last executing test programs:

3m10.519680022s ago: executing program 2 (id=1578):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS32(0xffffffffffffffff, 0xc0245720, &(0x7f0000000040)={0x1})
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080), 0x101480, 0x0)
sendmsg$IPVS_CMD_DEL_DEST(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, 0x0, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0x28, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv4=@private=0xa010101}, @IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40}, 0x4000010)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x103000, 0x0)
ioctl$TIOCMSET(r2, 0x5418, &(0x7f0000000200)=0x80000001)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000240), 0x2, 0xa}}, 0x20)
ioctl$EVIOCSABS0(r1, 0x401845c0, &(0x7f00000002c0)={0xcf, 0x4, 0x7fff, 0x8, 0xafd, 0x4})
ioctl$BTRFS_IOC_GET_DEV_STATS(r2, 0xc4089434, &(0x7f0000000300)={0x0, 0xc1, 0x0, [0x10, 0x8ba4, 0x100, 0x6, 0x3ff], [0x2, 0x7, 0x0, 0x9, 0x8, 0x0, 0x3, 0x8, 0xe0cb, 0x1, 0x2, 0x4, 0xd69f, 0x3, 0x80000000, 0x6, 0xfff, 0x1, 0x5, 0xffffffff, 0x3, 0x5, 0x100000000, 0xbc, 0x81, 0x10001, 0x4, 0xa, 0x8, 0xa3, 0x5, 0x1, 0x1, 0x4, 0xde4, 0x1c, 0x9, 0x552ef0ca, 0x200, 0x4, 0x40, 0x0, 0xfffffffffffffff7, 0x3, 0x5, 0x4, 0x180000000000, 0x101, 0x6, 0x7, 0x3d7, 0x2, 0x80000001, 0x9, 0x9, 0x5, 0x543, 0x7f, 0x3, 0x5, 0x4, 0x68f, 0x5, 0x0, 0x8f, 0x0, 0x4, 0x1, 0x4, 0x100, 0x7f, 0x2, 0x0, 0xfffffffffffffffc, 0xffff, 0x9c, 0x7, 0x7, 0x6, 0x100, 0x6, 0x18, 0x7f, 0x91d5, 0x7, 0x5, 0x6, 0x4, 0x1000, 0x1000, 0xe, 0x39, 0x80000, 0x9, 0x7, 0x9, 0x0, 0x8, 0x5, 0xa7, 0x9cda, 0x2, 0xfffffffffffeffff, 0x9, 0x7, 0x2b3b56ea, 0x354, 0xffffffffffffff10, 0x4, 0x4d5e, 0x100000000, 0x5, 0x2, 0x0, 0x9, 0x7, 0xe1d, 0xee, 0x5, 0x8, 0x7fff]})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), r1)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r1, &(0x7f0000000840)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000800)={&(0x7f00000007c0)={0x14, r3, 0x20cfd9d4c31d91ae, 0x70bd25, 0x25dfdbfe, {}, ["", "", "", ""]}, 0x14}}, 0x4048880)
ioctl$UI_SET_PROPBIT(r1, 0x4004556e, 0x18)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000880))
ioctl$SNDRV_CTL_IOCTL_ELEM_REMOVE(r1, 0xc0405519, &(0x7f00000008c0)={0x6, 0x2, 0x5db, 0x1000, 'syz0\x00', 0x4})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$smc(&(0x7f0000000900), r1)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000940)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
ioctl$BTRFS_IOC_DEV_INFO(r5, 0xd000941e, &(0x7f0000000980)={0x0, "72b67717e42b1345e84a952f08ca4dbe"})
write$6lowpan_enable(r1, &(0x7f0000001980)='1', 0x1)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f00000019c0)={{0x1, 0x1, 0x18, <r6=>r2, {0xee01, 0xee00}}, './file0\x00'})
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000001a00))
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001d00)={0x4, 0x0, [{0x6000, 0x58, &(0x7f0000001a40)=""/88}, {0x4000, 0x59, &(0x7f0000001ac0)=""/89}, {0x1b3ba9801, 0x83, &(0x7f0000001b40)=""/131}, {0x5000, 0xe2, &(0x7f0000001c00)=""/226}]})
landlock_restrict_self(0xffffffffffffffff, 0xc)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000001e00), r4)
sendmsg$DEVLINK_CMD_TRAP_SET(r1, &(0x7f0000001f40)={&(0x7f0000001dc0)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000001f00)={&(0x7f0000001e40)={0x98, r7, 0x100, 0x70bd25, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5}}, {@pci={{0x8}, {0x11}}, {0x1c}, {0x5}}]}, 0x98}, 0x1, 0x0, 0x0, 0x808}, 0x20004084)
openat2$dir(0xffffffffffffff9c, &(0x7f0000001f80)='./file0\x00', &(0x7f0000001fc0)={0x3, 0x80, 0x1}, 0x18)
write$binfmt_register(r1, &(0x7f0000002000)={0x3a, 'syz2', 0x3a, 'M', 0x3a, 0x9, 0x3a, '', 0x3a, 'source_mac_is_multicast\x00', 0x3a, './file0', 0x3a, [0x50, 0x9]}, 0x41)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f00000020c0), r4)
sendmsg$IPVS_CMD_GET_DAEMON(r4, &(0x7f0000002200)={&(0x7f0000002080)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000021c0)={&(0x7f0000002100)={0x90, r8, 0x400, 0x70bd29, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x3}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_DAEMON={0x14, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @dev={0xac, 0x14, 0x14, 0xc}}]}, @IPVS_CMD_ATTR_DAEMON={0x50, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x5}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x3}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x201}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e20}, @IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}]}, 0x90}, 0x1, 0x0, 0x0, 0x6a9ee93ed4d3e7f0}, 0x0)

3m10.34924574s ago: executing program 2 (id=1579):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000002540), 0x2, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@delneigh={0x24, 0x1d, 0x1, 0x70bd25, 0x25dfdbfb, {0x2, 0x0, 0x0, 0x0, 0x20, 0x14, 0x2}, [@NDA_DST_IPV4={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}]}, 0x24}, 0x1, 0xba01, 0x0, 0x40080}, 0x0) (async)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000240)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e22, 0x4, @loopback, 0x7fffffff}, r3}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r1, &(0x7f00000005c0)={0x15, 0x110, 0xfa00, {r3, 0xfffffffc, 0x0, 0x30, 0x0, @ib={0x1b, 0x8, 0x5, {}, 0x1, 0x2, 0x4}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x80000005}}}, 0x118) (async)
r4 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = syz_kvm_setup_syzos_vm$x86(r5, &(0x7f0000c00000/0x400000)=nil) (async)
r7 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382) (async)
r8 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
pwritev(r8, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r7, 0x4c00, r8) (async)
pwritev2(r8, &(0x7f0000000100)=[{0x0}, {0x0}], 0x2, 0x2, 0x1, 0x10) (async)
sendfile(r7, r7, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r7, 0x4c02, &(0x7f0000000480)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x9, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0) (async)
r10 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0) (async)
ftruncate(r9, 0x800) (async)
ioctl$LOOP_CHANGE_FD(r7, 0x4c06, r7) (async)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f0000000340)={r7, 0x7, {0x0, 0x0, 0x0, 0x9, 0xa0d, 0x0, 0x2, 0x12, 0x10, "dd3f69943eebef80e9574e512a76b415b58af03d88444ad31a3f9ea01c259a99e160f54a91298688cd5460884d46cc0c76c95039b4b23f611de83a86b3f04b8e", "35d42d1c52961cb58491048d190b2ab895d5bdf57430812e4db320c0dab2f4aed97a139b2563926931afecea2b83507e1e3a6dd1d91063f5750b209457b99efe", "b7b0d261e620e7c5ce3dad114bf61645ea5edba56ed7aa2c47ef95aea141ada2", [0x200, 0x6f]}}) (async)
r11 = syz_kvm_add_vcpu$x86(r6, &(0x7f0000000140)={0x0, &(0x7f00000001c0)=[@cpuid={0x14, 0x18, {0xb, 0xde}}], 0x18})
ioctl$KVM_SET_CPUID2(r11, 0x4008ae90, &(0x7f0000000400)=ANY=[@ANYBLOB="01000000000000000b0000000100000003"]) (async)
ioctl$KVM_RUN(r11, 0xae80, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd27, 0x25dfdbff, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e}, [@FRA_GENERIC_POLICY=@FRA_SPORT_RANGE={0x8, 0x17, {0x4e20, 0x4e20}}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)

3m10.216368429s ago: executing program 2 (id=1580):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000040)={0x9, 0x1c, 0xe, 0x1, "2ba60477e9ff4573294980662a40390e4ad47daa34e5f466e7df5c125aa7e2b2"}) (async)
mmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x200000c, 0x80010, r0, 0x880a000) (async)
ioctl$VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, &(0x7f0000000100)=@multiplanar_mmap={0x100, 0xa, 0x4, 0x100000, 0x200, {0x77359400}, {0x3, 0xc, 0x5, 0x6, 0xf6, 0x1, "2d4a0a97"}, 0x401, 0x1, {&(0x7f0000000080)=[{0x7, 0x1, {0x6e94}, 0x2}, {0x8, 0x3, {0x8}, 0x7fffffff}]}, 0x0, 0x0, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x9, 0x1, 0x0, "43b605ab3d7c1b573bcd4183d0d2172778d0140f838cceb9c264d31a8df5a6b8f24395d9995aed483693bb14ac36b5124e9fb5f2f6ec517174c3dc06a0f4b9a4", "3e61fddb45bb955621eb51d82a787b2d281e913476da97c5eb84b905c7a9284ecefd484bdba79605c1b5511ec87c3eba07e652bf2f19bc12c9b04871479f2bc8", "91d8d7c8d0122f0163d3681b38a574ec508df1c5ef5d71eea07fe974e52005cf", [0x7, 0x6]}) (async)
mmap(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x12, r1, 0x1450b000) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xd, 0x1, &(0x7f0000000280)=0x1) (async)
r3 = dup(r2) (async)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x1c, 0x9, 0x6, 0x201, 0x0, 0x0, {0x0, 0x0, 0x7}, [@IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x9}]}, 0x1c}}, 0x8000) (async)
ioctl$IOMMU_HWPT_ALLOC$TEST(r2, 0x3b89, &(0x7f0000000400)={0x28, 0x2, 0x0, 0x0, <r4=>0x0, 0x0, 0xdead, 0x4, &(0x7f00000003c0)})
ioctl$IOMMU_HWPT_GET_DIRTY_BITMAP(r2, 0x3b8c, &(0x7f0000000480)={0x30, r4, 0x1, 0x0, 0xfdd, 0x1, 0x2, &(0x7f0000000440)=""/62}) (async)
r5 = add_key$user(&(0x7f00000004c0), &(0x7f0000000500)={'syz', 0x3}, &(0x7f0000000540)="311c417463f47bd631b2d7a0a52ab7333a4bed56f872d2a7ae599f4872b0f89d44d23a317d43ba21411e6e2a9079919dd09af974ad1beee0075fa5411a1874c4a09ca1ea3fd97ea0e13aae306ea091627d86a3062b8622268616176b21f57d3a1daaab3a666d7f5a18f7114c0a638aab561904068b61a498b760ebe7089df132c326f9365fa4f383c3594cc7f1f78c07dd79d82776485004782cb05df5aafca9f3ce05b51548952130d4a217b2c65fe8140685f5c2ab5ac16ab61fbdc54c5873c743a90b80cc271a639d4eec1f", 0xcd, 0x0) (async)
r6 = add_key$user(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x1}, &(0x7f00000006c0)="b4748bedfa148be3b4ec5618e05bd29f27471100a8c05468524ed46dc1ef2f70c85efde683758412733b28a3199cbe3fa6df1e7a04e9357b9a96d7df07289279f5e14378e3c4abd226d4cd7190422c131f69001d01fdc0e8eb47bdf98dc1dc797830ff36626c0ca9839d5f48006b33f3b958b4b4f021efe7816576c7d49e233a544f74195b8886f9ee32501195e1cec80e6f9a97d75c1fda026cf66c1032af66828a19b13ef503686d332f22543be5c9b0e0bf38fae2282bff34f0d607636681", 0xc0, 0xfffffffffffffffb) (async)
r7 = add_key$user(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, &(0x7f0000000800)="f6adee2ee1839f1ec570e9752ec0f7701a96d1099fdb5a85ac42387eb824048f4e92dd5256880d6e7412ea0be558669ff038e6ece6b8cb50ad0d7d24bcc472235ee153730b04567b3be439bd87be8354f4b693d940671e9d7712d11f68f300fc14fa2c73bbfbab52f2f74b70d39b8d96282170a13ac35f0a86ec9fffc7152f329c7576a70f500585cbccb05eca267e6f513bb553a7bb", 0x96, 0xfffffffffffffffa)
keyctl$dh_compute(0x17, &(0x7f00000008c0)={r5, r6, r7}, &(0x7f0000000900)=""/146, 0x92, &(0x7f0000000ac0)={&(0x7f00000009c0)={'cbcmac(aes)\x00'}, &(0x7f0000000a00)="50352ebca930c652a2be220aa17f08d86f28ab47e6eb0236df9837a4010a3226a00340ecde51f99d3e482cfc6ffdae03495ff738349f1ffd620dae4d479618db816b9a1f98b79ac462da2fa390686ae0ed24528a2aa4b83804104f98d0a8621baaf70d1c98a0be1d96d2d9f8fa81594547e58a2b806a08a0d51aa7ff0e0bc8952f9912b92a9fc5fcd705ebf586da9abacc2eaf84b7c417623795b55b", 0x9c})
keyctl$instantiate(0xc, r7, 0x0, 0x0, 0xfffffffffffffffc) (async)
setsockopt$MRT6_ADD_MFC(r2, 0x29, 0xcc, &(0x7f0000000b00)={{0xa, 0x4e20, 0x8, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xfffffff7}, {0xa, 0x4e22, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}, 0x24c59444}, 0xffffffffffffffff, {[0x9d3a, 0x8, 0x101, 0x8000, 0x3, 0x1, 0x4, 0x4]}}, 0x5c)
ioctl$SNDCTL_DSP_SYNC(r2, 0x5001, 0x0) (async)
ioctl$VIDIOC_G_CROP(r2, 0xc014563b, &(0x7f0000000b80)={0xc, {0x9, 0x101, 0x437b, 0x7fffffff}})
mmap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8, 0x13, r0, 0xffc46000)
r8 = add_key$keyring(&(0x7f0000000d00), &(0x7f0000000d40)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
add_key$user(&(0x7f0000000bc0), &(0x7f0000000c00)={'syz', 0x0}, &(0x7f0000000c40)="1f02c946092d31c0c8d2fe3b6a766e710d0849c95349f192450f584bb30cc8f1fc0cf5c2fdea411b062bd2301669b31045ae71e08348ed2dac70158f459de1ef3ce7f5d3d2d9edaaeb1aaebf880f0bd4636b1896df7255c937776f1fe1a21de559c0462eb3c07c2ba930b6a2142f415862a1c9b164b8e166e921fffd5a82be344726d7ca29666b531924d19dea6649a8d7346defa2c41aab", 0x98, r8)
connect$inet(r2, &(0x7f0000000d80)={0x2, 0x4e20, @multicast2}, 0x10)
clock_gettime(0x0, &(0x7f0000003680)={<r9=>0x0, <r10=>0x0})
recvmmsg(r3, &(0x7f00000035c0)=[{{&(0x7f0000000dc0)=@generic, 0x80, &(0x7f0000001f00)=[{&(0x7f0000000e40)=""/192, 0xc0}, {&(0x7f0000000f00)=""/4096, 0x1000}], 0x2, &(0x7f0000001f40)=""/195, 0xc3}, 0x5}, {{&(0x7f0000002040)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f0000003380)=[{&(0x7f00000020c0)=""/250, 0xfa}, {&(0x7f00000021c0)=""/133, 0x85}, {&(0x7f0000002280)=""/233, 0xe9}, {&(0x7f0000002380)=""/4096, 0x1000}], 0x4, &(0x7f00000033c0)=""/106, 0x6a}, 0xe}, {{&(0x7f0000003440)=@alg, 0x80, &(0x7f0000003540)=[{&(0x7f00000034c0)=""/67, 0x43}], 0x1, &(0x7f0000003580)=""/31, 0x1f}, 0xd00}], 0x3, 0x1, &(0x7f00000036c0)={r9, r10+60000000}) (async)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$IP6T_SO_GET_INFO(r2, 0x29, 0x40, &(0x7f0000003700)={'security\x00', 0x0, [0x0, 0x1, 0xd, 0x101, 0x2]}, &(0x7f0000003780)=0x54) (async)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f00000037c0)={@multicast2, @multicast1, @remote}, 0xc) (async)
ioctl$IOMMU_TEST_OP_MD_CHECK_MAP(r2, 0x3ba0, &(0x7f0000003900)={0x48, 0x3, r4, 0x0, 0x2, 0xf3, &(0x7f0000003800)="cee5e3133df834910abd50537d0e3ccc1f3795ffda0dce719290a94727c482a628427736f0c77b13173e629ea7a1b4a2b3c1fb957a608c874d5e1156d5f9f965c1b99df950bc5b4bb7eaf603f32597cd64a1889bf70d52bd7139392b8b9a292028924a946c575ce418fa81d769e4bd8901d54b3904b12beebe45beb00610a7a1a71d2132c8f54c08cf1b83e67289691ddeabf57eeda5d58852f4d0ecb2a3422b77b94c1d2e3faba9d016f21c2427b5b60d016dd9c39cafff7fc7ef82f574f300108db2b66081a3ee9cd97a8a5ce91c86ece6078fb1b0a59802bee938d4bd6f923a4d94ba95e4a686999b01e007b4b74a698173"})

3m8.639254218s ago: executing program 2 (id=1587):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) (async)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000001c0)={0x0, 0x2, {}, {<r2=>0xee01}, 0x400, 0xfffffffffffffff9}) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000240)=0xc)
mount$fuseblk(&(0x7f0000000080), &(0x7f0000000100)='./file0\x00', &(0x7f0000000180), 0x2101008, &(0x7f0000000340)={{'fd', 0x3d, r1}, 0x2c, {}, 0x2c, {'user_id', 0x3d, r2}, 0x2c, {'group_id', 0x3d, r3}, 0x2c, {[{@max_read={'max_read', 0x3d, 0x9}}, {@allow_other}, {@allow_other}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0xfffffffffffffffa}}, {@max_read={'max_read', 0x3d, 0x8}}, {@max_read={'max_read', 0x3d, 0x2}}, {@max_read={'max_read', 0x3d, 0x1}}, {@max_read={'max_read', 0x3d, 0x5}}], [{@pcr={'pcr', 0x3d, 0x10}}, {@fscontext={'fscontext', 0x3d, 'system_u'}}, {@subj_user={'subj_user', 0x3d, '/dev/fuse\x00'}}, {@smackfshat}, {@smackfshat={'smackfshat', 0x3d, '['}}, {@fsname={'fsname', 0x3d, ':}^]@'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '\'@\'\xb4^!'}}, {@seclabel}]}})
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async, rerun: 64)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) (rerun: 64)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x84000, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00') (async)
socket$packet(0x11, 0x2, 0x300) (async, rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (rerun: 64)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x7, 0x0, 0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x5}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000}, 0x20004000) (async)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070088000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)
sendfile(r5, r5, &(0x7f0000000000)=0x2eb4, 0x2000007ff)

3m7.865374456s ago: executing program 2 (id=1595):
r0 = socket$kcm(0x10, 0x2, 0x4)
listen(0xffffffffffffffff, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3f700000fff6ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c00014002080c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x4040)

3m6.747098833s ago: executing program 2 (id=1602):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) (async, rerun: 64)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000001c0)={0x200, 0x43d2, {<r2=>0x0}, {0xee00}, 0x2, 0x3ff})
prctl$PR_SCHED_CORE(0x3e, 0x3, r2, 0x2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3) (async)
openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async, rerun: 32)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) (async, rerun: 32)
syz_usb_connect(0x0, 0x36, &(0x7f0000000f00)={{0x12, 0x1, 0x0, 0x7c, 0xe7, 0xc8, 0x10, 0x4d8, 0xa30, 0xce47, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0xd, 0xe6, 0x7a, 0x0, [], [{{0x9, 0x5, 0x4, 0x2}}, {{0x9, 0x5, 0x81, 0x2, 0x3ff}}]}}]}}]}}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) (async)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0xc00000000000018, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x0, 0xffffffffffffffff, 0x1c, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x11}, 0x50)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newlink={0x58, 0x10, 0x401, 0x2000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x13101}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x24, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @IFLA_GRE_IKEY={0x8}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d300000000000000800050001040f0f080003000000080008000f00f7ffffff08000600040000000800110009000000080002"], 0x5c}}, 0x0)
syz_open_dev$vim2m(0x0, 0x800, 0x2)
r7 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0) (async)
getxattr(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=@known='system.advise\x00', &(0x7f0000000480)=""/220, 0xdc)
ioctl$VIDIOC_S_SELECTION(r7, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x6}}) (async)
r8 = socket$netlink(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0) (async, rerun: 64)
close_range(0xffffffffffffffff, r3, 0x0) (async, rerun: 64)
ioctl$sock_SIOCBRDELBR(r8, 0x89a2, &(0x7f0000000000)='bridge0\x00') (async, rerun: 64)
socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
syz_emit_ethernet(0x4e, &(0x7f00000003c0)={@random, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x18, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @private0, [{0x22, 0x0, '(3'}]}}}}}}, 0x0)

3m6.179172769s ago: executing program 32 (id=1602):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) (async, rerun: 64)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 64)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000001c0)={0x200, 0x43d2, {<r2=>0x0}, {0xee00}, 0x2, 0x3ff})
prctl$PR_SCHED_CORE(0x3e, 0x3, r2, 0x2, 0x0)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3) (async)
openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (async, rerun: 32)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0) (async, rerun: 32)
syz_usb_connect(0x0, 0x36, &(0x7f0000000f00)={{0x12, 0x1, 0x0, 0x7c, 0xe7, 0xc8, 0x10, 0x4d8, 0xa30, 0xce47, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0xd, 0xe6, 0x7a, 0x0, [], [{{0x9, 0x5, 0x4, 0x2}}, {{0x9, 0x5, 0x81, 0x2, 0x3ff}}]}}]}}]}}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0) (async)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$MAP_CREATE(0xc00000000000018, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x0, 0xffffffffffffffff, 0x1c, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x11}, 0x50)
r4 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newlink={0x58, 0x10, 0x401, 0x2000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x13101}, [@IFLA_LINKINFO={0x38, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x24, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x5, @ipv4={'\x00', '\xff\xff', @private=0xa010101}}, @IFLA_GRE_IKEY={0x8}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000001400000018000180140002006e657464657673696d300000000000000800050001040f0f080003000000080008000f00f7ffffff08000600040000000800110009000000080002"], 0x5c}}, 0x0)
syz_open_dev$vim2m(0x0, 0x800, 0x2)
r7 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0) (async)
getxattr(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180)=@known='system.advise\x00', &(0x7f0000000480)=""/220, 0xdc)
ioctl$VIDIOC_S_SELECTION(r7, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x7, {0x8000, 0x1000, 0x4, 0x6}}) (async)
r8 = socket$netlink(0x10, 0x3, 0x0)
socket$tipc(0x1e, 0x5, 0x0) (async, rerun: 64)
close_range(0xffffffffffffffff, r3, 0x0) (async, rerun: 64)
ioctl$sock_SIOCBRDELBR(r8, 0x89a2, &(0x7f0000000000)='bridge0\x00') (async, rerun: 64)
socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
syz_emit_ethernet(0x4e, &(0x7f00000003c0)={@random, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x18, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @private0, [{0x22, 0x0, '(3'}]}}}}}}, 0x0)

4.972278965s ago: executing program 1 (id=2425):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000000c0)={0x3})
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000000))

4.59330944s ago: executing program 1 (id=2431):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x12, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000006180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d25d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196bafe5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca00", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x90, 0x0, 0x719, {0xf7ffffffffffffff, 0x2, 0x2, 0x0, 0x0, 0x0, {0x40, 0x200003, 0x200000000, 0xffff, 0x0, 0x0, 0x8000, 0x0, 0x120, 0x6000, 0x0, 0x0, 0x0, 0x902, 0x5}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
lsetxattr$trusted_overlay_nlink(&(0x7f0000000000)='./file0/file1\x00', &(0x7f0000000040), 0x0, 0x0, 0x2)
acct(&(0x7f0000000240)='./file0/file1\x00')
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x80000, 0x1cc0340, 0x0, 0x2, 0xfffffffd, 0xfffffffc, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)

4.593119657s ago: executing program 5 (id=2433):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22, 0x0, @empty, 0x4}, 0x1c)
listen(r0, 0x81)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000180)="580000001400add427323b470c45b45602067fffffff81004e22030d00ff0028925aa8002000eaa57b00090080020efffeffe809020000ff0004f03adcac4b74ffffffffffffffffffffffe7ee0000000000000000020000", 0x58}], 0x1)

4.472243363s ago: executing program 5 (id=2436):
r0 = socket$netlink(0x10, 0x3, 0x8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000001700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[@rights={{0x18, 0x1, 0x1, [r1, r2]}}], 0x18, 0x4000}, 0x40014)
close_range(r0, 0xffffffffffffffff, 0x0)

4.354564767s ago: executing program 5 (id=2438):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x8, 0xf, 0x0, &(0x7f0000000040)='syzkaller\x00'}, 0x94)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffff9]}, 0x0, 0x8)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000180)=0x37)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x4fee, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

4.332192887s ago: executing program 1 (id=2439):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffcffffff, 0x20031, 0xffffffffffffffff, 0xbe9f5000)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x2e8})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0x0, 0x18100})
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

3.752936067s ago: executing program 5 (id=2451):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = syz_open_procfs(0x0, &(0x7f0000002340)='fdinfo\x00')
getdents(r1, &(0x7f00000008c0)=""/52, 0x34)
getdents64(r1, &(0x7f0000000100)=""/208, 0xd0)

3.453299841s ago: executing program 3 (id=2454):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x41, 0x80)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, 0x1ff, 0x0, 0x0)

3.203330949s ago: executing program 1 (id=2457):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c000200200000001f000000060001000000000008000500", @ANYRES32=r0, @ANYBLOB='\b\x00\n\x00', @ANYRES32, @ANYBLOB="0a000100000070"], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

3.137461105s ago: executing program 3 (id=2458):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000001fc0)={'ip6tnl0\x00', &(0x7f0000001f40)={'ip6gre0\x00', r2, 0x4, 0x9e, 0xb, 0xd854, 0x23, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10, 0x80, 0x1, 0x1}})

2.842411621s ago: executing program 3 (id=2460):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='v'], 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x0, &(0x7f0000000200)})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000001c0)=ANY=[@ANYBLOB="010000000000000071000040"])
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
mq_notify(0xffffffffffffffff, &(0x7f0000000380)={0x1000000000000, 0x0, 0x2, @thr={0x0, 0x0}})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='D\x00', @ANYRES32=0x0, @ANYBLOB="0000000000b401002400128009000100626f6e640000000014000280"], 0x44}, 0x1, 0x0, 0x0, 0x850}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x4000081, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x4, 0x5, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.721402559s ago: executing program 1 (id=2461):
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/icmp\x00')
preadv(r0, &(0x7f0000000480)=[{&(0x7f00000003c0)=""/174, 0xae}], 0x1, 0x9, 0x2082)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="4c0000006d00673c2bbd7000ffdadf2500000000", @ANYRES32=0x0, @ANYBLOB="0110040006e802001800348014403c0076657468315f746f5f626f6e6400000014000300"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x0)

2.527697206s ago: executing program 1 (id=2464):
dup(0xffffffffffffffff)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mkdir(0x0, 0x0)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000), 0x0)

2.465527988s ago: executing program 3 (id=2465):
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x12, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000030000000000000000000000850000003900000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)

2.117323361s ago: executing program 3 (id=2468):
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock2(&(0x7f0000381000/0x4000)=nil, 0x4000, 0x0)
r0 = memfd_secret(0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2, 0x13, r0, 0x8000000)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x4000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r0, 0x8000000)

1.845795609s ago: executing program 3 (id=2471):
r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0xcc19, 0x13001, 0x0, 0x2fb}, &(0x7f0000000100), &(0x7f0000000140))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000000080)=0x8000000ffffffff)
timer_create(0x1, &(0x7f0000000200)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r3=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r3, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xd3283d036ae269b3, 0x8031, 0xffffffffffffffff, 0x99cf0000)
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r1, 0x0, r4, 0x0, 0x7, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00')
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1ff)
read$FUSE(r6, &(0x7f0000000940)={0x2020}, 0x2020)
fchdir(r5)
statx(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x2000, 0x1, &(0x7f0000000240))
shutdown(r2, 0x1)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020662a, &(0x7f00000002c0)={0xffffffff80000000, 0x4, 0x1, 0x9, 0x5, 0x0, [{0x8, 0x3, 0x7, '\x00', 0x802}, {0x8e, 0x6, 0x8}, {0xc6f8, 0xfffffffffffffffc, 0x0, '\x00', 0x8}, {0x4, 0x598, 0xb31, '\x00', 0x2003}, {0xf4, 0x101, 0x2, '\x00', 0x681}]})
r7 = eventfd2(0x5, 0x80000)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x7, &(0x7f0000000000)=r7, 0x1)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r8, &(0x7f00000039c0)=[{{&(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x2e}}, 0x10, 0x0}}], 0x1, 0x2000c844)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="30007cb53b1300001000c1001b0000260da2300000000000", @ANYRES32=0x0, @ANYBLOB="8000000002000200080004000000000008001b"], 0x30}}, 0x0)

1.78557365s ago: executing program 0 (id=2472):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/56, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/97, 0x0, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000080)={0x3, 0x1})

1.641457798s ago: executing program 0 (id=2474):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="340000001100010027bd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="20100000000004001400030076657468315f766c616e"], 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x4000000)

1.292396959s ago: executing program 4 (id=2476):
ioperm(0x101, 0x1, 0x3)
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x101042, 0x0)
truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9)

1.121181421s ago: executing program 4 (id=2477):
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x208, 0xc0})
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

829.596885ms ago: executing program 4 (id=2478):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f00000000c0)='mand\x00', 0x0, 0x0)

740.578104ms ago: executing program 0 (id=2479):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000340)={@ifindex, 0xffffffffffffffff, 0x1d, 0x14}, 0x20)

702.697203ms ago: executing program 5 (id=2480):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000200)={r1, &(0x7f0000000040)="ec", &(0x7f00000001c0)=@udp=r0}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xfff3}}}, 0x24}}, 0x0)

601.467075ms ago: executing program 4 (id=2481):
syz_io_uring_setup(0x4175, &(0x7f0000000240)={0x0, 0x136f, 0x2, 0x2, 0x1be}, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x9, &(0x7f0000000040)={0x0, 0x20c8a1, 0x1c881, 0x0, 0x3b6})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f00000001c0)={0x28, 0x3, 0x0, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x800})
readlink(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
io_uring_enter(r0, 0x2219, 0xa3bb, 0x16, 0x0, 0x0)

533.575552ms ago: executing program 0 (id=2482):
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x10)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000000714010000000000000000000800", @ANYRES32=r1], 0x30}}, 0x94)

414.173707ms ago: executing program 4 (id=2483):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000040)={'ip6tnl0\x00', &(0x7f0000000280)={'ip6_vti0\x00', 0x0, 0x0, 0x9, 0x2, 0xb, 0x6a, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2={0xff, 0x5}, 0x8000, 0x40, 0x7d, 0x1}})

273.466166ms ago: executing program 0 (id=2484):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='ext4_es_find_extent_range_exit\x00'}, 0x18)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="5c0000000101010100000000000000000a0000003c0001800c000280040001003a0000002c00018014000300fc02000000000000000000000000000014000400ff0200000000000000000000000000010c00198008000100"], 0x5c}}, 0x0)

162.680635ms ago: executing program 0 (id=2485):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
mremap(&(0x7f0000097000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f0000bff000/0x400000)=nil)

91.420853ms ago: executing program 4 (id=2486):
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x36)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000190000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x0, {0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
write$tcp_congestion(r2, &(0x7f00000000c0)='lp\x00', 0xfffffdef)

0s ago: executing program 5 (id=2487):
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x3e, 0x6542)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/pm_debug_messages', 0x0, 0x80)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x6, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x7]}})
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f0000000340)={0x0, {}, 0x0, {}, 0xff, 0x9, 0x13, 0x4, "37b4d3e0a295c063efbca67058155dae4d051017e2658b6321b6b95afbcccce8383326b28e3bb521f92c100b407e9d2bcf8194cd73c1508ac9b61a086cd48fa5", "4f1f59a6a6c31fa7f80111c2fbf28fa76a849280ba805279b0ded705630b65a2", [0x6]})

kernel console output (not intermixed with test programs):

: 16
[  516.515756][ T5941] usb 5-1: New USB device found, idVendor=04dd, idProduct=8002, bcdDevice=fc.b6
[  516.526089][   T30] audit: type=1326 audit(1759854714.671:6056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.4.2069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  516.548541][    C0] vkms_vblank_simulate: vblank timer overrun
[  516.580953][ T5941] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  516.622013][ T5941] usb 5-1: Product: syz
[  516.626396][ T5941] usb 5-1: Manufacturer: syz
[  516.631315][ T5941] usb 5-1: SerialNumber: syz
[  516.636221][   T30] audit: type=1326 audit(1759854714.671:6057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.4.2069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  516.670614][   T30] audit: type=1326 audit(1759854714.671:6058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.4.2069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f22c038ef03 code=0x7ffc0000
[  516.694279][ T5941] usb 5-1: config 0 descriptor??
[  516.726439][ T5941] safe_serial 5-1:0.0: safe_serial converter detected
[  516.775427][ T5941] usb 5-1: safe_serial converter now attached to ttyUSB0
[  516.794428][   T30] audit: type=1326 audit(1759854714.671:6059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.4.2069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f22c038ef87 code=0x7ffc0000
[  516.816837][    C0] vkms_vblank_simulate: vblank timer overrun
[  516.877274][   T30] audit: type=1326 audit(1759854714.671:6060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13167 comm="syz.4.2069" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f22c034632d code=0x7ffc0000
[  517.237605][T13171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  517.302019][ T5941] usb 1-1: reset high-speed USB device number 88 using dummy_hcd
[  517.334305][T13171] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  517.424843][T11710] usb 5-1: USB disconnect, device number 84
[  517.446669][T11710] safe_serial ttyUSB0: safe_serial converter now disconnected from ttyUSB0
[  517.482015][ T5941] usb 1-1: device descriptor read/64, error -32
[  517.515786][T11710] safe_serial 5-1:0.0: device disconnected
[  517.750051][T13211] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  517.756626][T13211] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  517.821529][T13211] vhci_hcd vhci_hcd.0: Device attached
[  517.905477][T13215] loop2: detected capacity change from 0 to 7
[  517.913360][T13215] Dev loop2: unable to read RDB block 7
[  517.919080][T13215]  loop2: unable to read partition table
[  517.933160][T13215] loop2: partition table beyond EOD, truncated
[  517.939483][T13215] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  517.976191][T13213] IPVS: set_ctl: invalid protocol: 59 224.0.0.1:20002
[  518.072352][   T44] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[  518.183886][ T5925] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[  518.363511][ T5844] usb 1-1: USB disconnect, device number 88
[  518.402366][ T5925] usb 4-1: Using ep0 maxpacket: 16
[  518.433305][ T5925] usb 4-1: config index 0 descriptor too short (expected 8192, got 36)
[  518.458471][ T5925] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  518.495402][ T5925] usb 4-1: config 0 has no interfaces?
[  518.507777][ T5925] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  518.535833][ T5925] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  518.602335][T13233] 8021q: adding VLAN 0 to HW filter on device batadv1
[  518.618914][ T5925] usb 4-1: rejected 1 configuration due to insufficient available bus power
[  518.637345][T13233] team0: Port device batadv1 added
[  518.643856][ T5925] usb 4-1: no configuration chosen from 1 choice
[  518.778548][T13237] input: syz0 as /devices/virtual/input/input30
[  519.090754][T13152] syz_tun: left allmulticast mode
[  519.593470][T13259] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2089'.
[  519.619025][T13259] netlink: 'syz.4.2089': attribute type 1 has an invalid length.
[  520.031997][ T5912] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  520.195059][ T5912] usb 6-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  520.207361][ T5912] usb 6-1: config 0 interface 0 has no altsetting 0
[  520.220749][ T5912] usb 6-1: New USB device found, idVendor=0c70, idProduct=f014, bcdDevice= 0.00
[  520.231140][ T5912] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  520.246813][ T5912] usb 6-1: config 0 descriptor??
[  520.268324][T13278] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2096'.
[  520.581936][T13284] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2098'.
[  520.686750][ T5912] aquacomputer_d5next 0003:0C70:F014.0025: unknown main item tag 0x0
[  520.697865][ T5912] aquacomputer_d5next 0003:0C70:F014.0025: unknown main item tag 0x0
[  520.712331][ T5912] aquacomputer_d5next 0003:0C70:F014.0025: unknown main item tag 0x0
[  520.759147][ T5912] aquacomputer_d5next 0003:0C70:F014.0025: hidraw0: USB HID v0.00 Device [HID 0c70:f014] on usb-dummy_hcd.5-1/input0
[  520.759283][ T5941] usb 4-1: USB disconnect, device number 71
[  520.792617][T13212] vhci_hcd: connection reset by peer
[  520.814382][ T1082] vhci_hcd: stop threads
[  520.818701][ T1082] vhci_hcd: release socket
[  520.830706][ T1082] vhci_hcd: disconnect device
[  520.862047][T11710] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[  520.921363][ T5912] usb 6-1: USB disconnect, device number 25
[  520.993292][T13289] fido_id[13289]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  521.044683][T11710] usb 2-1: config index 0 descriptor too short (expected 45, got 36)
[  521.055806][T11710] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  521.110408][T11710] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  521.126206][T11710] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  521.150239][T11710] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  521.170934][T11710] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  521.181043][T11710] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  521.197492][T11710] usb 2-1: config 0 descriptor??
[  521.206003][T13284] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  521.412267][ T5941] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  521.606018][ T5941] usb 4-1: Using ep0 maxpacket: 32
[  521.625526][T13284] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  521.636363][ T5941] usb 4-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  521.648824][T13284] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  521.663812][ T5941] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  521.749576][ T5941] usb 4-1: Product: syz
[  521.753117][T13305] fuse: Unknown parameter '7d90x0000000000000003'
[  521.755823][T11710] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  521.771758][ T5941] usb 4-1: Manufacturer: syz
[  521.776634][ T5941] usb 4-1: SerialNumber: syz
[  521.783289][T11710] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  521.791343][T11710] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  521.799989][ T5941] usb 4-1: config 0 descriptor??
[  521.805270][ T5844] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  521.823263][ T5941] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  521.832682][T11710] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  521.841898][T11710] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  521.850480][T11710] plantronics 0003:047F:FFFF.0026: unknown main item tag 0x0
[  521.872044][T11710] plantronics 0003:047F:FFFF.0026: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  521.942540][T11987] usb 2-1: USB disconnect, device number 81
[  521.973159][ T5929] usb 1-1: new high-speed USB device number 89 using dummy_hcd
[  522.006677][T13308] fido_id[13308]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  522.024170][ T5844] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  522.069091][ T5844] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  522.095446][ T5844] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  522.228527][ T5844] usb 6-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00
[  522.247727][ T5844] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.256092][ T5929] usb 1-1: Using ep0 maxpacket: 32
[  522.273454][ T5844] usb 6-1: config 0 descriptor??
[  522.297341][ T5929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 131, changing to 11
[  522.339808][ T5929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 49607, setting to 1024
[  522.351399][ T5941] gspca_ov534_9: reg_w failed -110
[  522.397486][ T5929] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  522.572163][ T5929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  522.644398][ T5929] usb 1-1: config 0 descriptor??
[  522.712206][ T5844] itetech 0003:048D:8595.0027: item fetching failed at offset 3/7
[  522.720934][ T5844] itetech 0003:048D:8595.0027: probe with driver itetech failed with error -22
[  522.753166][ T5929] hub 1-1:0.0: USB hub found
[  522.823757][T13321] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2108'.
[  522.891966][ T5941] gspca_ov534_9: Unknown sensor 0000
[  522.892095][ T5941] ov534_9 4-1:0.0: probe with driver ov534_9 failed with error -22
[  522.980819][ T5844] usb 6-1: USB disconnect, device number 26
[  522.989729][ T5941] usb 4-1: USB disconnect, device number 72
[  523.202114][   T44] vhci_hcd: vhci_device speed not set
[  523.250375][T13326] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2109'.
[  523.481466][T13328] loop2: detected capacity change from 0 to 7
[  523.550504][T13328] Dev loop2: unable to read RDB block 7
[  523.602692][T13328]  loop2: AHDI p2 p3
[  523.609531][T13328] loop2: partition table partially beyond EOD, truncated
[  523.658351][T13328] loop2: p2 start 13841266 is beyond EOD, truncated
[  523.932063][T11987] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  524.103365][T11987] usb 6-1: Using ep0 maxpacket: 16
[  524.130528][T11987] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  524.169641][T11987] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  524.209809][T11987] usb 6-1: Product: syz
[  524.232390][T11987] usb 6-1: Manufacturer: syz
[  524.247208][T11987] usb 6-1: SerialNumber: syz
[  524.294025][T11987] r8152-cfgselector 6-1: Unknown version 0x0000
[  524.320941][T11987] r8152-cfgselector 6-1: config 0 descriptor??
[  524.723647][ T5844] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[  524.803666][T11987] r8152-cfgselector 6-1: USB disconnect, device number 27
[  524.900448][ T5844] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  524.962010][ T5844] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  525.013959][ T5844] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  525.047819][ T5929] hub 1-1:0.0: config failed, can't read hub descriptor (err -22)
[  525.079703][ T5844] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.103208][ T5844] usb 5-1: Product: syz
[  525.107696][ T5844] usb 5-1: Manufacturer: syz
[  525.113627][ T5844] usb 5-1: SerialNumber: syz
[  525.118430][ T5929] usbhid 1-1:0.0: can't add hid device: -71
[  525.125233][ T5929] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  525.140353][ T5844] usb 5-1: config 0 descriptor??
[  525.203507][T13345] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  525.213364][ T5929] usb 1-1: USB disconnect, device number 89
[  525.220708][T13345] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  525.279509][T13348] FAULT_INJECTION: forcing a failure.
[  525.279509][T13348] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  525.336123][T13348] CPU: 1 UID: 0 PID: 13348 Comm: syz.1.2116 Not tainted syzkaller #0 PREEMPT(full) 
[  525.336147][T13348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  525.336157][T13348] Call Trace:
[  525.336165][T13348]  <TASK>
[  525.336177][T13348]  dump_stack_lvl+0x189/0x250
[  525.336211][T13348]  ? __pfx____ratelimit+0x10/0x10
[  525.336239][T13348]  ? __pfx_dump_stack_lvl+0x10/0x10
[  525.336266][T13348]  ? __pfx__printk+0x10/0x10
[  525.336309][T13348]  should_fail_ex+0x414/0x560
[  525.336337][T13348]  _copy_to_user+0x31/0xb0
[  525.336366][T13348]  simple_read_from_buffer+0xe1/0x170
[  525.336407][T13348]  proc_fail_nth_read+0x1b3/0x220
[  525.336440][T13348]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  525.336467][T13348]  ? rw_verify_area+0x2a6/0x4d0
[  525.336489][T13348]  ? __lock_acquire+0xab9/0xd20
[  525.336509][T13348]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  525.336542][T13348]  vfs_read+0x1fd/0xa30
[  525.336572][T13348]  ? fdget_pos+0x247/0x320
[  525.336600][T13348]  ? __pfx___mutex_lock+0x10/0x10
[  525.336621][T13348]  ? __pfx_vfs_read+0x10/0x10
[  525.336645][T13348]  ? __fget_files+0x2a/0x420
[  525.336681][T13348]  ? __fget_files+0x3a0/0x420
[  525.336703][T13348]  ? __fget_files+0x2a/0x420
[  525.336733][T13348]  ksys_read+0x145/0x250
[  525.336765][T13348]  ? __pfx_ksys_read+0x10/0x10
[  525.336786][T13348]  ? rcu_is_watching+0x15/0xb0
[  525.336815][T13348]  ? do_syscall_64+0xbe/0x3b0
[  525.336849][T13348]  do_syscall_64+0xfa/0x3b0
[  525.336877][T13348]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.336897][T13348]  ? asm_common_interrupt+0x26/0x40
[  525.336917][T13348]  ? clear_bhb_loop+0x60/0xb0
[  525.336936][T13348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.336952][T13348] RIP: 0033:0x7f8e5df8d8dc
[  525.336971][T13348] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  525.336991][T13348] RSP: 002b:00007f8e5ed7b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  525.337014][T13348] RAX: ffffffffffffffda RBX: 00007f8e5e1e5fa0 RCX: 00007f8e5df8d8dc
[  525.337031][T13348] RDX: 000000000000000f RSI: 00007f8e5ed7b0a0 RDI: 0000000000000004
[  525.337045][T13348] RBP: 00007f8e5ed7b090 R08: 0000000000000000 R09: 0000000000000000
[  525.337060][T13348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  525.337070][T13348] R13: 00007f8e5e1e6038 R14: 00007f8e5e1e5fa0 R15: 00007f8e5e30fa28
[  525.337094][T13348]  </TASK>
[  525.707956][T13345] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  525.766163][T13345] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  525.915851][T13356] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2119'.
[  526.111541][T13366] loop2: detected capacity change from 0 to 7
[  526.136549][T13366] Dev loop2: unable to read RDB block 7
[  526.148346][T13366]  loop2: unable to read partition table
[  526.165707][T13366] loop2: partition table beyond EOD, truncated
[  526.202271][ T1207] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  526.222240][T13366] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  526.255795][ T5844] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  526.365148][ T1207] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  526.409175][T13370] loop2: detected capacity change from 0 to 7
[  526.414399][ T1207] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  526.425135][T13370] Dev loop2: unable to read RDB block 7
[  526.432707][T13370]  loop2: AHDI p2 p3
[  526.436667][T13370] loop2: partition table partially beyond EOD, truncated
[  526.447364][ T1207] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  526.461059][T13370] loop2: p2 start 13841266 is beyond EOD, truncated
[  526.462030][ T1207] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 54, changing to 9
[  526.480160][ T1207] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid maxpacket 8237, setting to 1024
[  526.514942][ T1207] usb 4-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  526.524548][ T1207] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  526.542282][ T1207] usb 4-1: Product: syz
[  526.551972][ T1207] usb 4-1: Manufacturer: syz
[  526.566953][ T1207] usb 4-1: SerialNumber: syz
[  526.589059][ T1207] usb 4-1: config 0 descriptor??
[  526.626640][ T1207] iguanair 4-1:0.0: failed to submit urb: -90
[  526.648322][ T1207] iguanair 4-1:0.0: probe with driver iguanair failed with error -90
[  526.690799][T13376] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2126'.
[  526.703895][T13376] input: syz1 as /devices/virtual/input/input32
[  526.731954][T11987] usb 1-1: new high-speed USB device number 90 using dummy_hcd
[  526.830795][ T1207] usb 4-1: USB disconnect, device number 73
[  526.869946][T13380] fuse: Unknown parameter 'nTracerPid:	0
[  526.869946][T13380] Uid:	0	0	0	0
[  526.869946][T13380] Gid:	0	0	0	0
[  526.869946][T13380] FDSize:	256
[  526.869946][T13380] Groups:	0 65534 
[  526.869946][T13380] NStgid:	1449
[  526.869946][T13380] NSpid:	1450
[  526.869946][T13380] NSpgid:	1449
[  526.869946][T13380] NSsid:	0
[  526.869946][T13380] Kthread:	0
[  526.869946][T13380] VmPeak:	  102092 kB
[  526.869946][T13380] VmSize:	  102092 kB
[  526.869946][T13380] VmLck:	       0 kB
[  526.869946][T13380] VmPin:	       0 kB
[  526.869946][T13380] VmHWM:	   24432 kB
[  526.869946][T13380] VmRSS:	   24432 kB
[  526.869946][T13380] RssAnon:	    1344 kB
[  526.869946][T13380] RssFile:	   23088 kB
[  526.869946][T13380] RssShmem:	       0 kB
[  526.869946][T13380] VmData:	   36584 kB
[  526.869946][T13380] VmStk:	     132 kB
[  526.869946][T13380] VmExe:	    1676 kB
[  526.869946][T13380] VmLib:	       8 kB
[  526.869946][T13380] VmPTE:	     128 kB
[  526.869946][T13380] VmSwap:	       0 kB
[  526.869946][T13380] HugetlbPages:	       0 kB
[  526.869946][T13380] CoreDumping:	0
[  526.869946][T13380] THP_enabled:	1
[  526.869946][T13380] untag_mask:	0xffffffffffffffff
[  526.869946][T13380] Threads:	2
[  526.869946][T13380] SigQ:	0/13018
[  526.869946][T13380] SigPnd:	0000000000000000
[  526.869946][T13380] ShdPnd:	0000000000000000
[  526.869946][T13380] SigBlk:	0000000000000000
[  526.869946][T13380] SigIgn:	fffffffefffaba35
[  526.869946][T13380] SigCgt:	0000000100010440
[  526.869946][T13380] CapInh:	0000000000000000
[  526.869946][T13380] CapPrm:	000001ffff77ffff
[  526.869946][T13380] CapEff:	000001ffff77ffff
[  526.869946][T13380] CapBnd:	000001ffffffffff
[  526.869946][T13380] CapAmb:	0000000000000000
[  526.869946][T13380] NoNewPrivs:	0
[  526.869946][T13380] Seccomp:	0
[  526.869946][T13380] Seccomp_filters:	0
[  526.869946][T13380] Speculation_Store_Bypass:	thread vulnerable
[  526.869946][T13380] SpeculationIndirectBranch:	conditional enabled
[  526.869946][T13380] Cpus_allowed:	3
[  527.052125][    C0] vkms_vblank_simulate: vblank timer overrun
[  527.059620][T11987] usb 1-1: device descriptor read/64, error -71
[  527.078072][T13382] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2127'.
[  527.179238][ T5844] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[  527.200988][ T5844] dm9601 5-1:0.0 eth5: register 'dm9601' at usb-dummy_hcd.4-1, Davicom DM96xx USB 10/100 Ethernet, 02:27:99:fb:1a:a9
[  527.228583][ T5844] usb 5-1: USB disconnect, device number 85
[  527.258187][ T5844] dm9601 5-1:0.0 eth5: unregister 'dm9601' usb-dummy_hcd.4-1, Davicom DM96xx USB 10/100 Ethernet
[  527.372403][T11987] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[  527.412024][ T5925] usb 6-1: new low-speed USB device number 28 using dummy_hcd
[  527.511980][T11987] usb 1-1: device descriptor read/64, error -71
[  527.576788][ T5925] usb 6-1: config 2 has an invalid interface number: 190 but max is 0
[  527.611324][ T5925] usb 6-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  527.651766][T11987] usb usb1-port1: attempt power cycle
[  527.670391][ T5925] usb 6-1: config 2 has no interface number 0
[  527.797855][ T5925] usb 6-1: config 2 interface 190 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  527.863330][T13403] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2133'.
[  527.965103][ T5925] usb 6-1: string descriptor 0 read error: -22
[  527.973410][ T5925] usb 6-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=5f.b5
[  527.991138][ T5925] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  528.150706][T11987] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[  528.215553][T11987] usb 1-1: device descriptor read/8, error -71
[  528.319949][T13415] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2135'.
[  528.378004][T13417] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2135'.
[  528.471994][T11987] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[  528.505527][T11987] usb 1-1: device descriptor read/8, error -71
[  528.632502][T11987] usb usb1-port1: unable to enumerate USB device
[  528.692278][ T5925]  (null): keene_cmd_main failed (-110)
[  528.710898][ T5925] video4linux radio48: keene_cmd_main failed (-32)
[  528.725682][T13428] fuse: Bad value for 'fd'
[  528.742489][ T5925] radio-keene 6-1:2.190: V4L2 device registered as radio48
[  529.034848][T13432] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2139'.
[  529.372497][ T5925] usb 4-1: new full-speed USB device number 74 using dummy_hcd
[  529.542386][ T5925] usb 4-1: device descriptor read/64, error -71
[  529.834202][ T5925] usb 4-1: new full-speed USB device number 75 using dummy_hcd
[  530.001991][ T5925] usb 4-1: device descriptor read/64, error -71
[  530.122606][ T5925] usb usb4-port1: attempt power cycle
[  530.197688][ T5844] usb 6-1: USB disconnect, device number 28
[  530.266865][T13463] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2146'.
[  530.292181][ T5895] usb 5-1: new full-speed USB device number 86 using dummy_hcd
[  530.460897][ T5895] usb 5-1: config 0 has an invalid interface number: 195 but max is 0
[  530.471966][ T5941] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[  530.479713][ T5895] usb 5-1: config 0 has no interface number 0
[  530.490320][ T5925] usb 4-1: new full-speed USB device number 76 using dummy_hcd
[  530.500797][ T5895] usb 5-1: config 0 interface 195 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  530.512958][ T5925] usb 4-1: device descriptor read/8, error -71
[  530.529631][ T5895] usb 5-1: New USB device found, idVendor=0789, idProduct=0160, bcdDevice=fd.08
[  530.538944][ T5895] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  530.539682][T13472] loop2: detected capacity change from 0 to 7
[  530.547639][ T5895] usb 5-1: Product: syz
[  530.558396][ T5895] usb 5-1: Manufacturer: syz
[  530.564953][ T5895] usb 5-1: SerialNumber: syz
[  530.573574][ T5895] usb 5-1: config 0 descriptor??
[  530.579276][T13451] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  530.588684][ T6476] Dev loop2: unable to read RDB block 7
[  530.602226][ T6476]  loop2: unable to read partition table
[  530.608334][ T6476] loop2: partition table beyond EOD, truncated
[  530.618609][T13472] Dev loop2: unable to read RDB block 7
[  530.630745][T13472]  loop2: unable to read partition table
[  530.638011][T13472] loop2: partition table beyond EOD, truncated
[  530.644511][ T5941] usb 1-1: device descriptor read/64, error -71
[  530.657145][T13472] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  530.758082][ T5925] usb 4-1: new full-speed USB device number 77 using dummy_hcd
[  530.792747][ T5925] usb 4-1: device descriptor read/8, error -71
[  530.811010][T13477] FAULT_INJECTION: forcing a failure.
[  530.811010][T13477] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  530.825946][T13477] CPU: 0 UID: 0 PID: 13477 Comm: syz.5.2149 Not tainted syzkaller #0 PREEMPT(full) 
[  530.825977][T13477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  530.825992][T13477] Call Trace:
[  530.826002][T13477]  <TASK>
[  530.826011][T13477]  dump_stack_lvl+0x189/0x250
[  530.826044][T13477]  ? __pfx____ratelimit+0x10/0x10
[  530.826071][T13477]  ? __pfx_dump_stack_lvl+0x10/0x10
[  530.826098][T13477]  ? __pfx__printk+0x10/0x10
[  530.826150][T13477]  ? __might_fault+0xb0/0x130
[  530.826196][T13477]  should_fail_ex+0x414/0x560
[  530.826235][T13477]  _copy_from_user+0x2d/0xb0
[  530.826264][T13477]  memdup_user+0x5e/0xd0
[  530.826302][T13477]  strndup_user+0x68/0xd0
[  530.826341][T13477]  __se_sys_request_key+0x15f/0x340
[  530.826367][T13477]  ? ksys_write+0x22a/0x250
[  530.826400][T13477]  ? __pfx___se_sys_request_key+0x10/0x10
[  530.826433][T13477]  ? do_syscall_64+0xbe/0x3b0
[  530.826465][T13477]  do_syscall_64+0xfa/0x3b0
[  530.826509][T13477]  ? lockdep_hardirqs_on+0x9c/0x150
[  530.826536][T13477]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.826558][T13477]  ? clear_bhb_loop+0x60/0xb0
[  530.826586][T13477]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.826609][T13477] RIP: 0033:0x7f23e6f8eec9
[  530.826630][T13477] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  530.826650][T13477] RSP: 002b:00007f23e7db1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  530.826674][T13477] RAX: ffffffffffffffda RBX: 00007f23e71e5fa0 RCX: 00007f23e6f8eec9
[  530.826692][T13477] RDX: 0000200000002980 RSI: 0000200000002940 RDI: 0000200000002900
[  530.826709][T13477] RBP: 00007f23e7db1090 R08: 0000000000000000 R09: 0000000000000000
[  530.826723][T13477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  530.826736][T13477] R13: 00007f23e71e6038 R14: 00007f23e71e5fa0 R15: 00007f23e730fa28
[  530.826770][T13477]  </TASK>
[  531.021346][    C0] vkms_vblank_simulate: vblank timer overrun
[  531.037109][ T5925] usb usb4-port1: unable to enumerate USB device
[  531.091937][ T5941] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[  531.221993][ T5941] usb 1-1: device descriptor read/64, error -71
[  531.302423][ T5895] asix 5-1:0.195 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  531.313578][ T5895] asix 5-1:0.195: probe with driver asix failed with error -71
[  531.342364][ T5941] usb usb1-port1: attempt power cycle
[  531.345003][ T5895] usb 5-1: USB disconnect, device number 86
[  531.692194][ T5941] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[  531.722739][ T5941] usb 1-1: device descriptor read/8, error -71
[  531.992634][ T5941] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[  532.014884][ T5941] usb 1-1: device descriptor read/8, error -71
[  532.094779][T11131] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.106929][T11131] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  532.132394][ T5941] usb usb1-port1: unable to enumerate USB device
[  532.212950][ T5925] usb 5-1: new low-speed USB device number 87 using dummy_hcd
[  532.268660][T11131] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.302047][T11131] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  532.386814][ T5925] usb 5-1: device descriptor read/64, error -71
[  532.538340][T11131] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.559201][T11131] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  532.653681][ T5925] usb 5-1: new low-speed USB device number 88 using dummy_hcd
[  532.693304][T11131] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  532.703969][T11131] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 256 - 0
[  532.792045][ T5925] usb 5-1: device descriptor read/64, error -71
[  532.952909][ T5925] usb usb5-port1: attempt power cycle
[  532.970349][T13496] loop2: detected capacity change from 0 to 7
[  533.020737][T13496] Dev loop2: unable to read RDB block 7
[  533.029557][T13496]  loop2: AHDI p1 p2 p3
[  533.037341][T13496] loop2: partition table partially beyond EOD, truncated
[  533.091789][T13496] loop2: p1 start 1601398130 is beyond EOD, truncated
[  533.106594][T13496] loop2: p2 start 1702059890 is beyond EOD, truncated
[  533.322026][ T5925] usb 5-1: new low-speed USB device number 89 using dummy_hcd
[  533.372693][ T5925] usb 5-1: device descriptor read/8, error -71
[  533.450442][T13508] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2158'.
[  533.788549][ T5925] usb 5-1: new low-speed USB device number 90 using dummy_hcd
[  533.813228][ T5925] usb 5-1: device descriptor read/8, error -71
[  533.813924][ T5160] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  533.872103][ T5160] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  533.881347][ T5160] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  533.900277][ T5160] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  533.915924][ T5160] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  533.928088][ T5925] usb usb5-port1: unable to enumerate USB device
[  534.662369][T11131] dvmrp8 (unregistering): left allmulticast mode
[  535.212036][ T5941] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[  535.316376][T11131] bond0 (unregistering): Released all slaves
[  535.373293][ T5941] usb 1-1: Using ep0 maxpacket: 32
[  535.382938][ T5941] usb 1-1: config 7 has an invalid interface number: 203 but max is 0
[  535.386561][T11131] bond1 (unregistering): Released all slaves
[  535.393378][ T5941] usb 1-1: config 7 has no interface number 0
[  535.406790][ T5941] usb 1-1: config 7 interface 203 has no altsetting 0
[  535.419013][ T5941] usb 1-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=64.4b
[  535.428588][ T5941] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.436873][ T5941] usb 1-1: Product: syz
[  535.441604][ T5941] usb 1-1: Manufacturer: syz
[  535.446767][ T5941] usb 1-1: SerialNumber: syz
[  535.633196][T13545] "syz.4.2164" (13545) uses obsolete ecb(arc4) skcipher
[  535.677310][T11131] bond2 (unregistering): Released all slaves
[  535.691794][T13534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  535.702486][T13534] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  535.733165][T13534] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  535.739720][T13534] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  535.752327][T13534] vhci_hcd vhci_hcd.0: Device attached
[  535.950311][ T5895] vhci_hcd: vhci_device speed not set
[  536.004546][T11408] Bluetooth: hci4: command tx timeout
[  536.036165][T13534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  536.054339][T13534] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  536.104630][ T5895] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[  536.173036][ T5941] legousbtower 1-1:7.203: interrupt endpoints not found
[  536.179783][T13553] vhci_hcd: connection reset by peer
[  536.218067][ T1082] vhci_hcd: stop threads
[  536.252104][ T1082] vhci_hcd: release socket
[  536.256837][ T1082] vhci_hcd: disconnect device
[  536.273138][ T5941] usb 1-1: USB disconnect, device number 98
[  537.011052][T13587] FAULT_INJECTION: forcing a failure.
[  537.011052][T13587] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  537.030883][T11131] hsr_slave_0: left promiscuous mode
[  537.038641][T13587] CPU: 1 UID: 0 PID: 13587 Comm: syz.0.2172 Not tainted syzkaller #0 PREEMPT(full) 
[  537.038663][T13587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  537.038673][T13587] Call Trace:
[  537.038680][T13587]  <TASK>
[  537.038686][T13587]  dump_stack_lvl+0x189/0x250
[  537.038710][T13587]  ? __pfx____ratelimit+0x10/0x10
[  537.038728][T13587]  ? __pfx_dump_stack_lvl+0x10/0x10
[  537.038747][T13587]  ? __pfx__printk+0x10/0x10
[  537.038770][T13587]  ? __might_fault+0xb0/0x130
[  537.038800][T13587]  should_fail_ex+0x414/0x560
[  537.038826][T13587]  _copy_from_iter+0x1de/0x1790
[  537.038847][T13587]  ? rcu_is_watching+0x15/0xb0
[  537.038870][T13587]  ? kmalloc_reserve+0xbd/0x290
[  537.038890][T13587]  ? __pfx__copy_from_iter+0x10/0x10
[  537.038907][T13587]  ? __build_skb_around+0x262/0x3f0
[  537.038928][T13587]  ? netlink_sendmsg+0x642/0xb30
[  537.038947][T13587]  ? skb_put+0x11b/0x210
[  537.038969][T13587]  netlink_sendmsg+0x6b2/0xb30
[  537.038996][T13587]  ? __pfx_netlink_sendmsg+0x10/0x10
[  537.039018][T13587]  ? aa_sock_msg_perm+0xf1/0x1d0
[  537.039043][T13587]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  537.039059][T13587]  ? __pfx_netlink_sendmsg+0x10/0x10
[  537.039079][T13587]  __sock_sendmsg+0x21c/0x270
[  537.039099][T13587]  ____sys_sendmsg+0x505/0x830
[  537.039134][T13587]  ? __pfx_____sys_sendmsg+0x10/0x10
[  537.039163][T13587]  ? import_iovec+0x74/0xa0
[  537.039183][T13587]  ___sys_sendmsg+0x21f/0x2a0
[  537.039207][T13587]  ? __pfx____sys_sendmsg+0x10/0x10
[  537.039253][T13587]  ? __fget_files+0x2a/0x420
[  537.039268][T13587]  ? __fget_files+0x3a0/0x420
[  537.039290][T13587]  __x64_sys_sendmsg+0x19b/0x260
[  537.039314][T13587]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  537.039343][T13587]  ? __pfx_ksys_write+0x10/0x10
[  537.039369][T13587]  ? do_syscall_64+0xbe/0x3b0
[  537.039390][T13587]  do_syscall_64+0xfa/0x3b0
[  537.039408][T13587]  ? lockdep_hardirqs_on+0x9c/0x150
[  537.039426][T13587]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.039441][T13587]  ? clear_bhb_loop+0x60/0xb0
[  537.039459][T13587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.039474][T13587] RIP: 0033:0x7f5c08d8eec9
[  537.039488][T13587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  537.039502][T13587] RSP: 002b:00007f5c09c77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  537.039518][T13587] RAX: ffffffffffffffda RBX: 00007f5c08fe6090 RCX: 00007f5c08d8eec9
[  537.039530][T13587] RDX: 0000000004008040 RSI: 0000200000000280 RDI: 0000000000000003
[  537.039541][T13587] RBP: 00007f5c09c77090 R08: 0000000000000000 R09: 0000000000000000
[  537.039550][T13587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  537.039560][T13587] R13: 00007f5c08fe6128 R14: 00007f5c08fe6090 R15: 00007f5c0910fa28
[  537.039583][T13587]  </TASK>
[  537.317269][ T5925] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  537.391001][T11131] hsr_slave_1: left promiscuous mode
[  537.403252][T11131] batman_adv: batadv0: Removing interface: virt_wifi0
[  537.481945][ T5925] usb 6-1: device descriptor read/64, error -71
[  537.547594][T11131] veth1_macvtap: left promiscuous mode
[  537.556900][T11131] veth0_macvtap: left promiscuous mode
[  537.574705][T11131] veth1_vlan: left promiscuous mode
[  537.580088][T11131] veth0_vlan: left promiscuous mode
[  537.722582][ T5925] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  537.851949][ T5925] usb 6-1: device descriptor read/64, error -71
[  537.937650][T11131] team0 (unregistering): Port device batadv1 removed
[  537.972484][ T5925] usb usb6-port1: attempt power cycle
[  538.082181][T11408] Bluetooth: hci4: command tx timeout
[  538.203479][T13604] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2176'.
[  538.324943][ T5925] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  538.352602][ T5925] usb 6-1: device descriptor read/8, error -71
[  538.592251][ T5925] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  538.628320][ T5925] usb 6-1: device descriptor read/8, error -71
[  538.756308][ T5925] usb usb6-port1: unable to enumerate USB device
[  538.960721][T13591] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2174'.
[  539.171559][T13523] chnl_net:caif_netlink_parms(): no params data found
[  539.459237][T13523] bridge0: port 1(bridge_slave_0) entered blocking state
[  539.488925][T13523] bridge0: port 1(bridge_slave_0) entered disabled state
[  539.497447][T13523] bridge_slave_0: entered allmulticast mode
[  539.503644][   T44] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[  539.535648][T13523] bridge_slave_0: entered promiscuous mode
[  539.545193][T13523] bridge0: port 2(bridge_slave_1) entered blocking state
[  539.552757][T13523] bridge0: port 2(bridge_slave_1) entered disabled state
[  539.560534][T13523] bridge_slave_1: entered allmulticast mode
[  539.569278][T13523] bridge_slave_1: entered promiscuous mode
[  539.640701][T13523] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  539.661969][   T44] usb 4-1: device descriptor read/64, error -71
[  539.679305][T11131] IPVS: stop unused estimator thread 0...
[  539.688552][T13523] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  539.763981][ T1207] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[  539.788426][T13523] team0: Port device team_slave_0 added
[  539.823394][T13523] team0: Port device team_slave_1 added
[  539.901958][   T44] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[  539.941786][T13523] batman_adv: batadv0: Adding interface: batadv_slave_0
[  539.961683][T13635] FAULT_INJECTION: forcing a failure.
[  539.961683][T13635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  539.961956][ T1207] usb 5-1: Using ep0 maxpacket: 32
[  539.990362][T13635] CPU: 1 UID: 0 PID: 13635 Comm: syz.5.2182 Not tainted syzkaller #0 PREEMPT(full) 
[  539.990384][T13635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  539.990395][T13635] Call Trace:
[  539.990402][T13635]  <TASK>
[  539.990409][T13635]  dump_stack_lvl+0x189/0x250
[  539.990433][T13635]  ? __pfx____ratelimit+0x10/0x10
[  539.990452][T13635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  539.990471][T13635]  ? __pfx__printk+0x10/0x10
[  539.990495][T13635]  ? __might_fault+0xb0/0x130
[  539.990527][T13635]  should_fail_ex+0x414/0x560
[  539.990554][T13635]  core_sys_select+0x729/0xa20
[  539.990593][T13635]  ? __pfx_core_sys_select+0x10/0x10
[  539.990641][T13635]  ? __pfx_set_user_sigmask+0x10/0x10
[  539.990661][T13635]  ? kmem_cache_free+0x19b/0x690
[  539.990692][T13635]  __se_sys_pselect6+0x27a/0x300
[  539.990721][T13635]  ? __pfx___se_sys_pselect6+0x10/0x10
[  539.990746][T13635]  ? __pfx_ksys_write+0x10/0x10
[  539.990768][T13635]  ? rcu_is_watching+0x15/0xb0
[  539.990792][T13635]  ? __x64_sys_pselect6+0x21/0xf0
[  539.990832][T13635]  do_syscall_64+0xfa/0x3b0
[  539.990855][T13635]  ? lockdep_hardirqs_on+0x9c/0x150
[  539.990873][T13635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.990889][T13635]  ? clear_bhb_loop+0x60/0xb0
[  539.990908][T13635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.990923][T13635] RIP: 0033:0x7f23e6f8eec9
[  539.990937][T13635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.990952][T13635] RSP: 002b:00007f23e7db1038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  539.990969][T13635] RAX: ffffffffffffffda RBX: 00007f23e71e5fa0 RCX: 00007f23e6f8eec9
[  539.990982][T13635] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000040
[  539.990992][T13635] RBP: 00007f23e7db1090 R08: 0000200000000100 R09: 0000000000000000
[  539.991003][T13635] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  539.991014][T13635] R13: 00007f23e71e6038 R14: 00007f23e71e5fa0 R15: 00007f23e730fa28
[  539.991037][T13635]  </TASK>
[  540.172674][T11408] Bluetooth: hci4: command tx timeout
[  540.198935][T13523] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  540.232488][T13523] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  540.245887][T13523] batman_adv: batadv0: Adding interface: batadv_slave_1
[  540.252938][T13523] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  540.278831][    C0] vkms_vblank_simulate: vblank timer overrun
[  540.285071][T13523] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  540.314871][ T1207] usb 5-1: unable to get BOS descriptor or descriptor too short
[  540.330336][ T1207] usb 5-1: config 255 has an invalid interface number: 81 but max is 0
[  540.355862][ T1207] usb 5-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config
[  540.379940][ T1207] usb 5-1: config 255 has no interface number 0
[  540.383899][   T44] usb 4-1: device descriptor read/64, error -71
[  540.387570][ T1207] usb 5-1: config 255 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83
[  540.435397][ T1207] usb 5-1: config 255 interface 81 altsetting 3 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  540.477543][ T1207] usb 5-1: config 255 interface 81 has no altsetting 0
[  540.493638][ T1207] usb 5-1: string descriptor 0 read error: -22
[  540.501280][ T1207] usb 5-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac
[  540.535540][   T44] usb usb4-port1: attempt power cycle
[  540.538204][ T1207] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.608982][ T1207] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:255.81/input/input36
[  540.778697][T13523] hsr_slave_0: entered promiscuous mode
[  540.812211][ T5844] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[  540.839803][T13523] hsr_slave_1: entered promiscuous mode
[  540.847284][T13523] debugfs: 'hsr0' already exists in 'hsr'
[  540.862887][T13523] Cannot create hsr debugfs directory
[  540.922541][   T44] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[  540.924527][T13627] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2181'.
[  540.981148][   T44] usb 4-1: device descriptor read/8, error -71
[  540.992189][ T5844] usb 1-1: Using ep0 maxpacket: 32
[  541.017081][ T5844] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  541.039771][ T5844] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  541.049910][    C1] usbtouchscreen 5-1:255.81: usbtouch_irq - usb_submit_urb failed with result: -1
[  541.051004][ T5844] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  541.074949][ T5844] usb 1-1: Product: syz
[  541.085606][ T5941] usb 5-1: USB disconnect, device number 91
[  541.094237][ T5844] usb 1-1: Manufacturer: syz
[  541.109528][ T5844] usb 1-1: SerialNumber: syz
[  541.155399][ T5844] usb 1-1: config 0 descriptor??
[  541.232456][   T44] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[  541.262855][   T44] usb 4-1: device descriptor read/8, error -71
[  541.272383][ T5895] vhci_hcd: vhci_device speed not set
[  541.362043][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  541.382429][   T44] usb usb4-port1: unable to enumerate USB device
[  541.431456][T13642] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2184'.
[  541.465199][T13642] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2184'.
[  541.520971][   T44] usb 1-1: USB disconnect, device number 99
[  541.812304][T13672] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2188'.
[  541.862484][ T5941] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  541.910228][T13523] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  541.939037][T13523] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  541.967518][T13523] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  541.994839][T13523] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  542.066370][ T5941] usb 6-1: config index 0 descriptor too short (expected 39, got 27)
[  542.077351][ T5941] usb 6-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  542.089950][   T30] kauditd_printk_skb: 169 callbacks suppressed
[  542.089970][   T30] audit: type=1326 audit(1759854741.011:6230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.4.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  542.142407][ T5941] usb 6-1: config 0 interface 0 has no altsetting 0
[  542.167791][   T30] audit: type=1326 audit(1759854741.011:6231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.4.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  542.167976][ T5941] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  542.211627][   T30] audit: type=1326 audit(1759854741.051:6232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.4.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=79 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  542.255163][T11408] Bluetooth: hci4: command tx timeout
[  542.274516][ T5941] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  542.283377][   T30] audit: type=1326 audit(1759854741.051:6233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.4.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  542.306250][ T5941] usb 6-1: Product: syz
[  542.310484][ T5941] usb 6-1: Manufacturer: syz
[  542.315464][ T5941] usb 6-1: SerialNumber: syz
[  542.322111][   T30] audit: type=1326 audit(1759854741.051:6234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.4.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  542.344470][    C0] vkms_vblank_simulate: vblank timer overrun
[  542.352460][ T5941] usb 6-1: config 0 descriptor??
[  542.367942][ T5941] hub 6-1:0.0: bad descriptor, ignoring hub
[  542.380147][ T5941] hub 6-1:0.0: probe with driver hub failed with error -5
[  542.391920][   T30] audit: type=1326 audit(1759854741.181:6235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13686 comm="syz.4.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f22c03c1785 code=0x7ffc0000
[  542.414379][    C0] vkms_vblank_simulate: vblank timer overrun
[  542.430368][T13523] 8021q: adding VLAN 0 to HW filter on device bond0
[  542.441697][ T5941] usb 6-1: selecting invalid altsetting 0
[  542.475442][   T30] audit: type=1326 audit(1759854741.191:6236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.4.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  542.497909][    C0] vkms_vblank_simulate: vblank timer overrun
[  542.541590][   T30] audit: type=1326 audit(1759854741.191:6237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.4.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  542.564088][    C0] vkms_vblank_simulate: vblank timer overrun
[  542.569492][T13523] 8021q: adding VLAN 0 to HW filter on device team0
[  542.624417][   T30] audit: type=1326 audit(1759854741.281:6238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.4.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  542.646887][    C0] vkms_vblank_simulate: vblank timer overrun
[  542.681950][   T30] audit: type=1326 audit(1759854741.291:6239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13676 comm="syz.4.2189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f22c038eec9 code=0x7ffc0000
[  542.707664][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  542.714897][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  542.769755][ T1082] bridge0: port 2(bridge_slave_1) entered blocking state
[  542.776998][ T1082] bridge0: port 2(bridge_slave_1) entered forwarding state
[  542.955343][T13700] netlink: 148 bytes leftover after parsing attributes in process `syz.3.2192'.
[  543.018398][T13704] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2192'.
[  543.027665][T13523] 8021q: adding VLAN 0 to HW filter on device batadv0
[  543.167343][T13523] veth0_vlan: entered promiscuous mode
[  543.194528][T13523] veth1_vlan: entered promiscuous mode
[  543.200245][T13707] FAULT_INJECTION: forcing a failure.
[  543.200245][T13707] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  543.230641][T13707] CPU: 1 UID: 0 PID: 13707 Comm: syz.4.2193 Not tainted syzkaller #0 PREEMPT(full) 
[  543.230679][T13707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  543.230693][T13707] Call Trace:
[  543.230702][T13707]  <TASK>
[  543.230712][T13707]  dump_stack_lvl+0x189/0x250
[  543.230745][T13707]  ? __pfx____ratelimit+0x10/0x10
[  543.230771][T13707]  ? __pfx_dump_stack_lvl+0x10/0x10
[  543.230798][T13707]  ? __pfx__printk+0x10/0x10
[  543.230831][T13707]  ? __might_fault+0xb0/0x130
[  543.230874][T13707]  should_fail_ex+0x414/0x560
[  543.230911][T13707]  set_fd_set+0x3a/0xa0
[  543.230944][T13707]  core_sys_select+0x8da/0xa20
[  543.230989][T13707]  ? __pfx_core_sys_select+0x10/0x10
[  543.231047][T13707]  ? __pfx_set_user_sigmask+0x10/0x10
[  543.231073][T13707]  ? kmem_cache_free+0x19b/0x690
[  543.231116][T13707]  __se_sys_pselect6+0x27a/0x300
[  543.231156][T13707]  ? __pfx___se_sys_pselect6+0x10/0x10
[  543.231190][T13707]  ? __pfx_ksys_write+0x10/0x10
[  543.231220][T13707]  ? rcu_is_watching+0x15/0xb0
[  543.231253][T13707]  ? __x64_sys_pselect6+0x21/0xf0
[  543.231290][T13707]  do_syscall_64+0xfa/0x3b0
[  543.231317][T13707]  ? lockdep_hardirqs_on+0x9c/0x150
[  543.231341][T13707]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.231364][T13707]  ? clear_bhb_loop+0x60/0xb0
[  543.231390][T13707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.231412][T13707] RIP: 0033:0x7f22c038eec9
[  543.231431][T13707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.231450][T13707] RSP: 002b:00007f22c11f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  543.231473][T13707] RAX: ffffffffffffffda RBX: 00007f22c05e5fa0 RCX: 00007f22c038eec9
[  543.231490][T13707] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000040
[  543.231504][T13707] RBP: 00007f22c11f9090 R08: 0000200000000100 R09: 0000000000000000
[  543.231519][T13707] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  543.231533][T13707] R13: 00007f22c05e6038 R14: 00007f22c05e5fa0 R15: 00007f22c070fa28
[  543.231566][T13707]  </TASK>
[  543.545362][T13663] usb 6-1: reset high-speed USB device number 33 using dummy_hcd
[  543.595330][T13523] veth0_macvtap: entered promiscuous mode
[  543.674734][T13523] veth1_macvtap: entered promiscuous mode
[  543.712452][ T1207] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[  543.777075][T13523] batman_adv: batadv0: Interface activated: batadv_slave_0
[  543.855622][T13523] batman_adv: batadv0: Interface activated: batadv_slave_1
[  543.952914][ T1207] usb 4-1: Using ep0 maxpacket: 32
[  543.965308][ T1207] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  543.977282][ T1207] usb 4-1: config 0 has no interface number 0
[  544.000361][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  544.016664][ T1207] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  544.225440][ T1207] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.241547][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  544.262894][ T1207] usb 4-1: Product: syz
[  544.271236][ T1207] usb 4-1: Manufacturer: syz
[  544.695686][ T1207] usb 4-1: SerialNumber: syz
[  544.718632][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  544.738869][ T1207] usb 4-1: config 0 descriptor??
[  544.749482][ T1207] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  544.829716][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  544.895825][ T5844] usb 6-1: USB disconnect, device number 33
[  544.916718][ T1207] usb 4-1: selecting invalid altsetting 1
[  544.936918][ T1207] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  545.090581][ T1207] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  545.156438][ T1207] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  545.199059][ T1207] usb 4-1: media controller created
[  545.308616][ T1082] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  545.316751][ T1082] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  545.356049][ T1207] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  545.457213][   T66] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  545.515842][   T66] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  545.559602][ T1207] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  545.617057][ T1207] zl10353_read_register: readreg error (reg=127, ret==-71)
[  545.686990][ T1207] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  545.982274][ T5929] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  546.093741][ T1207] usb 4-1: USB disconnect, device number 82
[  546.109582][T13745] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2199'.
[  546.177687][ T5929] usb 6-1: config 1 interface 0 has no altsetting 0
[  546.188443][ T5929] usb 6-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.40
[  546.203607][ T5929] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  546.296330][ T5929] usb 6-1: Product: ⌝冤뉼⩖飝෕貍偉쭺딖Ⱔఉƾ뢣⟡㶨秀﹍攧븝弳뎖쟍͎乫
[  546.391907][ T5929] usb 6-1: Manufacturer: 痂筹｜ﮒ촺ӻ袣ᶝ宂ﻯ㟭ᢾ陗涻뢅쳤魠雇窲螑Ⰴ
[  546.439422][ T5929] usb 6-1: SerialNumber: syz
[  546.453285][T13756] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2201'.
[  546.509770][T13756] bond0: entered promiscuous mode
[  546.597433][T13756] bond_slave_0: entered promiscuous mode
[  546.735547][T13756] bond_slave_1: entered promiscuous mode
[  546.752855][T13756] batadv_slave_0: entered promiscuous mode
[  546.852327][T13756] batadv_slave_0: left promiscuous mode
[  546.932594][T13738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  546.941754][T13738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  546.949779][T13756] bond0: left promiscuous mode
[  546.959331][T13756] bond_slave_0: left promiscuous mode
[  546.969814][T13756] bond_slave_1: left promiscuous mode
[  547.192823][ T5929] usbhid 6-1:1.0: can't add hid device: -71
[  547.217564][ T5929] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  547.257639][ T5929] usb 6-1: USB disconnect, device number 34
[  548.342169][ T5844] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[  548.576425][T13786] FAULT_INJECTION: forcing a failure.
[  548.576425][T13786] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  548.629151][T13786] CPU: 1 UID: 0 PID: 13786 Comm: syz.5.2206 Not tainted syzkaller #0 PREEMPT(full) 
[  548.629173][T13786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  548.629184][T13786] Call Trace:
[  548.629190][T13786]  <TASK>
[  548.629197][T13786]  dump_stack_lvl+0x189/0x250
[  548.629221][T13786]  ? __pfx____ratelimit+0x10/0x10
[  548.629241][T13786]  ? __pfx_dump_stack_lvl+0x10/0x10
[  548.629260][T13786]  ? __pfx__printk+0x10/0x10
[  548.629294][T13786]  should_fail_ex+0x414/0x560
[  548.629321][T13786]  _copy_to_user+0x31/0xb0
[  548.629342][T13786]  put_timespec64+0xc0/0x120
[  548.629360][T13786]  ? __pfx_put_timespec64+0x10/0x10
[  548.629384][T13786]  poll_select_finish+0x479/0x5e0
[  548.629403][T13786]  ? __pfx_poll_select_finish+0x10/0x10
[  548.629423][T13786]  ? __pfx_set_user_sigmask+0x10/0x10
[  548.629442][T13786]  ? kmem_cache_free+0x19b/0x690
[  548.629474][T13786]  __se_sys_pselect6+0x291/0x300
[  548.629503][T13786]  ? __pfx___se_sys_pselect6+0x10/0x10
[  548.629527][T13786]  ? __pfx_ksys_write+0x10/0x10
[  548.629548][T13786]  ? rcu_is_watching+0x15/0xb0
[  548.629573][T13786]  ? __x64_sys_pselect6+0x21/0xf0
[  548.629599][T13786]  do_syscall_64+0xfa/0x3b0
[  548.629618][T13786]  ? lockdep_hardirqs_on+0x9c/0x150
[  548.629636][T13786]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.629652][T13786]  ? clear_bhb_loop+0x60/0xb0
[  548.629672][T13786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.629687][T13786] RIP: 0033:0x7f23e6f8eec9
[  548.629702][T13786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  548.629716][T13786] RSP: 002b:00007f23e7db1038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  548.629734][T13786] RAX: ffffffffffffffda RBX: 00007f23e71e5fa0 RCX: 00007f23e6f8eec9
[  548.629746][T13786] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000040
[  548.629756][T13786] RBP: 00007f23e7db1090 R08: 0000200000000100 R09: 0000000000000000
[  548.629767][T13786] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  548.629778][T13786] R13: 00007f23e71e6038 R14: 00007f23e71e5fa0 R15: 00007f23e730fa28
[  548.629801][T13786]  </TASK>
[  548.891619][ T5844] usb 5-1: Using ep0 maxpacket: 8
[  548.916840][ T5844] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[  549.150768][ T5844] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  549.178312][T13792] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2207'.
[  549.196604][T13792] batadv0: entered promiscuous mode
[  549.239864][ T5844] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  549.261983][ T5844] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.271308][T13792] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  549.307391][ T5844] usb 5-1: Product: syz
[  549.323752][T13792] batadv0: left promiscuous mode
[  549.351954][ T5844] usb 5-1: Manufacturer: syz
[  549.372839][T13793] program syz.5.2207 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  549.381914][ T5844] usb 5-1: SerialNumber: syz
[  549.419177][ T5844] usb 5-1: config 0 descriptor??
[  549.623124][ T5844] rc_core: IR keymap rc-streamzap not found
[  549.651609][ T5844] Registered IR keymap rc-empty
[  549.776787][ T5844] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  550.183574][ T5844] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input37
[  550.933742][ T5844] usb 5-1: USB disconnect, device number 92
[  551.882481][T13824] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2212'.
[  551.922281][T13824] FAULT_INJECTION: forcing a failure.
[  551.922281][T13824] name failslab, interval 1, probability 0, space 0, times 0
[  552.009153][T13827] loop2: detected capacity change from 0 to 7
[  552.012417][T13824] CPU: 0 UID: 0 PID: 13824 Comm: syz.4.2212 Not tainted syzkaller #0 PREEMPT(full) 
[  552.012451][T13824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  552.012468][T13824] Call Trace:
[  552.012479][T13824]  <TASK>
[  552.012489][T13824]  dump_stack_lvl+0x189/0x250
[  552.012527][T13824]  ? __pfx____ratelimit+0x10/0x10
[  552.012559][T13824]  ? __pfx_dump_stack_lvl+0x10/0x10
[  552.012590][T13824]  ? __pfx__printk+0x10/0x10
[  552.012634][T13824]  ? __pfx___might_resched+0x10/0x10
[  552.012672][T13824]  should_fail_ex+0x414/0x560
[  552.012713][T13824]  should_failslab+0xa8/0x100
[  552.012754][T13824]  kmem_cache_alloc_node_noprof+0x77/0x710
[  552.012793][T13824]  ? __alloc_skb+0x112/0x2d0
[  552.012832][T13824]  __alloc_skb+0x112/0x2d0
[  552.012870][T13824]  netlink_ack+0x146/0xa50
[  552.012899][T13824]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  552.012929][T13824]  ? ref_tracker_free+0x63a/0x7d0
[  552.012967][T13824]  ? __asan_memcpy+0x40/0x70
[  552.013000][T13824]  ? __pfx_ref_tracker_free+0x10/0x10
[  552.013051][T13824]  netlink_rcv_skb+0x28c/0x470
[  552.013082][T13824]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  552.013115][T13824]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  552.013160][T13824]  ? netlink_deliver_tap+0x2e/0x1b0
[  552.013200][T13824]  netlink_unicast+0x82c/0x9e0
[  552.013240][T13824]  ? __pfx_netlink_unicast+0x10/0x10
[  552.013271][T13824]  ? netlink_sendmsg+0x642/0xb30
[  552.013300][T13824]  ? skb_put+0x11b/0x210
[  552.013337][T13824]  netlink_sendmsg+0x805/0xb30
[  552.013381][T13824]  ? __pfx_netlink_sendmsg+0x10/0x10
[  552.013418][T13824]  ? aa_sock_msg_perm+0xf1/0x1d0
[  552.013458][T13824]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  552.013484][T13824]  ? __pfx_netlink_sendmsg+0x10/0x10
[  552.013519][T13824]  __sock_sendmsg+0x21c/0x270
[  552.013550][T13824]  ____sys_sendmsg+0x505/0x830
[  552.013595][T13824]  ? __pfx_____sys_sendmsg+0x10/0x10
[  552.013641][T13824]  ? import_iovec+0x74/0xa0
[  552.013676][T13824]  ___sys_sendmsg+0x21f/0x2a0
[  552.013714][T13824]  ? __pfx____sys_sendmsg+0x10/0x10
[  552.013800][T13824]  ? __fget_files+0x2a/0x420
[  552.013824][T13824]  ? __fget_files+0x3a0/0x420
[  552.013861][T13824]  __x64_sys_sendmsg+0x19b/0x260
[  552.013899][T13824]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  552.013948][T13824]  ? __pfx_ksys_write+0x10/0x10
[  552.013980][T13824]  ? rcu_is_watching+0x15/0xb0
[  552.014020][T13824]  ? do_syscall_64+0xbe/0x3b0
[  552.014056][T13824]  do_syscall_64+0xfa/0x3b0
[  552.014085][T13824]  ? lockdep_hardirqs_on+0x9c/0x150
[  552.014115][T13824]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.014139][T13824]  ? clear_bhb_loop+0x60/0xb0
[  552.014170][T13824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.014193][T13824] RIP: 0033:0x7f22c038eec9
[  552.014217][T13824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  552.014239][T13824] RSP: 002b:00007f22c11f9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  552.014266][T13824] RAX: ffffffffffffffda RBX: 00007f22c05e5fa0 RCX: 00007f22c038eec9
[  552.014285][T13824] RDX: 0000000004008040 RSI: 0000200000000280 RDI: 0000000000000003
[  552.014303][T13824] RBP: 00007f22c11f9090 R08: 0000000000000000 R09: 0000000000000000
[  552.014319][T13824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  552.014335][T13824] R13: 00007f22c05e6038 R14: 00007f22c05e5fa0 R15: 00007f22c070fa28
[  552.014372][T13824]  </TASK>
[  552.460774][T13839] FAULT_INJECTION: forcing a failure.
[  552.460774][T13839] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  552.485990][T13839] CPU: 0 UID: 0 PID: 13839 Comm: syz.5.2217 Not tainted syzkaller #0 PREEMPT(full) 
[  552.486023][T13839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  552.486050][T13839] Call Trace:
[  552.486060][T13839]  <TASK>
[  552.486070][T13839]  dump_stack_lvl+0x189/0x250
[  552.486102][T13839]  ? __pfx____ratelimit+0x10/0x10
[  552.486128][T13839]  ? __pfx_dump_stack_lvl+0x10/0x10
[  552.486155][T13839]  ? __pfx__printk+0x10/0x10
[  552.486201][T13839]  should_fail_ex+0x414/0x560
[  552.486238][T13839]  _copy_to_user+0x31/0xb0
[  552.486268][T13839]  simple_read_from_buffer+0xe1/0x170
[  552.486308][T13839]  proc_fail_nth_read+0x1b3/0x220
[  552.486340][T13839]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  552.486373][T13839]  ? rw_verify_area+0x2a6/0x4d0
[  552.486403][T13839]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  552.486434][T13839]  vfs_read+0x1fd/0xa30
[  552.486471][T13839]  ? __pfx_poll_select_finish+0x10/0x10
[  552.486493][T13839]  ? __pfx_vfs_read+0x10/0x10
[  552.486527][T13839]  ? __pfx_set_user_sigmask+0x10/0x10
[  552.486554][T13839]  ? kmem_cache_free+0x19b/0x690
[  552.486624][T13839]  ksys_read+0x145/0x250
[  552.486659][T13839]  ? __pfx_ksys_read+0x10/0x10
[  552.486689][T13839]  ? rcu_is_watching+0x15/0xb0
[  552.486725][T13839]  ? do_syscall_64+0xbe/0x3b0
[  552.486765][T13839]  do_syscall_64+0xfa/0x3b0
[  552.486791][T13839]  ? lockdep_hardirqs_on+0x9c/0x150
[  552.486817][T13839]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.486840][T13839]  ? clear_bhb_loop+0x60/0xb0
[  552.486879][T13839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  552.486900][T13839] RIP: 0033:0x7f23e6f8d8dc
[  552.486920][T13839] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  552.486938][T13839] RSP: 002b:00007f23e7db1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  552.486961][T13839] RAX: ffffffffffffffda RBX: 00007f23e71e5fa0 RCX: 00007f23e6f8d8dc
[  552.486979][T13839] RDX: 000000000000000f RSI: 00007f23e7db10a0 RDI: 000000000000000b
[  552.486996][T13839] RBP: 00007f23e7db1090 R08: 0000000000000000 R09: 0000000000000000
[  552.487011][T13839] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  552.487025][T13839] R13: 00007f23e71e6038 R14: 00007f23e71e5fa0 R15: 00007f23e730fa28
[  552.487058][T13839]  </TASK>
[  552.490316][T13827] Dev loop2: unable to read RDB block 7
[  552.815564][T13827]  loop2: unable to read partition table
[  552.821475][T13827] loop2: partition table beyond EOD, truncated
[  552.929260][T13827] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  553.322415][ T2150] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[  553.504312][T13872] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2224'.
[  553.532540][ T2150] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  553.542237][ T2150] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  553.582081][ T5941] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  553.602015][ T2150] usb 5-1: config 0 descriptor??
[  553.616464][ T2150] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  553.764193][ T5941] usb 6-1: config 0 has an invalid interface number: 255 but max is 0
[  553.787098][ T5941] usb 6-1: config 0 has no interface number 0
[  553.824040][ T5941] usb 6-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  553.880223][ T5941] usb 6-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  553.925093][ T5941] usb 6-1: config 0 interface 255 has no altsetting 0
[  553.955522][ T5941] usb 6-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  553.997444][ T5941] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.042594][ T5941] usb 6-1: config 0 descriptor??
[  554.080097][ T5941] ums-realtek 6-1:0.255: USB Mass Storage device detected
[  554.115411][ T2150] usb 5-1: USB disconnect, device number 93
[  554.286284][ T5941] usb 6-1: USB disconnect, device number 35
[  554.583794][T13904] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2229'.
[  554.622079][T13904] FAULT_INJECTION: forcing a failure.
[  554.622079][T13904] name failslab, interval 1, probability 0, space 0, times 0
[  554.650315][T13904] CPU: 0 UID: 0 PID: 13904 Comm: syz.0.2229 Not tainted syzkaller #0 PREEMPT(full) 
[  554.650348][T13904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  554.650364][T13904] Call Trace:
[  554.650373][T13904]  <TASK>
[  554.650383][T13904]  dump_stack_lvl+0x189/0x250
[  554.650417][T13904]  ? __pfx____ratelimit+0x10/0x10
[  554.650443][T13904]  ? __pfx_dump_stack_lvl+0x10/0x10
[  554.650470][T13904]  ? __pfx__printk+0x10/0x10
[  554.650510][T13904]  ? __pfx___might_resched+0x10/0x10
[  554.650543][T13904]  should_fail_ex+0x414/0x560
[  554.650581][T13904]  should_failslab+0xa8/0x100
[  554.650621][T13904]  kmem_cache_alloc_lru_noprof+0x79/0x6d0
[  554.650656][T13904]  ? __d_alloc+0x36/0x7a0
[  554.650689][T13904]  __d_alloc+0x36/0x7a0
[  554.650722][T13904]  d_alloc_parallel+0xe5/0x15e0
[  554.650752][T13904]  ? __lock_acquire+0xab9/0xd20
[  554.650789][T13904]  ? __lock_acquire+0xab9/0xd20
[  554.650821][T13904]  ? __pfx_d_alloc_parallel+0x10/0x10
[  554.650855][T13904]  ? __raw_spin_lock_init+0x45/0x100
[  554.650892][T13904]  ? __init_waitqueue_head+0xa9/0x150
[  554.650933][T13904]  __lookup_slow+0x116/0x3d0
[  554.650965][T13904]  ? __pfx___lookup_slow+0x10/0x10
[  554.651005][T13904]  ? d_lookup+0x8a/0xa0
[  554.651034][T13904]  ? lookup_noperm+0x112/0x220
[  554.651067][T13904]  simple_start_creating+0xfd/0x1e0
[  554.651093][T13904]  ? __pfx_simple_start_creating+0x10/0x10
[  554.651132][T13904]  debugfs_start_creating+0x10f/0x180
[  554.651168][T13904]  __debugfs_create_file+0x79/0x4f0
[  554.651207][T13904]  debugfs_create_file_full+0x3f/0x60
[  554.651245][T13904]  ref_tracker_dir_debugfs+0x14e/0x270
[  554.651281][T13904]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  554.651346][T13904]  ? trace_kmalloc+0x1f/0xd0
[  554.651376][T13904]  ? __kvmalloc_node_noprof+0x5ed/0x910
[  554.651405][T13904]  ? __raw_spin_lock_init+0x45/0x100
[  554.651442][T13904]  alloc_netdev_mqs+0x272/0x11b0
[  554.651464][T13904]  ? __pfx_ipip6_tunnel_setup+0x10/0x10
[  554.651497][T13904]  rtnl_create_link+0x31f/0xd10
[  554.651527][T13904]  rtnl_newlink_create+0x25c/0xb00
[  554.651564][T13904]  ? __lock_acquire+0xab9/0xd20
[  554.651603][T13904]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  554.651639][T13904]  ? __pfx___mutex_lock+0x10/0x10
[  554.651680][T13904]  ? ns_capable+0x8a/0xf0
[  554.651713][T13904]  rtnl_newlink+0x16e4/0x1c80
[  554.651744][T13904]  ? netlink_deliver_tap+0x19c/0x1b0
[  554.651787][T13904]  ? __pfx_rtnl_newlink+0x10/0x10
[  554.651842][T13904]  ? kasan_quarantine_put+0xdd/0x220
[  554.651874][T13904]  ? lockdep_hardirqs_on+0x9c/0x150
[  554.651907][T13904]  ? nlmon_xmit+0xb0/0x100
[  554.651939][T13904]  ? kmem_cache_free+0x19b/0x690
[  554.651984][T13904]  ? __local_bh_enable_ip+0x12d/0x1c0
[  554.652013][T13904]  ? lockdep_hardirqs_on+0x9c/0x150
[  554.652040][T13904]  ? __local_bh_enable_ip+0x12d/0x1c0
[  554.652067][T13904]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  554.652100][T13904]  ? __dev_queue_xmit+0x27b/0x3b50
[  554.652135][T13904]  ? __dev_queue_xmit+0x27b/0x3b50
[  554.652166][T13904]  ? __dev_queue_xmit+0x27b/0x3b50
[  554.652202][T13904]  ? __dev_queue_xmit+0x1d79/0x3b50
[  554.652234][T13904]  ? kasan_save_track+0x3e/0x80
[  554.652265][T13904]  ? __kasan_slab_alloc+0x6c/0x80
[  554.652288][T13904]  ? __lock_acquire+0xab9/0xd20
[  554.652343][T13904]  ? __pfx_rtnl_newlink+0x10/0x10
[  554.652371][T13904]  rtnetlink_rcv_msg+0x7cf/0xb70
[  554.652404][T13904]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  554.652430][T13904]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  554.652456][T13904]  ? ref_tracker_free+0x63a/0x7d0
[  554.652491][T13904]  ? __asan_memcpy+0x40/0x70
[  554.652521][T13904]  ? __pfx_ref_tracker_free+0x10/0x10
[  554.652568][T13904]  netlink_rcv_skb+0x208/0x470
[  554.652630][T13904]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  554.652660][T13904]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  554.652703][T13904]  ? netlink_deliver_tap+0x2e/0x1b0
[  554.652742][T13904]  netlink_unicast+0x82c/0x9e0
[  554.652779][T13904]  ? __pfx_netlink_unicast+0x10/0x10
[  554.652808][T13904]  ? netlink_sendmsg+0x642/0xb30
[  554.652835][T13904]  ? skb_put+0x11b/0x210
[  554.652874][T13904]  netlink_sendmsg+0x805/0xb30
[  554.652916][T13904]  ? __pfx_netlink_sendmsg+0x10/0x10
[  554.652950][T13904]  ? aa_sock_msg_perm+0xf1/0x1d0
[  554.652985][T13904]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  554.653008][T13904]  ? __pfx_netlink_sendmsg+0x10/0x10
[  554.653040][T13904]  __sock_sendmsg+0x21c/0x270
[  554.653068][T13904]  ____sys_sendmsg+0x505/0x830
[  554.653108][T13904]  ? __pfx_____sys_sendmsg+0x10/0x10
[  554.653153][T13904]  ? import_iovec+0x74/0xa0
[  554.653184][T13904]  ___sys_sendmsg+0x21f/0x2a0
[  554.653220][T13904]  ? __pfx____sys_sendmsg+0x10/0x10
[  554.653296][T13904]  ? __fget_files+0x2a/0x420
[  554.653317][T13904]  ? __fget_files+0x3a0/0x420
[  554.653350][T13904]  __x64_sys_sendmsg+0x19b/0x260
[  554.653386][T13904]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  554.653432][T13904]  ? __pfx_ksys_write+0x10/0x10
[  554.653463][T13904]  ? rcu_is_watching+0x15/0xb0
[  554.653499][T13904]  ? do_syscall_64+0xbe/0x3b0
[  554.653533][T13904]  do_syscall_64+0xfa/0x3b0
[  554.653559][T13904]  ? lockdep_hardirqs_on+0x9c/0x150
[  554.653587][T13904]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.653616][T13904]  ? clear_bhb_loop+0x60/0xb0
[  554.653645][T13904]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.653667][T13904] RIP: 0033:0x7f5c08d8eec9
[  554.653688][T13904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  554.653710][T13904] RSP: 002b:00007f5c09c98038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  554.653735][T13904] RAX: ffffffffffffffda RBX: 00007f5c08fe5fa0 RCX: 00007f5c08d8eec9
[  554.653753][T13904] RDX: 0000000004008040 RSI: 0000200000000280 RDI: 0000000000000003
[  554.653768][T13904] RBP: 00007f5c09c98090 R08: 0000000000000000 R09: 0000000000000000
[  554.653783][T13904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  554.653797][T13904] R13: 00007f5c08fe6038 R14: 00007f5c08fe5fa0 R15: 00007f5c0910fa28
[  554.653832][T13904]  </TASK>
[  555.229247][    C0] vkms_vblank_simulate: vblank timer overrun
[  555.565419][T13912] IPVS: sync thread started: state = MASTER, mcast_ifn = gre0, syncid = 4, id = 0
[  555.679222][   T30] kauditd_printk_skb: 31 callbacks suppressed
[  555.679241][   T30] audit: type=1400 audit(1759854754.601:6271): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A2F2F26FC pid=13907 comm="syz.4.2230"
[  555.811955][ T5929] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[  555.971976][ T5941] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[  555.979785][ T5844] usb 5-1: new full-speed USB device number 94 using dummy_hcd
[  556.011916][ T5929] usb 1-1: Using ep0 maxpacket: 32
[  556.019575][ T5929] usb 1-1: config 4 has an invalid interface number: 128 but max is 0
[  556.028554][ T5929] usb 1-1: config 4 has no interface number 0
[  556.036779][ T5929] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  556.050099][ T5929] usb 1-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  556.070544][ T5929] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  556.081107][ T5929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.133211][ T5844] usb 5-1: device descriptor read/64, error -71
[  556.150671][ T5929] hub 1-1:4.128: USB hub found
[  556.155737][ T5941] usb 4-1: Using ep0 maxpacket: 8
[  556.197255][ T5941] usb 4-1: config 202 has an invalid descriptor of length 162, skipping remainder of the config
[  556.208368][ T5941] usb 4-1: config 202 has 0 interfaces, different from the descriptor's value: 2
[  556.254875][ T5941] usb 4-1: config 202 has an invalid descriptor of length 162, skipping remainder of the config
[  556.267497][ T5941] usb 4-1: config 202 has 0 interfaces, different from the descriptor's value: 2
[  556.279133][ T5941] usb 4-1: config 202 has an invalid descriptor of length 162, skipping remainder of the config
[  556.292291][ T5941] usb 4-1: config 202 has 0 interfaces, different from the descriptor's value: 2
[  556.305642][ T5941] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  556.377635][ T5844] usb 5-1: new full-speed USB device number 95 using dummy_hcd
[  556.402092][ T5929] hub 1-1:4.128: 2 ports detected
[  556.412014][ T5929] hub 1-1:4.128: Using single TT (err -22)
[  556.418236][ T5941] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.427114][ T5941] usb 4-1: Product: syz
[  556.432129][ T5941] usb 4-1: Manufacturer: syz
[  556.438828][ T5941] usb 4-1: SerialNumber: syz
[  556.522026][ T5844] usb 5-1: device descriptor read/64, error -71
[  556.598282][ T5929] hub 1-1:4.128: hub_hub_status failed (err = -71)
[  556.609575][ T5929] hub 1-1:4.128: config failed, can't get hub status (err -71)
[  556.632638][ T5844] usb usb5-port1: attempt power cycle
[  556.684086][ T5929] usb 1-1: USB disconnect, device number 100
[  556.706246][ T5941] usb 4-1: USB disconnect, device number 83
[  556.831664][T13936] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2239'.
[  556.981936][ T5844] usb 5-1: new full-speed USB device number 96 using dummy_hcd
[  557.013243][ T5844] usb 5-1: device descriptor read/8, error -71
[  557.092131][ T1207] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[  557.136020][T13943] geneve2: entered promiscuous mode
[  557.178117][T13945] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2242'.
[  557.192743][T13945] FAULT_INJECTION: forcing a failure.
[  557.192743][T13945] name failslab, interval 1, probability 0, space 0, times 0
[  557.217557][T13945] CPU: 0 UID: 0 PID: 13945 Comm: syz.0.2242 Not tainted syzkaller #0 PREEMPT(full) 
[  557.217588][T13945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  557.217602][T13945] Call Trace:
[  557.217611][T13945]  <TASK>
[  557.217621][T13945]  dump_stack_lvl+0x189/0x250
[  557.217652][T13945]  ? __pfx____ratelimit+0x10/0x10
[  557.217679][T13945]  ? __pfx_dump_stack_lvl+0x10/0x10
[  557.217705][T13945]  ? __pfx__printk+0x10/0x10
[  557.217744][T13945]  ? __pfx___might_resched+0x10/0x10
[  557.217771][T13945]  ? fs_reclaim_acquire+0x7d/0x100
[  557.217798][T13945]  should_fail_ex+0x414/0x560
[  557.217836][T13945]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  557.217871][T13945]  should_failslab+0xa8/0x100
[  557.217897][T13945]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  557.217930][T13945]  kmem_cache_alloc_lru_noprof+0x79/0x6d0
[  557.217964][T13945]  ? alloc_inode+0x67/0x1b0
[  557.217984][T13945]  ? __pfx_simple_start_creating+0x10/0x10
[  557.218012][T13945]  ? __pfx_debugfs_alloc_inode+0x10/0x10
[  557.218044][T13945]  alloc_inode+0x67/0x1b0
[  557.218068][T13945]  new_inode+0x22/0x170
[  557.218095][T13945]  __debugfs_create_file+0x14d/0x4f0
[  557.218136][T13945]  debugfs_create_file_full+0x3f/0x60
[  557.218174][T13945]  ref_tracker_dir_debugfs+0x14e/0x270
[  557.218211][T13945]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[  557.218276][T13945]  ? trace_kmalloc+0x1f/0xd0
[  557.218305][T13945]  ? __kvmalloc_node_noprof+0x5ed/0x910
[  557.218332][T13945]  ? __raw_spin_lock_init+0x45/0x100
[  557.218381][T13945]  alloc_netdev_mqs+0x272/0x11b0
[  557.218403][T13945]  ? __pfx_ipip6_tunnel_setup+0x10/0x10
[  557.218448][T13945]  rtnl_create_link+0x31f/0xd10
[  557.218478][T13945]  rtnl_newlink_create+0x25c/0xb00
[  557.218514][T13945]  ? __lock_acquire+0xab9/0xd20
[  557.218545][T13945]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  557.218579][T13945]  ? __pfx___mutex_lock+0x10/0x10
[  557.218618][T13945]  ? ns_capable+0x8a/0xf0
[  557.218649][T13945]  rtnl_newlink+0x16e4/0x1c80
[  557.218678][T13945]  ? netlink_deliver_tap+0x19c/0x1b0
[  557.218719][T13945]  ? __pfx_rtnl_newlink+0x10/0x10
[  557.218771][T13945]  ? kasan_quarantine_put+0xdd/0x220
[  557.218803][T13945]  ? lockdep_hardirqs_on+0x9c/0x150
[  557.218836][T13945]  ? nlmon_xmit+0xb0/0x100
[  557.218865][T13945]  ? kmem_cache_free+0x19b/0x690
[  557.218910][T13945]  ? __local_bh_enable_ip+0x12d/0x1c0
[  557.218937][T13945]  ? lockdep_hardirqs_on+0x9c/0x150
[  557.218963][T13945]  ? __local_bh_enable_ip+0x12d/0x1c0
[  557.218988][T13945]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  557.219018][T13945]  ? __dev_queue_xmit+0x27b/0x3b50
[  557.219053][T13945]  ? __dev_queue_xmit+0x27b/0x3b50
[  557.219085][T13945]  ? __dev_queue_xmit+0x27b/0x3b50
[  557.219120][T13945]  ? __dev_queue_xmit+0x1d79/0x3b50
[  557.219151][T13945]  ? kasan_save_track+0x3e/0x80
[  557.219181][T13945]  ? __kasan_slab_alloc+0x6c/0x80
[  557.219205][T13945]  ? __lock_acquire+0xab9/0xd20
[  557.219255][T13945]  ? __pfx_rtnl_newlink+0x10/0x10
[  557.219281][T13945]  rtnetlink_rcv_msg+0x7cf/0xb70
[  557.219310][T13945]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  557.219336][T13945]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  557.219368][T13945]  ? ref_tracker_free+0x63a/0x7d0
[  557.219399][T13945]  ? __asan_memcpy+0x40/0x70
[  557.219428][T13945]  ? __pfx_ref_tracker_free+0x10/0x10
[  557.219470][T13945]  netlink_rcv_skb+0x208/0x470
[  557.219500][T13945]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  557.219529][T13945]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  557.219570][T13945]  ? netlink_deliver_tap+0x2e/0x1b0
[  557.219606][T13945]  netlink_unicast+0x82c/0x9e0
[  557.219640][T13945]  ? __pfx_netlink_unicast+0x10/0x10
[  557.219667][T13945]  ? netlink_sendmsg+0x642/0xb30
[  557.219692][T13945]  ? skb_put+0x11b/0x210
[  557.219719][T13945]  netlink_sendmsg+0x805/0xb30
[  557.219757][T13945]  ? __pfx_netlink_sendmsg+0x10/0x10
[  557.219788][T13945]  ? aa_sock_msg_perm+0xf1/0x1d0
[  557.219823][T13945]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  557.219847][T13945]  ? __pfx_netlink_sendmsg+0x10/0x10
[  557.219895][T13945]  __sock_sendmsg+0x21c/0x270
[  557.219922][T13945]  ____sys_sendmsg+0x505/0x830
[  557.219962][T13945]  ? __pfx_____sys_sendmsg+0x10/0x10
[  557.220006][T13945]  ? import_iovec+0x74/0xa0
[  557.220038][T13945]  ___sys_sendmsg+0x21f/0x2a0
[  557.220073][T13945]  ? __pfx____sys_sendmsg+0x10/0x10
[  557.220147][T13945]  ? __fget_files+0x2a/0x420
[  557.220170][T13945]  ? __fget_files+0x3a0/0x420
[  557.220205][T13945]  __x64_sys_sendmsg+0x19b/0x260
[  557.220242][T13945]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  557.220286][T13945]  ? __pfx_ksys_write+0x10/0x10
[  557.220317][T13945]  ? rcu_is_watching+0x15/0xb0
[  557.220362][T13945]  ? do_syscall_64+0xbe/0x3b0
[  557.220396][T13945]  do_syscall_64+0xfa/0x3b0
[  557.220423][T13945]  ? lockdep_hardirqs_on+0x9c/0x150
[  557.220449][T13945]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.220471][T13945]  ? clear_bhb_loop+0x60/0xb0
[  557.220500][T13945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.220521][T13945] RIP: 0033:0x7f5c08d8eec9
[  557.220542][T13945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.220563][T13945] RSP: 002b:00007f5c09c98038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  557.220587][T13945] RAX: ffffffffffffffda RBX: 00007f5c08fe5fa0 RCX: 00007f5c08d8eec9
[  557.220605][T13945] RDX: 0000000004008040 RSI: 0000200000000280 RDI: 0000000000000003
[  557.220621][T13945] RBP: 00007f5c09c98090 R08: 0000000000000000 R09: 0000000000000000
[  557.220635][T13945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  557.220649][T13945] R13: 00007f5c08fe6038 R14: 00007f5c08fe5fa0 R15: 00007f5c0910fa28
[  557.220686][T13945]  </TASK>
[  557.220698][T13945] debugfs: out of free dentries, can not create file 'netdev@ffff888051918610'
[  557.676146][T13955] FAULT_INJECTION: forcing a failure.
[  557.676146][T13955] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  557.681616][ T5844] usb 5-1: new full-speed USB device number 97 using dummy_hcd
[  557.804964][T13955] CPU: 0 UID: 0 PID: 13955 Comm: syz.3.2245 Not tainted syzkaller #0 PREEMPT(full) 
[  557.804998][T13955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  557.805013][T13955] Call Trace:
[  557.805023][T13955]  <TASK>
[  557.805032][T13955]  dump_stack_lvl+0x189/0x250
[  557.805065][T13955]  ? __pfx____ratelimit+0x10/0x10
[  557.805092][T13955]  ? __pfx_dump_stack_lvl+0x10/0x10
[  557.805119][T13955]  ? __pfx__printk+0x10/0x10
[  557.805152][T13955]  ? __might_fault+0xb0/0x130
[  557.805196][T13955]  should_fail_ex+0x414/0x560
[  557.805234][T13955]  _copy_from_user+0x2d/0xb0
[  557.805262][T13955]  ___sys_recvmsg+0x12e/0x510
[  557.805302][T13955]  ? __pfx____sys_recvmsg+0x10/0x10
[  557.805357][T13955]  ? __fget_files+0x3a0/0x420
[  557.805401][T13955]  do_recvmmsg+0x307/0x770
[  557.805444][T13955]  ? __pfx_do_recvmmsg+0x10/0x10
[  557.805489][T13955]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  557.805537][T13955]  __x64_sys_recvmmsg+0x190/0x240
[  557.805574][T13955]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  557.805612][T13955]  ? do_syscall_64+0xbe/0x3b0
[  557.805644][T13955]  do_syscall_64+0xfa/0x3b0
[  557.805671][T13955]  ? lockdep_hardirqs_on+0x9c/0x150
[  557.805697][T13955]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.805720][T13955]  ? clear_bhb_loop+0x60/0xb0
[  557.805747][T13955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.805769][T13955] RIP: 0033:0x7f67ad38eec9
[  557.805789][T13955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.805810][T13955] RSP: 002b:00007f67ab5d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  557.805834][T13955] RAX: ffffffffffffffda RBX: 00007f67ad5e6090 RCX: 00007f67ad38eec9
[  557.805851][T13955] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003
[  557.805865][T13955] RBP: 00007f67ab5d5090 R08: 0000000000000000 R09: 0000000000000000
[  557.805880][T13955] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  557.805894][T13955] R13: 00007f67ad5e6128 R14: 00007f67ad5e6090 R15: 00007f67ad70fa28
[  557.805928][T13955]  </TASK>
[  558.017614][    C0] vkms_vblank_simulate: vblank timer overrun
[  558.027663][ T1207] usb 2-1: Using ep0 maxpacket: 16
[  558.099761][ T5844] usb 5-1: device descriptor read/8, error -71
[  558.107108][ T1207] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  558.120989][ T1207] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.140307][ T1207] usb 2-1: config 0 descriptor??
[  558.148454][ T1207] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  558.212457][ T5844] usb usb5-port1: unable to enumerate USB device
[  558.471985][ T5929] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  558.521490][T13972] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2250'.
[  558.545875][T13972] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2250'.
[  558.557569][T11137] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  558.647417][ T5929] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  558.647496][ T5929] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  558.647547][ T5929] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  558.647574][ T5929] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.653529][ T5929] usb 6-1: config 0 descriptor??
[  558.702718][T13974] loop2: detected capacity change from 0 to 7
[  558.735796][T13974] Dev loop2: unable to read RDB block 7
[  558.735844][T13974]  loop2: unable to read partition table
[  558.736296][T13974] loop2: partition table beyond EOD, truncated
[  558.749123][T13974] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  559.304398][ T5844] usb 5-1: new high-speed USB device number 98 using dummy_hcd
[  559.393066][T13967] fuse: Unknown parameter '��00000000000000000000026'
[  559.511925][ T5844] usb 5-1: Using ep0 maxpacket: 8
[  559.512838][ T5844] usb 5-1: too many configurations: 250, using maximum allowed: 8
[  559.514599][ T5844] usb 5-1: unable to read config index 0 descriptor/start: -61
[  559.514627][ T5844] usb 5-1: can't read configurations, error -61
[  559.651936][ T5844] usb 5-1: new high-speed USB device number 99 using dummy_hcd
[  559.831890][ T5844] usb 5-1: Using ep0 maxpacket: 8
[  559.834789][ T5844] usb 5-1: too many configurations: 250, using maximum allowed: 8
[  559.839179][ T5844] usb 5-1: unable to read config index 0 descriptor/start: -61
[  559.839211][ T5844] usb 5-1: can't read configurations, error -61
[  559.839616][ T5844] usb usb5-port1: attempt power cycle
[  560.182000][ T5844] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[  560.223113][ T5844] usb 5-1: Using ep0 maxpacket: 8
[  560.250325][ T1207] usb 2-1: Detected FT232A
[  560.256638][ T1207] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  560.279802][ T5844] usb 5-1: too many configurations: 250, using maximum allowed: 8
[  560.317638][ T1207] usb 2-1: USB disconnect, device number 82
[  560.326651][ T5844] usb 5-1: unable to read config index 0 descriptor/start: -61
[  560.349059][ T5844] usb 5-1: can't read configurations, error -61
[  560.385501][ T1207] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  560.411652][ T1207] ftdi_sio 2-1:0.0: device disconnected
[  560.531950][ T5844] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[  560.566455][ T5844] usb 5-1: Using ep0 maxpacket: 8
[  560.578050][ T5844] usb 5-1: too many configurations: 250, using maximum allowed: 8
[  560.619079][ T5844] usb 5-1: unable to read config index 0 descriptor/start: -61
[  560.629456][ T5844] usb 5-1: can't read configurations, error -61
[  560.644766][ T5844] usb usb5-port1: unable to enumerate USB device
[  560.645493][T13992] FAULT_INJECTION: forcing a failure.
[  560.645493][T13992] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  560.664809][T13992] CPU: 1 UID: 0 PID: 13992 Comm: syz.1.2257 Not tainted syzkaller #0 PREEMPT(full) 
[  560.664841][T13992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  560.664857][T13992] Call Trace:
[  560.664867][T13992]  <TASK>
[  560.664877][T13992]  dump_stack_lvl+0x189/0x250
[  560.664911][T13992]  ? __pfx____ratelimit+0x10/0x10
[  560.664939][T13992]  ? __pfx_dump_stack_lvl+0x10/0x10
[  560.664966][T13992]  ? __pfx__printk+0x10/0x10
[  560.665002][T13992]  ? __might_fault+0xb0/0x130
[  560.665047][T13992]  should_fail_ex+0x414/0x560
[  560.665086][T13992]  _copy_to_iter+0x404/0x1790
[  560.665122][T13992]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  560.665158][T13992]  ? __pfx__copy_to_iter+0x10/0x10
[  560.665178][T13992]  ? __skb_try_recv_from_queue+0x58f/0x730
[  560.665219][T13992]  ? __skb_try_recv_datagram+0x3d5/0x4d0
[  560.665262][T13992]  __skb_datagram_iter+0xf8/0x990
[  560.665299][T13992]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  560.665344][T13992]  skb_copy_datagram_iter+0xc5/0x230
[  560.665384][T13992]  netlink_recvmsg+0x2ab/0xa30
[  560.665426][T13992]  ? __pfx_netlink_recvmsg+0x10/0x10
[  560.665463][T13992]  ? aa_sock_msg_perm+0xf1/0x1d0
[  560.665499][T13992]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  560.665522][T13992]  ? security_socket_recvmsg+0x7e/0x2e0
[  560.665547][T13992]  ? __pfx_netlink_recvmsg+0x10/0x10
[  560.665578][T13992]  sock_recvmsg+0x22c/0x270
[  560.665608][T13992]  ____sys_recvmsg+0x1c9/0x460
[  560.665650][T13992]  ? __pfx_____sys_recvmsg+0x10/0x10
[  560.665701][T13992]  ? import_iovec+0x74/0xa0
[  560.665732][T13992]  ___sys_recvmsg+0x1b5/0x510
[  560.665772][T13992]  ? __pfx____sys_recvmsg+0x10/0x10
[  560.665831][T13992]  ? __fget_files+0x3a0/0x420
[  560.665867][T13992]  do_recvmmsg+0x307/0x770
[  560.665910][T13992]  ? __pfx_do_recvmmsg+0x10/0x10
[  560.665961][T13992]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  560.666010][T13992]  __x64_sys_recvmmsg+0x190/0x240
[  560.666047][T13992]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  560.666080][T13992]  ? rcu_is_watching+0x15/0xb0
[  560.666122][T13992]  ? do_syscall_64+0xbe/0x3b0
[  560.666154][T13992]  do_syscall_64+0xfa/0x3b0
[  560.666181][T13992]  ? lockdep_hardirqs_on+0x9c/0x150
[  560.666208][T13992]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.666231][T13992]  ? clear_bhb_loop+0x60/0xb0
[  560.666259][T13992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.666282][T13992] RIP: 0033:0x7f916798eec9
[  560.666303][T13992] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  560.666324][T13992] RSP: 002b:00007f91688c3038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  560.666349][T13992] RAX: ffffffffffffffda RBX: 00007f9167be5fa0 RCX: 00007f916798eec9
[  560.666367][T13992] RDX: 0000000000000003 RSI: 0000200000000240 RDI: 0000000000000003
[  560.666382][T13992] RBP: 00007f91688c3090 R08: 0000000000000000 R09: 0000000000000000
[  560.666398][T13992] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  560.666412][T13992] R13: 00007f9167be6038 R14: 00007f9167be5fa0 R15: 00007f9167d0fa28
[  560.666447][T13992]  </TASK>
[  561.479341][ T5929] usbhid 6-1:0.0: can't add hid device: -71
[  561.491972][ T5929] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  561.522627][ T5929] usb 6-1: USB disconnect, device number 36
[  561.642226][   T44] usb 2-1: new full-speed USB device number 83 using dummy_hcd
[  561.812676][   T44] usb 2-1: too many configurations: 41, using maximum allowed: 8
[  561.837438][   T44] usb 2-1: unable to read config index 0 descriptor/start: -61
[  561.850456][   T44] usb 2-1: can't read configurations, error -61
[  561.871723][T13998] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2260'.
[  562.011979][   T44] usb 2-1: new full-speed USB device number 84 using dummy_hcd
[  562.134385][T14007] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2259'.
[  562.235426][ T5929] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[  562.256661][   T44] usb 2-1: too many configurations: 41, using maximum allowed: 8
[  562.273448][   T44] usb 2-1: unable to read config index 0 descriptor/start: -61
[  562.281344][   T44] usb 2-1: can't read configurations, error -61
[  562.294231][   T44] usb usb2-port1: attempt power cycle
[  562.371984][ T5844] usb 1-1: new full-speed USB device number 101 using dummy_hcd
[  562.387870][T14011] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2263'.
[  562.412443][ T5929] usb 4-1: Using ep0 maxpacket: 16
[  562.420668][ T5929] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  562.429650][ T5929] usb 4-1: config 0 has no interface number 0
[  562.465928][ T5929] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  562.477392][ T5929] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  562.487588][ T5929] usb 4-1: config 0 interface 41 has no altsetting 0
[  562.499175][ T5929] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  562.514716][ T5929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  562.540494][T14009] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  562.544704][ T5929] usb 4-1: Product: syz
[  562.564162][ T5844] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  562.575549][ T5929] usb 4-1: Manufacturer: syz
[  562.580203][ T5929] usb 4-1: SerialNumber: syz
[  562.585599][ T5844] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  562.599125][ T5844] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  562.611026][ T5929] usb 4-1: config 0 descriptor??
[  562.617706][T14002] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  562.634641][ T5844] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  562.644089][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  562.670612][ T5844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  562.671235][T14002] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  562.678869][ T5844] usb 1-1: Product: syz
[  562.691886][ T5844] usb 1-1: Manufacturer: syz
[  562.696585][ T5844] usb 1-1: SerialNumber: syz
[  562.715685][ T5844] usb 1-1: config 0 descriptor??
[  562.722579][T14006] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  562.760486][   T44] usb 2-1: new full-speed USB device number 85 using dummy_hcd
[  562.772151][T14006] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  562.853422][   T44] usb 2-1: too many configurations: 41, using maximum allowed: 8
[  562.859578][ T5844] usb 1-1: ucan: probing device on interface #0
[  562.872534][   T44] usb 2-1: unable to read config index 0 descriptor/start: -61
[  562.880450][   T44] usb 2-1: can't read configurations, error -61
[  563.025024][   T44] usb 2-1: new full-speed USB device number 86 using dummy_hcd
[  563.039505][T14006] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  563.059390][   T44] usb 2-1: too many configurations: 41, using maximum allowed: 8
[  563.071534][   T44] usb 2-1: unable to read config index 0 descriptor/start: -61
[  563.080993][   T44] usb 2-1: can't read configurations, error -61
[  563.089743][T14006] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  563.091458][   T44] usb usb2-port1: unable to enumerate USB device
[  563.239290][T14017] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  563.448587][ T5844] usb 1-1: ucan: failed to retrieve device info
[  563.462295][ T5844] usb 1-1: ucan: probe failed; try to update the device firmware
[  563.475255][T14017] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  563.529788][ T5844] usb 1-1: USB disconnect, device number 101
[  563.800219][ T5929] Error reading MAC address
[  563.806316][T14002] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  563.814228][T14002] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  563.822767][T14015] netlink: 'syz.4.2265': attribute type 11 has an invalid length.
[  564.033849][ T5929] sr9700 4-1:0.41 (unnamed net_device) (uninitialized): Error reading MAC address
[  564.059954][ T5929] usb 4-1: USB disconnect, device number 84
[  564.351940][ T5844] usb 1-1: new full-speed USB device number 102 using dummy_hcd
[  564.381139][T14025] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2267'.
[  564.409753][T14025] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2267'.
[  564.444501][ T7129] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  564.533697][ T5844] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  564.547719][ T5844] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 96, setting to 64
[  564.612903][ T5844] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  564.645891][ T5844] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  564.655882][ T5844] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  564.664327][ T5844] usb 1-1: SerialNumber: syz
[  564.685343][T14020] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  564.694810][ T5844] hub 1-1:1.0: bad descriptor, ignoring hub
[  564.707770][ T5844] hub 1-1:1.0: probe with driver hub failed with error -5
[  564.726040][T14029] loop2: detected capacity change from 0 to 7
[  564.733984][T14029] Dev loop2: unable to read RDB block 7
[  564.739783][T14029]  loop2: unable to read partition table
[  564.745951][T14029] loop2: partition table beyond EOD, truncated
[  564.762337][T14029] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  564.898225][T14020] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  565.341623][ T5844] cdc_ether 1-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.0-1, CDC Ethernet Device, 42:42:42:42:42:42
[  565.502307][ T2150] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[  565.526455][T14020] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  565.542420][T14020] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  565.683288][ T5925] usb 1-1: USB disconnect, device number 102
[  565.693716][ T5925] cdc_ether 1-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.0-1, CDC Ethernet Device
[  565.732196][ T2150] usb 2-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  565.766177][ T2150] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.831484][ T2150] usb 2-1: Product: syz
[  565.864353][ T2150] usb 2-1: Manufacturer: syz
[  565.934993][ T2150] usb 2-1: SerialNumber: syz
[  566.522022][   T44] usb 1-1: new full-speed USB device number 103 using dummy_hcd
[  566.594492][ T2150] rtl8150 2-1:1.0: eth5: rtl8150 is detected
[  566.715214][   T44] usb 1-1: config 0 has an invalid interface number: 37 but max is 1
[  566.728177][   T44] usb 1-1: config 0 has an invalid interface number: 48 but max is 1
[  566.812042][ T5844] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[  566.831941][   T44] usb 1-1: config 0 has no interface number 0
[  566.866949][   T44] usb 1-1: config 0 has no interface number 1
[  566.876405][ T5941] usb 2-1: USB disconnect, device number 87
[  566.900706][   T44] usb 1-1: too many endpoints for config 0 interface 48 altsetting 48: 48, using maximum allowed: 30
[  566.922091][   T44] usb 1-1: config 0 interface 48 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  566.952898][   T44] usb 1-1: config 0 interface 48 has no altsetting 0
[  566.989010][   T44] usb 1-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=20.a3
[  567.008309][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  567.020176][   T44] usb 1-1: Product: syz
[  567.038637][ T5844] usb 4-1: Using ep0 maxpacket: 8
[  567.050921][   T44] usb 1-1: Manufacturer: syz
[  567.059381][ T5844] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  567.061084][   T44] usb 1-1: SerialNumber: syz
[  567.079019][ T5844] usb 4-1: config 179 has no interface number 0
[  567.095704][   T44] usb 1-1: config 0 descriptor??
[  567.133562][ T5844] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  567.145841][ T5844] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  567.166929][ T5844] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  567.191667][ T5844] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  567.219085][ T5844] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  567.253378][ T5844] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  567.277593][ T5844] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.309547][T14065] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  567.479423][   T44] usb 1-1: USB disconnect, device number 103
[  567.840095][ T1207] usb 4-1: USB disconnect, device number 85
[  567.846260][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  567.846322][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  568.046784][T14101] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2286'.
[  568.095247][T14105] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2286'.
[  568.264065][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  568.273234][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  568.882157][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  569.057610][T14120] loop2: detected capacity change from 0 to 7
[  569.078471][T14120] Dev loop2: unable to read RDB block 7
[  569.092497][T14120]  loop2: unable to read partition table
[  569.098436][T14120] loop2: partition table beyond EOD, truncated
[  569.111747][T14120] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  569.295130][T14126] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2287'.
[  569.355323][T14126] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2287'.
[  569.366275][ T7129] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  569.501169][T14123] program syz.3.2290 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  569.973763][T14140] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2291'.
[  570.222217][   T44] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[  570.391553][   T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  570.413207][   T44] usb 5-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00
[  570.431942][   T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.471305][   T44] usb 5-1: config 0 descriptor??
[  570.501626][T14150] netlink: 2036 bytes leftover after parsing attributes in process `syz.3.2293'.
[  570.532475][T14150] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2293'.
[  570.690535][T14150] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2293'.
[  571.050214][T14154] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2295'.
[  571.408534][   T44] razer 0003:1532:010D.0028: hidraw0: USB HID v0.00 Device [HID 1532:010d] on usb-dummy_hcd.4-1/input0
[  571.442009][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  573.311888][ T5895] usb 1-1: new high-speed USB device number 104 using dummy_hcd
[  573.523315][ T5895] usb 1-1: Using ep0 maxpacket: 32
[  573.547339][ T5895] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  573.557732][ T5895] usb 1-1: config 0 has no interface number 0
[  573.575062][ T5895] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  573.599696][ T5895] usb 1-1: config 0 interface 85 has no altsetting 0
[  573.624872][ T5895] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  573.634275][ T5895] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  573.642644][ T5895] usb 1-1: Product: syz
[  573.649233][ T5895] usb 1-1: Manufacturer: syz
[  573.672996][ T5895] usb 1-1: SerialNumber: syz
[  573.694213][ T5895] usb 1-1: config 0 descriptor??
[  573.762120][    C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  573.965619][T14177] netlink: 'syz.5.2300': attribute type 29 has an invalid length.
[  574.145024][ T1207] usb 5-1: USB disconnect, device number 102
[  574.479937][T14182] loop2: detected capacity change from 0 to 7
[  574.487484][T14182] Dev loop2: unable to read RDB block 7
[  574.493312][T14182]  loop2: unable to read partition table
[  574.512116][T14182] loop2: partition table beyond EOD, truncated
[  574.522658][ T5895] appletouch 1-1:0.85: Geyser mode initialized.
[  574.530006][T14182] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  574.556758][ T5895] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input39
[  574.633012][T14186] netlink: 2 bytes leftover after parsing attributes in process `syz.3.2303'.
[  574.662612][    C1] appletouch 1-1:0.85: appletouch: OVERFLOW with data length 64, actual length is 64
[  574.959098][T14199] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2305'.
[  575.100600][T14197] lo: entered allmulticast mode
[  575.232913][   T44] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[  575.393247][   T44] usb 4-1: Using ep0 maxpacket: 8
[  575.422339][   T44] usb 4-1: config 162 has an invalid interface number: 84 but max is 2
[  575.431160][   T44] usb 4-1: config 162 has an invalid interface number: 3 but max is 2
[  575.451307][   T44] usb 4-1: config 162 has no interface number 0
[  575.462824][   T44] usb 4-1: config 162 has no interface number 1
[  575.469197][   T44] usb 4-1: config 162 interface 84 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  575.517145][   T44] usb 4-1: config 162 interface 2 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[  575.539973][   T44] usb 4-1: config 162 interface 2 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[  575.572863][   T44] usb 4-1: config 162 interface 2 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[  575.574828][T14190] lo: left allmulticast mode
[  575.591897][   T44] usb 4-1: config 162 interface 2 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[  575.610659][   T44] usb 4-1: config 162 interface 2 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  575.656379][   T44] usb 4-1: config 162 interface 84 has no altsetting 0
[  575.677366][   T44] usb 4-1: config 162 interface 2 has no altsetting 0
[  575.704854][   T44] usb 4-1: config 162 interface 3 has no altsetting 0
[  575.717661][   T44] usb 4-1: New USB device found, idVendor=0e8d, idProduct=763f, bcdDevice=9b.23
[  575.742830][   T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.774218][   T44] usb 4-1: Product: syz
[  575.779106][   T44] usb 4-1: Manufacturer: syz
[  575.793274][   T44] usb 4-1: SerialNumber: syz
[  575.957312][ T1207] usb 1-1: USB disconnect, device number 104
[  576.046398][T11408] Bluetooth: hci5: Opcode 0x0c03 failed: -71
[  576.090569][   T44] usb 4-1: USB disconnect, device number 86
[  576.103584][ T5844] usb 5-1: new full-speed USB device number 103 using dummy_hcd
[  576.206756][ T1207] appletouch 1-1:0.85: input: appletouch disconnected
[  576.307787][ T5844] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  576.337099][ T5844] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  576.357749][ T5844] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 65535, setting to 64
[  576.395324][ T5844] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  576.429956][ T5844] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  576.440572][ T5844] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  576.458002][ T5844] usb 5-1: Manufacturer: syz
[  576.473141][ T5844] usb 5-1: config 0 descriptor??
[  576.581984][ T1207] usb 1-1: new high-speed USB device number 105 using dummy_hcd
[  576.735188][T14226] netlink: 'syz.3.2314': attribute type 5 has an invalid length.
[  576.772090][ T5844] rc_core: IR keymap rc-hauppauge not found
[  576.779848][ T1207] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  576.792339][ T5844] Registered IR keymap rc-empty
[  576.805308][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  576.812099][ T1207] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  576.831971][ T1207] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  576.844695][ T1207] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  576.854287][T14232] loop2: detected capacity change from 0 to 7
[  576.855034][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  576.864715][ T6476] Dev loop2: unable to read RDB block 7
[  576.875935][ T6476]  loop2: unable to read partition table
[  576.885167][ T1207] usb 1-1: config 0 descriptor??
[  576.891501][ T6476] loop2: partition table beyond EOD, truncated
[  576.913029][T14232] Dev loop2: unable to read RDB block 7
[  576.913116][ T5844] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  576.934008][T14232]  loop2: unable to read partition table
[  576.944914][T14232] loop2: partition table beyond EOD, truncated
[  576.954857][ T5844] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input40
[  576.963184][T14232] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  576.989616][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  577.022833][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  577.052341][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  577.072196][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  577.104756][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  577.156232][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  577.175392][T14241] bridge_slave_0: entered promiscuous mode
[  577.203817][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  577.209692][T14241] trusted_key: encrypted_key: master key parameter '' is invalid
[  577.242654][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  577.292795][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  577.331501][ T5844] mceusb 5-1:0.0: Error: mce write urb status = -71
[  577.344648][T14249] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  577.359733][T14249] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  577.385884][ T5844] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  577.401773][ T5844] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  577.448891][ T5844] usb 5-1: USB disconnect, device number 103
[  577.540428][ T1207] usbhid 1-1:0.0: can't add hid device: -71
[  577.547884][ T1207] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  577.600143][ T1207] usb 1-1: USB disconnect, device number 105
[  577.614808][ T5934] udevd[5934]: setting owner of /dev/bus/usb/005/103 to uid=0, gid=0 failed: No such file or directory
[  578.482107][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  578.583685][T14250] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2321'.
[  578.615520][T14278] all: renamed from bridge_slave_0 (while UP)
[  578.772050][ T1207] usb 6-1: new low-speed USB device number 37 using dummy_hcd
[  578.921969][ T1207] usb 6-1: device descriptor read/64, error -71
[  578.991942][ T5925] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[  579.151899][ T5925] usb 1-1: Using ep0 maxpacket: 8
[  579.164116][ T5925] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  579.203876][ T5925] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  579.209382][T14293] loop2: detected capacity change from 0 to 7
[  579.222061][ T1207] usb 6-1: new low-speed USB device number 38 using dummy_hcd
[  579.234900][T14293] Dev loop2: unable to read RDB block 7
[  579.240547][T14293]  loop2: unable to read partition table
[  579.250575][T14293] loop2: partition table beyond EOD, truncated
[  579.263319][T14293] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[  579.274501][ T5925] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.304589][ T5925] usb 1-1: config 0 descriptor??
[  579.336410][ T5925] gspca_main: vc032x-2.14.0 probing 046d:0892
[  579.371996][ T1207] usb 6-1: device descriptor read/64, error -71
[  579.492773][ T1207] usb usb6-port1: attempt power cycle
[  579.502512][T14296] netlink: 'syz.4.2332': attribute type 10 has an invalid length.
[  579.541516][T14296] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2332'.
[  579.851940][ T5844] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[  579.862048][ T1207] usb 6-1: new low-speed USB device number 39 using dummy_hcd
[  579.883061][ T1207] usb 6-1: device descriptor read/8, error -71
[  579.892017][ T2150] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[  580.003509][ T5844] usb 2-1: Using ep0 maxpacket: 32
[  580.010760][ T5844] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  580.022175][ T5844] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  580.032349][ T5844] usb 2-1: New USB device found, idVendor=0925, idProduct=8866, bcdDevice= 0.00
[  580.041456][ T5844] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.051955][ T2150] usb 4-1: Using ep0 maxpacket: 8
[  580.052829][ T5844] usb 2-1: config 0 descriptor??
[  580.064262][ T2150] usb 4-1: config index 0 descriptor too short (expected 6427, got 27)
[  580.076143][ T2150] usb 4-1: config 0 has an invalid interface number: 21 but max is 0
[  580.088469][ T2150] usb 4-1: config 0 has no interface number 0
[  580.094978][ T2150] usb 4-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  580.108044][ T2150] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  580.119565][ T2150] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  580.122328][ T1207] usb 6-1: new low-speed USB device number 40 using dummy_hcd
[  580.134822][ T2150] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=c3.d4
[  580.149572][ T2150] usb 4-1: New USB device strings: Mfr=78, Product=1, SerialNumber=0
[  580.157863][ T2150] usb 4-1: Product: syz
[  580.162181][ T2150] usb 4-1: Manufacturer: syz
[  580.163014][ T1207] usb 6-1: device descriptor read/8, error -71
[  580.171209][ T2150] usb 4-1: config 0 descriptor??
[  580.179349][T14300] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  580.283029][ T1207] usb usb6-port1: unable to enumerate USB device
[  580.442768][ T5925] gspca_vc032x: reg_w err -110
[  580.450280][ T5925] vc032x 1-1:0.0: probe with driver vc032x failed with error -110
[  580.664748][ T5844] smartjoyplus 0003:0925:8866.0029: hidraw0: USB HID v0.00 Device [HID 0925:8866] on usb-dummy_hcd.1-1/input0
[  580.685547][ T5844] smartjoyplus 0003:0925:8866.0029: Force feedback for SmartJoy PLUS PS2/USB adapter
[  580.816742][ T2150] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.21/input/input41
[  581.021565][T14300] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  581.031063][T14300] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  581.404695][T14313] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  581.437651][T14313] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  581.792884][ T5844] usb 1-1: USB disconnect, device number 106
[  581.890439][T14325] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  581.905962][T14325] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  582.321997][    C1] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  582.470693][T14332] random: crng reseeded on system resumption
[  582.719666][ T5895] usb 2-1: USB disconnect, device number 88
[  582.957929][ T5925] usb 4-1: USB disconnect, device number 87
[  582.964001][    C1] keyspan_remote 4-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19
[  583.459543][    T9] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  583.831913][    T9] usb 6-1: Using ep0 maxpacket: 32
[  583.840231][    T9] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  583.867680][    T9] usb 6-1: config 0 has no interface number 0
[  583.891359][    T9] usb 6-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  583.918872][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  583.951110][    T9] usb 6-1: Product: syz
[  583.971155][    T9] usb 6-1: Manufacturer: syz
[  583.990413][    T9] usb 6-1: SerialNumber: syz
[  584.039310][    T9] usb 6-1: config 0 descriptor??
[  584.071212][    T9] usb 6-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  584.134576][    T9] usb 6-1: selecting invalid altsetting 1
[  584.162799][    T9] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  584.225177][    T9] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  584.266516][    T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  584.327207][   T30] audit: type=1326 audit(1759854783.231:6272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14342 comm="syz.5.2344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e6f8eec9 code=0x7ffc0000
[  584.375279][    T9] usb 6-1: media controller created
[  584.471444][   T30] audit: type=1326 audit(1759854783.231:6273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14342 comm="syz.5.2344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e6f8eec9 code=0x7ffc0000
[  584.494104][    C0] vkms_vblank_simulate: vblank timer overrun
[  584.526084][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  584.582784][   T30] audit: type=1326 audit(1759854783.231:6274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14342 comm="syz.5.2344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=30 compat=0 ip=0x7f23e6f8eec9 code=0x7ffc0000
[  584.642720][    T9] usb 6-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  584.662425][    T9] zl10353_read_register: readreg error (reg=127, ret==-71)
[  584.690214][   T30] audit: type=1326 audit(1759854783.241:6275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14342 comm="syz.5.2344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e6f8eec9 code=0x7ffc0000
[  584.712814][    C0] vkms_vblank_simulate: vblank timer overrun
[  584.728676][    T9] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  584.761501][   T30] audit: type=1326 audit(1759854783.241:6276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14342 comm="syz.5.2344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23e6f8eec9 code=0x7ffc0000
[  584.836542][T14363] program syz.4.2352 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  584.984494][    T9] usb 6-1: USB disconnect, device number 41
[  585.618835][T14389] netlink: 'syz.1.2362': attribute type 11 has an invalid length.
[  585.626806][T14389] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2362'.
[  585.637075][T14389] netlink: 'syz.1.2362': attribute type 11 has an invalid length.
[  585.645308][T14389] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2362'.
[  585.654818][T14389] netlink: 'syz.1.2362': attribute type 11 has an invalid length.
[  585.664279][T14389] netlink: 56 bytes leftover after parsing attributes in process `syz.1.2362'.
[  587.136629][   T30] audit: type=1326 audit(1759854786.061:6277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14436 comm="syz.1.2383" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f916798eec9 code=0x0
[  587.746772][T14452] 8021q: adding VLAN 0 to HW filter on device bond0
[  587.758164][T14452] 8021q: adding VLAN 0 to HW filter on device team0
[  587.777296][T14452] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  588.082105][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  588.217831][T14469] program syz.1.2396 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  588.268809][T14472] program syz.1.2396 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  588.590554][T14488] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  588.934176][T14509] netlink: 'syz.3.2413': attribute type 3 has an invalid length.
[  589.232399][T14522] lo: entered promiscuous mode
[  589.237249][T14522] lo: entered allmulticast mode
[  589.312923][T14522] tunl0: entered promiscuous mode
[  589.318036][T14522] tunl0: entered allmulticast mode
[  589.391171][T14522] gre0: entered promiscuous mode
[  589.429601][T14522] gre0: entered allmulticast mode
[  589.455607][T14522] gretap0: entered promiscuous mode
[  589.470111][T14522] gretap0: entered allmulticast mode
[  589.523371][T14522] erspan0: entered promiscuous mode
[  589.528706][T14522] erspan0: entered allmulticast mode
[  589.564877][T14522] ip_vti0: entered promiscuous mode
[  589.586435][T14522] ip_vti0: entered allmulticast mode
[  589.614170][T14522] ip6_vti0: entered promiscuous mode
[  589.626184][T14522] ip6_vti0: entered allmulticast mode
[  590.686988][T14579] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  591.433515][T14606] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2453'.
[  591.620019][T14614] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2453'.
[  591.702361][T14617] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2453'.
[  591.752552][T14616] vlan2: entered promiscuous mode
[  594.190293][T14674] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2480'.
[  594.224538][T14674] bridge_slave_1: left allmulticast mode
[  594.245185][T14674] bridge_slave_1: left promiscuous mode
[  594.251285][T14674] bridge0: port 2(bridge_slave_1) entered disabled state
[  594.346194][T14674] bridge_slave_0: left allmulticast mode
[  594.381855][T14674] bridge_slave_0: left promiscuous mode
[  594.387733][T14674] bridge0: port 1(bridge_slave_0) entered disabled state
[  594.863838][T14691] loop2: detected capacity change from 0 to 7
[  594.895598][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  594.904911][    C1] buffer_io_error: 27 callbacks suppressed
[  594.904930][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  594.927426][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  594.936720][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  594.951891][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  594.961144][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  595.021474][T14692] 
[  595.023925][T14692] ======================================================
[  595.030967][T14692] WARNING: possible circular locking dependency detected
[  595.038029][T14692] syzkaller #0 Not tainted
[  595.042465][T14692] ------------------------------------------------------
[  595.049505][T14692] syz.5.2487/14692 is trying to acquire lock:
[  595.055632][T14692] ffff88801c2f0220 (&root->kernfs_iattr_rwsem){++++}-{4:4}, at: kernfs_iop_getattr+0x9e/0x450
[  595.066009][T14692] 
[  595.066009][T14692] but task is already holding lock:
[  595.073486][T14692] ffff888141fa31b8 (&q->q_usage_counter(io)#19){++++}-{0:0}, at: lo_ioctl+0x16cc/0x1c10
[  595.083306][T14692] 
[  595.083306][T14692] which lock already depends on the new lock.
[  595.083306][T14692] 
[  595.093729][T14692] 
[  595.093729][T14692] the existing dependency chain (in reverse order) is:
[  595.102847][T14692] 
[  595.102847][T14692] -> #2 (&q->q_usage_counter(io)#19){++++}-{0:0}:
[  595.111501][T14692]        lock_acquire+0x120/0x360
[  595.116638][T14692]        blk_alloc_queue+0x538/0x620
[  595.121942][T14692]        __blk_mq_alloc_disk+0x15c/0x340
[  595.127596][T14692]        loop_add+0x411/0xad0
[  595.132287][T14692]        loop_init+0xd9/0x170
[  595.136981][T14692]        do_one_initcall+0x233/0x820
[  595.142290][T14692]        do_initcall_level+0x104/0x190
[  595.147758][T14692]        do_initcalls+0x59/0xa0
[  595.152634][T14692]        kernel_init_freeable+0x334/0x4b0
[  595.158363][T14692]        kernel_init+0x1d/0x1d0
[  595.163227][T14692]        ret_from_fork+0x436/0x7d0
[  595.168372][T14692]        ret_from_fork_asm+0x1a/0x30
[  595.173683][T14692] 
[  595.173683][T14692] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  595.180915][T14692]        lock_acquire+0x120/0x360
[  595.185953][T14692]        fs_reclaim_acquire+0x72/0x100
[  595.191420][T14692]        kmem_cache_alloc_noprof+0x45/0x6e0
[  595.197331][T14692]        __kernfs_iattrs+0xd9/0x320
[  595.202764][T14692]        kernfs_iop_setattr+0xea/0x3f0
[  595.208263][T14692]        notify_change+0xc1a/0xf40
[  595.213424][T14692]        do_truncate+0x1a4/0x220
[  595.218390][T14692]        path_openat+0x306c/0x3830
[  595.223522][T14692]        do_filp_open+0x1fa/0x410
[  595.228578][T14692]        do_sys_openat2+0x121/0x1c0
[  595.233800][T14692]        __x64_sys_openat+0x138/0x170
[  595.239196][T14692]        do_syscall_64+0xfa/0x3b0
[  595.244236][T14692]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.250669][T14692] 
[  595.250669][T14692] -> #0 (&root->kernfs_iattr_rwsem){++++}-{4:4}:
[  595.259205][T14692]        validate_chain+0xb9b/0x2140
[  595.264619][T14692]        __lock_acquire+0xab9/0xd20
[  595.269865][T14692]        lock_acquire+0x120/0x360
[  595.274920][T14692]        down_read+0x46/0x2e0
[  595.279639][T14692]        kernfs_iop_getattr+0x9e/0x450
[  595.285117][T14692]        vfs_getattr_nosec+0x2e1/0x430
[  595.290594][T14692]        loop_assign_backing_file+0x222/0x400
[  595.296675][T14692]        lo_ioctl+0x1738/0x1c10
[  595.301531][T14692]        blkdev_ioctl+0x5ac/0x6d0
[  595.306590][T14692]        __se_sys_ioctl+0xf9/0x170
[  595.311741][T14692]        do_syscall_64+0xfa/0x3b0
[  595.316786][T14692]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.323211][T14692] 
[  595.323211][T14692] other info that might help us debug this:
[  595.323211][T14692] 
[  595.333528][T14692] Chain exists of:
[  595.333528][T14692]   &root->kernfs_iattr_rwsem --> fs_reclaim --> &q->q_usage_counter(io)#19
[  595.333528][T14692] 
[  595.348244][T14692]  Possible unsafe locking scenario:
[  595.348244][T14692] 
[  595.355820][T14692]        CPU0                    CPU1
[  595.361189][T14692]        ----                    ----
[  595.366560][T14692]   lock(&q->q_usage_counter(io)#19);
[  595.371966][T14692]                                lock(fs_reclaim);
[  595.378487][T14692]                                lock(&q->q_usage_counter(io)#19);
[  595.386395][T14692]   rlock(&root->kernfs_iattr_rwsem);
[  595.391775][T14692] 
[  595.391775][T14692]  *** DEADLOCK ***
[  595.391775][T14692] 
[  595.400368][T14692] 3 locks held by syz.5.2487/14692:
[  595.405586][T14692]  #0: ffff888142b2b440 (&lo->lo_mutex){+.+.}-{4:4}, at: lo_ioctl+0x11c1/0x1c10
[  595.414669][T14692]  #1: ffff888141fa31b8 (&q->q_usage_counter(io)#19){++++}-{0:0}, at: lo_ioctl+0x16cc/0x1c10
[  595.424897][T14692]  #2: ffff888141fa31f0 (&q->q_usage_counter(queue)#3){+.+.}-{0:0}, at: lo_ioctl+0x16cc/0x1c10
[  595.435294][T14692] 
[  595.435294][T14692] stack backtrace:
[  595.441192][T14692] CPU: 0 UID: 0 PID: 14692 Comm: syz.5.2487 Not tainted syzkaller #0 PREEMPT(full) 
[  595.441221][T14692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  595.441255][T14692] Call Trace:
[  595.441265][T14692]  <TASK>
[  595.441274][T14692]  dump_stack_lvl+0x189/0x250
[  595.441302][T14692]  ? __pfx_dump_stack_lvl+0x10/0x10
[  595.441324][T14692]  ? __pfx__printk+0x10/0x10
[  595.441356][T14692]  print_circular_bug+0x2ee/0x310
[  595.441384][T14692]  check_noncircular+0x134/0x160
[  595.441412][T14692]  validate_chain+0xb9b/0x2140
[  595.441446][T14692]  ? tomoyo_path_perm+0x1e3/0x4b0
[  595.441477][T14692]  __lock_acquire+0xab9/0xd20
[  595.441500][T14692]  ? kernfs_iop_getattr+0x9e/0x450
[  595.441522][T14692]  lock_acquire+0x120/0x360
[  595.441545][T14692]  ? kernfs_iop_getattr+0x9e/0x450
[  595.441573][T14692]  down_read+0x46/0x2e0
[  595.441598][T14692]  ? kernfs_iop_getattr+0x9e/0x450
[  595.441621][T14692]  kernfs_iop_getattr+0x9e/0x450
[  595.441647][T14692]  vfs_getattr_nosec+0x2e1/0x430
[  595.441669][T14692]  loop_assign_backing_file+0x222/0x400
[  595.441691][T14692]  ? __pfx_loop_assign_backing_file+0x10/0x10
[  595.441711][T14692]  ? schedule+0x91/0x360
[  595.441735][T14692]  ? percpu_ref_kill_and_confirm+0xa3/0x130
[  595.441759][T14692]  lo_ioctl+0x1738/0x1c10
[  595.441780][T14692]  ? __pfx_lo_ioctl+0x10/0x10
[  595.441799][T14692]  ? is_bpf_text_address+0x26/0x2b0
[  595.441829][T14692]  ? kernel_text_address+0xa5/0xe0
[  595.441848][T14692]  ? __kernel_text_address+0xd/0x40
[  595.441865][T14692]  ? unwind_get_return_address+0x4d/0x90
[  595.441890][T14692]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  595.441918][T14692]  ? arch_stack_walk+0xfc/0x150
[  595.441947][T14692]  ? __lock_acquire+0xab9/0xd20
[  595.441968][T14692]  ? __lock_acquire+0xab9/0xd20
[  595.441989][T14692]  ? __lock_acquire+0xab9/0xd20
[  595.442018][T14692]  ? __lock_acquire+0xab9/0xd20
[  595.442041][T14692]  ? __lock_acquire+0xab9/0xd20
[  595.442068][T14692]  ? is_bpf_text_address+0x26/0x2b0
[  595.442090][T14692]  ? is_bpf_text_address+0x292/0x2b0
[  595.442110][T14692]  ? is_bpf_text_address+0x26/0x2b0
[  595.442131][T14692]  ? kernel_text_address+0xa5/0xe0
[  595.442149][T14692]  ? __kernel_text_address+0xd/0x40
[  595.442166][T14692]  ? unwind_get_return_address+0x4d/0x90
[  595.442189][T14692]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  595.442216][T14692]  ? arch_stack_walk+0xfc/0x150
[  595.442244][T14692]  ? stack_trace_save+0x9c/0xe0
[  595.442270][T14692]  ? __pfx_stack_trace_save+0x10/0x10
[  595.442297][T14692]  ? stack_depot_save_flags+0x40/0x860
[  595.442327][T14692]  ? kasan_save_track+0x4f/0x80
[  595.442352][T14692]  ? kasan_save_track+0x3e/0x80
[  595.442377][T14692]  ? __kasan_save_free_info+0x46/0x50
[  595.442399][T14692]  ? __kasan_slab_free+0x5c/0x80
[  595.442413][T14692]  ? kfree+0x19a/0x6d0
[  595.442436][T14692]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  595.442457][T14692]  ? security_file_ioctl+0xcb/0x2d0
[  595.442477][T14692]  ? __se_sys_ioctl+0x47/0x170
[  595.442499][T14692]  ? do_syscall_64+0xfa/0x3b0
[  595.442521][T14692]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.442550][T14692]  ? __asan_memset+0x22/0x50
[  595.442575][T14692]  ? blk_get_meta_cap+0x18c/0x750
[  595.442604][T14692]  ? __pfx_blk_get_meta_cap+0x10/0x10
[  595.442631][T14692]  ? lockdep_hardirqs_on+0x9c/0x150
[  595.442655][T14692]  ? blkdev_common_ioctl+0xff7/0x2550
[  595.442672][T14692]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  595.442695][T14692]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  595.442713][T14692]  ? do_vfs_ioctl+0xbe8/0x1430
[  595.442738][T14692]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  595.442765][T14692]  ? __pfx_css_rstat_updated+0x10/0x10
[  595.442791][T14692]  ? __lock_acquire+0xab9/0xd20
[  595.442817][T14692]  ? __pfx_lo_ioctl+0x10/0x10
[  595.442836][T14692]  blkdev_ioctl+0x5ac/0x6d0
[  595.442853][T14692]  ? __pfx_blkdev_ioctl+0x10/0x10
[  595.442868][T14692]  ? __fget_files+0x2a/0x420
[  595.442887][T14692]  ? bpf_lsm_file_ioctl+0x9/0x20
[  595.442909][T14692]  ? __pfx_blkdev_ioctl+0x10/0x10
[  595.442924][T14692]  __se_sys_ioctl+0xf9/0x170
[  595.442949][T14692]  do_syscall_64+0xfa/0x3b0
[  595.442971][T14692]  ? lockdep_hardirqs_on+0x9c/0x150
[  595.442992][T14692]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.443017][T14692]  ? clear_bhb_loop+0x60/0xb0
[  595.443037][T14692]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.443056][T14692] RIP: 0033:0x7f23e6f8eec9
[  595.443073][T14692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  595.443090][T14692] RSP: 002b:00007f23e7d90038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  595.443110][T14692] RAX: ffffffffffffffda RBX: 00007f23e71e6090 RCX: 00007f23e6f8eec9
[  595.443124][T14692] RDX: 0000000000000004 RSI: 0000000000004c06 RDI: 0000000000000003
[  595.443136][T14692] RBP: 00007f23e7011f91 R08: 0000000000000000 R09: 0000000000000000
[  595.443147][T14692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  595.443159][T14692] R13: 00007f23e71e6128 R14: 00007f23e71e6090 R15: 00007f23e730fa28
[  595.443178][T14692]  </TASK>
[  595.929520][    C0] vkms_vblank_simulate: vblank timer overrun
[  596.075334][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  596.084610][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  596.093381][    C0] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  596.102585][    C0] Buffer I/O error on dev loop2, logical block 0, async page read
[  596.118035][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  596.127277][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  596.136194][T14691] ldm_validate_partition_table(): Disk read failed.
[  596.146773][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  596.156037][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  596.166317][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  596.175534][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  596.184229][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  596.193463][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  596.215434][    C1] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  596.224700][    C1] Buffer I/O error on dev loop2, logical block 0, async page read
[  596.240265][T14691] Dev loop2: unable to read RDB block 0
[  596.248626][T14691]  loop2: unable to read partition table
[  596.282107][T14691] loop2: partition table beyond EOD, truncated
[  596.288521][T14691] loop_reread_partitions: partition scan of loop2 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  596.332738][ T5934] ldm_validate_partition_table(): Disk read failed.
[  596.340754][ T5934] Dev loop2: unable to read RDB block 0
[  596.347762][ T5934]  loop2: unable to read partition table
[  596.353682][ T5934] loop2: partition table beyond EOD, truncated
[  596.401934][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  599.602224][    C0] ip6_tunnel: ip6gre2 xmit: Local address not yet configured!
[  604.082040][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!