bdf1020c2c3d09186940feb185436981cd578c3a2bdc19c16209468100cc1d67247885420cbc0ea004f07283bc4a5cf8499ad5ef4df93b2fa2eb26895ed9260cc61afbc766adadf7809b3a8f76d9f835acae2dac8abc42896374a6a82a8894552441bd0202daa10048b49d3bc74bba1e5258ab8ac5169facb96d9f68705a7709f6d9a66a9988c13d13a2b8b34d9f234e1c5fae79e4cb76ff3102184ed9032d2402087dcb3eff6bfac7bc4d2fdc9ea25f5289d52ed75ffcd83a2781eb4a23fdd078d1e53495305e3ed5bb4e060e89d6eb2b13586f7f5df32e34390d70f074b4f92c4624312698d86578f3d951021db151806fc314c98d819604d8d9572efc7dd71c0d1a9176ffbd48361908e927e03caa4c1ccc805fe755e616d983442660299e9dd34e5612eff964a45d613a832a0ef8e4410fcdb0313712795b369c08f907c91a4f20e5c18ff903e0ee410d77bc076f49debfd6e411104cace38e0318023527d1c54cec66790638c9ee70c29de0406b3483ca1663245edcda56dc9612e93f40f19cbde5cabb8816d7b75a266e404a8e5364d43c08cf5cc645b533c4b6fe349819c5374fac7a923a7a803ab138c873aee3718921043a60a0ce84df8b991dfa525f0955acbc866182f2409d032981ad824f037ef068501f955898c4500049f0b30014832e3b668f5873305ebd1e094f244caa90610be83a5f674decf451a82d9edca6664da89cad8dc212943828570fb365b41993f89c6d36c579157c4055a77eb1dad1dc466e743129e5e3098f4432fbe289111e102223ff04d02e8108b0925ce76118445efa09233e579f398ab373303c0bb64ff82ddb597040e58a61f82cc5614beaec13ed297a8daa9514468283037e5d0077c9803b69421070718fba4865e4b9c6d7d272c562cc4dd998e16fe288dac68b0bdf05eb2a02fd40b900944d10a94f2b3be9b6c6dc628044aa9eaf34e0474771c10bef03f6af2029643acc1e97efa0748cfca63aa9546bbfa6d7533c4dab0b931ac35b331aef91a80d5ea08ba35cf66e1779298d3338114c12f024970d12af8d67f9b165c15a8b7e37c14c2d512dca76cf6077e2011bb47cc993f3088027b2d53daca574e8b443fddf5c252788854be8aec357db43f2147f23061641d2910a4a503a3a9ca86b3656d37d443e5e4207bb38b6e8879bf3de21309eb90113ccaa75e1d1e0900efc17aecd35078b8f3d579d2d4fb576127278290d6a9ea379e22dcc4ad369d3405311efbc74702020d6cdb31267c2e4dfc6a34bf39c9db32da7f387760909843fbd02e9e291e838fcd8faac4c9ad909cc19440bb775070496ef69250f4cf90372c0f1835dacd4d605a69334d73b1228cce41fe3c6457a37531bbab6d8b15a8214ff3002d29016932de969f05ed64b720ad249b8164ea82fde08303277e7d5f0d3e86bd6021024bdb1d24afe3ae28cece041943db60034fa11c3b6ec7b09c117b086fa4016e68e46678a7c5e91c40d2866295247276109a8778b043b51ffe3ec33dbb665806cf6ca41e7143885b6ca920fd8caf475ddcc698a09d368c721f048efe9e0d372d9cc58deba32f81e7e7f6d53209050d72545bbf04356ea95c9bcec3b8b87f56963111c5454b30a12b8479afc26361a7e00a66c03aae8ebc3348ac2e9b0f52453a32efa9b8ec038e671122dc2965d3b7395051974088f4aa47a76327a0dffce6db0a2cd65e2da5539fd7673911d5605cadf30d85563a60afd58767b6adc549173818de01b0de192894a76bc4e62d8c9e341729e6ef37574cf63c27674081202b8ab9cb9d92d346b1c2dadb253532c1674b2440504f8430c0a2ae5829b016af877831ecce9b13743e821436a6c1c46a1176922dbf2721d9722edf72817f8d15fa5c7ecad046df91bb57b8d16244527c855a40403ddf1757c31361c8bec9b5701b5c10a1e96547fa2c93e03f264a366a96666e24d7f908f6fa4c3f26722961e70adfc4ccd413c2c05adeda400de500babfb80a4e4ae5e9e04444c55f006337c0a98c33f04ae0a6620a1acbc26b5c7d125c30ca542c64604a109c6022029da452a717b219456cca6bc9959f088a5f2360c390b531baf92ae2429a2d0b6c7a20c137a3a0050ae2216b871c03c56410d28472d1035bb870f94589b93ceb57a504bba5acb7a6f77699fc10ea96d8e8fb913ca78c0af33a8435344b71531207344d78ac349894aab972c1b471d52b266bbe4313ef2ba71e7a4680ff442a358699c1e18322dfd50c55b637b6e6d5f02fa61b0e8ae4ef7cbb6359f70028a6b60fe901b2ad97a62b5d527efaf5ebe23fccd80d80e02eabb1be14d40faac8a56b4785fe47c8ff4ac4ad7fcef2134b1ec599074dd45d2b7a5c45845787e0490d9d7db95b58b18f14ae6ccc39623ba0fdf64c8d027f1e7652cc90e82732d4292f4ab0f959a44ff906484fcf83e222088345541ba2b1c50b63711d8adb63c8556452c142de8a06f4b28a86f629cc1dc713dcddcfebc8b1420a603fb970ddaedfc82250637327beb5c0ad04947477bc9aec0914cd78cbf5060e4ef7806b3443c85dbe79b8e87807b1a8d141583998c412d89c23dca4aa16af321dead51a12a73be98bd8ebb4d58b3ccd2d67ec936f2596afff2ba4166015aa4cc6c433acf33df30e3d40a0d6468944a07d1f9eba1bb9eb03dbfb42ba790dc1e7f66ad1834fad94440bffe3879509120b6a5cd1890281bf0f4c2d1be00fbe6b2d09ebdf594110f2bda035262d4830dbe64aa3152612df991a6fe1d035e0b301cf527d74140c85ad79acc001fd2ddb3f283c21e8d253c6c4685584f753e01aae2dee4158c68e2e612f056eb602ad8199d84784e05b363292956247d1fd8e4201330d6060d66e10e316143015908554e5325550d61b8af87a92237edd75cf687919ed0164de95042cbcfe96b9102fe3b71f43bbb1fc24d9d2d0d81dad29ac18cce353ca7c4a7c32e12e451654addc5dc6a44d001c40913eaaf14dacab7037a68e9875ae51321d1852820794206fcc1cdd51443d5e3fcd1dc4dbf728d1ed8dc29437db0154c2f59d1d0d0b0048cb56ad965682afeda337b172cf6a77be36ab8424b919e493628846bbf485d5fefd73228e40295fa2070027f6f2ed565024b82d1058a1be0d0c364b765f2a58f382e378692d1ca4fc7f09f867ed4684dd82dd4c76e0e640f5f87d1c6c2fafdb733f1cef6572cb5e104ae9c94d26c81cbc9a5fd8fbe61ddbdc683b7f4030132b932abf0d66afafc9a9d3121f0ed962a14294bf0ba7b1d33d7808efa427b5531cd881b5c87ec159bc9557009d9762010a497ad52b57283cde9715b48a3e35a22aec3730a0cb476a59f438684346ce0c14f22d5f1e5826d3f670e9ef60f6dd51a11fd32eed673b9d0a12d8eeb8046b96c51cfc54c21b2c48c4a89273963b8345b01159f53f6b6589333afd871875b930d7a4e2e1f5dfb44157ca004a739b0e98562c83b1d8414220f677f2882ef6ab1039fc5f132d7f55046d0c9545033624338e2ca6bdfcdd9d78306818c6214f524a7d036c80b5506f97fe383c1cae3c73dd2a0c628bff47d13dc7d9f88a3c1bb84ccbcb82fd881c6f5e9aa7516bec86fd6bee49f4db3bbf468922f1ef37c499b011e36173edc0ccb92d13dda668cf88bb99649e606fee23d3d3bc1fcbdfb40c7d4a4a60b89c63e65d02a283137561ccacd0c71cf70c6f039ebd1d29cd58571fa07d74187a7931d3d8b7db3062594b696b0e11a587724440bd77aa01fbe26a031a4c3f16ef3ba7f7544d01e8b7dd0b74f3025fe54cd01be16ee80ab0cd7c56671390f2e9bd62b212cf3ff58da7207846bacf85858130a89a2cb45da85b3ee574e8bb43c6642a3060b6f07228951aeab0fe4f4099b86bf07ec39262acca7319df3d5d057baa794234b89eccf36da5d32e4a5283386a0a271be30f75917ffd9f6d96eb8b50a7f6a0b861c5d12a624f3630a18e3bc94eb58bc835cef0a1b77952df6443cc12f221fb8460f4862f382abe13b409056644ec46fde96e1992e79ec0acdf3066f77bbcd6cf1a24d9b49ce84bd3bc58cd898da801d6b1ab12fd7cecc29894b98d616ccff855116a8985653ca88722dc00aed777dfe1839251be42716824dc0c40b6548319f613faffb2f1900a1f563724b0dcb7aa694110d268e945747d860d4bcaba7837342e3d7f207547ba8c093e8d2a1a5e3e098d19343de5fa773642cfb1a2e49f98df7e13254787cc35b2d689db16e551917c0db1034b175d1f4647c35c4cfe8a871cc7983b052050be9d24ed6e6f70d9d4b7cdebc9ba7a761b8c5f2207761a6fe9db5d4ac975dbe398ae05ed180f028037f2d9684dd3b28135e150db8a8adc6c34d0cca2cb95e6babf8702f26062d0ff0f88fc915caee5597a006e211c61f6fa4ca685e79655af85cb3489f94cd9836af4b80cd20ed23ed8f3f4107814407715b471354c5274595963b00482f3723ca88f4eee346c78bd29d65899163d848c9844991e976ff817120a13ce40aab11632b6fdd9d00acb82a5ac7769a0a7ed5d30ae077bf393f5de5b12114e4d1a32c7297bc5e14b673c78cc675b097d56f7a35c3206b1584996972153e2446465492528e0565718252139e1cf500f05a0ca529d58f5b91fa9bb2822c21248a7a8a92d0a7be5f4d249087176c7c23e27d72bd232fca3f7b36970daf2ccd64be4a798a6c30a068fbae324b4c158715949b37c3942f0eee35b90d2fe9d322420917532f6dceaf8633f4f9618f099ece4186e1adc1323b827c984ba54c887b462e169867c2e063fb60b7906434ef362200559e4d02413667dde0c6111750995824c316305f2ddfa3035ee09fdbc28c7f3c095f5a4382ce033746394a37b4d8a61ae8c7270d3863df7382a4786d7bed9543538166dfd01d122a384a7a3de7958c0272a35856f175fa29ee100d2a0f3a6dacbbe8702cf7e8d307ac0cc7921539a371a1c2e7f834db5a903069c07ff562fee851ac9cc3f2f045146db26b13401258733c67d820d06aa068b789300ac90481f84725311544e9a2363f2ce502c02c100bb41e18a103c79bd2bf14f6b52290fa60d978c284f927829b5027ae0ea842efb3450a8ddcabf0eaff6a6a8300de389e78cee73bd8de9a2809e346ff6c79dceca4277eee4b0dae1a3e1740f306044d6e67a5783e665f9637a8f8154f9ebecf95f48146c750826fccebbb1bef247666a710cd71dcf3ac3aa9d0bcbd4c4ad432bba642366e4a3b12981901358ee1d7babbb7e10737cbd8a1c159d8dd9dd521c48d2911ebb8162b51ea32185c37097c299c0e477914b49d04cabf5033a5a3660f829ce4dfb2f821e6cb19ce37df64f79eca0649ea8c6b41c6c5d08fb1dae021314609946310c833d08d46c026ddc5dbb7ac62f1123be2004729daa8156ee12bdde9529c7498c8d1a3fd59aa07b9ab7870c4e57b2f54dcc26edd206b28870cf346d741b46bcb508a5f9805ed63c6cb03a9334abfea33626b0681e59b1cecb02202c3190260b8e2963ee84d9a6b5e6be99cbf6a17e4a11e154c2a50d625ef1fd4690cb8e030e46e07c891e6db43626525d464302c44dbf65f71a485f9ea05c347b870bf63fddeaaa2336d9eca1d4c56e8a2734287f0f8a185bd8e3165a681175d1ee9d24f48c9182fd40179ea3d128c0b43c4e2c85eeefa4c932fcaf9297488a3d44e602477d94193410728a0ef0f6730e64b8cfb3e2235c6241d1252196f943d9eb9b2ce70f8c5cf21394875081f56ceb6749a8bfa43e0e545fbc6903b63c55b67ba1e064a682d58fb7117eab5407d1c998aa53a0ca190b0a4aaaa657299cee41be166a7622789b81cff0e892ba87c6ff22f29ed512ebe40cf7306b7597607de5c1c6fb2980a03cc0c6f396ecc27b6b5a3fb0a3f3375fccc397527797f6d1e98f9a873882f85a4e5b11eea65cddb12b0cec9e531a3b5de958963e20d8a520aa71588aa3ab92186e64a710ef07debe3fce6313ea69fd5bd45ca3d50e5c98ac632d5479bc0763b05509ffca67158ad8665cb858e4a8eae29ae667cfa8e39dbd15ca03846298faf7169187feae6e84deaee4ae51cd2016a867b3d11c4e6ec3ae39aeb8c8ec36a885e475f3e1e47e1fa464ef9569aba053cd066907a112612de411a5be0868543116f32d0781323c744dfeef87601981afe063122bac14b9059a68d9f356e85ec04c2767cbe79e245d7916daf222b5134ce684f7dec8fc0630cc9aeb5fbc38dfd19628ece15342c941e52be8abf0d82ed7b0b4bf5e6184edcae53949ef5987fd7fc479fc9921f2f332ae68f5dde23a3dd0b4713c3d18913edd9ce59870f7d50fdf33f3d2e8e5045d35555b4db5f48946e1b8d8d682f0c2bdd2d0de6bfff349e5e826cfb2d18d7bb43347362f13f5e80619451527bf0d3cc617881ef718466bf2efcb5f1404c573df09e00a5c0d1648b04860ee20d9e79d4ebac94a35e0a4919b1ab0db9e9dbdce1324223850e2e137ebb0c0e1cd690a3c5c9f8576538cba5e3831e6ba56809644e389ee984df3ea8e4743d5d03619b713c984fe8b43c589b78715b9147384b5bb15af8898cd82b31aca722cbe7938f119251d9142f2661f09b49f99d8988c66198dfb9db7f225086bed1deffa78995a56f905a7ab978a9c557ea1ad306bc0cd1cd8e5acaec1e4430a42068adec4a73f891c8010f0271c38685ca66c36313d15ab5bb6948c089b1fccf7fbb340eb03446a9bcda34b2d14a11e09f71e799fda19dd85293e2b0e2ca3e68145b4ea5705592562962cc6c0b65c88d06067903716656a0a7742850b956b609740c913f54225ae18ffb46162d6a0c1dac8b6c59541c8ef6bfcfa87ad59cb0e8ef6ef1d7f739c0a56cf975f9cca9ee89bac15cae197d02fc72505d23ebc6153491adccd22262979d2909fb8abd25683894e5a776824b81598a833e339a582b9ce3f8d7ce59fc3147eb3e92751867ee9c3506692b25b2d7f38d97280e85c01bf6d71a602d039aec747620d33660a9d5c9cf4010d01f9cb86db4704872307942df56f04cf6c17e57612635e769218cc91da9e2de29aac4563d695a6ebe249c14ba5332b54150a291bec28417febc4c3efae9e14a0323e561dbc80e98bf71deccff5babbcdc8015ef7a86a52781a67a4915645cfb18379084c58110f1294b2e08a6994d1a3dd4fb79437a75cdb05f36a7b3fdb449c0cea5682d37e5b0217676ff7a383a19d48860476b23ccb66779093b0f6b5b6a1ff0cef503dadf5b67382b2a501d0c13d89eec496374f43fcfa751864330479e0d1f7aa0883c2aafbb5c21b06cbea3c8b515fb1f6d061e269c3de372dc48f0b1c0a935de648a0fc4a1a32ce6aaa8432240bbc977a0ece5fd60d92ba49f1443bfc83668e8251260a5b275098e4a072d44726b91d850bd9c2485cacbf2b33be73785421c2fb259b0c1c0955339713f75ca72b9bc56a7167d8a942015385eb4f1bc3e07b23a71779d043a4f420b0fd9e889d398c955f13542c811683636b71a2fb178e951e37ed5519146c5d61e697d1148458c2f224dc6911363edd1b4d30c5cb12d0e2fb035adc33656615c05266f32c2faf5144e24086c97816c87569feb1fd41775263999ff057d9832b872506aba01db7482251f65a74c66cc01b83056970f843ef58df0d89c44f9265d5bfb50c287f330795b30848341dd26683e5df82bfc1cd1a3f2df3dae99fc38edcc614b39c8a8fa6ada4b5dff08914a92b6a16b05f13bbdbdc5e9f14a08e827ee5f364ce115e12bce05122f0dea62d8dd41222fafa3c6bdecea63d3fbd0bfdef667d6ac12b6918273631bf0ec25da2783f06f77a9a0ef2490afe43f3e8b0f553c0c1078141ec0d8f426b1924bd464e4240cda50e9b8a97050360a617eb4f88baa158da8672572f641b20ab3bcbab3d38ff3c84c5c3bf309e26c8ba735503700028c0806c29e02d0a0ed73b9c5c2f2a39f57ee08b935e6e056f01733a12b08603987b14aa7fc542c65a0c03e278723127bced6ac65d2386cf847a73057d19795d5a7517e71d5e480b7380866a64da32fcd1158af9a82559898a7931535a4b75326e2769711ff857d180f16acf316130574fd37bdb658b877f06db42ab96641bc75e3d4ad7fdd9028072139dd3019b03aad32907debef345bcc57423ddfc94683884a00c5f864b8c2dd5af081fa970da251d3afc65dd360c661d8ee2ab58dc9060e2d98b39ae95bb89c319cc93c9e653bf9db205338dc5528c11a391137fe496d726f1407945b243a49a1f3a786047fc47d5e5074e0ec678f26f30cba747d50070c00323d16cff4b06089830931ca704d386140f9c201a5b50a116410be001135aeaf30d7918ccdaf35482659fbb2933e97f1a2e0fc20e6a610e37511d06d4cf931e54ce8f5ab5f688e460e3943bbbe6949a8b4ae309ee31330ece6cb9dfcae0035f3808b7295776ae7bdafffadb6113faac5cd966c2875abb7b20f1b298b48cb78c467f1be92cd3a9d0fd35b7720334274a53a6cbd041b85b6f8f9d622293f0e95a8835204de1faeb7fcdcc57fbdf0afc2e6422bc114355cb5bc979f1bf6d0fb6eb31ee98e06cdcaa1ac36ed3246d85cbdaf999da5d6a7187e8622e6d224c5549a2f2802691a08242ed44a47fc9ad627af949ec3ab5b191025ac75ee7746e2762b530a622a716edbf341e4f9e04fa5d3f77c78dcde06f3845f45c8c1954120ac5949da541882d99adbbca4b0e422e4364289ff1a903bfd1ee63faaa40ef43d3e54249909066e1727591a9632cc8440dcedf931a823e9b542d51aee43897bbbc1f652ae774c326e8400a3a6ab8d90a04e5724fb39c05875ce5afff0502bb6164bc65c107593c155da4b77f136a34c9ec39a4e70cdc4f7fec68245402b2c0fb508eac623ab41a184d3bebe5e9f24c6590c1fee571ed55a76b8554b12116a36101691397d532b46924e6ccb688ab52ffc44f8a670d542477ebd3756d6ef5373024d3f915c187a35feaf39b76453ff835f73862bad13f19e76d47c70122911431e5f71b05a9728631df66b162e708584e83349db1a68368a37cfb4e16c9987a956b3018f2f12c639bf90b5fb0f0560fa7c19887a9d12316dab9bb515cddbae2e9056a556919476b47546c0dae631a88eb8bb9da49879f56efd3d1b65d50bb01c8b4ddc20374877189915cc5824200dfac8f422364b7178f2e7799665b464ac9ec54ffd87fc8dc68e08ab178059ec02bff4ae3c683d0c96796765bdc188c1a4ef46cfa9e6376678245f8d0c907e83e6eb78ffb19e75534925b5b5bfa489fb9cd2c68f00a079c9b34dc45e76044bbfc87c75bbdc5ed0ea7ca0f249007be79116fefa74085f982f670f821ccd0bb14e1086b677f379fd1a1c96bbb4a7338e867d3f91f41b0a7eb2f1104c2ed1593691e601f2e045b3db1cac5dc0d3b302b54967558057e767c4a96f0355d97beace9fe05f0513629b2dd4e86e523d16d7e2e129264e1749b07c062d3a92d96fff5cc976855540eb441a3cef8fc59bf236c85e778b04e30fa807c3ea634af17f005fb55b55f082ca54fc154e6b9df95b951ab9612da7223efc8b63f4528dc3353a15988790d507d9fda18dc8c4adefebc12567e040fd49d2d571437bada1c08054f45545e5cb33c8db8e5b4f2d6735a7fad407fea2ac6e516016c186b7a9b5586650178b3c201eb4fcda3a22291c1f5d66557675dfc73b17edd463abd17a3ec0f1b28adeb4c294c3792c5d2665d504610d37de5dc68fa03e16243ebca169797205d2b24cd64cb1e37328530d68c9a279e36aa0c7f718831ac30607633eab2c9e1b8d6b78649a78fd573d07f0edc18d2f52da2213e2ad44a4bfb3a80ae71d8cf57a2ae2658999d542f7c46da5a30f0f4a82296d0c95e4c6f046db42a00d8631b120a64ee260bf4dbf29103d4e2233fed2ec9ae65fb109f212f967c34e0efb52f56a9a7ab4de472f9cdb0fbcd19fed42d80216c4c717e77a5e6a9118423e0a6dc9d2f3cef598fb9bed6b4e66b279ebbc265560a471d132a854ff230673e843338dcb1ae202c797cfa59dd18eb46e313f1b0dcafdb6518c1da6b08aa1c92bd433a0b65358356a8d03a454f96add1237380049b2567a24836b7bfbdfa58186f2e295e0911dcad6c5413fb36a6e637156291efc016e8513664d515d3ddba1d2c63fa6c5a3331c3cb2f5e2eaad83a75588aca785ada46973d8a2d89686a416720a8f98e1a1eaa8c95aa0bea1dad03ec69bc4bf8300a821f67db4e0c1aab57ef1d1e06880130f6ffe76297acc62879f60e03933666a0da462b7a6b584d28041a3fbafe9a08b7a4664c46b8d40ce4f31a14b122ad74cc4a003f591e019e23cf764795d4235cc8d491c58d3be78a781a708d9fda492306a5afa7c0a43f52f39cafc6a6abc850bbbfa6254fdfd5115727210e19ec8a8857c10a9e9d5cb3001c6e04132667a30a6528e8b59661b483e5365761ac0f5c61e339833b35fd8159875177ed2b78df49ef83b45584c4609562ed2e8bb9add69e88fc0774517a15575f0250d26ae8f6f138daba5311b492c986005bef123a6fc3c1912e378cae2b64e58542293489d5a0f8b582b089c1b05f3ad0aec776b9dcfc0feb1386a98b7e2e09671a73f0eca92364d7f6da861280815b71e48934bc3d321da07878290ec81d3c5c64b8d7f55c1d2e2713edbb5fef28bc36d02302b01c4c29e5df4a9692b41e8d9364e2e408c55b9b14d3ad93889a48787df0673c3df6ba3d9222ee348199aba478e2d398b1e4ae012ca19473b3454327e5bfefb3c56576b6a6c035466f7641464806e63d7086223395a58d886b0dbedd365ce840a6990f56d697605b7d0ac60809270e4e392e89413cc94cea1cb277c4aee023bf90ded9910c96eeead4c6a10ca17151c4966f84bea565746eab573e4295e564d41bc5a6cc9df38c3d7cbd4cd618bd9f292daf95472839fe71c1edc202b6b8b5b939250b089b0dc978397fbaa7533fcce0c4b2eed8ad47779aa4b21504307c7d15e0bcb01bb60e5bafabe66e4b689e4873a1067063e17ba7d647a9a047b1b4ef7350402653b564ae1b34b8597a2357891c90ca2af6b68b794680a0511279fd213eec48dfddba7cbeeb9f9335a0679b1e6db44f27b12d898575d157c2159a86f676df18858857582bffdc006d4732257ade5dde2d1b2cf316fe2a7c5b44505cc808eae5427c43d50e9b99f9317e437df2bc640351e3e8ac249c42f782d07886b6d8875c253ee0e489f1196fa604747586df87e18a893721e6cecfe61dd82daf9b3e4f1eb745c93402c121bb639c56b91bdc77262acfa55389ede1f092733d8a69ae759f82ceda537ffbf32b65138aa3e43e8883048eccf0929de8dee297c5eee97ac7633beae01198e1b00c11276502e7660cd1f59ac619200042656c6e9757b082d374c80182290845f1bc8f2589eaf96948f148ebe675ee7fdb83e32a18eade32f99cca160a4d3504c4bea9c82cfdfe1dd80fbda7c484f2c17c20eea", 0x2000, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x78, 0x0, 0x0, {0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4009, 0x7, 0x0, 0x0, 0x0, 0xe}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
creat(&(0x7f0000000180)='./file0/file0\x00', 0x15f)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1b, 0x61, 0xe3, 0x8, 0x16d0, 0x10a9, 0x3052, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x7f, 0x88}}]}}]}}, 0x0)
r3 = syz_usb_connect$printer(0x4, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0xff, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xb5, 0xc0, 0x0, [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x7, 0x1, 0x1, 0xef, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0x9, 0x84, 0x5}}, [{{0x9, 0x5, 0x82, 0x2, 0x40, 0x9, 0x2}}]}}}]}}]}}, &(0x7f0000000140)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x110, 0x0, 0x3, 0xdd, 0x0, 0x5}, 0x30, &(0x7f00000000c0)={0x5, 0xf, 0x30, 0x2, [@ssp_cap={0x24, 0x10, 0xa, 0x90, 0x6, 0x1b, 0xf000, 0x8, [0xcf, 0xc0f0, 0x3f, 0xc000, 0xf, 0x3f]}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x8, 0x3, 0x8}]}, 0x1, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x400a}}]})
syz_usb_disconnect(r3)

8.984451491s ago: executing program 0 (id=5741):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000002c0)={0x2, @pix={0x0, 0xff, 0x32314742, 0x2, 0x6, 0x6, 0x9, 0x9, 0x1, 0x6, 0x0, 0x7}}) (fail_nth: 4)

8.495482507s ago: executing program 4 (id=5743):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
prctl$PR_SET_TIMERSLACK(0x1d, 0x7f)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$VIDIOC_ENUMSTD(0xffffffffffffffff, 0xc0485619, &(0x7f0000000040)={0x6, 0x1700, "778d8ce72aa8f35457c8617739b4948e07180be64604d3a5", {0x9, 0x8}, 0x2})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGPGRP(r6, 0x8904, &(0x7f0000000000))
r7 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r7, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000003c0)={'syztnl2\x00', 0x0})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x1, 0x9, 0x8, 0x0, 0x3}, 0x0)
r8 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r8, &(0x7f0000000580)={0x237, 0x7d, 0x2, {{0x500, 0xf6, 0x0, 0x5000000, {0x96346fe8a85d2583, 0x0, 0x8}, 0x41400000, 0x0, 0xe5e0, 0x5, 0x1b, '\x04nodev{evoo~\x05E\xc6\x00\x05\b\x007\xd9:\x8b\x92\x00\x00\x00', 0x33, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0x37, '\xcf\xc3m\a\xc5\x00\xf0L\xd8_*p\xf5\xe9\x93\x0e^\x98\x9c\xd5\xefMQ\xf6\r\xa7X,J\x05\xc8\xf8(\xf6\x8d\xc1wM]\xe2\xe8 \x86#\x81\xf6hm\xd1\xbb\x8f\xd7\x00\x00\x00', 0x3e, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c<;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0w\xdct\x00\x00\x00\x00\x00\x00\x00\x00\a\xec!\xca\xbf\xf2\x0f\x9c\x00\x89\xf9\x06\x00\x00\x00\x00\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x13r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x237)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=@newlink={0x44, 0x10, 0x801, 0x0, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0x0, 0x42004}, [@IFLA_XDP={0x1c, 0x2b, 0x0, 0x1, [@IFLA_XDP_EXPECTED_FD={0x8}, @IFLA_XDP_FLAGS={0x8, 0x3, 0x19}, @IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x44}}, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRESDEC=r1, @ANYBLOB="110c2dbd7000fedbdf256800000008000300", @ANYRES32=r2, @ANYRESOCT=r2], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
socket$nl_generic(0x10, 0x3, 0x10)

8.377650059s ago: executing program 0 (id=5744):
syz_usb_connect(0x2, 0x47, &(0x7f0000000000)=ANY=[], 0x0)

7.068000243s ago: executing program 1 (id=5745):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = getpid()
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r1, &(0x7f00000047c0)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000040)={0x18, 0x7a, 0x601, 0x0, 0x0, "", [@typed={0x7, 0x0, 0x0, 0x0, @str='\x00\x80\x00'}]}, 0x18}, {&(0x7f0000000240)={0x10, 0x3f, 0x20, 0x70bd29, 0x25dfdbfc, "", [@generic, @generic]}, 0x10}], 0x2}, 0x400000000000000)
r2 = syz_pidfd_open(r0, 0x0)
ioctl$VIDIOC_QBUF(r2, 0xc058ff0b, &(0x7f0000000200)=@fd={0x0, 0x5, 0xffffffffffffff4b, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x4, 0x0, "801dee00"}, 0x4, 0x2, {}, 0x4020800})

6.957023967s ago: executing program 1 (id=5746):
r0 = socket(0xa, 0x3, 0xff)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3f}}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000106d049cc20000000000010902"], 0x0)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x478)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0x8)
shmget$private(0x0, 0x400000, 0x800, &(0x7f000000e000/0x400000)=nil)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
r3 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0d00000003f01f00810000007f00000001000000", @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x50)
lseek(0xffffffffffffffff, 0x81, 0x1)
getdents64(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000003c0)=[0x0]})
setsockopt$sock_int(r3, 0x1, 0x4b, &(0x7f0000000040)=0xfd87, 0x4)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{}, 0x2c, {'rootmode', 0x3d, 0x8000}})
r4 = syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc1105511, &(0x7f00000000c0)={{0xc, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x0, 0x100, 0x7ffc, 0x0, 0x9, 0x100000000, 0x0, 0x4, 0x8, 0x0, 0x0, 0x7f, 0x3cb7, 0x0, 0x8000000, 0x0, 0x8, 0x0, 0x0, 0x1, 0x0, 0x14, 0x0, 0x3, 0x100000000, 0xffffffffffffffff, 0x0, 0x1, 0x4, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0xfffffffe, 0x0, 0x6, 0xfffffdfffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402, 0xb4e, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xd87, 0x2, 0x40, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0xdf9cd8e, 0x8000000, 0x6, 0x2, 0x0, 0x0, 0x0, 0xbb, 0x200000, 0x9, 0x0, 0xfffffffe, 0x9, 0x7ffffffd, 0x0, 0x0, 0xffffffffffff2328, 0x2, 0x3, 0xdcdb, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8, 0x4, 0x426, 0x0, 0xb, 0x1, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800]})

6.809007163s ago: executing program 4 (id=5747):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={0x0, &(0x7f0000000140)=[<r1=>0x0], &(0x7f0000000180)=[<r2=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r1, r2], 0x2})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000440)={&(0x7f0000000240)=[r1, r2], 0x2}) (fail_nth: 3)

6.249710899s ago: executing program 4 (id=5748):
r0 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x8, @empty}, 0x1c)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r1, r1, 0x0, 0x200000)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket(0x10, 0x803, 0x0)
fgetxattr(r4, &(0x7f00000000c0)=@random={'security.', '\x00'}, 0x0, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000100)={0x3c, 0x0, '\x00', [@padn={0x1, 0x1, [0x0]}]}, 0x10)
setsockopt$inet6_int(r3, 0x29, 0x7, &(0x7f0000000000)=0x9, 0x4)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_MIN_SECURITY_LEVEL(r5, 0x110, 0x4, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, &(0x7f00000001c0)={0x77359400})
unshare(0x4020400)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000003000000a00300000d"], 0x50)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_features={{0xb, 0xb}, {0xfa, 0xc9, "26da5500dd4835e5"}}}, 0xe)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0xffffffffffffffff, 0x0, &(0x7f0000000200), &(0x7f0000000280), 0x17fc, r6}, 0x38)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = openat$drirender128(0xffffff9c, &(0x7f0000000200), 0x50f140, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000280)=@o_path={&(0x7f0000000180)='./file0\x00', r2, 0x4000, r8}, 0x14)
sendmsg$netlink(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)=ANY=[@ANYBLOB="180000005e0001000000", @ANYRES32, @ANYBLOB], 0x18}], 0x1}, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f00000000c0)={0x2000, 0x113000})
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'veth1_vlan\x00'})

5.750683655s ago: executing program 4 (id=5749):
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r4 = socket(0x10, 0x3, 0x0)
sendto$inet6(r4, &(0x7f0000000100)="c10e000018001f06b9409b0dffff110d0207be040205060506100a044300040018000000fac8388827a685a168d9a44604094565360c648dcaaf6c26c291214549932fde4a460c89b6ec0cff3959547f509058ba86c902fc3a10004a320c0400160009000a00000000000000000000080756ede4ccbe5880", 0xec1, 0x0, 0x0, 0x9e5e111c47e3504f)
getsockopt$inet6_int(r3, 0x29, 0x50, 0x0, &(0x7f0000000000))
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
add_key$user(0x0, 0x0, &(0x7f0000000280), 0x0, 0xfffffffffffffffd)
add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r5, 0x11, 0x67, &(0x7f00000000c0)=0xd, 0x4)
setsockopt$inet6_udp_int(r5, 0x11, 0x65, &(0x7f0000000040)=0x84, 0x4)
sendmmsg$inet6(r5, &(0x7f0000003e40)=[{{&(0x7f0000000200)={0xa, 0x4e22, 0x10000, @loopback, 0xd}, 0x1c, 0x0}}], 0x1, 0x2000c824)
sendmmsg$inet6(r5, &(0x7f0000004680)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4044854)
syz_emit_ethernet(0x32, &(0x7f0000000040)=ANY=[], 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5218)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, 0x0, 0x262)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000001)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad6000", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x4008840)
r7 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r7, 0xc2c45512, &(0x7f0000000340)={{0x3, 0x0, 0x2, 0x40000000, 'syz0\x00'}, 0x0, [0xfffffffd, 0xffffffff, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1fe, 0x0, 0x0, 0x0, 0xffffffff, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0xffffffc7, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x1, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x409, 0x0, 0x8, 0x5, 0x80000001, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x1f64a802, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20020000, 0x0, 0x80000000, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]})
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)

5.611125954s ago: executing program 3 (id=5750):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="38001d0000010102000000000000000002000000240101802e00018008000100e000000108000300e00000010c0002800500010013746cab00000000"], 0x38}, 0x1, 0x0, 0x0, 0x8040}, 0x0)
syz_emit_ethernet(0x1ee, &(0x7f0000000500)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd6000021001b83a00fe8000000000000000000000000000bbff0200000000000000000000000000010400907800000000608bb91d00001100fe8000000000000000000000000000aa0000000000000000000000000000000000000000000000055a8bfe9f747ac168519ee26c00002f000000000000050200000103000000009da17e9ab13f6e142b20582c8d220c698a74dbf13dfc0ad1f526dfc43313759300929090dd4792ce67ea9f8769d3246f94412c56e0247939ed4b318e4b6066b72d91d9aff97fcf30977dfd4028dea535a8e9d1682c4794d255d62089716f2f97577f9bef264da3cfd3e5511fb253122f61808a73cc2e760f93ceb68a0db2613cf0956b23235f057c2f980a19266a6bb4a33a17f550a571c5b4211c6fa37105020000008c65fd1a52737fa1ec91495f4d25a766a5dd36bcffb376f4b35d4a5bc51b0f8fb9a273282a9c8ef192a4de26c8732765dbeb6ce083e81cebf0612d1cc7956b78fb34ce0e4a867c8b4094bab04b23680ba97ad5c624055e8504a7a121cf38a402a7aa80e05dbe56fecab8b014420231c0e997cbfda9bdc7f29e3a8b13dcfc396cf6ff1fcd8a7f43a107871fdd7e00338b168e4b48529453d91cea424030c8b200632af95e7c30322241dd567db14507f8b523b418a0edc41397a2f639f9f6c3b379fe000100c20400000000"], 0x0)
r1 = openat$nvram(0xffffff9c, &(0x7f00000002c0), 0x80, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_SET_NODE_ADDR(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x201, 0x400000, 0x1, {{}, {}, {0x8, 0x11, 0x4}}}, 0x24}}, 0x18)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000240)=@req={0x6, 0x400007, 0x7ff, 0x7}, 0x10)
r4 = syz_usb_connect(0x6, 0x3f, &(0x7f0000000400)=ANY=[@ANYRESDEC=r0, @ANYRES8=r3, @ANYRES32=r1, @ANYBLOB="33c1004e93de2b0e6ffd9edee96c1af279fd90e84521fe77cb5f9d2eb9d80a3272b7390dc6597ece537c6a5fd4376e1d0a8c9824bb306ad027491f0de7c816a59bc18791837e52887becc008d8dd1ae64dd57b462e79fbd401f09251245889d1524e57d50e25acf3a3c02592ea89374aad59ecea235c6146efb121f1be26a3dfa1b714b49d37fd0319f9788f", @ANYRES16, @ANYRESDEC=r2, @ANYRES16=r2, @ANYRES8=r3], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r5, 0x40015b19, &(0x7f0000000040))
sendmmsg(0xffffffffffffffff, &(0x7f0000003240), 0x4000000000000e4, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e24, @local}, 0x10)
r7 = syz_open_dev$usbmon(&(0x7f0000000000), 0xffffffff, 0x420102)
socket$packet(0x11, 0x3, 0x300)
setrlimit(0xf, &(0x7f0000000000))
timer_create(0x3, 0x0, &(0x7f0000000300))
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
unshare(0x40000000)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xc, 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(r7, 0xc00c9207, &(0x7f0000000080)={&(0x7f0000000200)=[0x0], 0x1, 0x2})
setsockopt$inet6_mtu(0xffffffffffffffff, 0x29, 0x17, 0x0, 0x0)

5.393105235s ago: executing program 5 (id=5751):
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6(0x10, 0x80000, 0x3)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000280), 0x5, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="5800000002060108000034e40000000001000000050001000600000005000400000000000900020073797a3100000000050005000200000011000300686173683a6e65742c6e6574050014000d00"/88], 0x58}, 0x1, 0x0, 0x0, 0x20000000}, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f00000001c0)=@userptr={0xb, 0x0, 0x4, 0x800, 0x9, {}, {0x2, 0xc3a360ab3b82f309, 0x9, 0x8, 0x5, 0x7, "1540043c"}, 0x1, 0x2, {&(0x7f0000000140)}, 0x8})
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x4, 0xffffffff, 0xfffffff8, 0xfffffffc}, 0x10)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x48010)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, 0x0)
r5 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
syz_open_dev$amidi(&(0x7f00000002c0), 0x7ff00000, 0x1210c0)
pread64(r2, &(0x7f0000000840)=""/240, 0xf0, 0x289)
ioctl$KVM_SET_PIT(r5, 0x8048ae66, &(0x7f0000000380)={[{0x1000, 0x5, 0x8, 0x5, 0x1, 0xce, 0x4, 0xd1, 0x84, 0x8, 0x5, 0x9, 0xfffffffffffffffd}, {0x5, 0x1c0, 0x80, 0xfb, 0x40, 0x6, 0x4, 0x9, 0x8, 0x19, 0x2, 0xfe, 0x8}, {0x40000007, 0x5ee, 0xfa, 0x8, 0x3, 0x3, 0xf7, 0x0, 0xfc, 0x9, 0xf8, 0x5, 0x7}], 0x2})
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000009000500000a5c000000180a0500000000000000000002000000300003707a01524d6c03801400010077673200000000000000000000000000140001006d6163766c616e3000000000000000000900020073797a30000000000900010073797a300000000014000000110001072ed53d6cf05b7f4891dc5fc09ed4e3cc369da6dcbc88c843bd38fcb746ff1677364b1ff01adb3aecfe754927d4b6c1f323bdd6b331dfd7d2c9a0fbee77303b463ee8d41cd23e"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x200, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x10}}}]}, 0x38}}, 0x0)

5.061452533s ago: executing program 0 (id=5752):
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6(0x10, 0x80000, 0x3)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000280), 0x5, 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="5800000002060108000034e40000000001000000050001000600000005000400000000000900020073797a3100000000050005000200000011000300686173683a6e65742c6e6574050014000d00"/88], 0x58}, 0x1, 0x0, 0x0, 0x20000000}, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f00000001c0)=@userptr={0xb, 0x0, 0x4, 0x800, 0x9, {}, {0x2, 0xc3a360ab3b82f309, 0x9, 0x8, 0x5, 0x7, "1540043c"}, 0x1, 0x2, {&(0x7f0000000140)}, 0x8})
r4 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x4, 0xffffffff, 0xfffffff8, 0xfffffffc}, 0x10)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x48010)
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000100)=0x1)
r5 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
syz_open_dev$amidi(&(0x7f00000002c0), 0x7ff00000, 0x1210c0)
pread64(r2, &(0x7f0000000840)=""/240, 0xf0, 0x289)
ioctl$KVM_SET_PIT(r5, 0x8048ae66, &(0x7f0000000380)={[{0x1000, 0x5, 0x8, 0x5, 0x1, 0xce, 0x4, 0xd1, 0x84, 0x8, 0x5, 0x9, 0xfffffffffffffffd}, {0x5, 0x1c0, 0x80, 0xfb, 0x40, 0x6, 0x4, 0x9, 0x8, 0x19, 0x2, 0xfe, 0x8}, {0x40000007, 0x5ee, 0xfa, 0x8, 0x3, 0x3, 0xf7, 0x0, 0xfc, 0x9, 0xf8, 0x5, 0x7}], 0x2})
r6 = socket$unix(0x1, 0x1, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000009000500000a5c000000180a0500000000000000000002000000300003707a01524d6c03801400010077673200000000000000000000000000140001006d6163766c616e3000000000000000000900020073797a30000000000900010073797a300000000014000000110001072ed53d6cf05b7f4891dc5fc09ed4e3cc369da6dcbc88c843bd38fcb746ff1677364b1ff01adb3aecfe754927d4b6c1f323bdd6b331dfd7d2c9a0fbee77303b463ee8d41cd23e"], 0x84}, 0x1, 0x0, 0x0, 0x24040089}, 0x20008000)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x200, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff3}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x10}}}]}, 0x38}}, 0x0)

5.059812956s ago: executing program 3 (id=5753):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x4c, 0x10, 0x403, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215}, [@IFLA_LINK={0x8}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_MTU={0x8, 0x4, 0xffef}]}, 0x4c}, 0x1, 0xba01}, 0x4000040)

4.40434369s ago: executing program 3 (id=5754):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_PARM(0xffffffffffffffff, 0xc0cc5616, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x10000018, 0x0, 0x8e2, 0x0, 0x0, 0xfffffffffffffffe, 0xffffffff, 0x4}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, 0x0, 0x0)
setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="0100000004001000ffff00000b00000001000000", @ANYRES32=0x1, @ANYBLOB="0000e659d2a577b6adb03e6df4860c36aea10000d39ef08c1732c0c95a837b6745c209e63c3b5d378de5072f13a9131aabf055f4d010bcc0f7de4252d10a4cca92ae345676ecdc44239adc1bc77a392d3ce0adf71d23ee5b38225bfb5cefe4a021f69cfa672c8bd78b45223d1fb8fc5c0765569011583b7ff526de2c8f4c98a15240eafa06e99054c8", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000200), 0x2, r3}, 0x38)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f000010010905"], 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1ac, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x8, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0x170, 0x2, [@TCA_BPF_POLICE={0x38, 0x2, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x549}, @TCA_POLICE_RESULT={0x8, 0x5, 0x1}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x2}, @TCA_POLICE_RATE64={0xc, 0x8, 0x9a2}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}]}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x120, 0x1, [@m_simple={0xe8, 0x1e, 0x0, 0x0, {{0xb}, {0xbc, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x7, 0x7, 0x8, 0x1, 0xeb}}, @TCA_DEF_DATA={0x3d, 0x3, '\x00\x94\xe4\xe2X\xce\xbar\x069\xf3\xff\x8d\x94\x1ao\xa1,\xa4\xc1\xcc\x1e\x9aS>\a\xd2R\x85\v\x80\xea\x1e\xc8W\xea\x99\xacos\x80\x1d\x8b\xd9`Ewb\xa5&iu@\xfd\x8c\xde\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x68f6, 0x6, 0x2, 0x8, 0x9}}, @TCA_DEF_PARMS={0x18, 0x2, {0xd62, 0x0, 0x20000000, 0x8000, 0x6607f5ed}}, @TCA_DEF_PARMS={0x18, 0x2, {0x0, 0x4a66, 0x4, 0x3, 0x9}}, @TCA_DEF_PARMS={0x18, 0x2, {0x10001, 0xbc7, 0x7}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_connmark={0x34, 0x15, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_BPF_FLAGS_GEN={0x8}]}}]}, 0x1ac}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r7 = socket(0x10, 0x803, 0x0)
sendto(r7, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r7, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x2, 0x10270000}]}}]}, 0x38}}, 0x0)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r8, 0x541b, 0x0)
r9 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x4a243)
close(r9)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000140)={'veth0_macvtap\x00', 0x200})
openat$ttyprintk(0xffffff9c, &(0x7f0000000040), 0x105000, 0x0)

4.40161994s ago: executing program 4 (id=5755):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendmsg$rds(0xffffffffffffffff, 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0x40086602, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x20, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x48}}, 0x0)
io_setup(0x7, &(0x7f0000000280)=<r4=>0x0)
r5 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x42, 0x0)
io_submit(r4, 0x1, &(0x7f0000000500)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, r5, &(0x7f00000001c0)='7', 0x1, 0x4}])
socket(0x10, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90124fc60", 0x14}], 0x1}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e6574"], 0x5c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c000300686173683a69700005000400000000000900020073797a31000000000c000780080008400000005d05000500020000000500010006"], 0x50}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

3.458855183s ago: executing program 1 (id=5756):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000180)='!', 0x1}, {&(0x7f00000001c0)="37a04d1b248994d0e0cc4e0bf3860e21c7bc5c1bab24bc8f014dcabdea3f98aeb828707e9f0d78fe8faff5799f7fddf55513d0546c29f1160c916c88f1e64ddf2f7ed388ac180f91ea61211f3e211e2735399703b6f811471ce444ffd91564756c12299c6f715e1f6c9479bc05f0b3ff456625403b69bddbe246ac7c13c3e058d3c8cb729870bd882255e68aeaa5cebe9e20c4443eff779aca536646c3a56c270ee7e1b3264aee27d53a7b3d08a736b778bd3a4bb659315f607a94045009774165532bce76301f2005199e3d10d0de1ef5532606158e976cb78caa373d9fea9cdc46fbdab41090c835510fa7e40efb", 0xef}, {&(0x7f00000000c0)="7f75b0da1e70453d6cb2bb420cacac315edacbfc5c3d5c68efeb7efc8af6711ba3a500f9be121a373ca9a16b3052f36cce00404a6a596d69ed7dcc145fb218b210b25f58b10cc5", 0x47}], 0x3}, 0x4044081)
ioctl$TUNGETVNETLE(r0, 0xc008744c, &(0x7f0000000180))
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="b00000002000090000007000fcdbdf250a20007f20000005000014002abe76657468315f746f5f626f6e6400000008000f0007000000540001000000000000000000000000000000000114000200fe800000000000000000020000000000000000000000000000000001140002000000000000000000000000000000000014000200fe8000000000000000000000000000aa14000200fe880000005d650000000000000000010000"], 0xb0}, 0x1, 0x0, 0x0, 0x810}, 0x4000000)

2.738803398s ago: executing program 1 (id=5757):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@ipv6_newrule={0x28, 0x21, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x3}, [@FIB_RULE_POLICY=@FRA_UID_RANGE={0xc}]}, 0x28}}, 0x20000014)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = shmget$private(0x0, 0x4000, 0x20, &(0x7f0000ffc000/0x4000)=nil)
shmat(r1, &(0x7f0000ffc000/0x3000)=nil, 0x4000)
r2 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f00000001c0)={0x10, 0x206, 0x6, 0xcc, <r3=>0x0}, &(0x7f0000000200)=0x10)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000440)={r3, 0x9d, "e4009ca18cff02dff66886ef401b15114eb20ad017270696ae61df4ccc5c79efda108edcee3a21e329d8430eb933b9e0390dcf8cea852d23697e37929bcecabb16e49c93fd98aad9799aa1fc1e43b071a4f43b305d854dee882cf7ecef0e96646c8c55cbc2e417a8510c847c738948b04a02261174230b0574d37663252979f72eb7c3da298eb65dd3202f9310714aed42f1e03a3033cd9a0c09ff2de0"}, &(0x7f0000000240)=0xa5)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_GET_BYNAME(r4, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200200}, 0xc, &(0x7f0000000140)={&(0x7f0000000600)={0x80, 0xe, 0x6, 0x101, 0x0, 0x0, {0x0, 0x0, 0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x80}, 0x1, 0x0, 0x0, 0x200440c0}, 0x40008000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r5 = userfaultfd(0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = socket$inet6_sctp(0xa, 0x5, 0x84)
r9 = syz_io_uring_setup(0x497, &(0x7f0000002180)={0x0, 0x787f, 0x100, 0x0, 0x1b0}, &(0x7f00000000c0)=<r10=>0x0, &(0x7f0000000280)=<r11=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r9, 0x16, &(0x7f0000000040)={&(0x7f0000001000)={[{0x0, 0x1f, 0x3}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r10, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r10, r11, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x2, r8, 0x0, 0x0, 0x0, 0x200, 0x1, {0x1}})
io_uring_enter(r9, 0x3516, 0x0, 0x0, 0x0, 0x0)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_COPY(r5, 0xc028aa03, &(0x7f0000000040)={&(0x7f00008d8000/0x5000)=nil, &(0x7f0000441000/0x4000)=nil, 0x5000})
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="0e0000000a0000ff03d9f50062dac6e350c9f0e1dfadb56ef6626f86891978ac52491f83594ddb2ea84a4fef864df606d42efe78d7f8f578117b452fecaf56940deffb224b2de18f5349da6aa70877c45115e207b45401deeceee28d6d1418da60ce7f0e076c0706008be6a64c883137dbc4ecdc4a442487ae72e87fb82641bdc017b5133f54829a76874cdf8b5919a16c54d646e035558f377c8701d458c2929546e2578e7bece4c97c26ec8b53094962287a8737b18bebe1598abc3e5f66dd082cd7aa7036653f18d5ffa5492b0bd498103c0638b3d951e06f097cf99a621f2d984cc203779957899f1e939fc92b095b108b7f95cd11d06773"], 0x109)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xc}}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}}, 0x28}}, 0x0)

2.248563764s ago: executing program 0 (id=5758):
socket$can_j1939(0x1d, 0x2, 0x7)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_STOP_P2P_DEVICE(r1, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x22200}, 0xc, &(0x7f0000000380)={&(0x7f00000005c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="20002bbd7000fedbdf255a0032800800030040549f41d3cd4a3428fae061935e58f971d80c41a3c6bee43b71f72930236cd4d20474e6b21392eafabcb2d773b36d938916cf84d52d1d03235971650d2ad8864442479a1ba80f60361df8f690081fc15bf1f6bf54466a95685bc7d00cae60049c3e08221018579993ff0e", @ANYRES32=r3, @ANYBLOB="0c009900fcffffff1b000000"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast1, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x2, 0x4, 0x0, 0x2, 0x0, 0x53b0}, {}, 0xfffffffe, 0x7, 0x1, 0x1}, {{@in=@multicast1, 0x0, 0x33}, 0x0, @in=@remote, 0x0, 0x3, 0x2, 0xb7, 0x0, 0x200000}}, 0xe4)
sendmsg$NL80211_CMD_LEAVE_IBSS(r1, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xa0300200}, 0xc, &(0x7f0000000240)={&(0x7f0000000680)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="080003005d13cd68e0ce1fd9f09ad831a0c8e84d1bec1de15dbe11319fdefa1e4cd64b09a5e4cd2610e45d4105b063fffd35d54967b900eb3c94d5100000000000000002a9fca847cec11d037bfe19e1b14c571796b2413b6ba9badede602b4b5592db4ff62f5bfec7abc97d50d5a7bb5ccb6f75f1117cf53cb82a39ea3f17967fefd3b18d3de17ac9aa2a1261f9355e7d6b73beb27063568ceca8f7709f0b2317e7f7f53a70b4cfedecef50844ef4d7e3b2ea74586ca43ee33055edb3e46aa2a2c1860372b5b0cd03f389c9b6239f8b0b720391753a9d7ad582cb70cb627f2761928e19ff6806a18cef6f290f1e029b2461093e58b42413cdbd361c3fa63f2646c67965c7b617ccfe47eaf847b51c95ab44e8a8d69c165a37783921b2d70259b9281644e572e36048", @ANYRES32=r3, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x94}, 0xc000)
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100004107f540f30c7593de1a000000010902240001000000000904000002bee4f900090503000000000000090504", @ANYRESDEC=0x0], 0x0)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="98030000", @ANYRES16=r2, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r3, @ANYBLOB="04008e00080057001b0a000004006c100500190107000000080026006c0900005603330080b0c000ffffffffffff080211000001"], 0x398}}, 0x0)
r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r4, 0xc004500a, &(0x7f0000000080)=0x80000003)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0xc, &(0x7f0000000480)=@assoc_value={<r6=>0x0}, &(0x7f0000000040)=0x8)
r7 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r7, &(0x7f00000017c0)=[{{&(0x7f0000000000)={0x2, 0x0, @rand_addr=0x64010100}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000180)="e1", 0x1}], 0x1}}, {{&(0x7f0000000080)={0x2, 0x0, @private=0xa010102}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000100)="a7", 0x1}], 0x1}}, {{&(0x7f0000000400)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000b40)=[{&(0x7f0000000500)="b5a813acb2d53b878fa9a16e", 0xc}], 0x1}}], 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x0, 0x2102, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r10 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000440)='/proc/sys/net/ipv4/tcp_syncookies\x00', 0x1, 0x0)
write$sysctl(r10, &(0x7f0000000580)='1\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000086d040ec20000000000010902"], 0x0)
write$sysctl(r10, &(0x7f0000000000)='2\x00', 0x2)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r7, 0x84, 0xa, &(0x7f0000000200)={0x2, 0xfff, 0x1, 0x2, 0x100, 0x80, 0x8000, 0x80000000, r6}, 0x20)
r11 = dup2(r4, r4)
read$FUSE(r11, &(0x7f00000063c0)={0x2020}, 0x20aa)
getdents64(r11, &(0x7f0000000400)=""/45, 0x2d)

1.957798686s ago: executing program 5 (id=5759):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x18)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f00000003c0)=0x5, 0x4)
sendmmsg(r0, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x2207, 0x4)

1.09847475s ago: executing program 5 (id=5760):
ioctl$BTRFS_IOC_QGROUP_ASSIGN(0xffffffffffffffff, 0x40189429, &(0x7f0000000080)={0x1, 0x100, 0xffffffffffffffff})
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0xfffffffffffff6ff, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x3da71, 0x51a23}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bond={{0x9}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x4}, @IFLA_BOND_AD_SELECT={0x5, 0x16, 0x1}, @IFLA_BOND_AD_LACP_RATE={0x5, 0x15, 0x1}]}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x1}, 0x20040040)

926.360613ms ago: executing program 4 (id=5761):
syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="b4000000000000006111500008000000060000000000000095"], 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="3c0000001000850619fbb7c75150926b00000000", @ANYRES32=r3, @ANYBLOB="fe000000000000001c0012000c000100626f6e64000000000c0002000800010004"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r6], 0x54}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200))
sendmsg$nl_route(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="200000001000250800170000000000000a000000", @ANYRES32=r9], 0x20}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="20000000110001002dbd7000fbdbdf256b000000", @ANYRES32=r6, @ANYBLOB="10800000a1020600"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

642.097963ms ago: executing program 5 (id=5762):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x4, 0x3, 0x0, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async, rerun: 64)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
ioctl$IOMMU_TEST_OP_MD_CHECK_REFS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x4, 0x0, 0x0, 0x64, &(0x7f0000000200)="acb316e361f7ddc7d548eb4e2e8bd2300298723f7c19e46782ca29e165b7eef211a79868914d4b838ccb99846cae95fa6574c62be78ee2e1b82889d99f0f42b3c83b48ca74bdfcfcfaef1915a7b1589f2c4ca30de5af8d60d21311626a24892a1c023a8a", 0x7}) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, 0x0, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) (async)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r7=>0x0], 0x0, 0x0, 0xfc5e, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r7, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000440)={r8, 0x0, 0x0, 0x0, 0x0, [<r9=>0x0]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f0000000080)={r9, 0x0, <r10=>0xffffffffffffffff}) (async)
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000280)={r8, 0x0, 0x0, 0x0, 0x0, [<r11=>0x0], [], [], [0x0, 0x3, 0x400000006]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000100)={r11})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r6, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r10}) (async, rerun: 32)
r12 = userfaultfd(0x80801) (rerun: 32)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) (async)
ioctl$UFFDIO_COPY(r12, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000d76000/0x3000)=nil, 0x800000}) (async)
ioctl$IOC_PR_REGISTER(0xffffffffffffffff, 0x401870c8, &(0x7f0000000080)={0x0, 0x3, 0x1})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000000000002100004000000000ff"]) (async, rerun: 64)
ioctl$FICLONE(r1, 0x40049409, r1) (async, rerun: 64)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
syz_clone3(&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x4e)

571.323775ms ago: executing program 3 (id=5763):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x18)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f00000003c0)=0x5, 0x4)
sendmmsg(r0, &(0x7f0000003e40), 0x3fffffffffffe3d, 0xf5)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x2207, 0x4)

405.350372ms ago: executing program 3 (id=5764):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r1=>0x0})
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020100000a0000000600000000000000030006000000000002000000ffffffff000000000000000003000500000000000a"], 0x50}}, 0x0)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x5)
setxattr$incfs_metadata(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380), 0x0, 0x0, 0x0)
removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='user.incfs.metadata\x00')
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, r1}, 0x18)
connect$can_j1939(r0, &(0x7f0000000140)={0x1d, r1, 0x0, {0x1, 0xff, 0xa8fe8ad4eea2351f}, 0x2}, 0x18)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
close_range(r4, r4, 0x0)
socket$rds(0x15, 0x5, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r7=>0x0})
r8 = landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r8, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r11 = getpgrp(0x0)
r12 = landlock_create_ruleset(&(0x7f0000000080)={0x220, 0x0, 0x1}, 0x18, 0x0)
landlock_restrict_self(r12, 0x0)
fcntl$setownex(r10, 0xf, &(0x7f0000000100)={0x2, r11})
r13 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r13, 0x8914, &(0x7f0000000000)={'macsec0\x00', 0x600})
ioctl$sock_inet_SIOCSIFFLAGS(r13, 0x8914, &(0x7f0000000240)={'macsec0\x00', 0x1})
sendmsg$unix(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="b5", 0x1}], 0x1}, 0x240408c1)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000200)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="1433010000000000140012800b00010062726964676500000400028008000a00", @ANYRES32=r7, @ANYBLOB], 0x3c}, 0x1, 0xba01}, 0x0)

193.621891ms ago: executing program 5 (id=5765):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond0\x00'})
sendmsg$nl_route(r0, 0x0, 0x4000040)

81.15962ms ago: executing program 1 (id=5766):
r0 = socket(0xa, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000080)=0x200, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0xc, @ipv4={'\x00', '\xff\xff', @empty}, 0x1}, 0x1c)

6.906423ms ago: executing program 5 (id=5767):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)={0x38, 0x1, 0x1, 0x201, 0x0, 0x0, {0xa}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0xe55}]}, @CTA_TUPLE_REPLY={0x18, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @private=0xa010101}}}]}]}, 0x38}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001340)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x65, 0x5, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x8}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}]}], {0x14}}, 0xc8}}, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000009593d1044062180b738010203010902120001000000000904"], 0x0)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @rand_addr=0x64010102}, 0x10)

0s ago: executing program 1 (id=5768):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$VIDIOC_S_PARM(0xffffffffffffffff, 0xc0cc5616, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x10000018, 0x0, 0x8e2, 0x0, 0x0, 0xfffffffffffffffe, 0xffffffff, 0x4}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, 0x0, 0x0)
setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
r3 = socket$inet6(0xa, 0x3, 0x5)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000200), 0x2}, 0x38)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f000010010905"], 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1ac, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x8, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0x170, 0x2, [@TCA_BPF_POLICE={0x38, 0x2, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x549}, @TCA_POLICE_RESULT={0x8, 0x5, 0x1}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x2}, @TCA_POLICE_RATE64={0xc, 0x8, 0x9a2}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x3}]}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x120, 0x1, [@m_simple={0xe8, 0x1e, 0x0, 0x0, {{0xb}, {0xbc, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x7, 0x7, 0x8, 0x1, 0xeb}}, @TCA_DEF_DATA={0x3d, 0x3, '\x00\x94\xe4\xe2X\xce\xbar\x069\xf3\xff\x8d\x94\x1ao\xa1,\xa4\xc1\xcc\x1e\x9aS>\a\xd2R\x85\v\x80\xea\x1e\xc8W\xea\x99\xacos\x80\x1d\x8b\xd9`Ewb\xa5&iu@\xfd\x8c\xde\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x68f6, 0x6, 0x2, 0x8, 0x9}}, @TCA_DEF_PARMS={0x18, 0x2, {0xd62, 0x0, 0x20000000, 0x8000, 0x6607f5ed}}, @TCA_DEF_PARMS={0x18, 0x2, {0x0, 0x4a66, 0x4, 0x3, 0x9}}, @TCA_DEF_PARMS={0x18, 0x2, {0x10001, 0xbc7, 0x7}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_connmark={0x34, 0x15, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_BPF_FLAGS_GEN={0x8}]}}]}, 0x1ac}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r7 = socket(0x10, 0x803, 0x0)
sendto(r7, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r7, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_MAX_RATE={0x8, 0x2, 0x10270000}]}}]}, 0x38}}, 0x0)
r8 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r8, 0x541b, 0x0)
r9 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x4a243)
close(r9)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000140)={'veth0_macvtap\x00', 0x200})
openat$ttyprintk(0xffffff9c, &(0x7f0000000040), 0x105000, 0x0)

kernel console output (not intermixed with test programs):

usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 2058.130599][T18149] FAULT_INJECTION: forcing a failure.
[ 2058.130599][T18149] name failslab, interval 1, probability 0, space 0, times 0
[ 2058.172372][T17774] usb 5-1: USB disconnect, device number 60
[ 2058.241663][T23524] usb 2-1: Using ep0 maxpacket: 16
[ 2058.299102][T18149] CPU: 0 UID: 0 PID: 18149 Comm: syz.5.5376 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2058.299135][T18149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2058.299151][T18149] Call Trace:
[ 2058.299160][T18149]  <TASK>
[ 2058.299171][T18149]  dump_stack_lvl+0x189/0x250
[ 2058.299204][T18149]  ? __pfx____ratelimit+0x10/0x10
[ 2058.299235][T18149]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2058.299262][T18149]  ? __pfx__printk+0x10/0x10
[ 2058.299300][T18149]  ? rcu_is_watching+0x15/0xb0
[ 2058.299328][T18149]  should_fail_ex+0x414/0x560
[ 2058.299363][T18149]  should_failslab+0xa8/0x100
[ 2058.299399][T18149]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 2058.299428][T18149]  ? _sctp_make_chunk+0x14e/0x430
[ 2058.299464][T18149]  _sctp_make_chunk+0x14e/0x430
[ 2058.299500][T18149]  sctp_make_init+0x58b/0xd30
[ 2058.299541][T18149]  ? __pfx_sctp_make_init+0x10/0x10
[ 2058.299571][T18149]  ? arch_stack_walk+0xfc/0x150
[ 2058.299612][T18149]  ? stack_trace_save+0x9c/0xe0
[ 2058.299641][T18149]  sctp_sf_do_prm_asoc+0xd2/0x3f0
[ 2058.299669][T18149]  sctp_do_sm+0x1e7/0x5a20
[ 2058.299693][T18149]  ? __pfx_sctp_pname+0x10/0x10
[ 2058.299719][T18149]  ? kasan_save_track+0x3e/0x80
[ 2058.299747][T18149]  ? sctp_stream_init_ext+0x57/0x180
[ 2058.299770][T18149]  ? sctp_sendmsg_to_asoc+0x12fd/0x1810
[ 2058.299806][T18149]  ? sctp_sendmsg+0x1941/0x2810
[ 2058.299836][T18149]  ? __sock_sendmsg+0x19c/0x270
[ 2058.299861][T18149]  ? __sys_sendto+0x3bd/0x520
[ 2058.299892][T18149]  ? __do_fast_syscall_32+0xb6/0x2b0
[ 2058.299922][T18149]  ? do_fast_syscall_32+0x34/0x80
[ 2058.299952][T18149]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2058.299982][T18149]  ? __pfx_sctp_do_sm+0x10/0x10
[ 2058.300055][T18149]  ? __sk_mem_raise_allocated+0xaa9/0x1240
[ 2058.300091][T18149]  sctp_primitive_ASSOCIATE+0x95/0xc0
[ 2058.300131][T18149]  sctp_sendmsg_to_asoc+0x102d/0x1810
[ 2058.300161][T18149]  ? __asan_memcpy+0x40/0x70
[ 2058.300196][T18149]  ? sctp_assoc_add_peer+0xcfa/0x13b0
[ 2058.300233][T18149]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[ 2058.300267][T18149]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 2058.300303][T18149]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 2058.300337][T18149]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 2058.300369][T18149]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 2058.300404][T18149]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 2058.300430][T18149]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 2058.300463][T18149]  sctp_sendmsg+0x1941/0x2810
[ 2058.300509][T18149]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 2058.300547][T18149]  ? aa_sk_perm+0x81e/0x950
[ 2058.300585][T18149]  ? __pfx_aa_sk_perm+0x10/0x10
[ 2058.300620][T18149]  ? sock_rps_record_flow+0x19/0x410
[ 2058.300651][T18149]  ? inet_sendmsg+0x2f4/0x370
[ 2058.300676][T18149]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2058.300704][T18149]  __sock_sendmsg+0x19c/0x270
[ 2058.300735][T18149]  __sys_sendto+0x3bd/0x520
[ 2058.300772][T18149]  ? __pfx___sys_sendto+0x10/0x10
[ 2058.300802][T18149]  ? __mutex_unlock_slowpath+0x1a1/0x760
[ 2058.300848][T18149]  ? __fget_files+0x3a0/0x420
[ 2058.300895][T18149]  ? ksys_write+0x22a/0x250
[ 2058.300935][T18149]  __ia32_sys_sendto+0xdd/0x100
[ 2058.300972][T18149]  __do_fast_syscall_32+0xb6/0x2b0
[ 2058.301013][T18149]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2058.301048][T18149]  do_fast_syscall_32+0x34/0x80
[ 2058.301080][T18149]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2058.301107][T18149] RIP: 0023:0xf70ee539
[ 2058.301127][T18149] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2058.301147][T18149] RSP: 002b:00000000f54de55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 2058.301171][T18149] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080847fff
[ 2058.301187][T18149] RDX: 0000000000034000 RSI: 0000000000000000 RDI: 000000008005ffe4
[ 2058.301201][T18149] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[ 2058.301216][T18149] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2058.301237][T18149] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2058.301270][T18149]  </TASK>
[ 2058.926630][T23524] usb 2-1: config 0 has no interfaces?
[ 2058.980104][T23524] usb 2-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[ 2059.028026][T18162] sg_write: data in/out 32732/14 bytes for SCSI command 0x1-- guessing data in;
[ 2059.028026][T18162]    program syz.0.5378 not setting count and/or reply_len properly
[ 2059.074067][T23524] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2059.156817][T23524] usb 2-1: config 0 descriptor??
[ 2059.213779][T18157] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2059.370297][  T979] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[ 2059.395847][T18171] ptrace attach of "./syz-executor exec"[13999] was attempted by "./syz-executor exec"[18171]
[ 2059.413458][T18171] netlink: 'syz.5.5380': attribute type 2 has an invalid length.
[ 2060.232392][  T979] usb 5-1: config 0 has an invalid interface number: 120 but max is 0
[ 2060.241033][  T979] usb 5-1: config 0 has no interface number 0
[ 2060.247549][  T979] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 2060.267018][  T979] usb 5-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 2060.282431][  T979] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2060.299145][  T979] usb 5-1: config 0 descriptor??
[ 2060.379547][  T979] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.120/input/input108
[ 2060.529645][   T30] audit: type=1326 audit(1754773639.487:6527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5382" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2060.626263][   T30] audit: type=1326 audit(1754773639.487:6528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5382" exe="/root/syz-executor" sig=0 arch=40000003 syscall=45 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2060.716912][   T30] audit: type=1326 audit(1754773639.487:6529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5382" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2060.768730][   T30] audit: type=1326 audit(1754773639.487:6530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5382" exe="/root/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2060.997665][   T30] audit: type=1326 audit(1754773639.527:6531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5382" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2061.029649][T17778] usb 2-1: USB disconnect, device number 14
[ 2061.076336][   T30] audit: type=1326 audit(1754773639.527:6532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5382" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2061.152778][   T30] audit: type=1326 audit(1754773639.527:6533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5382" exe="/root/syz-executor" sig=0 arch=40000003 syscall=294 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2061.193015][   T30] audit: type=1326 audit(1754773640.017:6534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5382" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2061.239563][   T30] audit: type=1326 audit(1754773640.017:6535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18174 comm="syz.0.5382" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2061.306221][T17778] usb 5-1: USB disconnect, device number 61
[ 2061.870529][T18200] binder: 18193:18200 ioctl c0306201 80000640 returned -22
[ 2062.416731][T18211] netlink: 'syz.3.5394': attribute type 10 has an invalid length.
[ 2062.428461][T18211] 8021q: adding VLAN 0 to HW filter on device team0
[ 2062.437938][T18211] bond0: (slave team0): Enslaving as an active interface with an up link
[ 2062.522894][T17775] usb 6-1: new high-speed USB device number 109 using dummy_hcd
[ 2062.709259][T17775] usb 6-1: Using ep0 maxpacket: 32
[ 2062.718821][T17775] usb 6-1: config 8 has an invalid interface number: 35 but max is 0
[ 2062.887258][T17775] usb 6-1: config 8 has no interface number 0
[ 2062.935798][T17775] usb 6-1: config 8 interface 35 has no altsetting 0
[ 2063.190416][T17775] usb 6-1: New USB device found, idVendor=0979, idProduct=0270, bcdDevice=83.3e
[ 2063.228226][T17775] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2063.259497][T17775] usb 6-1: Product: syz
[ 2063.272851][T17775] usb 6-1: Manufacturer: syz
[ 2063.290299][T17775] usb 6-1: SerialNumber: syz
[ 2063.527352][T17775] gspca_main: jeilinj-2.14.0 probing 0979:0270
[ 2063.550188][T17774] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 2063.563809][T17775] usb 6-1: USB disconnect, device number 109
[ 2063.752160][T17774] usb 5-1: config 0 has an invalid interface number: 120 but max is 0
[ 2063.761801][T17774] usb 5-1: config 0 has no interface number 0
[ 2063.772861][T17774] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 2063.831949][T17774] usb 5-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 2063.870831][T17774] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2063.931319][T17774] usb 5-1: config 0 descriptor??
[ 2063.952142][T17774] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.120/input/input109
[ 2064.710613][T17774] usb 6-1: new high-speed USB device number 110 using dummy_hcd
[ 2064.730832][T23524] usb 5-1: USB disconnect, device number 62
[ 2064.941765][T17774] usb 6-1: config 0 has an invalid interface number: 252 but max is 0
[ 2065.235389][T18254] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5407'.
[ 2065.898069][T18253] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2066.249801][T18259] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5408'.
[ 2066.630113][T17774] usb 6-1: config 0 has no interface number 0
[ 2066.636439][T17774] usb 6-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=78.f8
[ 2066.646882][T17774] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2066.655261][T18258] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2066.724186][T17774] usb 6-1: config 0 descriptor??
[ 2067.020148][T17774] usb 6-1: string descriptor 0 read error: -71
[ 2067.033005][T17774] radio-usb-si4713 6-1:0.252: Si4713 development board discovered: (10C4:8244)
[ 2067.247456][T17774] radio-usb-si4713 6-1:0.252: probe with driver radio-usb-si4713 failed with error -71
[ 2067.286692][T17774] usbhid 6-1:0.252: couldn't find an input interrupt endpoint
[ 2067.312376][T17774] usb 6-1: USB disconnect, device number 110
[ 2067.510579][T18275] sg_write: data in/out 32732/14 bytes for SCSI command 0x1-- guessing data in;
[ 2067.510579][T18275]    program syz.1.5410 not setting count and/or reply_len properly
[ 2067.868057][T18280] netlink: 292 bytes leftover after parsing attributes in process `syz.5.5413'.
[ 2067.870201][T17774] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 2068.112559][T17774] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2068.253760][T17774] usb 5-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2068.372821][T17774] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2068.441010][T17774] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2068.511338][T18291] netlink: 212 bytes leftover after parsing attributes in process `syz.5.5415'.
[ 2068.531856][T17774] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2068.624254][T18291] netlink: 33 bytes leftover after parsing attributes in process `syz.5.5415'.
[ 2068.751366][T17774] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -2
[ 2068.775990][T14588] udevd[14588]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2069.264920][T18305] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5418'.
[ 2069.777128][T18321] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5422'.
[ 2069.940859][T18320] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2070.232798][T18326] netlink: 'syz.3.5424': attribute type 10 has an invalid length.
[ 2070.519860][T18327] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5424'.
[ 2070.536369][T18272] delete_channel: no stack
[ 2070.541435][T17774] usb 5-1: USB disconnect, device number 63
[ 2071.135196][T18335] sg_write: data in/out 32732/14 bytes for SCSI command 0x1-- guessing data in;
[ 2071.135196][T18335]    program syz.4.5425 not setting count and/or reply_len properly
[ 2071.864094][   T30] audit: type=1400 audit(1754773650.817:6536): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=18338 comm="syz.4.5426"
[ 2072.407058][T18352] netlink: 212 bytes leftover after parsing attributes in process `syz.3.5428'.
[ 2072.465777][T18354] netlink: 33 bytes leftover after parsing attributes in process `syz.3.5428'.
[ 2072.820130][T18359] netlink: 'syz.3.5433': attribute type 12 has an invalid length.
[ 2072.820149][   T30] audit: type=1400 audit(1754773651.777:6537): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=18358 comm="syz.3.5433"
[ 2072.856312][T18359] netlink: 132 bytes leftover after parsing attributes in process `syz.3.5433'.
[ 2073.075848][T18363] input: syz0 as /devices/virtual/input/input110
[ 2073.347518][T18369] binder: 18364:18369 ioctl c0306201 80000640 returned -22
[ 2073.869380][T18373] fuse: Bad value for 'fd'
[ 2074.288830][T18379] netlink: 8 bytes leftover after parsing attributes in process `syz.3.5439'.
[ 2074.589751][T18386] program syz.3.5442 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2074.727334][T17776] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 2074.809624][    C1] sd 0:0:1:0: [sda] tag#3604 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s
[ 2074.820217][    C1] sd 0:0:1:0: [sda] tag#3604 CDB: Write(6) 0a 00 00 00 00 00
[ 2074.912549][T17776] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2074.926353][T17776] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2074.989203][T17776] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 2075.000892][T17776] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 2075.010780][T17776] usb 2-1: Product: syz
[ 2075.031022][T17776] usb 2-1: Manufacturer: syz
[ 2075.036149][T17776] usb 2-1: SerialNumber: syz
[ 2075.096027][T17776] usb 2-1: config 0 descriptor??
[ 2075.233194][T18391] netlink: 212 bytes leftover after parsing attributes in process `syz.3.5443'.
[ 2075.251182][T18391] netlink: 33 bytes leftover after parsing attributes in process `syz.3.5443'.
[ 2075.566773][   T30] audit: type=1326 audit(1754773654.517:6538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18394 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2076.039512][   T30] audit: type=1326 audit(1754773654.517:6539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18394 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2076.352289][   T30] audit: type=1326 audit(1754773654.527:6540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18394 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=384 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2076.460190][   T30] audit: type=1326 audit(1754773654.527:6541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18394 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2076.593573][   T30] audit: type=1326 audit(1754773654.527:6542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18394 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2076.697228][   T30] audit: type=1326 audit(1754773654.527:6543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18394 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2076.756180][   T30] audit: type=1326 audit(1754773654.527:6544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18394 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2076.817784][   T30] audit: type=1326 audit(1754773654.527:6545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18394 comm="syz.0.5444" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3539 code=0x7ffc0000
[ 2077.288311][  T979] usb 2-1: USB disconnect, device number 15
[ 2077.564844][T18428] random: crng reseeded on system resumption
[ 2078.047497][T18439] netlink: 212 bytes leftover after parsing attributes in process `syz.3.5457'.
[ 2078.067508][T18435] netlink: 33 bytes leftover after parsing attributes in process `syz.3.5457'.
[ 2078.210286][T17776] usb 6-1: new high-speed USB device number 111 using dummy_hcd
[ 2078.372131][T17776] usb 6-1: config 0 has an invalid interface number: 120 but max is 0
[ 2078.383390][T17776] usb 6-1: config 0 has no interface number 0
[ 2078.389539][T17776] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 2078.633303][T17776] usb 6-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 2078.673023][T17776] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2079.061552][T18447] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2079.178512][T17776] usb 6-1: config 0 descriptor??
[ 2079.192400][T17776] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.120/input/input111
[ 2080.500470][T12278] usb 6-1: USB disconnect, device number 111
[ 2080.627094][T18462] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5464'.
[ 2080.649910][T18464] netlink: 16 bytes leftover after parsing attributes in process `syz.3.5463'.
[ 2080.845788][T18462] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5464'.
[ 2081.960347][T18491] netlink: 'syz.1.5468': attribute type 10 has an invalid length.
[ 2082.410139][T17776] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[ 2082.840593][T17776] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2082.854152][T17776] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2082.883826][T17776] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 2082.895533][T17776] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 2082.925344][T17776] usb 5-1: Product: syz
[ 2082.941755][T17776] usb 5-1: Manufacturer: syz
[ 2082.953371][T17776] usb 5-1: SerialNumber: syz
[ 2082.992689][T17776] usb 5-1: config 0 descriptor??
[ 2084.550561][  T979] usb 5-1: USB disconnect, device number 64
[ 2085.012245][T18524] netlink: 76 bytes leftover after parsing attributes in process `syz.5.5477'.
[ 2085.020201][  T979] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[ 2085.039373][T18524] binder: 18523:18524 ioctl c0306201 80000540 returned -22
[ 2085.200212][  T979] usb 5-1: device descriptor read/64, error -71
[ 2085.420705][T23524] usb 6-1: new high-speed USB device number 112 using dummy_hcd
[ 2085.457548][T18537] netlink: 212 bytes leftover after parsing attributes in process `syz.3.5482'.
[ 2085.519505][T18537] netlink: 33 bytes leftover after parsing attributes in process `syz.3.5482'.
[ 2085.560503][  T979] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[ 2085.643164][T23524] usb 6-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[ 2085.680565][T23524] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2085.692206][T23524] usb 6-1: Product: syz
[ 2085.696947][T23524] usb 6-1: Manufacturer: syz
[ 2085.703343][T23524] usb 6-1: SerialNumber: syz
[ 2085.710756][T23524] usb 6-1: config 0 descriptor??
[ 2085.724604][  T979] usb 5-1: device descriptor read/64, error -71
[ 2085.761173][T23524] gspca_main: sonixb-2.14.0 probing 0c45:6005
[ 2085.866434][  T979] usb usb5-port1: attempt power cycle
[ 2085.942371][T18544] FAULT_INJECTION: forcing a failure.
[ 2085.942371][T18544] name failslab, interval 1, probability 0, space 0, times 0
[ 2085.955497][T18544] CPU: 1 UID: 0 PID: 18544 Comm: syz.3.5485 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2085.955527][T18544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2085.955540][T18544] Call Trace:
[ 2085.955549][T18544]  <TASK>
[ 2085.955558][T18544]  dump_stack_lvl+0x189/0x250
[ 2085.955591][T18544]  ? __pfx____ratelimit+0x10/0x10
[ 2085.955623][T18544]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2085.955648][T18544]  ? __pfx__printk+0x10/0x10
[ 2085.955679][T18544]  ? __pfx___might_resched+0x10/0x10
[ 2085.955699][T18544]  ? fs_reclaim_acquire+0x7d/0x100
[ 2085.955735][T18544]  should_fail_ex+0x414/0x560
[ 2085.955767][T18544]  should_failslab+0xa8/0x100
[ 2085.955820][T18544]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 2085.955851][T18544]  ? __alloc_skb+0x112/0x2d0
[ 2085.955887][T18544]  __alloc_skb+0x112/0x2d0
[ 2085.955925][T18544]  alloc_skb_with_frags+0xca/0x890
[ 2085.955964][T18544]  sock_alloc_send_pskb+0x857/0x990
[ 2085.955989][T18544]  ? __lock_acquire+0xab9/0xd20
[ 2085.956035][T18544]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 2085.956061][T18544]  ? __page_table_check_zero+0xba/0x530
[ 2085.956094][T18544]  ? __page_table_check_zero+0xba/0x530
[ 2085.956124][T18544]  ? __page_table_check_zero+0x406/0x530
[ 2085.956157][T18544]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[ 2085.956187][T18544]  unix_dgram_sendmsg+0x461/0x1850
[ 2085.956234][T18544]  ? __lock_acquire+0xab9/0xd20
[ 2085.956281][T18544]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[ 2085.956308][T18544]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[ 2085.956338][T18544]  ? __import_iovec+0x40e/0x7f0
[ 2085.956366][T18544]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2085.956390][T18544]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[ 2085.956420][T18544]  __sock_sendmsg+0x21c/0x270
[ 2085.956452][T18544]  ____sys_sendmsg+0x52d/0x830
[ 2085.956482][T18544]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2085.956524][T18544]  ___sys_sendmsg+0x21f/0x2a0
[ 2085.956549][T18544]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2085.956613][T18544]  ? __fget_files+0x2a/0x420
[ 2085.956646][T18544]  ? __fget_files+0x3a0/0x420
[ 2085.956700][T18544]  __sys_sendmmsg+0x28e/0x430
[ 2085.956729][T18544]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2085.956764][T18544]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2085.956817][T18544]  ? ksys_write+0x22a/0x250
[ 2085.956860][T18544]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 2085.956899][T18544]  __do_fast_syscall_32+0xb6/0x2b0
[ 2085.956933][T18544]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2085.956968][T18544]  do_fast_syscall_32+0x34/0x80
[ 2085.957000][T18544]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2085.957028][T18544] RIP: 0023:0xf705e539
[ 2085.957048][T18544] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2085.957069][T18544] RSP: 002b:00000000f542d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 2085.957093][T18544] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000280
[ 2085.957108][T18544] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000000
[ 2085.957122][T18544] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2085.957134][T18544] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2085.957147][T18544] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2085.957179][T18544]  </TASK>
[ 2086.382780][T23524] input: sonixb as /devices/platform/dummy_hcd.5/usb6/6-1/input/input112
[ 2086.507364][T18524] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2086.617445][T18524] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2086.704765][T17778] usb 6-1: USB disconnect, device number 112
[ 2086.760179][  T979] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[ 2086.811367][  T979] usb 5-1: device descriptor read/8, error -71
[ 2087.170126][  T979] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[ 2087.347462][  T979] usb 5-1: device descriptor read/8, error -71
[ 2087.474764][  T979] usb usb5-port1: unable to enumerate USB device
[ 2087.553967][T18552] futex_wake_op: syz.0.5486 tries to shift op by 32; fix this program
[ 2087.600176][T17778] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[ 2087.652490][T18558] netlink: 36 bytes leftover after parsing attributes in process `syz.4.5489'.
[ 2087.831606][T17778] usb 4-1: Using ep0 maxpacket: 8
[ 2087.863341][T17778] usb 4-1: config 2 has an invalid interface number: 31 but max is 0
[ 2087.873666][T17778] usb 4-1: config 2 has no interface number 0
[ 2087.881704][T17778] usb 4-1: config 2 interface 31 has no altsetting 0
[ 2087.961375][T17778] usb 4-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[ 2087.971951][T17778] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2088.049703][T17778] usb 4-1: Product: syz
[ 2088.187189][T17778] usb 4-1: Manufacturer: syz
[ 2088.290219][T12278] usb 6-1: new high-speed USB device number 113 using dummy_hcd
[ 2088.290249][T17778] usb 4-1: SerialNumber: syz
[ 2088.326523][T17778] ch9200 4-1:2.31: probe with driver ch9200 failed with error -22
[ 2088.331736][T18547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5486'.
[ 2088.361626][T18547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5486'.
[ 2088.470153][T17776] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 2088.610525][T18552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5486'.
[ 2088.652548][T12278] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2088.740489][T12278] usb 6-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2088.768343][T17776] usb 2-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[ 2088.788489][T12278] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2088.803030][T17776] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2088.820217][T17776] usb 2-1: Product: syz
[ 2088.828344][T12278] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2088.836891][T17776] usb 2-1: Manufacturer: syz
[ 2088.853501][T17776] usb 2-1: SerialNumber: syz
[ 2089.046708][T17776] usb 2-1: config 0 descriptor??
[ 2089.104303][T12278] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 2089.400499][T12278] usb 6-1: invalid MIDI out EP 0
[ 2089.785073][T12278] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2090.136090][T18582] FAULT_INJECTION: forcing a failure.
[ 2090.136090][T18582] name failslab, interval 1, probability 0, space 0, times 0
[ 2090.183287][T18582] CPU: 0 UID: 0 PID: 18582 Comm: syz.4.5496 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2090.183325][T18582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2090.183341][T18582] Call Trace:
[ 2090.183356][T18582]  <TASK>
[ 2090.183367][T18582]  dump_stack_lvl+0x189/0x250
[ 2090.183404][T18582]  ? __pfx____ratelimit+0x10/0x10
[ 2090.183438][T18582]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2090.183469][T18582]  ? __pfx__printk+0x10/0x10
[ 2090.183510][T18582]  ? __pfx___might_resched+0x10/0x10
[ 2090.183541][T18582]  should_fail_ex+0x414/0x560
[ 2090.183581][T18582]  should_failslab+0xa8/0x100
[ 2090.183620][T18582]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 2090.183656][T18582]  ? __alloc_skb+0x112/0x2d0
[ 2090.183699][T18582]  __alloc_skb+0x112/0x2d0
[ 2090.183741][T18582]  sctp_packet_transmit+0x2cc/0x2bb0
[ 2090.183772][T18582]  ? __sctp_packet_append_chunk+0x912/0xd00
[ 2090.183815][T18582]  ? sctp_packet_append_chunk+0x9b4/0xfe0
[ 2090.183867][T18582]  sctp_packet_singleton+0x233/0x330
[ 2090.183910][T18582]  ? __pfx_sctp_packet_singleton+0x10/0x10
[ 2090.183951][T18582]  ? sctp_outq_select_transport+0x462/0x570
[ 2090.183981][T18582]  ? sctp_transport_burst_limited+0x19c/0x280
[ 2090.184017][T18582]  sctp_outq_flush+0x4f0/0x3140
[ 2090.184044][T18582]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 2090.184086][T18582]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2090.184117][T18582]  ? rcu_is_watching+0x15/0xb0
[ 2090.184149][T18582]  ? __pfx_sctp_outq_flush+0x10/0x10
[ 2090.184185][T18582]  ? sctp_outq_tail+0x612/0x8c0
[ 2090.184212][T18582]  ? sctp_outq_uncork+0x4d/0xa0
[ 2090.184241][T18582]  sctp_do_sm+0x5332/0x5a20
[ 2090.184278][T18582]  ? sctp_stream_init_ext+0x57/0x180
[ 2090.184303][T18582]  ? sctp_sendmsg_to_asoc+0x12fd/0x1810
[ 2090.184338][T18582]  ? sctp_sendmsg+0x1941/0x2810
[ 2090.184371][T18582]  ? __sock_sendmsg+0x19c/0x270
[ 2090.184408][T18582]  ? __pfx_sctp_do_sm+0x10/0x10
[ 2090.184485][T18582]  ? __sk_mem_raise_allocated+0xaa9/0x1240
[ 2090.184527][T18582]  sctp_primitive_ASSOCIATE+0x95/0xc0
[ 2090.184571][T18582]  sctp_sendmsg_to_asoc+0x102d/0x1810
[ 2090.184606][T18582]  ? __asan_memcpy+0x40/0x70
[ 2090.184643][T18582]  ? sctp_assoc_add_peer+0xcfa/0x13b0
[ 2090.184684][T18582]  ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10
[ 2090.184722][T18582]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 2090.184764][T18582]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 2090.184802][T18582]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 2090.184839][T18582]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[ 2090.184887][T18582]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 2090.184917][T18582]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 2090.184954][T18582]  sctp_sendmsg+0x1941/0x2810
[ 2090.185006][T18582]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 2090.185047][T18582]  ? aa_sk_perm+0x81e/0x950
[ 2090.185090][T18582]  ? __pfx_aa_sk_perm+0x10/0x10
[ 2090.185130][T18582]  ? sock_rps_record_flow+0x19/0x410
[ 2090.185162][T18582]  ? inet_sendmsg+0x2f4/0x370
[ 2090.185190][T18582]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2090.185220][T18582]  __sock_sendmsg+0x19c/0x270
[ 2090.185257][T18582]  __sys_sendto+0x3bd/0x520
[ 2090.185298][T18582]  ? __pfx___sys_sendto+0x10/0x10
[ 2090.185332][T18582]  ? __mutex_unlock_slowpath+0x1a1/0x760
[ 2090.185385][T18582]  ? __fget_files+0x3a0/0x420
[ 2090.185433][T18582]  ? ksys_write+0x22a/0x250
[ 2090.185476][T18582]  __ia32_sys_sendto+0xdd/0x100
[ 2090.185516][T18582]  __do_fast_syscall_32+0xb6/0x2b0
[ 2090.185553][T18582]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2090.185592][T18582]  do_fast_syscall_32+0x34/0x80
[ 2090.185628][T18582]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2090.185658][T18582] RIP: 0023:0xf704e539
[ 2090.185680][T18582] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2090.185703][T18582] RSP: 002b:00000000f543e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 2090.185730][T18582] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080847fff
[ 2090.185747][T18582] RDX: 0000000000034000 RSI: 0000000000000000 RDI: 000000008005ffe4
[ 2090.185764][T18582] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[ 2090.185780][T18582] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2090.185795][T18582] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2090.185830][T18582]  </TASK>
[ 2090.836203][T17778] usb 4-1: USB disconnect, device number 50
[ 2090.847979][T17776] usb 2-1: f81604_read: reg: 100e failed: -EPROTO
[ 2090.878585][T17776] usb 2-1: f81604_read: reg: 200f failed: -EPROTO
[ 2090.892638][T17776] usb 2-1: USB disconnect, device number 16
[ 2090.918296][T17776] usb 2-1: f81604_read: reg: 100f failed: -ENODEV
[ 2090.968094][T17775] usb 6-1: USB disconnect, device number 113
[ 2091.005530][ T5528] usb 2-1: f81604_read: reg: 200f failed: -ENODEV
[ 2091.094451][T17776] usb 2-1: f81604_read: reg: 200f failed: -ENODEV
[ 2091.119332][   T30] kauditd_printk_skb: 24 callbacks suppressed
[ 2091.119352][   T30] audit: type=1326 audit(1754773670.077:6570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18587 comm="syz.5.5500" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ee539 code=0x0
[ 2091.235722][T18589] binder: 18585:18589 ioctl c0306201 80000640 returned -22
[ 2091.360204][T23524] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[ 2091.530300][T23524] usb 4-1: device descriptor read/64, error -71
[ 2092.090694][T23524] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[ 2092.225301][T18606] netlink: 'syz.5.5504': attribute type 3 has an invalid length.
[ 2092.233552][T23524] usb 4-1: device descriptor read/64, error -71
[ 2092.299850][T18606] netlink: 666 bytes leftover after parsing attributes in process `syz.5.5504'.
[ 2092.340789][T23524] usb usb4-port1: attempt power cycle
[ 2092.350146][T12278] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 2092.511609][T12278] usb 2-1: Using ep0 maxpacket: 32
[ 2092.525546][T12278] usb 2-1: config 0 has an invalid interface number: 61 but max is 1
[ 2092.574812][T12278] usb 2-1: config 0 has an invalid interface number: 98 but max is 1
[ 2092.588665][T12278] usb 2-1: config 0 has no interface number 0
[ 2092.660096][T17769] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[ 2092.720818][T12278] usb 2-1: config 0 has no interface number 1
[ 2092.729494][T12278] usb 2-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[ 2092.747871][T12278] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2092.757275][T23524] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 2092.785534][T12278] usb 2-1: Product: syz
[ 2092.789858][T12278] usb 2-1: Manufacturer: syz
[ 2092.844280][T23524] usb 4-1: device descriptor read/8, error -71
[ 2092.857592][T12278] usb 2-1: SerialNumber: syz
[ 2092.870268][T17769] usb 5-1: Using ep0 maxpacket: 16
[ 2092.882517][T17769] usb 5-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 2092.912471][T17769] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2092.912617][T12278] usb 2-1: config 0 descriptor??
[ 2092.927572][T17769] usb 5-1: Product: syz
[ 2092.933092][T17769] usb 5-1: Manufacturer: syz
[ 2092.944575][T17769] usb 5-1: SerialNumber: syz
[ 2092.957000][T17769] usb 5-1: config 0 descriptor??
[ 2092.983616][T17769] visor 5-1:0.0: Sony Clie 3.5 converter detected
[ 2093.041101][T12278] viperboard 2-1:0.61: version 0.00 found at bus 002 address 017
[ 2093.100610][T23524] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[ 2093.132124][T12278] viperboard-i2c viperboard-i2c.2.auto: error -EIO: failure setting i2c_bus_freq to 100
[ 2093.158616][T23524] usb 4-1: device descriptor read/8, error -71
[ 2093.171129][T12278] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[ 2093.189939][T18612] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2093.231566][T18612] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2093.312457][T23524] usb usb4-port1: unable to enumerate USB device
[ 2093.326057][T12278] viperboard 2-1:0.98: version 0.00 found at bus 002 address 017
[ 2093.408826][T12278] viperboard-i2c viperboard-i2c.5.auto: error -EIO: failure setting i2c_bus_freq to 100
[ 2093.460206][T12278] viperboard-i2c viperboard-i2c.5.auto: probe with driver viperboard-i2c failed with error -5
[ 2093.482979][T12278] usb 2-1: USB disconnect, device number 17
[ 2093.511773][T17769] usb 5-1: Sony Clie 3.5 converter now attached to ttyUSB0
[ 2093.990793][T12278] usb 5-1: USB disconnect, device number 69
[ 2094.007550][T12278] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0
[ 2094.027041][T12278] visor 5-1:0.0: device disconnected
[ 2095.170664][T17775] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[ 2095.354774][T17775] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2095.430103][T17775] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2095.435528][T18647] dlm: non-version read from control device 4096
[ 2095.443649][T17775] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 2095.494549][T17775] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 2095.786848][T18653] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5513'.
[ 2095.939322][T18650] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2096.428543][T18655] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5516'.
[ 2096.686734][T17775] usb 2-1: Product: syz
[ 2096.693910][T17775] usb 2-1: Manufacturer: syz
[ 2096.698574][T17775] usb 2-1: SerialNumber: syz
[ 2096.729711][T17775] usb 2-1: config 0 descriptor??
[ 2097.030176][T18662] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5518'.
[ 2097.516889][T18662] bond0: (slave team0): Releasing backup interface
[ 2097.579515][T18662] team0 (unregistering): Port device team_slave_0 removed
[ 2097.856510][T18662] team0 (unregistering): Port device team_slave_1 removed
[ 2098.448801][T18669] netlink: 'syz.0.5521': attribute type 3 has an invalid length.
[ 2098.448831][T18669] netlink: 132 bytes leftover after parsing attributes in process `syz.0.5521'.
[ 2098.995726][T17775] usb 2-1: USB disconnect, device number 18
[ 2099.060526][T17776] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[ 2099.262979][T17776] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2099.274892][T17776] usb 5-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2099.301565][T18689] netlink: 60 bytes leftover after parsing attributes in process `syz.1.5525'.
[ 2099.311134][T18689] netlink: 35 bytes leftover after parsing attributes in process `syz.1.5525'.
[ 2099.356393][T17776] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2099.407823][T17776] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2099.497502][T17776] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2099.679328][T17776] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -2
[ 2099.688466][T14588] udevd[14588]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2100.484173][   T30] audit: type=1326 audit(1754773679.427:6571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18664 comm="syz.3.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[ 2100.812820][   T30] audit: type=1326 audit(1754773679.427:6572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18664 comm="syz.3.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e558 code=0x7ffc0000
[ 2100.870343][   T30] audit: type=1326 audit(1754773679.427:6573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18664 comm="syz.3.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[ 2100.927698][   T30] audit: type=1326 audit(1754773679.427:6574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18664 comm="syz.3.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e558 code=0x7ffc0000
[ 2100.966812][   T30] audit: type=1326 audit(1754773679.427:6575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18664 comm="syz.3.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[ 2101.012302][   T30] audit: type=1326 audit(1754773679.427:6576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18664 comm="syz.3.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e558 code=0x7ffc0000
[ 2101.044634][   T30] audit: type=1326 audit(1754773679.427:6577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18664 comm="syz.3.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[ 2101.130332][   T30] audit: type=1326 audit(1754773679.427:6578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18664 comm="syz.3.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e558 code=0x7ffc0000
[ 2101.198108][T18703] lo: entered allmulticast mode
[ 2101.217053][   T30] audit: type=1326 audit(1754773679.427:6579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18664 comm="syz.3.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf705e558 code=0x7ffc0000
[ 2101.217467][T18703] IPVS: set_ctl: invalid protocol: 29 255.255.255.255:20001
[ 2101.358689][T18705] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2101.412778][   T30] audit: type=1326 audit(1754773679.427:6580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18664 comm="syz.3.5520" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf705e539 code=0x7ffc0000
[ 2101.439130][T18705] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5529'.
[ 2102.415583][T12278] usb 5-1: USB disconnect, device number 70
[ 2102.470591][T18675] delete_channel: no stack
[ 2102.713884][T18720] input: syz0 as /devices/virtual/input/input113
[ 2103.243706][T17776] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[ 2103.420235][T23524] usb 6-1: new high-speed USB device number 114 using dummy_hcd
[ 2103.477525][T18729] netlink: 'syz.3.5537': attribute type 10 has an invalid length.
[ 2103.568440][T17776] usb 5-1: config 0 has an invalid interface number: 120 but max is 0
[ 2103.584613][T17776] usb 5-1: config 0 has no interface number 0
[ 2103.595735][T23524] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2103.608286][T23524] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2103.633731][T23524] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 2103.642904][T23524] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 2103.651759][T23524] usb 6-1: Product: syz
[ 2103.655934][T23524] usb 6-1: Manufacturer: syz
[ 2103.665432][T23524] usb 6-1: SerialNumber: syz
[ 2103.696397][T23524] usb 6-1: config 0 descriptor??
[ 2103.866399][T17776] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 2103.926933][T17776] usb 5-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 2103.936427][T17776] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2104.002349][T17776] usb 5-1: config 0 descriptor??
[ 2104.029565][T17776] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.120/input/input114
[ 2104.310925][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 2104.317307][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 2104.910149][T18743] netlink: 'syz.1.5540': attribute type 9 has an invalid length.
[ 2104.921533][T18743] netlink: 'syz.1.5540': attribute type 9 has an invalid length.
[ 2105.815336][T17776] usb 6-1: USB disconnect, device number 114
[ 2105.876088][T18747] FAULT_INJECTION: forcing a failure.
[ 2105.876088][T18747] name failslab, interval 1, probability 0, space 0, times 0
[ 2105.889012][T18747] CPU: 0 UID: 0 PID: 18747 Comm: syz.1.5542 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2105.889044][T18747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2105.889055][T18747] Call Trace:
[ 2105.889063][T18747]  <TASK>
[ 2105.889070][T18747]  dump_stack_lvl+0x189/0x250
[ 2105.889094][T18747]  ? __pfx____ratelimit+0x10/0x10
[ 2105.889116][T18747]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2105.889135][T18747]  ? __pfx__printk+0x10/0x10
[ 2105.889161][T18747]  ? __pfx___might_resched+0x10/0x10
[ 2105.889181][T18747]  should_fail_ex+0x414/0x560
[ 2105.889205][T18747]  should_failslab+0xa8/0x100
[ 2105.889229][T18747]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 2105.889251][T18747]  ? mas_alloc_nodes+0x2e9/0x8e0
[ 2105.889275][T18747]  mas_alloc_nodes+0x2e9/0x8e0
[ 2105.889302][T18747]  mas_preallocate+0x3ad/0x6f0
[ 2105.889325][T18747]  ? __pfx_mas_preallocate+0x10/0x10
[ 2105.889354][T18747]  ? __mas_set_range+0x12f/0x3c0
[ 2105.889377][T18747]  __split_vma+0x2fa/0xa00
[ 2105.889404][T18747]  ? __pfx___split_vma+0x10/0x10
[ 2105.889432][T18747]  ? __lock_acquire+0xab9/0xd20
[ 2105.889458][T18747]  vms_gather_munmap_vmas+0x2ea/0x12f0
[ 2105.889487][T18747]  ? mtree_range_walk+0x6a7/0x840
[ 2105.889508][T18747]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[ 2105.889541][T18747]  ? mas_find+0xa7d/0xd30
[ 2105.889566][T18747]  mmap_region+0x724/0x20c0
[ 2105.889599][T18747]  ? __pfx_mmap_region+0x10/0x10
[ 2105.889664][T18747]  ? aa_file_perm+0x13a/0x1550
[ 2105.889681][T18747]  ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10
[ 2105.889709][T18747]  ? cap_mmap_addr+0xb0/0x100
[ 2105.889730][T18747]  ? bpf_lsm_mmap_addr+0x9/0x20
[ 2105.889750][T18747]  ? security_mmap_addr+0x71/0x270
[ 2105.889773][T18747]  ? shmem_mapping+0xd/0x50
[ 2105.889790][T18747]  ? memfd_check_seals_mmap+0xc5/0x200
[ 2105.889810][T18747]  do_mmap+0xc45/0x10d0
[ 2105.889839][T18747]  ? __pfx_do_mmap+0x10/0x10
[ 2105.889857][T18747]  ? down_write_killable+0x178/0x230
[ 2105.889885][T18747]  ? __pfx_down_write_killable+0x10/0x10
[ 2105.889908][T18747]  ? common_file_perm+0x1b5/0x230
[ 2105.889938][T18747]  vm_mmap_pgoff+0x2a6/0x4d0
[ 2105.889964][T18747]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 2105.889983][T18747]  ? __fget_files+0x2a/0x420
[ 2105.890026][T18747]  ? __fget_files+0x2a/0x420
[ 2105.890059][T18747]  ? __fget_files+0x2a/0x420
[ 2105.890095][T18747]  ksys_mmap_pgoff+0x51f/0x760
[ 2105.890130][T18747]  __do_fast_syscall_32+0xb6/0x2b0
[ 2105.890163][T18747]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2105.890198][T18747]  do_fast_syscall_32+0x34/0x80
[ 2105.890229][T18747]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2105.890257][T18747] RIP: 0023:0xf7fc2539
[ 2105.890276][T18747] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2105.890295][T18747] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 00000000000000c0
[ 2105.890318][T18747] RAX: ffffffffffffffda RBX: 0000000080ffa000 RCX: 0000000000003000
[ 2105.890335][T18747] RDX: 000000000280000b RSI: 0000000000000011 RDI: 0000000000000003
[ 2105.890348][T18747] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2105.890361][T18747] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2105.890374][T18747] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2105.890405][T18747]  </TASK>
[ 2106.317581][T17778] usb 5-1: USB disconnect, device number 71
[ 2106.680349][T17774] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[ 2106.913782][T17774] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2106.996236][T17774] usb 4-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2107.465933][T17774] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2107.475306][T17774] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2107.628333][T17774] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 2107.651803][T17774] usb 4-1: invalid MIDI out EP 0
[ 2107.680568][T17769] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[ 2107.853041][T17769] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2107.863797][T17769] usb 5-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2107.952827][T17769] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2108.085052][T17769] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2108.138600][T17774] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2108.177021][T18773] binder: 18771:18773 ioctl c0306201 80000640 returned -22
[ 2108.216575][T17769] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2108.268492][T17769] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -2
[ 2108.430437][T17778] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 2108.590096][T17778] usb 2-1: Using ep0 maxpacket: 8
[ 2108.604621][T17778] usb 2-1: config 2 has an invalid interface number: 31 but max is 0
[ 2108.613845][T17778] usb 2-1: config 2 has no interface number 0
[ 2108.620127][T17778] usb 2-1: config 2 interface 31 has no altsetting 0
[ 2108.634251][T17778] usb 2-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[ 2108.643816][T17778] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2108.652630][T17778] usb 2-1: Product: syz
[ 2108.657139][T17778] usb 2-1: Manufacturer: syz
[ 2108.667591][T17778] usb 2-1: SerialNumber: syz
[ 2108.769769][T17778] ch9200 2-1:2.31: probe with driver ch9200 failed with error -22
[ 2109.600189][T12278] usb 6-1: new high-speed USB device number 115 using dummy_hcd
[ 2109.613571][T17776] usb 4-1: USB disconnect, device number 55
[ 2109.878565][T18760] delete_channel: no stack
[ 2109.902182][T17769] usb 5-1: USB disconnect, device number 72
[ 2109.993771][T12278] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2110.067181][T12278] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2110.085617][T12278] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 2110.095719][T12278] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 2110.106784][T12278] usb 6-1: Product: syz
[ 2110.111587][T12278] usb 6-1: Manufacturer: syz
[ 2110.118676][T12278] usb 6-1: SerialNumber: syz
[ 2110.164250][T12278] usb 6-1: config 0 descriptor??
[ 2110.174364][T18793] FAULT_INJECTION: forcing a failure.
[ 2110.174364][T18793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2110.224013][T18793] CPU: 1 UID: 0 PID: 18793 Comm: syz.3.5554 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2110.224048][T18793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2110.224060][T18793] Call Trace:
[ 2110.224066][T18793]  <TASK>
[ 2110.224073][T18793]  dump_stack_lvl+0x189/0x250
[ 2110.224098][T18793]  ? __pfx____ratelimit+0x10/0x10
[ 2110.224119][T18793]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2110.224138][T18793]  ? __pfx__printk+0x10/0x10
[ 2110.224169][T18793]  should_fail_ex+0x414/0x560
[ 2110.224194][T18793]  _copy_to_user+0x31/0xb0
[ 2110.224216][T18793]  simple_read_from_buffer+0xe1/0x170
[ 2110.224242][T18793]  proc_fail_nth_read+0x1b3/0x220
[ 2110.224263][T18793]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2110.224283][T18793]  ? rw_verify_area+0x2a6/0x4d0
[ 2110.224302][T18793]  ? __lock_acquire+0xab9/0xd20
[ 2110.224324][T18793]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2110.224343][T18793]  vfs_read+0x200/0xa30
[ 2110.224362][T18793]  ? fdget_pos+0x247/0x320
[ 2110.224379][T18793]  ? __pfx___mutex_lock+0x10/0x10
[ 2110.224401][T18793]  ? __pfx_vfs_read+0x10/0x10
[ 2110.224422][T18793]  ? __fget_files+0x2a/0x420
[ 2110.224455][T18793]  ? __fget_files+0x3a0/0x420
[ 2110.224477][T18793]  ? __fget_files+0x2a/0x420
[ 2110.224508][T18793]  ksys_read+0x145/0x250
[ 2110.224530][T18793]  ? __pfx_ksys_read+0x10/0x10
[ 2110.224553][T18793]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2110.224576][T18793]  __do_fast_syscall_32+0xb6/0x2b0
[ 2110.224600][T18793]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2110.224623][T18793]  do_fast_syscall_32+0x34/0x80
[ 2110.224646][T18793]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2110.224665][T18793] RIP: 0023:0xf705e539
[ 2110.224679][T18793] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2110.224693][T18793] RSP: 002b:00000000f544e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 2110.224709][T18793] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f544e620
[ 2110.224720][T18793] RDX: 000000000000000f RSI: 00000000f73c4ff4 RDI: 0000000000000000
[ 2110.224730][T18793] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 2110.224739][T18793] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2110.224748][T18793] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2110.224769][T18793]  </TASK>
[ 2111.372683][T18803] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2111.950170][T17769] usb 5-1: new full-speed USB device number 73 using dummy_hcd
[ 2112.102497][T17769] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2112.115585][T17769] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 2112.124628][T17778] usb 2-1: USB disconnect, device number 19
[ 2112.195159][T17769] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 2112.213060][T17769] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 2112.289309][T17769] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 2112.303675][T17769] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 2112.326681][T17769] usb 5-1: Manufacturer: syz
[ 2112.360359][T17776] usb 6-1: USB disconnect, device number 115
[ 2112.393401][T17769] usb 5-1: config 0 descriptor??
[ 2112.630526][T17778] usb 2-1: new full-speed USB device number 20 using dummy_hcd
[ 2112.780334][T17769] rc_core: IR keymap rc-hauppauge not found
[ 2112.790130][T17769] Registered IR keymap rc-empty
[ 2112.795162][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2112.838233][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2112.955816][T17778] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2112.962140][T17769] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 2112.970235][T17778] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 2113.026858][T17778] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 2113.036919][T17769] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input115
[ 2113.046666][T17778] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2113.132903][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2113.160326][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2113.167186][T17778] usb 2-1: config 0 descriptor??
[ 2113.180616][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2113.200160][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2113.218364][T18822] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5561'.
[ 2113.230669][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2113.243302][T18827] binder: 18823:18827 ioctl c0306201 80000640 returned -22
[ 2113.251154][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2113.264269][T18822] netlink: 'syz.3.5561': attribute type 1 has an invalid length.
[ 2113.273480][T18822] netlink: 'syz.3.5561': attribute type 2 has an invalid length.
[ 2113.286293][T17778] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 2113.290254][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2113.297964][T17778] dvb-usb: bulk message failed: -22 (3/0)
[ 2113.338961][T17778] dvb-usb: will use the device's hardware PID filter (table count: 16).
[ 2113.340491][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2113.383313][T17778] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 2113.394881][T17778] usb 2-1: media controller created
[ 2113.400247][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2113.450136][T17769] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[ 2113.476314][T17769] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 2113.485813][T17769] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 2113.513935][T17769] usb 5-1: USB disconnect, device number 73
[ 2113.542459][T17778] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2113.578920][T17778] dvb-usb: bulk message failed: -22 (6/0)
[ 2113.597296][T17778] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 2113.655917][T17778] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input116
[ 2113.709260][T17778] dvb-usb: schedule remote query interval to 150 msecs.
[ 2113.724892][T17778] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 2113.759887][T17778] usb 2-1: USB disconnect, device number 20
[ 2113.845263][T17778] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 2114.130782][T18834] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2114.152022][T18834] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5563'.
[ 2114.860542][T17778] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[ 2115.169761][T17769] usb 6-1: new high-speed USB device number 116 using dummy_hcd
[ 2115.187884][T17778] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2115.208345][T17778] usb 5-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[ 2115.229388][T17778] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2115.339881][T17778] usb 5-1: config 0 descriptor??
[ 2115.402676][T17769] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2115.422535][T17769] usb 6-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2115.490131][T17769] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2115.530086][T17769] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2115.811815][T18850] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2115.825922][T18839] netlink: 84 bytes leftover after parsing attributes in process `syz.4.5565'.
[ 2115.836868][T17778] lg-g15 0003:046D:C222.0016: unbalanced delimiter at end of report description
[ 2115.873804][T17769] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 2115.917395][T17778] lg-g15 0003:046D:C222.0016: probe with driver lg-g15 failed with error -22
[ 2116.075722][T17778] usb 5-1: USB disconnect, device number 74
[ 2116.086452][T17769] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -2
[ 2117.290118][T17775] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 2117.490575][T17775] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2117.521337][T17775] usb 5-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2117.534927][T17775] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2117.545612][T17775] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2117.693726][T18873] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2117.725699][T18873] netlink: 24 bytes leftover after parsing attributes in process `syz.3.5571'.
[ 2117.831318][T18842] delete_channel: no stack
[ 2117.846998][T12278] usb 6-1: USB disconnect, device number 116
[ 2117.904851][T17775] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2117.915974][T17775] usb 5-1: invalid MIDI out EP 0
[ 2118.086625][T18880] vxcan3: entered promiscuous mode
[ 2118.418241][T17775] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2119.054181][T18890] binder: 18885:18890 ioctl c0306201 80000640 returned -22
[ 2119.948896][T18901] FAULT_INJECTION: forcing a failure.
[ 2119.948896][T18901] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2119.979461][T18901] CPU: 1 UID: 0 PID: 18901 Comm: syz.5.5579 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2119.979493][T18901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2119.979505][T18901] Call Trace:
[ 2119.979514][T18901]  <TASK>
[ 2119.979522][T18901]  dump_stack_lvl+0x189/0x250
[ 2119.979545][T18901]  ? __pfx____ratelimit+0x10/0x10
[ 2119.979567][T18901]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2119.979589][T18901]  ? __pfx__printk+0x10/0x10
[ 2119.979612][T18901]  ? __might_fault+0xb0/0x130
[ 2119.979642][T18901]  should_fail_ex+0x414/0x560
[ 2119.979667][T18901]  _copy_from_user+0x2d/0xb0
[ 2119.979685][T18901]  get_compat_msghdr+0xad/0x4a0
[ 2119.979715][T18901]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 2119.979742][T18901]  ? rcu_is_watching+0x15/0xb0
[ 2119.979758][T18901]  ? ___sys_recvmsg+0x1c4/0x510
[ 2119.979779][T18901]  ___sys_recvmsg+0x17f/0x510
[ 2119.979800][T18901]  ? __pfx____sys_recvmsg+0x10/0x10
[ 2119.979834][T18901]  ? __fget_files+0x3a0/0x420
[ 2119.979866][T18901]  do_recvmmsg+0x36a/0x770
[ 2119.979889][T18901]  ? __pfx_do_recvmmsg+0x10/0x10
[ 2119.979914][T18901]  ? __pfx_vfs_write+0x10/0x10
[ 2119.979946][T18901]  __sys_recvmmsg+0x19d/0x280
[ 2119.979964][T18901]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 2119.979979][T18901]  ? ksys_write+0x22a/0x250
[ 2119.980018][T18901]  __ia32_compat_sys_recvmmsg_time32+0xbf/0xe0
[ 2119.980044][T18901]  __do_fast_syscall_32+0xb6/0x2b0
[ 2119.980076][T18901]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2119.980110][T18901]  do_fast_syscall_32+0x34/0x80
[ 2119.980140][T18901]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2119.980167][T18901] RIP: 0023:0xf70ee539
[ 2119.980186][T18901] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2119.980205][T18901] RSP: 002b:00000000f54de55c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[ 2119.980229][T18901] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080009940
[ 2119.980244][T18901] RDX: 0000000000000002 RSI: 0000000000000042 RDI: 0000000000000000
[ 2119.980258][T18901] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2119.980271][T18901] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2119.980284][T18901] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2119.980314][T18901]  </TASK>
[ 2120.550651][T18907] netlink: 212 bytes leftover after parsing attributes in process `syz.5.5581'.
[ 2120.620502][T18907] netlink: 33 bytes leftover after parsing attributes in process `syz.5.5581'.
[ 2120.762778][T18913] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5584'.
[ 2120.848075][T18917] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 2120.952022][T18921] netlink: 84 bytes leftover after parsing attributes in process `syz.1.5587'.
[ 2122.150172][T17769] usb 5-1: USB disconnect, device number 75
[ 2123.346454][T18957] netlink: 212 bytes leftover after parsing attributes in process `syz.4.5596'.
[ 2123.375127][T18958] netlink: 33 bytes leftover after parsing attributes in process `syz.4.5596'.
[ 2123.780286][T17774] usb 6-1: new high-speed USB device number 117 using dummy_hcd
[ 2124.045917][T18967] program syz.4.5600 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2124.150089][T17774] usb 6-1: Using ep0 maxpacket: 8
[ 2124.157371][T17774] usb 6-1: New USB device found, idVendor=0757, idProduct=0a00, bcdDevice= 0.00
[ 2124.169909][T17774] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2124.354162][T17774] usb 6-1: config 0 descriptor??
[ 2124.470524][T17775] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 2124.894655][T17774] nti 0003:0757:0A00.0017: reserved main item tag 0xd
[ 2124.901663][T17775] usb 5-1: Using ep0 maxpacket: 32
[ 2124.980432][T17774] nti 0003:0757:0A00.0017: unexpected long global item
[ 2124.988424][T17774] nti 0003:0757:0A00.0017: probe with driver nti failed with error -22
[ 2124.998031][T18975] netlink: 96 bytes leftover after parsing attributes in process `syz.0.5602'.
[ 2125.180956][T18960] netlink: 40 bytes leftover after parsing attributes in process `syz.5.5598'.
[ 2125.202224][T17774] usb 6-1: USB disconnect, device number 117
[ 2125.602105][T18987] FAULT_INJECTION: forcing a failure.
[ 2125.602105][T18987] name failslab, interval 1, probability 0, space 0, times 0
[ 2125.658940][T18987] CPU: 1 UID: 0 PID: 18987 Comm: syz.1.5606 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2125.658976][T18987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2125.659000][T18987] Call Trace:
[ 2125.659009][T18987]  <TASK>
[ 2125.659019][T18987]  dump_stack_lvl+0x189/0x250
[ 2125.659053][T18987]  ? __pfx____ratelimit+0x10/0x10
[ 2125.659086][T18987]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2125.659113][T18987]  ? __pfx__printk+0x10/0x10
[ 2125.659151][T18987]  ? __pfx___might_resched+0x10/0x10
[ 2125.659172][T18987]  ? fs_reclaim_acquire+0x7d/0x100
[ 2125.659211][T18987]  should_fail_ex+0x414/0x560
[ 2125.659247][T18987]  should_failslab+0xa8/0x100
[ 2125.659282][T18987]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 2125.659311][T18987]  ? fcntl_setlease+0x364/0x4c0
[ 2125.659343][T18987]  fcntl_setlease+0x364/0x4c0
[ 2125.659375][T18987]  ? __pfx_fcntl_setlease+0x10/0x10
[ 2125.659406][T18987]  ? get_pid_task+0x20/0x1f0
[ 2125.659446][T18987]  do_fcntl+0x6a9/0x1910
[ 2125.659479][T18987]  ? __pfx_do_fcntl+0x10/0x10
[ 2125.659511][T18987]  ? __fget_files+0x2a/0x420
[ 2125.659550][T18987]  ? tomoyo_file_fcntl+0x78/0x210
[ 2125.659578][T18987]  ? bpf_lsm_file_fcntl+0x9/0x20
[ 2125.659609][T18987]  do_compat_fcntl64+0x477/0x720
[ 2125.659637][T18987]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2125.659676][T18987]  ? __pfx_do_compat_fcntl64+0x10/0x10
[ 2125.659709][T18987]  ? fput+0xa0/0xd0
[ 2125.659732][T18987]  ? ksys_write+0x22a/0x250
[ 2125.659771][T18987]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2125.659805][T18987]  __do_fast_syscall_32+0xb6/0x2b0
[ 2125.659839][T18987]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2125.659873][T18987]  do_fast_syscall_32+0x34/0x80
[ 2125.659906][T18987]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2125.659933][T18987] RIP: 0023:0xf7fc2539
[ 2125.659952][T18987] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2125.659972][T18987] RSP: 002b:00000000f54a455c EFLAGS: 00000206 ORIG_RAX: 0000000000000037
[ 2125.660008][T18987] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000400
[ 2125.660023][T18987] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2125.660036][T18987] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2125.660049][T18987] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2125.660063][T18987] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2125.660095][T18987]  </TASK>
[ 2126.320112][T17774] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[ 2126.500088][T17774] usb 4-1: Using ep0 maxpacket: 32
[ 2126.517201][T17774] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[ 2126.535766][T17774] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2126.562121][T17774] usb 4-1: config 0 descriptor??
[ 2126.585572][T17774] gspca_main: sunplus-2.14.0 probing 041e:400b
[ 2126.809107][T17775] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 2126.818141][T17775] usb 5-1: unable to read config index 0 descriptor/start: -71
[ 2126.848701][T17775] usb 5-1: can't read configurations, error -71
[ 2127.330144][T17776] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 2127.511321][T17776] usb 2-1: Using ep0 maxpacket: 8
[ 2127.526551][T17776] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 2127.548154][T17776] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2127.559759][T17774] gspca_sunplus: reg_w_riv err -71
[ 2127.565447][T17774] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[ 2127.616994][T17774] usb 4-1: USB disconnect, device number 56
[ 2127.635338][T17776] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2127.675620][T17776] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2127.709411][T17776] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2127.727747][T17776] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 2127.739916][T17776] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2127.978341][T17776] usb 2-1: GET_CAPABILITIES returned 0
[ 2128.071368][T19021] netlink: 20 bytes leftover after parsing attributes in process `syz.3.5615'.
[ 2128.115817][T17776] usbtmc 2-1:16.0: can't read capabilities
[ 2128.331355][T17776] usb 2-1: USB disconnect, device number 21
[ 2128.341995][T19024] FAULT_INJECTION: forcing a failure.
[ 2128.341995][T19024] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2128.422734][T19024] CPU: 1 UID: 0 PID: 19024 Comm: syz.4.5617 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2128.422769][T19024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2128.422782][T19024] Call Trace:
[ 2128.422791][T19024]  <TASK>
[ 2128.422802][T19024]  dump_stack_lvl+0x189/0x250
[ 2128.422841][T19024]  ? __pfx____ratelimit+0x10/0x10
[ 2128.422872][T19024]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2128.422898][T19024]  ? __pfx__printk+0x10/0x10
[ 2128.422943][T19024]  should_fail_ex+0x414/0x560
[ 2128.422976][T19024]  _copy_to_user+0x31/0xb0
[ 2128.423003][T19024]  simple_read_from_buffer+0xe1/0x170
[ 2128.423039][T19024]  proc_fail_nth_read+0x1b3/0x220
[ 2128.423067][T19024]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2128.423095][T19024]  ? rw_verify_area+0x2a6/0x4d0
[ 2128.423129][T19024]  ? __lock_acquire+0xab9/0xd20
[ 2128.423160][T19024]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2128.423187][T19024]  vfs_read+0x200/0xa30
[ 2128.423214][T19024]  ? fdget_pos+0x247/0x320
[ 2128.423238][T19024]  ? __pfx___mutex_lock+0x10/0x10
[ 2128.423270][T19024]  ? __pfx_vfs_read+0x10/0x10
[ 2128.423301][T19024]  ? __fget_files+0x2a/0x420
[ 2128.423338][T19024]  ? __fget_files+0x3a0/0x420
[ 2128.423369][T19024]  ? __fget_files+0x2a/0x420
[ 2128.423409][T19024]  ksys_read+0x145/0x250
[ 2128.423440][T19024]  ? __pfx_ksys_read+0x10/0x10
[ 2128.423474][T19024]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2128.423508][T19024]  __do_fast_syscall_32+0xb6/0x2b0
[ 2128.423541][T19024]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2128.423575][T19024]  do_fast_syscall_32+0x34/0x80
[ 2128.423606][T19024]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2128.423633][T19024] RIP: 0023:0xf704e539
[ 2128.423653][T19024] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2128.423673][T19024] RSP: 002b:00000000f543e590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[ 2128.423696][T19024] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f543e620
[ 2128.423712][T19024] RDX: 000000000000000f RSI: 00000000f73b4ff4 RDI: 0000000000000000
[ 2128.423726][T19024] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 2128.423739][T19024] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2128.423752][T19024] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2128.423784][T19024]  </TASK>
[ 2128.439932][T19027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5616'.
[ 2129.440214][T17776] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 2129.565934][T19041] IPVS: set_ctl: invalid protocol: 0 100.1.1.2:20000
[ 2129.613093][T17776] usb 5-1: Using ep0 maxpacket: 8
[ 2129.633498][T17776] usb 5-1: config 2 has an invalid interface number: 31 but max is 0
[ 2129.643135][T17776] usb 5-1: config 2 has no interface number 0
[ 2129.654721][T17776] usb 5-1: config 2 interface 31 has no altsetting 0
[ 2129.698035][T17776] usb 5-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[ 2129.708474][T17776] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2129.716638][T17776] usb 5-1: Product: syz
[ 2129.721068][T17776] usb 5-1: Manufacturer: syz
[ 2129.726887][T17776] usb 5-1: SerialNumber: syz
[ 2129.840716][T17776] ch9200 5-1:2.31: probe with driver ch9200 failed with error -22
[ 2130.870232][T23524] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 2131.136698][T23524] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 2131.147015][T23524] usb 2-1: config 0 has no interface number 0
[ 2131.161463][T23524] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2131.181826][T23524] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2131.197936][T23524] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[ 2131.215583][T23524] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2131.649670][T23524] usb 2-1: config 0 descriptor??
[ 2131.705397][T19064] netlink: 'syz.5.5628': attribute type 29 has an invalid length.
[ 2131.714357][T19065] netlink: 'syz.5.5628': attribute type 29 has an invalid length.
[ 2132.093804][T19054] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2132.103443][T19054] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2132.123288][T23524] usbhid 2-1:0.1: can't add hid device: -71
[ 2132.130973][T23524] usbhid 2-1:0.1: probe with driver usbhid failed with error -71
[ 2132.187161][T23524] usb 2-1: USB disconnect, device number 22
[ 2132.384837][T19071] FAULT_INJECTION: forcing a failure.
[ 2132.384837][T19071] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2132.452581][T19071] CPU: 1 UID: 0 PID: 19071 Comm: syz.0.5630 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2132.452616][T19071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2132.452630][T19071] Call Trace:
[ 2132.452640][T19071]  <TASK>
[ 2132.452650][T19071]  dump_stack_lvl+0x189/0x250
[ 2132.452681][T19071]  ? __pfx____ratelimit+0x10/0x10
[ 2132.452711][T19071]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2132.452738][T19071]  ? __pfx__printk+0x10/0x10
[ 2132.452768][T19071]  ? __might_fault+0xb0/0x130
[ 2132.452816][T19071]  should_fail_ex+0x414/0x560
[ 2132.452851][T19071]  _copy_from_user+0x2d/0xb0
[ 2132.452877][T19071]  cmsghdr_from_user_compat_to_kern+0x50b/0x800
[ 2132.452914][T19071]  ? __might_fault+0xb0/0x130
[ 2132.452953][T19071]  ? __pfx_cmsghdr_from_user_compat_to_kern+0x10/0x10
[ 2132.453000][T19071]  ____sys_sendmsg+0x20f/0x830
[ 2132.453029][T19071]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2132.453069][T19071]  ___sys_sendmsg+0x21f/0x2a0
[ 2132.453094][T19071]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2132.453155][T19071]  ? __fget_files+0x2a/0x420
[ 2132.453187][T19071]  ? __fget_files+0x3a0/0x420
[ 2132.453231][T19071]  __sys_sendmmsg+0x28e/0x430
[ 2132.453260][T19071]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2132.453293][T19071]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2132.453344][T19071]  ? ksys_write+0x22a/0x250
[ 2132.453385][T19071]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 2132.453426][T19071]  __do_fast_syscall_32+0xb6/0x2b0
[ 2132.453458][T19071]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2132.453492][T19071]  do_fast_syscall_32+0x34/0x80
[ 2132.453523][T19071]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2132.453557][T19071] RIP: 0023:0xf7fc3539
[ 2132.453575][T19071] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2132.453594][T19071] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 2132.453617][T19071] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080009bc0
[ 2132.453633][T19071] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 2132.453646][T19071] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2132.453659][T19071] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2132.453672][T19071] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2132.453703][T19071]  </TASK>
[ 2132.709707][T23524] usb 5-1: USB disconnect, device number 78
[ 2132.923082][T19083] FAULT_INJECTION: forcing a failure.
[ 2132.923082][T19083] name failslab, interval 1, probability 0, space 0, times 0
[ 2132.937389][T19083] CPU: 1 UID: 0 PID: 19083 Comm: syz.1.5636 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2132.937413][T19083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2132.937424][T19083] Call Trace:
[ 2132.937430][T19083]  <TASK>
[ 2132.937438][T19083]  dump_stack_lvl+0x189/0x250
[ 2132.937461][T19083]  ? __pfx____ratelimit+0x10/0x10
[ 2132.937483][T19083]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2132.937512][T19083]  ? __pfx__printk+0x10/0x10
[ 2132.937539][T19083]  ? __pfx___might_resched+0x10/0x10
[ 2132.937554][T19083]  ? fs_reclaim_acquire+0x7d/0x100
[ 2132.937582][T19083]  should_fail_ex+0x414/0x560
[ 2132.937606][T19083]  should_failslab+0xa8/0x100
[ 2132.937631][T19083]  __kmalloc_noprof+0xcb/0x4f0
[ 2132.937652][T19083]  ? kfree+0x4d/0x440
[ 2132.937669][T19083]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 2132.937688][T19083]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 2132.937705][T19083]  ? tomoyo_domain+0xd9/0x130
[ 2132.937725][T19083]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 2132.937746][T19083]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 2132.937770][T19083]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2132.937805][T19083]  ? __lock_acquire+0xab9/0xd20
[ 2132.937843][T19083]  ? __fget_files+0x2a/0x420
[ 2132.937871][T19083]  ? __fget_files+0x3a0/0x420
[ 2132.937894][T19083]  ? __fget_files+0x2a/0x420
[ 2132.937920][T19083]  security_file_ioctl_compat+0xcb/0x2d0
[ 2132.937944][T19083]  __ia32_compat_sys_ioctl+0x128/0x840
[ 2132.937966][T19083]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 2132.937987][T19083]  ? __fget_files+0x3a0/0x420
[ 2132.938015][T19083]  ? fput+0xa0/0xd0
[ 2132.938032][T19083]  ? ksys_write+0x22a/0x250
[ 2132.938059][T19083]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2132.938084][T19083]  __do_fast_syscall_32+0xb6/0x2b0
[ 2132.938107][T19083]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2132.938131][T19083]  do_fast_syscall_32+0x34/0x80
[ 2132.938154][T19083]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2132.938173][T19083] RIP: 0023:0xf7fc2539
[ 2132.938187][T19083] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2132.938201][T19083] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 2132.938217][T19083] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005411
[ 2132.938228][T19083] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 2132.938238][T19083] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2132.938248][T19083] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2132.938257][T19083] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2132.938279][T19083]  </TASK>
[ 2132.938287][T19083] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2133.483086][T17774] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[ 2133.600447][T17776] usb 6-1: new high-speed USB device number 118 using dummy_hcd
[ 2133.640112][T17774] usb 4-1: Using ep0 maxpacket: 8
[ 2133.647544][T17774] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 2133.659216][T17774] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2133.675608][T17774] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2133.686416][T17774] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[ 2133.698135][T17774] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 2133.708917][T17774] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 2133.718135][T17774] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2133.741815][T17774] usb 4-1: config 0 descriptor??
[ 2133.749745][T19085] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 2133.761132][T17776] usb 6-1: Using ep0 maxpacket: 32
[ 2133.799404][T17776] usb 6-1: config 0 has an invalid interface number: 126 but max is 0
[ 2133.811781][T17776] usb 6-1: config 0 has no interface number 0
[ 2133.821534][T17776] usb 6-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[ 2133.832345][T17776] usb 6-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[ 2133.842579][T17776] usb 6-1: config 0 interface 126 has no altsetting 0
[ 2133.854978][T17776] usb 6-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[ 2133.864536][T17776] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2133.872718][T17776] usb 6-1: Product: syz
[ 2133.878364][T17776] usb 6-1: Manufacturer: syz
[ 2133.883190][T17776] usb 6-1: SerialNumber: syz
[ 2133.896703][T17776] usb 6-1: config 0 descriptor??
[ 2133.907862][T19093] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 2133.918861][T19093] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 2134.412342][T23524] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 2134.466252][T12162] Bluetooth: hci5: Opcode 0x0c03 failed: -71
[ 2134.479618][T17769] usb 4-1: USB disconnect, device number 57
[ 2134.483183][T17775] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[ 2134.635610][T23524] usb 2-1: Using ep0 maxpacket: 16
[ 2134.651947][T23524] usb 2-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 2134.664920][T23524] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2134.682891][T23524] usb 2-1: Product: syz
[ 2134.696296][T23524] usb 2-1: Manufacturer: syz
[ 2134.712744][T23524] usb 2-1: SerialNumber: syz
[ 2134.740627][T23524] usb 2-1: config 0 descriptor??
[ 2134.762011][T23524] visor 2-1:0.0: Sony Clie 3.5 converter detected
[ 2134.805679][T17775] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2134.819584][T17775] usb 5-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2134.835100][T17775] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2134.877848][T17775] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2134.963666][T19106] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2134.973844][T19106] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2135.141766][T17775] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2135.192581][T23524] usb 2-1: Sony Clie 3.5 converter now attached to ttyUSB0
[ 2135.347462][T17775] usb 5-1: invalid MIDI out EP 0
[ 2135.449293][T17769] usb 2-1: USB disconnect, device number 23
[ 2135.464643][T17769] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0
[ 2135.525008][T17769] visor 2-1:0.0: device disconnected
[ 2135.732611][T14619] udevd[14619]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2135.814273][T17776] ir_usb 6-1:0.126: IR Dongle converter detected
[ 2135.827660][T17775] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2135.837789][T17776] usb 6-1: IRDA class descriptor not found, device not bound
[ 2135.930167][T17778] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[ 2135.981530][T17776] usb 6-1: USB disconnect, device number 118
[ 2136.091545][T17778] usb 4-1: Using ep0 maxpacket: 8
[ 2136.189230][T17778] usb 4-1: config 2 has an invalid interface number: 31 but max is 0
[ 2136.209074][T17778] usb 4-1: config 2 has no interface number 0
[ 2136.220433][T17778] usb 4-1: config 2 interface 31 has no altsetting 0
[ 2136.266288][T17778] usb 4-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[ 2136.275668][T17778] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2136.285459][T17778] usb 4-1: Product: syz
[ 2136.302833][T17778] usb 4-1: Manufacturer: syz
[ 2136.402465][T17778] usb 4-1: SerialNumber: syz
[ 2136.448337][T17778] ch9200 4-1:2.31: probe with driver ch9200 failed with error -22
[ 2136.773132][T17769] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 2136.920141][T17778] usb 6-1: new high-speed USB device number 119 using dummy_hcd
[ 2137.060093][T17769] usb 2-1: Using ep0 maxpacket: 16
[ 2137.070558][T17769] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2137.081952][T17769] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2137.095909][T17769] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2137.108633][T17769] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2137.117010][T17769] usb 2-1: Product: syz
[ 2137.125593][T17778] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2137.141638][T17769] usb 2-1: Manufacturer: syz
[ 2137.146523][T17769] usb 2-1: SerialNumber: syz
[ 2137.208076][T17778] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2137.338083][T17778] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 2137.347822][T17778] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 2137.379155][T17778] usb 6-1: Product: syz
[ 2137.384848][T17778] usb 6-1: Manufacturer: syz
[ 2137.413240][T17778] usb 6-1: SerialNumber: syz
[ 2137.522262][T17778] usb 6-1: config 0 descriptor??
[ 2137.562199][T19129] fuse: Invalid gid '00000000000000000015'
[ 2137.995238][T19129] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2138.182066][T19129] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2138.464183][T17775] usb 5-1: USB disconnect, device number 79
[ 2139.206990][T17775] usb 4-1: USB disconnect, device number 58
[ 2139.417658][T17769] usb 2-1: 0:2 : does not exist
[ 2139.452416][T17769] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[ 2139.517468][T17769] usb 2-1: USB disconnect, device number 24
[ 2139.579378][T14588] udevd[14588]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2139.750156][T17778] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 2139.945661][T17778] usb 5-1: Using ep0 maxpacket: 32
[ 2139.964572][T17778] usb 5-1: config 0 has an invalid interface number: 12 but max is 0
[ 2139.978018][T17778] usb 5-1: config 0 has no interface number 0
[ 2140.031082][T17778] usb 5-1: config 0 interface 12 has no altsetting 0
[ 2140.044051][T17778] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[ 2140.053824][T17778] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2140.072383][T17778] usb 5-1: Product: syz
[ 2140.078367][T17778] usb 5-1: Manufacturer: syz
[ 2140.083462][T17778] usb 5-1: SerialNumber: syz
[ 2140.093581][T17778] usb 5-1: config 0 descriptor??
[ 2140.190315][T23524] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[ 2140.467625][T17778] f81534 5-1:0.12: f81534_set_register: reg: 1002 data: 3 failed: -71
[ 2140.518076][T17778] f81534 5-1:0.12: f81534_find_config_idx: read failed: -71
[ 2140.549099][T17778] f81534 5-1:0.12: f81534_calc_num_ports: find idx failed: -71
[ 2140.591410][T23524] usb 4-1: Using ep0 maxpacket: 8
[ 2140.604129][T17778] f81534 5-1:0.12: probe with driver f81534 failed with error -71
[ 2140.626417][T23524] usb 4-1: config 2 has an invalid interface number: 31 but max is 0
[ 2140.647774][T23524] usb 4-1: config 2 has no interface number 0
[ 2140.668747][T17778] usb 5-1: USB disconnect, device number 80
[ 2140.724286][T17776] usb 6-1: USB disconnect, device number 119
[ 2140.777960][T23524] usb 4-1: config 2 interface 31 has no altsetting 0
[ 2140.896183][T23524] usb 4-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[ 2140.923413][T23524] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2140.933658][T23524] usb 4-1: Product: syz
[ 2140.950100][T23524] usb 4-1: Manufacturer: syz
[ 2140.954847][T23524] usb 4-1: SerialNumber: syz
[ 2141.034659][T23524] ch9200 4-1:2.31: probe with driver ch9200 failed with error -22
[ 2141.050462][T17778] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[ 2141.140374][T17775] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 2141.200741][T17778] usb 5-1: Using ep0 maxpacket: 32
[ 2141.212203][T17778] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 2141.227373][T17778] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[ 2141.242764][T17778] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[ 2141.336362][T17775] usb 2-1: Using ep0 maxpacket: 32
[ 2141.507684][T17775] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2141.519349][T17778] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2141.534237][T17775] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2141.566875][T17778] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 2141.597784][T17775] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2141.607092][T17776] usb 6-1: new high-speed USB device number 120 using dummy_hcd
[ 2141.715568][T17778] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 2141.737416][T17775] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2141.960968][T17778] usb 5-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[ 2142.049574][T17776] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2142.064554][T17775] usb 2-1: config 0 descriptor??
[ 2142.069899][T17778] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2142.078769][T17776] usb 6-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2142.093358][T17775] hub 2-1:0.0: USB hub found
[ 2142.111845][T17778] usb 5-1: Product: syz
[ 2142.127507][T17778] usb 5-1: Manufacturer: syz
[ 2142.153529][T17776] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2142.162731][T17778] usb 5-1: SerialNumber: syz
[ 2142.306155][T17778] usb 5-1: config 0 descriptor??
[ 2142.312557][T17776] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2142.355888][T17775] hub 2-1:0.0: config failed, can't read hub descriptor (err -22)
[ 2142.411612][T17775] usbhid 2-1:0.0: can't add hid device: -71
[ 2142.417920][T17775] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2142.716441][T17776] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 2142.744976][T17775] usb 2-1: USB disconnect, device number 25
[ 2142.765488][T17776] usb 6-1: invalid MIDI out EP 0
[ 2142.893906][T12278] usb 5-1: USB disconnect, device number 81
[ 2143.338921][T17776] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2143.477900][T19186] pim6reg: entered allmulticast mode
[ 2143.547376][T19187] pim6reg: left allmulticast mode
[ 2143.710117][T17778] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[ 2143.871596][T17776] usb 5-1: new full-speed USB device number 82 using dummy_hcd
[ 2143.902065][T17778] usb 2-1: Using ep0 maxpacket: 8
[ 2143.964525][T17778] usb 2-1: config 2 has an invalid interface number: 31 but max is 0
[ 2143.978942][T17778] usb 2-1: config 2 has no interface number 0
[ 2144.005175][T17778] usb 2-1: config 2 interface 31 has no altsetting 0
[ 2144.067724][T17776] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 2144.090424][T17776] usb 5-1: New USB device found, idVendor=0c70, idProduct=f001, bcdDevice= 0.00
[ 2144.105129][T17778] usb 2-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[ 2144.119286][T17776] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2144.146748][T17778] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2144.184613][T17776] usb 5-1: config 0 descriptor??
[ 2144.203031][T17778] usb 2-1: Product: syz
[ 2144.225462][T17778] usb 2-1: Manufacturer: syz
[ 2144.290565][T12278] usb 6-1: USB disconnect, device number 120
[ 2144.361389][T17778] usb 2-1: SerialNumber: syz
[ 2144.483943][T17778] ch9200 2-1:2.31: probe with driver ch9200 failed with error -22
[ 2144.639679][T17776] aquacomputer_d5next 0003:0C70:F001.0018: unknown main item tag 0x0
[ 2144.663846][T17776] aquacomputer_d5next 0003:0C70:F001.0018: hidraw0: USB HID v0.00 Device [HID 0c70:f001] on usb-dummy_hcd.4-1/input0
[ 2144.814921][T17778] usb 4-1: USB disconnect, device number 59
[ 2144.986073][T17776] usb 5-1: USB disconnect, device number 82
[ 2145.368261][T19215] fuse: Bad value for 'fd'
[ 2145.896185][T19225] FAULT_INJECTION: forcing a failure.
[ 2145.896185][T19225] name failslab, interval 1, probability 0, space 0, times 0
[ 2146.360643][T19225] CPU: 0 UID: 0 PID: 19225 Comm: syz.4.5671 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2146.360668][T19225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2146.360679][T19225] Call Trace:
[ 2146.360686][T19225]  <TASK>
[ 2146.360693][T19225]  dump_stack_lvl+0x189/0x250
[ 2146.360716][T19225]  ? __pfx____ratelimit+0x10/0x10
[ 2146.360739][T19225]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2146.360759][T19225]  ? __pfx__printk+0x10/0x10
[ 2146.360790][T19225]  ? __pfx___might_resched+0x10/0x10
[ 2146.360804][T19225]  ? fs_reclaim_acquire+0x7d/0x100
[ 2146.360833][T19225]  should_fail_ex+0x414/0x560
[ 2146.360857][T19225]  should_failslab+0xa8/0x100
[ 2146.360882][T19225]  kmem_cache_alloc_bulk_noprof+0x77/0x790
[ 2146.360908][T19225]  ? rcu_is_watching+0x15/0xb0
[ 2146.360924][T19225]  ? trace_kmem_cache_alloc+0x1f/0xc0
[ 2146.360943][T19225]  ? kmem_cache_alloc_noprof+0x21a/0x3c0
[ 2146.360963][T19225]  ? mas_alloc_nodes+0x2e9/0x8e0
[ 2146.360986][T19225]  mas_alloc_nodes+0x447/0x8e0
[ 2146.361013][T19225]  mas_preallocate+0x3ad/0x6f0
[ 2146.361037][T19225]  ? __pfx_mas_preallocate+0x10/0x10
[ 2146.361065][T19225]  ? __mas_set_range+0x12f/0x3c0
[ 2146.361088][T19225]  __split_vma+0x2fa/0xa00
[ 2146.361122][T19225]  ? __pfx___split_vma+0x10/0x10
[ 2146.361161][T19225]  ? mas_find+0xb0e/0xd30
[ 2146.361194][T19225]  vms_gather_munmap_vmas+0x4ce/0x12f0
[ 2146.361240][T19225]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[ 2146.361280][T19225]  ? mas_find+0xa7d/0xd30
[ 2146.361306][T19225]  mmap_region+0x724/0x20c0
[ 2146.361332][T19225]  ? __pfx_css_rstat_updated+0x10/0x10
[ 2146.361353][T19225]  ? __pfx_mmap_region+0x10/0x10
[ 2146.361372][T19225]  ? trace_pelt_se_tp+0x39/0x130
[ 2146.361391][T19225]  ? __update_load_avg_se+0x751/0xbc0
[ 2146.361454][T19225]  ? mm_get_unmapped_area+0xa7/0xd0
[ 2146.361478][T19225]  ? shmem_get_unmapped_area+0x2cf/0x910
[ 2146.361502][T19225]  ? cap_mmap_addr+0xb0/0x100
[ 2146.361531][T19225]  ? bpf_lsm_mmap_addr+0x9/0x20
[ 2146.361550][T19225]  ? security_mmap_addr+0x71/0x270
[ 2146.361572][T19225]  ? shmem_mapping+0xd/0x50
[ 2146.361587][T19225]  ? memfd_check_seals_mmap+0x165/0x200
[ 2146.361607][T19225]  do_mmap+0xc45/0x10d0
[ 2146.361633][T19225]  ? __pfx_mtree_load+0x10/0x10
[ 2146.361653][T19225]  ? __pfx_do_mmap+0x10/0x10
[ 2146.361676][T19225]  ? common_file_perm+0x1b5/0x230
[ 2146.361706][T19225]  __se_sys_remap_file_pages+0x77c/0x840
[ 2146.361740][T19225]  ? __pfx___se_sys_remap_file_pages+0x10/0x10
[ 2146.361766][T19225]  ? ksys_write+0x22a/0x250
[ 2146.361793][T19225]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2146.361812][T19225]  ? __ia32_sys_remap_file_pages+0x20/0xc0
[ 2146.361836][T19225]  __do_fast_syscall_32+0xb6/0x2b0
[ 2146.361859][T19225]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2146.361882][T19225]  do_fast_syscall_32+0x34/0x80
[ 2146.361905][T19225]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2146.361923][T19225] RIP: 0023:0xf704e539
[ 2146.361937][T19225] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2146.361951][T19225] RSP: 002b:00000000f541d55c EFLAGS: 00000206 ORIG_RAX: 0000000000000101
[ 2146.361969][T19225] RAX: ffffffffffffffda RBX: 000000008057a000 RCX: 0000000000001000
[ 2146.361981][T19225] RDX: 0000000000000000 RSI: 00000000000003fe RDI: 00000000001c0000
[ 2146.361991][T19225] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2146.362000][T19225] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2146.362009][T19225] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2146.362031][T19225]  </TASK>
[ 2146.878582][T17778] usb 2-1: USB disconnect, device number 26
[ 2147.300463][T17778] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[ 2147.452481][T19250] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2147.460894][T19250] syzkaller0: entered promiscuous mode
[ 2147.466800][T19250] syzkaller0: entered allmulticast mode
[ 2147.482478][T17778] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2147.492868][T17778] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 12336, setting to 64
[ 2147.563955][T17774] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 2147.644338][T19250] tipc: Resetting bearer <eth:syzkaller0>
[ 2147.655219][T19249] tipc: Resetting bearer <eth:syzkaller0>
[ 2147.667134][T17778] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[ 2147.696457][T19249] tipc: Disabling bearer <eth:syzkaller0>
[ 2147.717586][T17778] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2147.759202][T17778] usb 2-1: config 0 descriptor??
[ 2147.788883][T17774] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2147.867182][T17774] usb 4-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2147.915631][T17774] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2148.290063][T17775] usb 6-1: new high-speed USB device number 121 using dummy_hcd
[ 2148.345743][T19233] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5674'.
[ 2148.384312][T17774] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2148.484863][T17774] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 2148.507221][T19233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2148.553225][T19233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2148.569502][T17775] usb 6-1: config 0 has an invalid interface number: 120 but max is 0
[ 2148.615733][T17775] usb 6-1: config 0 has no interface number 0
[ 2148.669070][T17775] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 2148.706834][T17774] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -2
[ 2148.735968][T17775] usb 6-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 2148.753392][T19260] blktrace: Concurrent blktraces are not allowed on sg0
[ 2148.787150][T17775] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2148.908403][T17778] ath6kl: Failed to submit usb control message: -110
[ 2148.973116][T17778] ath6kl: unable to send the bmi data to the device: -110
[ 2149.027834][T17775] usb 6-1: config 0 descriptor??
[ 2149.057388][T17778] ath6kl: Unable to send get target info: -110
[ 2149.088146][T17778] ath6kl: Failed to init ath6kl core: -110
[ 2149.106204][T17775] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.120/input/input117
[ 2149.135817][T17778] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -110
[ 2150.078810][T12278] usb 4-1: USB disconnect, device number 60
[ 2150.214860][T17778] usb 6-1: USB disconnect, device number 121
[ 2150.797067][T17778] usb 2-1: USB disconnect, device number 27
[ 2150.899031][T19291] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5686'.
[ 2151.545191][T23524] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[ 2151.630958][T19306] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2151.697877][T19301] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5687'.
[ 2151.839911][T23524] usb 4-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[ 2151.849394][T23524] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2151.916023][T23524] usb 4-1: Product: syz
[ 2152.214601][T23524] usb 4-1: Manufacturer: syz
[ 2152.219272][T23524] usb 4-1: SerialNumber: syz
[ 2152.333704][T23524] r8152-cfgselector 4-1: Unknown version 0x0000
[ 2152.364071][T23524] r8152-cfgselector 4-1: config 0 descriptor??
[ 2152.585345][T19291] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5686'.
[ 2152.619269][T23524] r8152-cfgselector 4-1: USB disconnect, device number 61
[ 2152.891822][T17775] usb 6-1: new high-speed USB device number 122 using dummy_hcd
[ 2153.102349][T17775] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2153.153541][T17775] usb 6-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[ 2153.216147][T17775] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2153.240116][T17775] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2153.250424][T23524] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[ 2153.412268][T23524] usb 4-1: Using ep0 maxpacket: 16
[ 2153.424977][T23524] usb 4-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 2153.444284][T23524] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2153.458692][T23524] usb 4-1: Product: syz
[ 2153.468739][T23524] usb 4-1: Manufacturer: syz
[ 2153.475352][T23524] usb 4-1: SerialNumber: syz
[ 2153.486869][T23524] usb 4-1: config 0 descriptor??
[ 2153.514384][T23524] visor 4-1:0.0: Sony Clie 3.5 converter detected
[ 2153.711347][T19321] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2153.799268][T19330] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2153.812795][T19321] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2153.916412][T17775] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 2154.169627][T17775] usb 2-1: config 0 has an invalid interface number: 120 but max is 0
[ 2154.177187][T23524] usb 4-1: Sony Clie 3.5 converter now attached to ttyUSB0
[ 2154.193384][T17775] usb 2-1: config 0 has no interface number 0
[ 2154.202597][T17775] usb 2-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 2154.215528][T17775] usb 2-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 2154.227211][T17775] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2154.239232][T17775] usb 2-1: config 0 descriptor??
[ 2154.258152][T17775] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.120/input/input118
[ 2154.426884][T23524] usb 4-1: USB disconnect, device number 62
[ 2154.452981][T23524] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0
[ 2154.488920][T23524] visor 4-1:0.0: device disconnected
[ 2154.892137][T19337] binder: 19335:19337 ioctl c0306201 80000640 returned -22
[ 2154.963808][T17775] usb 2-1: USB disconnect, device number 28
[ 2155.043291][T19339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2155.057319][T19339] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2155.270138][T23524] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 2155.382541][  T979] usb 6-1: USB disconnect, device number 122
[ 2155.422729][T23524] usb 4-1: Using ep0 maxpacket: 8
[ 2155.437432][T23524] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[ 2155.448446][T23524] usb 4-1: config 179 has no interface number 0
[ 2155.458589][T23524] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 2155.474101][T23524] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 2155.486165][T23524] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 2155.505186][T23524] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 2155.520623][T23524] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 2155.536651][T23524] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 2155.548613][T23524] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2155.563428][T19340] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[ 2156.495554][T19354] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5699'.
[ 2157.045909][T19364] tipc: Cannot configure node identity twice
[ 2157.536824][T19374] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 2157.628577][T19369] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5704'.
[ 2157.921323][T12162] Bluetooth: hci3: command 0x0406 tx timeout
[ 2157.970226][T19339] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[ 2157.987442][T19339] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[ 2158.054657][T19339] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 2158.071045][T19339] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 2158.187494][T19339] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 2158.193835][T19339] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 2158.448776][T19339] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 2158.456276][T19339] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 2158.562282][T19339] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 2158.570153][T17774] usb 6-1: new high-speed USB device number 123 using dummy_hcd
[ 2158.580910][T19339] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 2158.638884][T23524] usb 4-1: USB disconnect, device number 63
[ 2158.644999][    C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 2158.645040][    C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 2158.745786][T17774] usb 6-1: Using ep0 maxpacket: 16
[ 2158.759373][T17774] usb 6-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 2158.778800][T17774] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2158.821007][T17774] usb 6-1: Product: syz
[ 2158.825244][T17774] usb 6-1: Manufacturer: syz
[ 2159.060488][T17774] usb 6-1: SerialNumber: syz
[ 2159.084131][T17774] usb 6-1: config 0 descriptor??
[ 2159.113212][T17774] visor 6-1:0.0: Sony Clie 3.5 converter detected
[ 2159.431359][T19379] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2159.463840][T19379] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2159.708594][T17774] usb 6-1: Sony Clie 3.5 converter now attached to ttyUSB0
[ 2159.840143][T23524] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 2159.922960][T17774] usb 6-1: USB disconnect, device number 123
[ 2159.977964][T17774] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0
[ 2160.009176][T17774] visor 6-1:0.0: device disconnected
[ 2160.022342][T23524] usb 4-1: New USB device found, idVendor=5543, idProduct=0047, bcdDevice= 0.00
[ 2160.043323][T23524] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2160.091507][T23524] usb 4-1: config 0 descriptor??
[ 2160.723679][T23524] usb 4-1: string descriptor 0 read error: -71
[ 2160.733682][T23524] uclogic 0003:5543:0047.0019: failed retrieving string descriptor #200: -71
[ 2160.755143][T23524] uclogic 0003:5543:0047.0019: failed retrieving pen parameters: -71
[ 2160.766586][T23524] uclogic 0003:5543:0047.0019: failed probing pen v2 parameters: -71
[ 2160.777362][T23524] uclogic 0003:5543:0047.0019: failed probing parameters: -71
[ 2160.786232][T23524] uclogic 0003:5543:0047.0019: probe with driver uclogic failed with error -71
[ 2160.801833][T23524] usb 4-1: USB disconnect, device number 64
[ 2161.000089][  T979] usb 6-1: new high-speed USB device number 124 using dummy_hcd
[ 2161.272777][  T979] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2161.316668][  T979] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2161.375833][  T979] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[ 2161.420432][  T979] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2161.481165][  T979] usb 6-1: config 0 descriptor??
[ 2161.672095][T17775] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 2161.830091][T17775] usb 4-1: Using ep0 maxpacket: 32
[ 2161.837439][T17775] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2161.868642][T17775] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2161.883442][T17775] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 2161.913781][T17775] usb 4-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[ 2161.932689][  T979] hid-led 0003:0FC5:B080.001A: unknown main item tag 0x0
[ 2161.958717][T17775] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2161.960681][T19432] FAULT_INJECTION: forcing a failure.
[ 2161.960681][T19432] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2161.980567][T19432] CPU: 1 UID: 0 PID: 19432 Comm: syz.1.5725 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2161.980597][T19432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2161.980625][T19432] Call Trace:
[ 2161.980635][T19432]  <TASK>
[ 2161.980645][T19432]  dump_stack_lvl+0x189/0x250
[ 2161.980675][T19432]  ? __pfx____ratelimit+0x10/0x10
[ 2161.980705][T19432]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2161.980731][T19432]  ? __pfx__printk+0x10/0x10
[ 2161.980776][T19432]  should_fail_ex+0x414/0x560
[ 2161.980811][T19432]  _copy_to_user+0x31/0xb0
[ 2161.980839][T19432]  video_usercopy+0xeb2/0x14f0
[ 2161.980873][T19432]  ? __pfx___video_do_ioctl+0x10/0x10
[ 2161.980894][T19432]  ? __pfx_video_usercopy+0x10/0x10
[ 2161.980935][T19432]  ? __fget_files+0x2a/0x420
[ 2161.980973][T19432]  v4l2_ioctl+0x18d/0x1e0
[ 2161.981012][T19432]  v4l2_compat_ioctl32+0x1d4/0x260
[ 2161.981045][T19432]  __ia32_compat_sys_ioctl+0x543/0x840
[ 2161.981077][T19432]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 2161.981107][T19432]  ? __fget_files+0x3a0/0x420
[ 2161.981149][T19432]  ? fput+0xa0/0xd0
[ 2161.981173][T19432]  ? ksys_write+0x22a/0x250
[ 2161.981212][T19432]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2161.981246][T19432]  __do_fast_syscall_32+0xb6/0x2b0
[ 2161.981280][T19432]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2161.981314][T19432]  do_fast_syscall_32+0x34/0x80
[ 2161.981346][T19432]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2161.981373][T19432] RIP: 0023:0xf7fc2539
[ 2161.981391][T19432] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2161.981412][T19432] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 2161.981435][T19432] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c040565f
[ 2161.981450][T19432] RDX: 0000000080000940 RSI: 0000000000000000 RDI: 0000000000000000
[ 2161.981465][T19432] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2161.981478][T19432] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2161.981491][T19432] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2161.981524][T19432]  </TASK>
[ 2162.227399][  T979] hid-led 0003:0FC5:B080.001A: probe with driver hid-led failed with error -71
[ 2162.229738][T17775] usb 4-1: config 0 descriptor??
[ 2162.241315][  T979] usb 6-1: USB disconnect, device number 124
[ 2162.803283][T19439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2162.827030][T19439] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2163.082586][T17778] usb 6-1: new high-speed USB device number 125 using dummy_hcd
[ 2163.272489][T23524] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 2163.330308][T17774] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[ 2163.390298][T17778] usb 6-1: Using ep0 maxpacket: 16
[ 2163.409915][T17778] usb 6-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 2163.426374][T17778] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2163.435489][T17778] usb 6-1: Product: syz
[ 2163.445013][T17778] usb 6-1: Manufacturer: syz
[ 2163.449872][T17778] usb 6-1: SerialNumber: syz
[ 2163.450225][T23524] usb 5-1: Using ep0 maxpacket: 16
[ 2163.465885][T17778] usb 6-1: config 0 descriptor??
[ 2163.479798][T17778] visor 6-1:0.0: Sony Clie 3.5 converter detected
[ 2163.503001][T17774] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 2163.520717][T17774] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2163.531844][T23524] usb 5-1: config 0 has no interfaces?
[ 2163.537424][T23524] usb 5-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[ 2163.553060][T17774] usb 2-1: config 0 descriptor??
[ 2163.586897][T17774] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 2163.600533][T23524] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2163.634776][T23524] usb 5-1: config 0 descriptor??
[ 2163.679159][T19441] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2163.690644][T19441] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2163.780397][T19451] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2163.815438][T19451] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2163.866247][T19451] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2163.962942][T17778] usb 6-1: Sony Clie 3.5 converter now attached to ttyUSB0
[ 2163.966277][T19451] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2164.230964][T17778] usb 6-1: USB disconnect, device number 125
[ 2164.369377][T17778] clie_3.5 ttyUSB0: Sony Clie 3.5 converter now disconnected from ttyUSB0
[ 2164.403082][T17778] visor 6-1:0.0: device disconnected
[ 2164.471501][T17775] usbhid 4-1:0.0: can't add hid device: -71
[ 2164.499533][T17775] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 2164.529177][T17775] usb 4-1: USB disconnect, device number 65
[ 2164.552939][T17774] cpia1 2-1:0.0: unexpected state after lo power cmd: 00
[ 2165.692288][T17774] gspca_cpia1: usb_control_msg 02, error -110
[ 2165.720251][T17774] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0)
[ 2165.743397][ T1303] ieee802154 phy0 wpan0: encryption failed: -22
[ 2165.750102][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[ 2166.232853][T17778] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 2166.446452][  T979] usb 5-1: USB disconnect, device number 83
[ 2166.465932][T17778] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2166.576891][T17778] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 2166.621328][T19475] netlink: 212 bytes leftover after parsing attributes in process `syz.5.5735'.
[ 2166.662199][T19475] netlink: 33 bytes leftover after parsing attributes in process `syz.5.5735'.
[ 2166.839388][T19476] program syz.4.5736 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2166.938389][T17778] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 2166.964486][T17778] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 2167.030589][T17778] usb 4-1: Product: syz
[ 2167.096005][T17778] usb 4-1: Manufacturer: syz
[ 2167.207933][T17778] usb 4-1: SerialNumber: syz
[ 2167.373174][T17778] usb 4-1: config 0 descriptor??
[ 2167.890198][T23524] usb 4-1: USB disconnect, device number 66
[ 2168.108145][T19485] syzkaller1: entered promiscuous mode
[ 2168.129243][T19485] syzkaller1: entered allmulticast mode
[ 2168.149315][T19485] fuse: Unknown parameter 'default_permissionsìØùìx)Íô¥E…»èùhrŠß]ìéá䨫«ó1Æ{lcUIùcDôôen|Ö¿exW¨¯]-÷o7p3¹hP@í’¸
Ö益ÜŠa”±ýc€»s'
[ 2168.151552][T19487] FAULT_INJECTION: forcing a failure.
[ 2168.151552][T19487] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2168.234075][T19487] CPU: 1 UID: 0 PID: 19487 Comm: syz.0.5741 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2168.234121][T19487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2168.234136][T19487] Call Trace:
[ 2168.234145][T19487]  <TASK>
[ 2168.234156][T19487]  dump_stack_lvl+0x189/0x250
[ 2168.234189][T19487]  ? __pfx____ratelimit+0x10/0x10
[ 2168.234220][T19487]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2168.234247][T19487]  ? __pfx__printk+0x10/0x10
[ 2168.234278][T19487]  ? __might_fault+0xb0/0x130
[ 2168.234321][T19487]  should_fail_ex+0x414/0x560
[ 2168.234355][T19487]  _copy_from_user+0x2d/0xb0
[ 2168.234382][T19487]  video_usercopy+0x354/0x14f0
[ 2168.234415][T19487]  ? __pfx___video_do_ioctl+0x10/0x10
[ 2168.234436][T19487]  ? __pfx_video_usercopy+0x10/0x10
[ 2168.234473][T19487]  ? __fget_files+0x2a/0x420
[ 2168.234510][T19487]  v4l2_ioctl+0x18d/0x1e0
[ 2168.234547][T19487]  v4l2_compat_ioctl32+0x1d4/0x260
[ 2168.234577][T19487]  __ia32_compat_sys_ioctl+0x543/0x840
[ 2168.234608][T19487]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 2168.234636][T19487]  ? __fget_files+0x3a0/0x420
[ 2168.234675][T19487]  ? fput+0xa0/0xd0
[ 2168.234698][T19487]  ? ksys_write+0x22a/0x250
[ 2168.234736][T19487]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2168.234768][T19487]  __do_fast_syscall_32+0xb6/0x2b0
[ 2168.234800][T19487]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2168.234832][T19487]  do_fast_syscall_32+0x34/0x80
[ 2168.234864][T19487]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2168.234899][T19487] RIP: 0023:0xf7fc3539
[ 2168.234918][T19487] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2168.234938][T19487] RSP: 002b:00000000f54e655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 2168.234961][T19487] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0d05605
[ 2168.234977][T19487] RDX: 00000000800002c0 RSI: 0000000000000000 RDI: 0000000000000000
[ 2168.234990][T19487] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2168.235003][T19487] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2168.235016][T19487] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2168.235046][T19487]  </TASK>
[ 2168.462533][T17778] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 2168.780266][T17778] usb 4-1: Using ep0 maxpacket: 8
[ 2168.880722][T17778] usb 4-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 2168.889823][T17778] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2168.938416][T17778] usb 4-1: Product: syz
[ 2168.943374][T17778] usb 4-1: Manufacturer: syz
[ 2168.948017][T17778] usb 4-1: SerialNumber: syz
[ 2168.962863][T17778] usb 4-1: config 0 descriptor??
[ 2169.872741][T17775] usb 2-1: USB disconnect, device number 29
[ 2170.285657][T19507] FAULT_INJECTION: forcing a failure.
[ 2170.285657][T19507] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2170.299212][T19507] CPU: 1 UID: 0 PID: 19507 Comm: syz.4.5747 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2170.299236][T19507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2170.299248][T19507] Call Trace:
[ 2170.299256][T19507]  <TASK>
[ 2170.299263][T19507]  dump_stack_lvl+0x189/0x250
[ 2170.299288][T19507]  ? __pfx____ratelimit+0x10/0x10
[ 2170.299310][T19507]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2170.299329][T19507]  ? __pfx__printk+0x10/0x10
[ 2170.299352][T19507]  ? __might_fault+0xb0/0x130
[ 2170.299382][T19507]  should_fail_ex+0x414/0x560
[ 2170.299406][T19507]  _copy_from_user+0x2d/0xb0
[ 2170.299425][T19507]  drm_ioctl+0x58a/0xb10
[ 2170.299445][T19507]  ? __lock_acquire+0xab9/0xd20
[ 2170.299471][T19507]  ? __pfx_drm_mode_create_lease_ioctl+0x10/0x10
[ 2170.299498][T19507]  ? __pfx_drm_ioctl+0x10/0x10
[ 2170.299528][T19507]  ? __fget_files+0x3a0/0x420
[ 2170.299551][T19507]  ? __fget_files+0x2a/0x420
[ 2170.299573][T19507]  ? drm_compat_ioctl+0xa7/0x330
[ 2170.299599][T19507]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[ 2170.299622][T19507]  __ia32_compat_sys_ioctl+0x543/0x840
[ 2170.299645][T19507]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 2170.299665][T19507]  ? __fget_files+0x3a0/0x420
[ 2170.299694][T19507]  ? fput+0xa0/0xd0
[ 2170.299710][T19507]  ? ksys_write+0x22a/0x250
[ 2170.299737][T19507]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2170.299761][T19507]  __do_fast_syscall_32+0xb6/0x2b0
[ 2170.299784][T19507]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2170.299808][T19507]  do_fast_syscall_32+0x34/0x80
[ 2170.299830][T19507]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2170.299849][T19507] RIP: 0023:0xf704e539
[ 2170.299863][T19507] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2170.299877][T19507] RSP: 002b:00000000f543e55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 2170.299894][T19507] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c01864c6
[ 2170.299905][T19507] RDX: 0000000080000440 RSI: 0000000000000000 RDI: 0000000000000000
[ 2170.299915][T19507] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2170.299924][T19507] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2170.299933][T19507] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2170.299955][T19507]  </TASK>
[ 2170.470310][T17778] usb 4-1: USB disconnect, device number 67
[ 2170.631362][T17775] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[ 2171.090116][T17775] usb 2-1: Using ep0 maxpacket: 16
[ 2171.113094][T17775] usb 2-1: config 0 has no interfaces?
[ 2171.125668][T17775] usb 2-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[ 2171.137795][T17775] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2171.246535][T17775] usb 2-1: config 0 descriptor??
[ 2171.569036][T19516] netlink: 'syz.4.5749': attribute type 4 has an invalid length.
[ 2171.577164][T19516] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.5749'.
[ 2171.717571][T19520] netlink: 48 bytes leftover after parsing attributes in process `syz.4.5749'.
[ 2172.639321][T19535] netlink: 24 bytes leftover after parsing attributes in process `syz.0.5752'.
[ 2172.703051][T19537] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5751'.
[ 2173.420661][  T979] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[ 2173.551520][T23524] usb 2-1: USB disconnect, device number 30
[ 2173.625660][  T979] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2173.637046][  T979] usb 4-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2173.668946][  T979] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2173.694236][  T979] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2173.833163][  T979] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 2173.982250][  T979] usb 4-1: invalid MIDI out EP 0
[ 2174.200727][  T979] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2174.209866][T14625] udevd[14625]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2176.197908][T19561] bond1: entered allmulticast mode
[ 2176.245643][T19561] 8021q: adding VLAN 0 to HW filter on device bond1
[ 2176.262039][T19564] netlink: 'syz.4.5761': attribute type 1 has an invalid length.
[ 2176.427531][T17776] usb 4-1: USB disconnect, device number 68
[ 2176.584834][T19566] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[ 2176.643105][   T12] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 2176.675286][T19567] 8021q: adding VLAN 0 to HW filter on device bond2
[ 2176.800562][T19798] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 2177.096275][T19584] netlink: 17 bytes leftover after parsing attributes in process `syz.5.5767'.
[ 2177.166615][T19587] 
[ 2177.169094][T19587] =====================================================
[ 2177.176041][T19587] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[ 2177.183525][T19587] 6.16.0-syzkaller-12250-gc30a13538d9f #0 Not tainted
[ 2177.190316][T19587] -----------------------------------------------------
[ 2177.197437][T19587] syz.3.5764/19587 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 2177.205186][T19587] ffffffff8de0c058 (tasklist_lock){.+.+}-{3:3}, at: send_sigurg+0x12b/0x420
[ 2177.213916][T19587] 
[ 2177.213916][T19587] and this task is already holding:
[ 2177.221298][T19587] ffff8880212cc2a0 (&f_owner->lock){....}-{3:3}, at: send_sigurg+0x55/0x420
[ 2177.230057][T19587] which would create a new lock dependency:
[ 2177.235987][T19587]  (&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3}
[ 2177.243598][T19587] 
[ 2177.243598][T19587] but this new dependency connects a SOFTIRQ-irq-safe lock:
[ 2177.253066][T19587]  (&dev->event_lock#2){..-.}-{3:3}
[ 2177.253102][T19587] 
[ 2177.253102][T19587] ... which became SOFTIRQ-irq-safe at:
[ 2177.266041][T19587]   lock_acquire+0x120/0x360
[ 2177.270667][T19587]   _raw_spin_lock_irqsave+0xa7/0xf0
[ 2177.276050][T19587]   input_event+0x76/0xe0
[ 2177.280415][T19587]   atp_complete_geyser_3_4+0x11f2/0x1e80
[ 2177.286145][T19587]   __usb_hcd_giveback_urb+0x417/0x690
[ 2177.291834][T19587]   dummy_timer+0x862/0x4550
[ 2177.296569][T19587]   __hrtimer_run_queues+0x52c/0xc60
[ 2177.301879][T19587]   hrtimer_run_softirq+0x187/0x2b0
[ 2177.307115][T19587]   handle_softirqs+0x283/0x870
[ 2177.311978][T19587]   __irq_exit_rcu+0xca/0x1f0
[ 2177.316667][T19587]   irq_exit_rcu+0x9/0x30
[ 2177.321002][T19587]   sysvec_apic_timer_interrupt+0xa6/0xc0
[ 2177.326760][T19587]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2177.332859][T19587]   _raw_spin_unlock_irqrestore+0xa8/0x110
[ 2177.338693][T19587]   dummy_urb_enqueue+0x58a/0x780
[ 2177.343731][T19587]   usb_hcd_submit_urb+0x325/0x1aa0
[ 2177.348943][T19587]   atp_open+0x63/0xc0
[ 2177.353042][T19587]   input_open_device+0x1d0/0x390
[ 2177.358191][T19587]   mousedev_open_device+0xcc/0x150
[ 2177.363422][T19587]   mousedev_open+0x2ef/0x4a0
[ 2177.368133][T19587]   chrdev_open+0x4cc/0x5e0
[ 2177.372654][T19587]   do_dentry_open+0x953/0x13f0
[ 2177.377525][T19587]   vfs_open+0x3b/0x340
[ 2177.381702][T19587]   path_openat+0x2ee5/0x3830
[ 2177.386399][T19587]   do_filp_open+0x1fa/0x410
[ 2177.391017][T19587]   do_sys_openat2+0x121/0x1c0
[ 2177.395791][T19587]   __x64_sys_openat+0x138/0x170
[ 2177.400740][T19587]   do_syscall_64+0xfa/0x3b0
[ 2177.405454][T19587]   entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2177.411448][T19587] 
[ 2177.411448][T19587] to a SOFTIRQ-irq-unsafe lock:
[ 2177.418478][T19587]  (tasklist_lock){.+.+}-{3:3}
[ 2177.418508][T19587] 
[ 2177.418508][T19587] ... which became SOFTIRQ-irq-unsafe at:
[ 2177.431249][T19587] ...
[ 2177.431260][T19587]   lock_acquire+0x120/0x360
[ 2177.438453][T19587]   _raw_read_lock+0x36/0x50
[ 2177.443054][T19587]   __do_wait+0xde/0x740
[ 2177.447331][T19587]   do_wait+0x1f8/0x520
[ 2177.451516][T19587]   kernel_wait+0xab/0x170
[ 2177.455970][T19587]   call_usermodehelper_exec_work+0xbe/0x230
[ 2177.461969][T19587]   process_scheduled_works+0xade/0x17b0
[ 2177.467609][T19587]   worker_thread+0x8a0/0xda0
[ 2177.472312][T19587]   kthread+0x70e/0x8a0
[ 2177.476479][T19587]   ret_from_fork+0x3fc/0x770
[ 2177.481198][T19587]   ret_from_fork_asm+0x1a/0x30
[ 2177.486078][T19587] 
[ 2177.486078][T19587] other info that might help us debug this:
[ 2177.486078][T19587] 
[ 2177.496327][T19587] Chain exists of:
[ 2177.496327][T19587]   &dev->event_lock#2 --> &f_owner->lock --> tasklist_lock
[ 2177.496327][T19587] 
[ 2177.509561][T19587]  Possible interrupt unsafe locking scenario:
[ 2177.509561][T19587] 
[ 2177.517884][T19587]        CPU0                    CPU1
[ 2177.523273][T19587]        ----                    ----
[ 2177.528642][T19587]   lock(tasklist_lock);
[ 2177.532897][T19587]                                local_irq_disable();
[ 2177.539655][T19587]                                lock(&dev->event_lock#2);
[ 2177.546865][T19587]                                lock(&f_owner->lock);
[ 2177.553725][T19587]   <Interrupt>
[ 2177.557187][T19587]     lock(&dev->event_lock#2);
[ 2177.562073][T19587] 
[ 2177.562073][T19587]  *** DEADLOCK ***
[ 2177.562073][T19587] 
[ 2177.570394][T19587] 2 locks held by syz.3.5764/19587:
[ 2177.575597][T19587]  #0: ffff888077888f40 (&u->lock){+.+.}-{3:3}, at: queue_oob+0x1b0/0x4f0
[ 2177.584173][T19587]  #1: ffff8880212cc2a0 (&f_owner->lock){....}-{3:3}, at: send_sigurg+0x55/0x420
[ 2177.593544][T19587] 
[ 2177.593544][T19587] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[ 2177.603973][T19587]    -> (&dev->event_lock#2){..-.}-{3:3} {
[ 2177.609819][T19587]       IN-SOFTIRQ-W at:
[ 2177.614066][T19587]                           lock_acquire+0x120/0x360
[ 2177.620791][T19587]                           _raw_spin_lock_irqsave+0xa7/0xf0
[ 2177.628262][T19587]                           input_event+0x76/0xe0
[ 2177.634688][T19587]                           atp_complete_geyser_3_4+0x11f2/0x1e80
[ 2177.642541][T19587]                           __usb_hcd_giveback_urb+0x417/0x690
[ 2177.650129][T19587]                           dummy_timer+0x862/0x4550
[ 2177.656841][T19587]                           __hrtimer_run_queues+0x52c/0xc60
[ 2177.664227][T19587]                           hrtimer_run_softirq+0x187/0x2b0
[ 2177.671537][T19587]                           handle_softirqs+0x283/0x870
[ 2177.678600][T19587]                           __irq_exit_rcu+0xca/0x1f0
[ 2177.685395][T19587]                           irq_exit_rcu+0x9/0x30
[ 2177.691838][T19587]                           sysvec_apic_timer_interrupt+0xa6/0xc0
[ 2177.699771][T19587]                           asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2177.707959][T19587]                           _raw_spin_unlock_irqrestore+0xa8/0x110
[ 2177.715894][T19587]                           dummy_urb_enqueue+0x58a/0x780
[ 2177.723035][T19587]                           usb_hcd_submit_urb+0x325/0x1aa0
[ 2177.730354][T19587]                           atp_open+0x63/0xc0
[ 2177.736558][T19587]                           input_open_device+0x1d0/0x390
[ 2177.743719][T19587]                           mousedev_open_device+0xcc/0x150
[ 2177.751128][T19587]                           mousedev_open+0x2ef/0x4a0
[ 2177.757956][T19587]                           chrdev_open+0x4cc/0x5e0
[ 2177.764620][T19587]                           do_dentry_open+0x953/0x13f0
[ 2177.771595][T19587]                           vfs_open+0x3b/0x340
[ 2177.777868][T19587]                           path_openat+0x2ee5/0x3830
[ 2177.784655][T19587]                           do_filp_open+0x1fa/0x410
[ 2177.791368][T19587]                           do_sys_openat2+0x121/0x1c0
[ 2177.798233][T19587]                           __x64_sys_openat+0x138/0x170
[ 2177.805270][T19587]                           do_syscall_64+0xfa/0x3b0
[ 2177.811963][T19587]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2177.820132][T19587]       INITIAL USE at:
[ 2177.824642][T19587]                          lock_acquire+0x120/0x360
[ 2177.831260][T19587]                          _raw_spin_lock_irqsave+0xa7/0xf0
[ 2177.838556][T19587]                          input_inject_event+0xa5/0x340
[ 2177.846025][T19587]                          kbd_led_trigger_activate+0xbc/0x100
[ 2177.853603][T19587]                          led_trigger_set+0x52d/0x950
[ 2177.860659][T19587]                          led_trigger_set_default+0x260/0x2a0
[ 2177.868402][T19587]                          led_classdev_register_ext+0x73d/0x930
[ 2177.876157][T19587]                          input_leds_connect+0x517/0x790
[ 2177.883281][T19587]                          input_register_device+0xcfd/0x1140
[ 2177.890835][T19587]                          atkbd_connect+0x72e/0xa00
[ 2177.897549][T19587]                          serio_driver_probe+0x82/0xd0
[ 2177.904504][T19587]                          really_probe+0x26d/0x9e0
[ 2177.911191][T19587]                          __driver_probe_device+0x18c/0x2f0
[ 2177.918571][T19587]                          driver_probe_device+0x4f/0x430
[ 2177.925722][T19587]                          __driver_attach+0x452/0x700
[ 2177.932581][T19587]                          bus_for_each_dev+0x233/0x2b0
[ 2177.939533][T19587]                          serio_handle_event+0x1f9/0x8d0
[ 2177.946675][T19587]                          process_scheduled_works+0xade/0x17b0
[ 2177.954312][T19587]                          worker_thread+0x8a0/0xda0
[ 2177.960993][T19587]                          kthread+0x70e/0x8a0
[ 2177.967213][T19587]                          ret_from_fork+0x3fc/0x770
[ 2177.973898][T19587]                          ret_from_fork_asm+0x1a/0x30
[ 2177.980776][T19587]     }
[ 2177.983543][T19587]     ... key      at: [<ffffffff99e29f00>] input_allocate_device.__key.5+0x0/0x20
[ 2177.992873][T19587]   -> (&client->buffer_lock){....}-{3:3} {
[ 2177.998859][T19587]      INITIAL USE at:
[ 2178.002967][T19587]                        lock_acquire+0x120/0x360
[ 2178.009455][T19587]                        _raw_spin_lock+0x2e/0x40
[ 2178.015892][T19587]                        evdev_handle_get_val+0x70/0x9f0
[ 2178.022955][T19587]                        evdev_ioctl_handler+0x1202/0x1f10
[ 2178.030186][T19587]                        __ia32_compat_sys_ioctl+0x543/0x840
[ 2178.037602][T19587]                        __do_fast_syscall_32+0xb6/0x2b0
[ 2178.044676][T19587]                        do_fast_syscall_32+0x34/0x80
[ 2178.051543][T19587]                        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2178.059799][T19587]    }
[ 2178.062480][T19587]    ... key      at: [<ffffffff99e2a1a0>] evdev_open.__key.25+0x0/0x20
[ 2178.070834][T19587]    ... acquired at:
[ 2178.074829][T19587]    lock_acquire+0x120/0x360
[ 2178.079625][T19587]    _raw_spin_lock+0x2e/0x40
[ 2178.084341][T19587]    evdev_handle_get_val+0x70/0x9f0
[ 2178.089683][T19587]    evdev_ioctl_handler+0x1202/0x1f10
[ 2178.095261][T19587]    __ia32_compat_sys_ioctl+0x543/0x840
[ 2178.100920][T19587]    __do_fast_syscall_32+0xb6/0x2b0
[ 2178.106313][T19587]    do_fast_syscall_32+0x34/0x80
[ 2178.111359][T19587]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2178.117961][T19587] 
[ 2178.120385][T19587]  -> (&new->fa_lock){....}-{3:3} {
[ 2178.125626][T19587]     INITIAL USE at:
[ 2178.129625][T19587]                      lock_acquire+0x120/0x360
[ 2178.135979][T19587]                      _raw_write_lock_irq+0xa2/0xf0
[ 2178.143213][T19587]                      fasync_remove_entry+0xf1/0x1c0
[ 2178.150183][T19587]                      __fput+0x8a2/0xa70
[ 2178.155921][T19587]                      task_work_run+0x1d4/0x260
[ 2178.162264][T19587]                      exit_to_user_mode_loop+0xec/0x110
[ 2178.169311][T19587]                      __do_fast_syscall_32+0x1f4/0x2b0
[ 2178.176544][T19587]                      do_fast_syscall_32+0x34/0x80
[ 2178.183154][T19587]                      entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2178.191290][T19587]     INITIAL READ USE at:
[ 2178.195898][T19587]                           lock_acquire+0x120/0x360
[ 2178.202607][T19587]                           _raw_read_lock_irqsave+0xaf/0x100
[ 2178.210094][T19587]                           kill_fasync+0x199/0x4d0
[ 2178.216696][T19587]                           sock_wake_async+0x137/0x160
[ 2178.223745][T19587]                           sk_wake_async+0x184/0x280
[ 2178.230542][T19587]                           mptcp_destroy_common+0x152/0x320
[ 2178.238010][T19587]                           mptcp_disconnect+0x23d/0x700
[ 2178.245062][T19587]                           inet_shutdown+0x1c1/0x390
[ 2178.251836][T19587]                           __ia32_sys_shutdown+0x13f/0x1a0
[ 2178.259127][T19587]                           __do_fast_syscall_32+0xb6/0x2b0
[ 2178.266438][T19587]                           do_fast_syscall_32+0x34/0x80
[ 2178.273608][T19587]                           entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2178.282140][T19587]   }
[ 2178.284734][T19587]   ... key      at: [<ffffffff99b2af80>] fasync_insert_entry.__key+0x0/0x20
[ 2178.293684][T19587]   ... acquired at:
[ 2178.297578][T19587]    lock_acquire+0x120/0x360
[ 2178.302270][T19587]    _raw_read_lock_irqsave+0xaf/0x100
[ 2178.307745][T19587]    kill_fasync+0x199/0x4d0
[ 2178.312346][T19587]    evdev_pass_values+0x627/0xbd0
[ 2178.317480][T19587]    evdev_events+0x1e6/0x340
[ 2178.322348][T19587]    input_pass_values+0x285/0x890
[ 2178.327485][T19587]    input_event_dispose+0x330/0x6b0
[ 2178.332798][T19587]    input_inject_event+0x1dd/0x340
[ 2178.338011][T19587]    evdev_write+0x2fc/0x480
[ 2178.342619][T19587]    vfs_write+0x27b/0xb30
[ 2178.347137][T19587]    ksys_write+0x145/0x250
[ 2178.351685][T19587]    __do_fast_syscall_32+0xb6/0x2b0
[ 2178.357170][T19587]    do_fast_syscall_32+0x34/0x80
[ 2178.362236][T19587]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2178.368753][T19587] 
[ 2178.371086][T19587] -> (&f_owner->lock){....}-{3:3} {
[ 2178.376320][T19587]    INITIAL USE at:
[ 2178.380226][T19587]                    lock_acquire+0x120/0x360
[ 2178.386333][T19587]                    _raw_write_lock_irq+0xa2/0xf0
[ 2178.392871][T19587]                    __f_setown+0x67/0x370
[ 2178.398700][T19587]                    generic_setlease+0xd60/0x1240
[ 2178.405300][T19587]                    fcntl_setlease+0x3a2/0x4c0
[ 2178.411560][T19587]                    do_fcntl+0x6a9/0x1910
[ 2178.417376][T19587]                    do_compat_fcntl64+0x477/0x720
[ 2178.424066][T19587]                    __do_fast_syscall_32+0xb6/0x2b0
[ 2178.430763][T19587]                    do_fast_syscall_32+0x34/0x80
[ 2178.437280][T19587]                    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2178.445183][T19587]    INITIAL READ USE at:
[ 2178.449613][T19587]                         lock_acquire+0x120/0x360
[ 2178.456132][T19587]                         _raw_read_lock_irqsave+0xaf/0x100
[ 2178.463446][T19587]                         send_sigio+0x38/0x370
[ 2178.469700][T19587]                         kill_fasync+0x24d/0x4d0
[ 2178.476295][T19587]                         lease_break_callback+0x26/0x30
[ 2178.483423][T19587]                         __break_lease+0x6a2/0x1620
[ 2178.490197][T19587]                         do_dentry_open+0x8b7/0x13f0
[ 2178.496965][T19587]                         vfs_open+0x3b/0x340
[ 2178.503043][T19587]                         path_openat+0x2ee5/0x3830
[ 2178.509657][T19587]                         do_filp_open+0x1fa/0x410
[ 2178.516499][T19587]                         do_open_execat+0x135/0x560
[ 2178.523199][T19587]                         open_exec+0x40/0x60
[ 2178.529281][T19587]                         load_script+0x6e9/0x860
[ 2178.535713][T19587]                         bprm_execve+0x99c/0x1450
[ 2178.542224][T19587]                         do_execveat_common+0x510/0x6a0
[ 2178.549255][T19587]                         __ia32_compat_sys_execveat+0xca/0xe0
[ 2178.556811][T19587]                         __do_fast_syscall_32+0xb6/0x2b0
[ 2178.563958][T19587]                         do_fast_syscall_32+0x34/0x80
[ 2178.570837][T19587]                         entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2178.579184][T19587]  }
[ 2178.581686][T19587]  ... key      at: [<ffffffff99b2af60>] file_f_owner_allocate.__key+0x0/0x20
[ 2178.590568][T19587]  ... acquired at:
[ 2178.594405][T19587]    lock_acquire+0x120/0x360
[ 2178.599095][T19587]    _raw_read_lock_irqsave+0xaf/0x100
[ 2178.604571][T19587]    send_sigio+0x38/0x370
[ 2178.609000][T19587]    kill_fasync+0x24d/0x4d0
[ 2178.613604][T19587]    lease_break_callback+0x26/0x30
[ 2178.618815][T19587]    __break_lease+0x6a2/0x1620
[ 2178.623678][T19587]    do_dentry_open+0x8b7/0x13f0
[ 2178.628637][T19587]    vfs_open+0x3b/0x340
[ 2178.632899][T19587]    path_openat+0x2ee5/0x3830
[ 2178.637672][T19587]    do_filp_open+0x1fa/0x410
[ 2178.642361][T19587]    do_open_execat+0x135/0x560
[ 2178.647223][T19587]    open_exec+0x40/0x60
[ 2178.651477][T19587]    load_script+0x6e9/0x860
[ 2178.656139][T19587]    bprm_execve+0x99c/0x1450
[ 2178.660830][T19587]    do_execveat_common+0x510/0x6a0
[ 2178.666047][T19587]    __ia32_compat_sys_execveat+0xca/0xe0
[ 2178.671869][T19587]    __do_fast_syscall_32+0xb6/0x2b0
[ 2178.677171][T19587]    do_fast_syscall_32+0x34/0x80
[ 2178.682211][T19587]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2178.688754][T19587] 
[ 2178.691086][T19587] 
[ 2178.691086][T19587] the dependencies between the lock to be acquired
[ 2178.691096][T19587]  and SOFTIRQ-irq-unsafe lock:
[ 2178.704636][T19587] -> (tasklist_lock){.+.+}-{3:3} {
[ 2178.709801][T19587]    HARDIRQ-ON-R at:
[ 2178.713804][T19587]                     lock_acquire+0x120/0x360
[ 2178.720033][T19587]                     _raw_read_lock+0x36/0x50
[ 2178.726236][T19587]                     __do_wait+0xde/0x740
[ 2178.732080][T19587]                     do_wait+0x1f8/0x520
[ 2178.737835][T19587]                     kernel_wait+0xab/0x170
[ 2178.743844][T19587]                     call_usermodehelper_exec_work+0xbe/0x230
[ 2178.751410][T19587]                     process_scheduled_works+0xade/0x17b0
[ 2178.758701][T19587]                     worker_thread+0x8a0/0xda0
[ 2178.764952][T19587]                     kthread+0x70e/0x8a0
[ 2178.770683][T19587]                     ret_from_fork+0x3fc/0x770
[ 2178.776928][T19587]                     ret_from_fork_asm+0x1a/0x30
[ 2178.783360][T19587]    SOFTIRQ-ON-R at:
[ 2178.787356][T19587]                     lock_acquire+0x120/0x360
[ 2178.793539][T19587]                     _raw_read_lock+0x36/0x50
[ 2178.799705][T19587]                     __do_wait+0xde/0x740
[ 2178.805541][T19587]                     do_wait+0x1f8/0x520
[ 2178.811296][T19587]                     kernel_wait+0xab/0x170
[ 2178.817297][T19587]                     call_usermodehelper_exec_work+0xbe/0x230
[ 2178.825037][T19587]                     process_scheduled_works+0xade/0x17b0
[ 2178.832254][T19587]                     worker_thread+0x8a0/0xda0
[ 2178.838505][T19587]                     kthread+0x70e/0x8a0
[ 2178.844237][T19587]                     ret_from_fork+0x3fc/0x770
[ 2178.850498][T19587]                     ret_from_fork_asm+0x1a/0x30
[ 2178.856933][T19587]    INITIAL USE at:
[ 2178.860833][T19587]                    lock_acquire+0x120/0x360
[ 2178.866916][T19587]                    _raw_write_lock_irq+0xa2/0xf0
[ 2178.873438][T19587]                    copy_process+0x224f/0x3c00
[ 2178.879686][T19587]                    kernel_clone+0x21e/0x840
[ 2178.885783][T19587]                    user_mode_thread+0xdd/0x140
[ 2178.892206][T19587]                    rest_init+0x23/0x300
[ 2178.897941][T19587]                    start_kernel+0x3a9/0x410
[ 2178.904019][T19587]                    x86_64_start_reservations+0x24/0x30
[ 2178.911077][T19587]                    x86_64_start_kernel+0x143/0x1c0
[ 2178.918285][T19587]                    common_startup_64+0x13e/0x147
[ 2178.924805][T19587]    INITIAL READ USE at:
[ 2178.929142][T19587]                         lock_acquire+0x120/0x360
[ 2178.935679][T19587]                         _raw_read_lock+0x36/0x50
[ 2178.942221][T19587]                         __do_wait+0xde/0x740
[ 2178.948406][T19587]                         do_wait+0x1f8/0x520
[ 2178.954493][T19587]                         kernel_wait+0xab/0x170
[ 2178.960849][T19587]                         call_usermodehelper_exec_work+0xbe/0x230
[ 2178.968936][T19587]                         process_scheduled_works+0xade/0x17b0
[ 2178.976489][T19587]                         worker_thread+0x8a0/0xda0
[ 2178.983172][T19587]                         kthread+0x70e/0x8a0
[ 2178.989254][T19587]                         ret_from_fork+0x3fc/0x770
[ 2178.995850][T19587]                         ret_from_fork_asm+0x1a/0x30
[ 2179.002633][T19587]  }
[ 2179.005137][T19587]  ... key      at: [<ffffffff8de0c058>] tasklist_lock+0x18/0x40
[ 2179.012874][T19587]  ... acquired at:
[ 2179.016685][T19587]    lock_acquire+0x120/0x360
[ 2179.021387][T19587]    _raw_read_lock+0x36/0x50
[ 2179.026075][T19587]    send_sigurg+0x12b/0x420
[ 2179.030674][T19587]    sk_send_sigurg+0x6c/0x2e0
[ 2179.035454][T19587]    queue_oob+0x420/0x4f0
[ 2179.039880][T19587]    unix_stream_sendmsg+0xc3f/0xdf0
[ 2179.045184][T19587]    __sock_sendmsg+0x21c/0x270
[ 2179.050054][T19587]    ____sys_sendmsg+0x505/0x830
[ 2179.055003][T19587]    ___sys_sendmsg+0x21f/0x2a0
[ 2179.059856][T19587]    __sys_sendmsg+0x164/0x220
[ 2179.064626][T19587]    __do_fast_syscall_32+0xb6/0x2b0
[ 2179.069984][T19587]    do_fast_syscall_32+0x34/0x80
[ 2179.075028][T19587]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2179.081537][T19587] 
[ 2179.083862][T19587] 
[ 2179.083862][T19587] stack backtrace:
[ 2179.089765][T19587] CPU: 0 UID: 0 PID: 19587 Comm: syz.3.5764 Not tainted 6.16.0-syzkaller-12250-gc30a13538d9f #0 PREEMPT(full) 
[ 2179.089794][T19587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2179.089808][T19587] Call Trace:
[ 2179.089819][T19587]  <TASK>
[ 2179.089828][T19587]  dump_stack_lvl+0x189/0x250
[ 2179.089856][T19587]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2179.089878][T19587]  ? __pfx__printk+0x10/0x10
[ 2179.089908][T19587]  validate_chain+0x1f05/0x2140
[ 2179.089937][T19587]  __lock_acquire+0xab9/0xd20
[ 2179.089968][T19587]  ? send_sigurg+0x12b/0x420
[ 2179.089990][T19587]  lock_acquire+0x120/0x360
[ 2179.090018][T19587]  ? send_sigurg+0x12b/0x420
[ 2179.090039][T19587]  ? _raw_read_lock_irqsave+0xbb/0x100
[ 2179.090067][T19587]  _raw_read_lock+0x36/0x50
[ 2179.090090][T19587]  ? send_sigurg+0x12b/0x420
[ 2179.090109][T19587]  send_sigurg+0x12b/0x420
[ 2179.090130][T19587]  sk_send_sigurg+0x6c/0x2e0
[ 2179.090155][T19587]  queue_oob+0x420/0x4f0
[ 2179.090179][T19587]  ? __pfx_queue_oob+0x10/0x10
[ 2179.090200][T19587]  ? kasan_save_track+0x4f/0x80
[ 2179.090223][T19587]  ? kasan_save_track+0x3e/0x80
[ 2179.090245][T19587]  ? kasan_save_free_info+0x46/0x50
[ 2179.090264][T19587]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[ 2179.090289][T19587]  unix_stream_sendmsg+0xc3f/0xdf0
[ 2179.090314][T19587]  ? __lock_acquire+0xab9/0xd20
[ 2179.090349][T19587]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[ 2179.090370][T19587]  ? __asan_memset+0x22/0x50
[ 2179.090390][T19587]  ? __import_iovec+0x5d4/0x7f0
[ 2179.090411][T19587]  ? aa_sock_msg_perm+0xda/0x1d0
[ 2179.090440][T19587]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2179.090459][T19587]  ? __pfx_unix_stream_sendmsg+0x10/0x10
[ 2179.090480][T19587]  __sock_sendmsg+0x21c/0x270
[ 2179.090504][T19587]  ____sys_sendmsg+0x505/0x830
[ 2179.090524][T19587]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2179.090549][T19587]  ___sys_sendmsg+0x21f/0x2a0
[ 2179.090566][T19587]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2179.090583][T19587]  ? do_raw_spin_lock+0x121/0x290
[ 2179.090618][T19587]  ? __fget_files+0x2a/0x420
[ 2179.090646][T19587]  ? __fget_files+0x3a0/0x420
[ 2179.090677][T19587]  __sys_sendmsg+0x164/0x220
[ 2179.090694][T19587]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2179.090719][T19587]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2179.090735][T19587]  ? __ia32_compat_sys_rt_sigprocmask+0x2a7/0x310
[ 2179.090764][T19587]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2179.090789][T19587]  __do_fast_syscall_32+0xb6/0x2b0
[ 2179.090819][T19587]  do_fast_syscall_32+0x34/0x80
[ 2179.090845][T19587]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 2179.090869][T19587] RIP: 0023:0xf705e539
[ 2179.090886][T19587] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 2179.090904][T19587] RSP: 002b:00000000f540c55c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 2179.090924][T19587] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000080000080
[ 2179.090938][T19587] RDX: 00000000240408c1 RSI: 0000000000000000 RDI: 0000000000000000
[ 2179.090950][T19587] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 2179.090961][T19587] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 2179.090972][T19587] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 2179.090990][T19587]  </TASK>
[ 2179.735398][T17776] usb 6-1: new high-speed USB device number 126 using dummy_hcd
[ 2179.854223][T19564] bond2 (unregistering): (slave ip6gretap1): Removing an active aggregator
[ 2179.865250][T19564] bond2 (unregistering): (slave ip6gretap1): Releasing backup interface
[ 2179.885602][T19564] bond2 (unregistering): Released all slaves
[ 2179.920159][T17776] usb 6-1: Using ep0 maxpacket: 16
[ 2179.925526][T19576] macsec0: entered allmulticast mode
[ 2179.933200][T19579] veth1_macvtap: entered allmulticast mode
[ 2179.939383][T19579] macsec0: left allmulticast mode
[ 2179.944964][T19579] veth1_macvtap: left allmulticast mode
[ 2179.947579][T17776] usb 6-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[ 2180.000096][T12278] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[ 2180.038413][T17776] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2180.048202][T17776] usb 6-1: Product: syz
[ 2180.053727][T17776] usb 6-1: Manufacturer: syz
[ 2180.058497][T17776] usb 6-1: SerialNumber: syz
[ 2180.102869][T17776] usb 6-1: config 0 descriptor??
[ 2180.121458][T17776] usb 6-1: can't set config #0, error -71
[ 2180.129774][T17776] usb 6-1: USB disconnect, device number 126
[ 2180.191869][T12278] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2180.203081][T12278] usb 2-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2180.213947][T12278] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2180.224154][T12278] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2180.241190][T12278] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 2180.248661][T12278] usb 2-1: invalid MIDI out EP 0
[ 2180.288363][T12278] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2181.545903][T17778] usb 2-1: USB disconnect, device number 31