last executing test programs:

6m50.356813221s ago: executing program 0 (id=404):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
prctl$PR_GET_IO_FLUSHER(0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x200000d4)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000040000000181100", @ANYRES32=r0, @ANYBLOB], 0x0, 0x8, 0x0, 0x0, 0x0, 0xe, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r2, 0x4601, &(0x7f0000000040)={0x60, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x8, 0xfffffffd}, {0x5, 0x8, 0x20}, {0x5c, 0xffff}, {0x0, 0x59}, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80006, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6})
socket$inet6(0x10, 0x3, 0x0)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x18)
setsockopt$inet_MCAST_MSFILTER(0xffffffffffffffff, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x110)
sendmmsg$inet6(r0, &(0x7f0000000100)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x4d7, @dev={0xfe, 0x80, '\x00', 0x15}, 0x3}, 0x1c, &(0x7f0000000900)=[{&(0x7f0000000240)="fc", 0x1}], 0x1}}], 0x1, 0x4c040)

6m46.979599442s ago: executing program 0 (id=409):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x20201)
syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0)

6m44.061899538s ago: executing program 0 (id=415):
r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = openat$cgroup_procs(r1, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
pread64(r5, &(0x7f00000000c0)=""/36, 0xfffffe49, 0x800000000004)

6m40.711233701s ago: executing program 0 (id=420):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='attr/current\x00')
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000380)=""/103, 0x67}, {&(0x7f0000000440)=""/220, 0xdc}], 0x2)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000000c0)=0x1, 0x4)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x2c, r3, 0x1, 0x80000004, 0x0, {0x2, 0x2, 0x2}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}]}, 0x2c}, 0x1, 0x40030000000000}, 0x0)

6m39.137060827s ago: executing program 0 (id=425):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
copy_file_range(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x8, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x20201)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r3, 0x80dc5521, &(0x7f0000000140)=""/150)
syz_clone(0x102311, 0x0, 0x0, 0x0, 0x0, 0x0)

6m37.442556587s ago: executing program 0 (id=430):
openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000600)=@filter={'filter\x00', 0xc, 0x4, 0x268, 0xffffffff, 0x130, 0x0, 0x98, 0x98, 0xffffffff, 0x1d0, 0x98, 0x1d0, 0x98, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@local, @broadcast, 0x0, 0x0, 'ip6tnl0\x00', 'hsr0\x00'}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x14, 0x0, 0x301, 0x0, 0x25dfdbfc, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) (async)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r6) (async)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b323b3b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$amidi(&(0x7f00000000c0), 0x8, 0xc00) (async)
syz_open_dev$amidi(&(0x7f00000000c0), 0x8, 0xc00)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)="1400000017000b63d25a80648c2594f905a3c92bd021539f89fa5999dbc4d0b58fd4fe8acf0933bb8ddf0b38ba5b6f5ec3ca8f4f38491b000cf7042bec7a1972e802bed9555a8e460ac014ca64541b1e36562ce9abe0a6f6aed35a5692c4ce5bc741e60b349c94a11e7c485e7d7169f15f93d993bb619262c44c36320a117329359fdaf8b088051786", 0x89}], 0x1}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000016c0)=ANY=[@ANYBLOB="900000001000370400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="8b04040000000000700012800b00010067656e657665000060000280050004000100000014000700000000000000000000000800000000010800010002000000050009000100000005000c"], 0x90}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000016c0)=ANY=[@ANYBLOB="900000001000370400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="8b04040000000000700012800b00010067656e657665000060000280050004000100000014000700000000000000000000000800000000010800010002000000050009000100000005000c"], 0x90}}, 0x0)

6m21.909461387s ago: executing program 32 (id=430):
openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000600)=@filter={'filter\x00', 0xc, 0x4, 0x268, 0xffffffff, 0x130, 0x0, 0x98, 0x98, 0xffffffff, 0x1d0, 0x98, 0x1d0, 0x98, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @REJECT={0x28}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@local, @broadcast, 0x0, 0x0, 'ip6tnl0\x00', 'hsr0\x00'}, 0x0, 0x70, 0xa0}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x2c8)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={0x14, 0x0, 0x301, 0x0, 0x25dfdbfc, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) (async)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r6) (async)
r7 = dup(r6)
write$UHID_INPUT(r7, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b323b3b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$amidi(&(0x7f00000000c0), 0x8, 0xc00) (async)
syz_open_dev$amidi(&(0x7f00000000c0), 0x8, 0xc00)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)="1400000017000b63d25a80648c2594f905a3c92bd021539f89fa5999dbc4d0b58fd4fe8acf0933bb8ddf0b38ba5b6f5ec3ca8f4f38491b000cf7042bec7a1972e802bed9555a8e460ac014ca64541b1e36562ce9abe0a6f6aed35a5692c4ce5bc741e60b349c94a11e7c485e7d7169f15f93d993bb619262c44c36320a117329359fdaf8b088051786", 0x89}], 0x1}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000016c0)=ANY=[@ANYBLOB="900000001000370400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="8b04040000000000700012800b00010067656e657665000060000280050004000100000014000700000000000000000000000800000000010800010002000000050009000100000005000c"], 0x90}}, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000016c0)=ANY=[@ANYBLOB="900000001000370400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="8b04040000000000700012800b00010067656e657665000060000280050004000100000014000700000000000000000000000800000000010800010002000000050009000100000005000c"], 0x90}}, 0x0)

5m53.340872938s ago: executing program 3 (id=502):
modify_ldt$read_default(0x2, 0x0, 0x17)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0xa, &(0x7f0000000040)=@raw=[@map_val={0x18, 0x2, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x9}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x81}}], &(0x7f00000000c0)='syzkaller\x00', 0x3, 0x12, &(0x7f0000000100)=""/18, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000180)={0x3, 0x5, 0x0, 0x83014ae4}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000200)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000240)=[{0x5, 0x5, 0x2, 0x1}, {0x4, 0x3, 0xf}], 0x10, 0xb9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000003feffff720a03fef8ffffff71a400fe0000000071302000000000001d400500000000004704000001ed00000f030000000000001d44000000000000620a00ff040400007203000000000000b500f7ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3380d28e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51bf900000000000000d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93020000000000000080e69db384ac7eeedcf2ba3a9508f9d6aba582a896a9f1e096df6ecea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6032399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x3, 0x0, 0x80000000}, 0x10, 0x0, r0}, 0x94)

5m53.068110232s ago: executing program 3 (id=504):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x151040)
openat$nullb(0xffffffffffffff9c, 0x0, 0x2c240, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close(0xffffffffffffffff)
r4 = openat$sndtimer(0xffffff9c, &(0x7f00000001c0), 0x200)
ioctl$SNDRV_TIMER_IOCTL_STATUS64(r4, 0x80605414, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)={0x34, r5, 0x1, 0x70bd2b, 0x25dfdbfe, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaaa}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0x20006911}, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x0, 0x0)
read$FUSE(r7, &(0x7f0000000280)={0x2020}, 0x2020)
r8 = socket(0x10, 0x6, 0x7fffffff)
write(r8, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)

5m52.038279503s ago: executing program 3 (id=506):
socket(0xa, 0x1, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
socket(0x400000000010, 0x3, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r5, &(0x7f0000000180)=ANY=[@ANYBLOB="5245434c45560a50484f4e454f55540a535045414b455220274344272030303030303030303030303030303030303030300a4449474954414c32202706b86e65204361707455"], 0xb8)
r6 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r6, r5, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r7, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x103, 0x1}, 0x20)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0xa, 0x4e22, 0xfffffff7, @dev={0xfe, 0x80, '\x00', 0xb}}, 0x1c, 0x0, 0x0, &(0x7f0000000300)}, 0x0)

5m50.632767912s ago: executing program 3 (id=509):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0xc0844123, &(0x7f0000000180)=0x20000000000003)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x2000, 0x20)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ppoll(&(0x7f0000000000)=[{0xffffffffffffffff, 0x607}, {0xffffffffffffffff, 0xe001}], 0x2, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000080)='pstore\x00', 0x20010eb, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))
execve(&(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000500)={[&(0x7f0000000000)='.+-:\x00', &(0x7f0000000540)=' T\xfc\x81\x8e\x9f5\x0e \x043[B\xad\x13\x9f\xae\x8f\xbb\x9a\x0f\x9f\x13\xa5\xfc9\xbb\xa4.\xf4\xeb\x03\xf1\xb6\x8c\xc4E\x93\n&k\xec\xc8\\h\xd6\x1e\xcb\fA\\da/O\xdcn7\x1b@\xbf\xfb\x17J\xaaD\xe4\x01\xbc\xdc\n\x88\xfc\xcci\xc1\xe8\xf8\x1e6&\bE\x8f\x9b\xc6\x8d0\xa7 -\xecC8O*7\xfa&\xf9\aC\xab\x03g\x06<Z\x16\x94\x9a\xe6\x8d\x10Y-\xf9\xd1\x8a\x8e\xc8\x0f\x89<O>\xda\x8c)\xae\xe3\x16\x9dz\x87\xd6OZX\xa4\xee\xa7\xebe\x14Qp\x96\x00\xd0VK\xe2$i\xd4\xcb-\xd4\x82w\x13\x98\xfcW\x9d\xff\xed\xd4\x14;]\xf8\xccS\xddl\x96v\x97\x988\xa7sQ\x1aN\xbdU.\x89\\\xfa\xc2\xcd\xde', &(0x7f0000000040)='security.']})

5m49.044490528s ago: executing program 3 (id=511):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000580), 0x109882, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x2)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_MAX_THREADS(r0, 0x40046205, &(0x7f0000000000)=0xfffffffb)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000340)={0x44, 0x0, &(0x7f0000000280)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x2, 0x0, &(0x7f0000000300)="158f"})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$inet6(r2, &(0x7f0000000240)={0xa, 0x4e24, 0x3, @local, 0x6}, 0x1c)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt$sock_int(r5, 0x1, 0x13, 0x0, &(0x7f0000000080))
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f0000000000)={0x48, 0x5, r4, 0x0, <r6=>0x0, 0x1})
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f0000000a00)={0x28, 0x7, r4, 0x0, &(0x7f00000a0000)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1000})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, r6, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file0/../file0/file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000080), 0x0, 0x0)
setxattr$system_posix_acl(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000140)='system.posix_acl_default\x00', &(0x7f0000000380)=ANY=[@ANYBLOB="02000000010000000000000004000000000000001000000000000000200000000000000017a6a5c8a070aaa32ce599dc5143d163801db2facc8eb5ee66ec344f1179989bf3ad6fe868fe0e1ce2d157996cabc594e0eaf47cc5"], 0x24, 0x0)
mkdir(&(0x7f0000000180)='./file0/../file0/file0\x00', 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

5m48.612262412s ago: executing program 3 (id=514):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='qdisc_enqueue\x00', r0, 0x0, 0x5}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x270bd26, 0x25dfdbfa, {0x9}}, 0x14}}, 0x20004814)
r2 = socket$kcm(0x10, 0x100000000002, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000001100)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895c679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d120ea257bba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2bc30a96767f500b9e26e3b12854da63083320d8bfe49d85e0842803dc59d6375bce2b8a93caf39c0ba767880bbb9bf9407e6a6c0f9a43d1ab51dabf9423b482e848fbe1653ff0c6161fa43543546ce17a42e6cddadaf0767d84407478ffe2d0b567d81201efc81e800d4c0874235ff5cd7f5f0ee71cc2b0193bfc9290627ceaeb0b02931a817688f3a51fa2861e70cbab50a5d434ed8d8841694dba46f3d5a95ae86e4d471684ccf427b2ba53a157b2a7cf7a4c10051bb77822190a14c2ab1f271a7cf9c240b99"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r3, 0x4)
sendmsg$kcm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
syz_open_dev$usbmon(&(0x7f0000000100), 0x5, 0x0)

5m47.819796483s ago: executing program 33 (id=514):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='qdisc_enqueue\x00', r0, 0x0, 0x5}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001080)={0x14, 0x38, 0x301, 0x270bd26, 0x25dfdbfa, {0x9}}, 0x14}}, 0x20004814)
r2 = socket$kcm(0x10, 0x100000000002, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f0000001100)=ANY=[@ANYBLOB="b7020000b96871dfbfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe0000004f850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d62de53a9a53608c10556e5734eb84049761451ce2e2d9f8004e26f7fcc059c06220002595f6dba87b81d1106fb026cce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895c679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd6fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f2fcb6d753a78845d8363e0401861abebe428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30810400000000000000d63d716c0975e1ce4a655362e7062ff6ab3934555c01840219829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47911834118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f804924600273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c048d46362ea0d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b10700ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d120ea257bba458ecd989cb3581a3f270ad48255ac0dad4923e3e357e4e90583ce8d43ec65ed491d87a51d7c13f665dcf772e3ead71112008b16b0ea821f70aee1ccbd71c5a1c21e87d5b7b73d356337dbcf3456ff6cd0d6b98a258e3509a7d15b9dcae4d0d750ffa07909c955e718585b2456308beda2fa03bb9bcf03cdff31ee4b1665b987829c0f0872c006c6e4ed666fe23b343aae943923eedbdb0e7abee90e3da7b98b7d07d2d4816201ad1737798635b0a3ebd3aed120e4500c16e6c9dc729f009db49c6b8b19613e4d792cb4ff5106419291d4222980b49ddb9527ce785822d8f4e2bc30a96767f500b9e26e3b12854da63083320d8bfe49d85e0842803dc59d6375bce2b8a93caf39c0ba767880bbb9bf9407e6a6c0f9a43d1ab51dabf9423b482e848fbe1653ff0c6161fa43543546ce17a42e6cddadaf0767d84407478ffe2d0b567d81201efc81e800d4c0874235ff5cd7f5f0ee71cc2b0193bfc9290627ceaeb0b02931a817688f3a51fa2861e70cbab50a5d434ed8d8841694dba46f3d5a95ae86e4d471684ccf427b2ba53a157b2a7cf7a4c10051bb77822190a14c2ab1f271a7cf9c240b99"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x54}, 0x42)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r3, 0x4)
sendmsg$kcm(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
syz_open_dev$usbmon(&(0x7f0000000100), 0x5, 0x0)

11.47066415s ago: executing program 5 (id=1166):
fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, 0x0, 0xc004004)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x0, 0x1, 0x401, 0x0, 0x92, 0x55, 0x8, 0x7, 0x8}, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b3", 0x40}], 0x1}], 0x1, 0x40800)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_SET_PIT(r5, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0x0, 0x0, 0x0, 0x4, 0xb3, 0x0, 0x5, 0xff, 0x1f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xfd}]})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x1, 0x0, 0x0)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
syz_clone(0xc800411, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r7)
r8 = socket(0x28, 0x5, 0x0)
r9 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r9, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r9, 0x4)
connect$vsock_stream(r8, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)

7.393994263s ago: executing program 6 (id=1174):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'nr0\x00', <r1=>0x0})
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20000023896)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x2004, 0x1, 0x0, '\x00', 0x0, r3}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000280)="df", &(0x7f0000000000)=""/3, 0x2}, 0x20)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0xfff3}}}, 0x24}}, 0x800)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'nr0\x00'}) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0) (async)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) (async)
sendfile(r2, r3, 0x0, 0x20000023896) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x2004, 0x1, 0x0, '\x00', 0x0, r3}, 0x50) (async)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000280)="df", &(0x7f0000000000)=""/3, 0x2}, 0x20) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0xfff3}}}, 0x24}}, 0x800) (async)

6.631446748s ago: executing program 6 (id=1178):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, r0)
sendmsg$IEEE802154_LIST_PHY(r0, 0x0, 0x20000004)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
syz_clone(0x31200, 0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
getsockopt(0xffffffffffffffff, 0x6, 0x7, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='.\x00', &(0x7f0000000140)='udf\x00', 0x1000040, 0x0)

6.629724443s ago: executing program 5 (id=1179):
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
socket(0x1, 0x801, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000003700950004"], &(0x7f0000000040)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='dlm_bast\x00', r0, 0x0, 0x4}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x4d, &(0x7f0000000480)='\x00\x00\toup\x00C\xaf\x00\x00\x00\x04\x81fj:\xee\x03\xa6\xd3o\x02z\xc1\xbbI\xc2#\x19\xd8\xd6\x99\x91{\x8fI\xce\xe2-\xefv*\xd1\xf2\x0f\xa0\xa0T\xdbmpY\xe2\x83e\xff\xd2\xe2\xec+\xcc\x16\x1c`\xddv\x86_\x85\x18Fh\x83\n\xbc\xfc'}, 0x30)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="5c01000013000100"/20, @ANYRES32=r1, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB, @ANYRES32, @ANYBLOB="140003006d6163766c616e31000000000000000008000a00", @ANYRES32=r2, @ANYBLOB="e8001a8048000a8014000700ff02000000000000000000000000000114000700fe8000000000000000000000000000aa050008000000000014000700fe8000"/75], 0x15c}}, 0x0)

6.430514326s ago: executing program 2 (id=1180):
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="0500"/12, @ANYRESDEC=r6, @ANYBLOB="cb2c97dd0db3a5d4da2742e6a72c24b486cae8e3222b4afa48ec57123fca20017e18f0b7f3f3da4c2ba7f54304c13528dddfe525c626a51c86c2b8055709950f86de8ef92dfb9624bc947fd21bb447ad899de18dd9fe9549367c0b7fc5517743039fb219c14e32df99a87ef92d11db4259a22d7f14a09aa5cba1b0c70a5ef24295327a2c98929c4aac67eea401672a52481dac8506496a9ee6b6ac80ce0c592bfbe1fe325a2467a0882e98b17eb25bc2deadac08bfbec9814293c2808fa334ca69d11afcadb93eb9dcd1f5246fb16e746fb04fc54ee7bd5fdc93dee2956c8c9630dd191cbd93538c69c560b982835356044f0d11791f312d666d126d65675db2fdb909e882", @ANYRES64=0x0], 0x20)
mount(0x0, &(0x7f0000000200)='.\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x208904, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000002240)=""/237, 0xed, 0x619)
r7 = syz_open_procfs(0x0, &(0x7f0000000240)='net/fib_trie\x00')
preadv(r7, 0x0, 0x0, 0x80000001, 0x3)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x1}, 0x50)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x3)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r8 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r8, 0x114, 0x7, &(0x7f00000005c0)={@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x1, 0x1, 0x3, 0x0, {0xa, 0x4e24, 0xf9, @dev={0xfe, 0x80, '\x00', 0x3d}, 0xfffff52b}}}, {&(0x7f0000000540)=""/86, 0x56}, &(0x7f00000000c0), 0x46}, 0xa0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000140)=ANY=[@ANYBLOB="61123400000000006113500000000000bf200000000000001500000008ffffffbd0301000000000095000000000000006916320000000000bf67000000000000a406000007ff07006706000002000000070600000ee60000bf050000000000002e650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a2aadfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf736f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e000000000000b542a536559eed87b58edcfee83a50077ee0e8fb6e787cb3076dfeeb79f55927fef9651e176b40e64740a01944577caea4ceb9e907cec36a8429445c833b9d24d53dc91f15af1f4a1db9fa452fa3f0b812355aab5b58659ffd56034fdbb169f3e86660acdc65dc699d3e6364a80f45e54d6efcb99b41a080494f842706f3c1716d2e252bf89663393356296d89fbf95aa7966fa700b710008311d6f25e05f77d68799e671d90cb04131742790941d83ffdfa857e9e085a59a78e7a17f008ce55866fcc4de388f270a1ba675f43481bd2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
socket(0x2, 0x80805, 0x0)

5.49769556s ago: executing program 2 (id=1181):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000540)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000102, &(0x7f0000000140)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@enum={0x4, 0x2, 0x0, 0x6, 0x4, [{0x2}, {0x800000e}]}]}, {0x0, [0x0, 0x41, 0x2e, 0x5f]}}, 0x0, 0x3a, 0x0, 0x1}, 0x28)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001e40)={0x18, &(0x7f00000002c0)=ANY=[@ANYBLOB="00000100000069"], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, &(0x7f0000000100)={0x14, &(0x7f0000000000)={0x40, 0x4, 0xa0, {0xa0, 0xa, "2be022b643cec6b965278af351aeabf18b5d3159d47c0fd80a5a9fa9de3b7df4e78a20392a3c89f8953864ccb9cca91fd2eef90259f280e582162f494d492cc76a12d21c095ce734d3859999f47a271fee2ef88c3e3709f5cef9868258736002cd72365b91d32860f227a6e322cd1a9b5a37d653af7338488db31ace3766bc3e027fd35c67ea96fc718aa9f6316c551e4dc26090589f13d867b6e3f46e5a"}}, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x1a48}}}, &(0x7f0000000500)={0x44, &(0x7f0000000180)={0x20, 0xb, 0xb5, "56d7f79071afd3419c70ce0e07bcb60af36b3a60eea36667f02a73f15b629d04db79df97e2dc55412c52ae7efa0ec36c0767a5cdbe5696997dc615d9169baa28686a846891f170dbb4c2e806d05ae36eebc00cedf9d25fa622df5334aef64d8e985e698b72677bad2d9c548d550abe4c87164639205a36ec41c5507d1885785a40db84ad9e4cf879a20f6a13f78b19343c67934e3b3438dbe0ab2691cbee25be6ddc75e98fe70ba130bb6c71b23119b3712dda1c73"}, &(0x7f0000000240)={0x0, 0xa, 0x1}, &(0x7f0000000280)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000300)=ANY=[@ANYBLOB="200801000000b8"], &(0x7f0000000340)={0x20, 0x82, 0x3, "c62bba"}, &(0x7f0000000400)={0x20, 0x83, 0x2, "11c4"}, &(0x7f0000000440)={0x20, 0x84, 0x4, "ae17cb0c"}, &(0x7f0000000480)={0x20, 0x85, 0x3, "9992c2"}})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

5.420776734s ago: executing program 5 (id=1183):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
r1 = syz_io_uring_setup(0x231, 0x0, 0x0, &(0x7f00000001c0))
io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x109301)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="18e0884fe3b7522d133039550ec50000007800000000000000ddffefffff8400000061000000850000cf1014f0e0b1451603991bb9948c5e4153b5787e623a56c1eae98fa9e5789499e44bad1eb93c69f339e692ebad38b7296a2c7a8d315bd2648ea2b3fc025b6f3aa12c681100f7723e6e7571420a5d37e0b3a46ec13737ee3eff205bf7e0fa245fd4cc5dc2b193ee12fd0ef4412ae85b6ce828fe1d2b65eb892154c9472a9d88367b3b2794"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r2, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x50)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000027c0)=ANY=[@ANYBLOB="7e0dc0042c687bdd33c423d362144d91ca490c4fc8b89dfe19d29fc4efc33509e8374f162255cd78529e1f3a6944cf59ab8f621702ba2c238be7f4d5591e647c494652f1c242426ccf46283eda9b9b2df770c7cc6dde29f689fd3c81ca76c9f5270f4b90994191feac7f9f367c4974d36cc45675fd0f52bf6da6420a171f9dde69fd8063169ce491e81640198e528c49b18baf440154181ce9e8d1fb35ee046b65c76c2f473b45f9091008bfdd30eae12d5350b87a99f6612e607c78d3c6476eb026b3dc40052a77cb86745256559757a23c5830804c297242a1a3d1dedc8b0ee9935da7e6b79cec5c6821b1549f8a6481d66fd8ce8fdfa8e421734cc9a6e43a5e28c6ff61c5ad7bdfe55bb060f1cae6d2c84ff50776b2ebc65c177990287fdf6a3c5c320aec4352caab2aa0d925a63706b6c981db90eeb1a1bae69f3928982c0e29a873105a6a6e2e98bcd253c7bec5781569be1dea2b6f064404cb89b09f2e6bf3f2ce3d06b5521d6029ced33a595f15f03d4b54215278d4e642f4a3e0df65034aa83b1387c41298c08f7b307a0c2d58c79594bf6d2a013e023d99d72e2c3c1a95fef3fd6182b298b60010e74cc003e98aab54b27a41b215ef39b22b785c857402a35993c126ae2503af8a5713b68a1600a3749e2af0dbcceff3bc1a8e28d0ae1af164d89f9c13e16ab81604cd70e5892d22daa521dd558304af163f72ec8d43e617d0f295abdb36300a46776a9d85b96155e1ac24e18883376c0d5f045a0d9ab22758ce3c5a5ac951ce6b9842093546e2aa15e7d0eb24bfb082523d1e1bf9a7d95fa24d45ac29a87774b96ae3c759b471cace3cbb82d48f466d79c4a7633cd33819962798c85e342a1866e0d7416a777743bb86db04ce24bc2419920943429665065fa12299a417f421ab3972398bf56561abf540ab50fa8d96e89a95f75673abb857d602d9f94766401735725c23ace1626bd127580bb0d537ca86b141e813341b45954479ed32b426b6fca04cc949ca78a168e6819355670dc7a9f5f120889663ba1083bbd8f20d08820fa7d7da5b5d5ff2b9f0bb86fbb265ee050938d5acf65d6915eb1be6658bc48d46295419e1939f9169e8f6da3cb2a9dd0dbfd84dab6c3e95e7d79bac0ef78ac262f65bfc49f3e2a7a4f8af9dfc6c22ac472451f3c9a38991cd83bc488de161d6f1c8829ccf17b22d322ded914a1bc43d5f4f1d26827a712b94ea3661baebf7ce6a8e8d3604232e200cda848ebb4ba4a88f60b6aca7d4aa4da8ca2dcf794f5dfe3e38414af860e6e2ef8fd33b5ffd935ad4d19e48b49ed9710660afd9e9b65feab0585b706bdd69d6420172df3e4c32c9c8d5a1c7179fafa0728779756bd9a30b04e01157d850807066e8bd4dd475a8c996dc065013f2068c282df91954e5e33e42b6224ae71d2a23273a84fadb2fa7dfb03be3f27059515c543ba3543cfbc24d3ac50c2260584a10e4569e30d69f3eef06a3afc81c84ec32538f971cddeb3d00f0c349ee4d4fe0dcc0d8b2689c02b4a5518bc70a173b57ba46400b9008b483277ab709da21eb7d2eb2aad93f4d3cf7a049dd55c583e7e7a4c3dd0824c154613ba7fcd4d687d85c1e507572b99926f856d2c59b28e82c7bfd5d67344de089b63deb9996fc8f51e9911d93eeed7ffba19b1c5a31e924580234279cb97bb3d3b7fe3d9b2b52b97e6c162d88343e205730249213952fa88573916e0a60a60956b212a00a3f183f5a5a367c77559d3190f236154823a8bcdfaf2192008cd441f521e23bcf67fcb5759dfbccd47df3a7eacd7dd4390d95f6a07501250033cc601b47dd520d5f8fd4d2c52284ac47532974c649fe7bad1f567b9de0555d44d0e4fc553b90526cf89395265419d423ed84ebb3e7f5e2e4d284b109f0607bb1a575a484c34c28652268762e11ab02c606426ea38830b28db6d17f559319ce903ecb11ca3eca9df736582279508dbab745d76a326efa804a8043c56d43f5eb2281b123e95a4d2ec2e51bcbd41ff50c0431ba0236fe613c8c5fa018e3b615d9dc7bcee1d292639ff60100d6863461152e04977711164d5bc1aecd2baa000163e9ef2917259bb21f4a9952d7a5806bf2991bf2adff427257b7e6ece9a80200a946ceec8f8e316e57921c08a3c29fb1663becd2d54ff5b3da171b9a8fe6a35b7bad67aa07d57ed630a979735f76b70397e0711893e50fb2f3d5772f847337a9fd21b32ccd7fca290fd38670d6eb04c812ab18468dc5ec1797a280eb99214f8213ee77d2672af59d182dcbf0afd4312be5768cd41d8435ff2f1bd67cb9d3824c4e57030205bbdd4d3dd5ee0f1b8f39eab8fe66de0a01d0e1796613bb4555cce025d69530146b2332446e98cf23a22d1ca853be8365c83ae61438da2072851b60019d0ce53d2ab0b66a17ad4a1e479660ee1929b8c6811c70b96579e9e87b4a126a39ef58f8b2b91322324986294afa76731d8315226ef7604e4832c6cdd402e7a0407aa4a8ebeadb09534638d67bc596ee97c6ca8e2aab8ba040b7740ad7e93c6ae2eec089d38d91df2dd19a06a6142c90bacdbeda2b67926b5f52fee7f1e5c2643eeac8cba58619f10c14d189baefaeff9b53431f0495134cb78f6620f87e0455e7ed0e677001bc7e9358f58895ed23ff069562a0e5ff2fabad236c65b1fa315fb1d7a71bfad7425ebfefa941dc582f94a18177c84eb959fb5d2c6aadfce5972e88e363334591234e71f9a8e29a6ea003135a81e4fb61051616f349d91402a9cd4dc963072914634c37a0514e83311e2708e07a89c65a634421e82d9fb16164f12ce53a82054bb967f0be9b62380904caaf105a8b66ac395ea3750ff46d3fe699f5cea7fe7dbb26223363fd9aedca0fecd1fb7ddba74c276768f35e1b8d909f726a66a79d208e4a82a2408dfb3f39ff6a6e7965d1a021e9538efbfd4407a777167fe4e5e375de87dc04b12aa4675cd85c7f3098c70d18ddd1d7f9fe7a8cba99f5ce88e3d25172eca668c03328c0a9e44041b9c25d5c23dcd39a2de8dc2cf069d066b19c381fbb2fd9242083e21db59212d1ca6a8d2baccb17d6ee731c7986555147ce4ff79377c92c81cd0356b1c4f74247cf7128205c29c6ce5d93ca311c818f7be5c2abd9997933e206a31e0a3fe81f5922e6e83d28447e22b35a25d1d080752a0ae53667149738323004bdd99b1962580bef3c52e6c41f7bac03f12e182eda5fe025c5ae99f1a8f67399b12289e7395879346f3963d05efd54d683b54dcbacf8b738a78b5eb73f15b311a6b1ee7eb89c222c29b99147affc8b28084551a3395ac771188bb4441b9c1424473f7d1b9599950653dbd52ccf0fcb7ffea74efc18d624d983b2e821311710cf793f22a830bc98160d7ddd122c5dddcb0a11fc13c62f014296ebed0309a534348ef05881239e258bc89fb1278e2c220774c7e01ad0fc99960f13459dd72ca7782d0b2885f1a58aee538ca7c481bce7edfbd4b61adf2f5536e12adcdbbc1fc3e528b7541c8824de86a8aa094426564e6c55183c9e9af7013ee0bf7f87046dcbf5367d016522f6a2d333f0c00ff4649ddd01a270c9a245bb3f35cd76343619248e9d5fcf1c4135e1c42126b3af079c404daeb4cb573502bb815e849daf07ff4ea25ab5d375d48d7340ff01eea2d8274353c30715dfab9dd7a4317573f9386d98ed61114a1b534ab452d8c5c412e791ab089187251610644093830f01f85f320d656cc9b63ace1353ff81cfda508a25752b5d0ade9512966436379bc85fb46dead90a441167823f95d3e3b7d4409104a2793b35676e0108840800a6268e2b4056c66fd19f3d9a019461a428f01675d02b2204e7a41d5379885d3fc5784d2d41ef10ada4b9f75c98f2b3920506b075e9079f121921258339c116a564dae26947da308a0bab4e7064618e698c8a975df3e1e76ebcd252acf0469967abb9ed91c267f38fc69ab21071b6e35f92f73c0393aceebfbae15e9827f88d9ebaa0e7910e405e57ee9cebb057e9a3be86c91bd1bb5a73742b35499fdf72a9a7139927d5092c002c5e207737b68d13f7183a9375e471891b7a40257b336f7a0071b66d095b2a5d2a1b6e5f6f8998b0cde6df60f5b308901bba946333854cfb8bdf8719663d361bdd4b88973135c28ef0c8e3785c4096f31f5ce84ac249b1ad5e97fbf0dda629eab8b950fd08960ed8e3d6d2f59df6bf556dbecdb813bedb18138c49222d85a0a5612790d4daec9095da1cd8a5aa0b0dfa22aab87f265edb889e80081055a91e958f6b9a44c3a8c58ab6568b680f8c4f4ef86a257c4b09fb70a1af2a62c4056b0ef39741c4f737de99250e703baa79af63c746e079e265a7970e3b6db35bc679d5a614d66a8377ada037a8ffc73de07b9577948d36e2b295c9633d0ecd899db090f07690574041b2a69968238e8b73e72da29c28c3bdf3f5c2e16d4d71ac99720fe9eb97825a5df890a1b421be094aa8d911f672a4622a0af7346a96e76044566346ef2f69f0a7c64bfd79825f40a990fa23f22b343508daf40363c21be6f42df70469783b94779c8a7323a9e38188aebb71ddd06161492a92e7e4cf3128aa5c2c1e24f99ccc67be5ce7edddd347a3b1feaf40bca36b3e22c831a37b8d1395e4173e33123bbfbc31be3f73c09a15f82259cbf7da9b4d48b0c530dce5b7a86553bf1f98a7bf7de06a9f9992c59f33f02770f697b5943d7f941e5f9e5b9d7c99895d07813d3c11d419399d14ebe29d62658ceec7395aa4458e5204118b690f171005a122e3fd9b4340ff56eed56cc06a841f4cc3c83c4886db1a515356b451f36676f33c4f393474d75455d8aa5005598832c9ca492fa952ea974b419bb3cc49a900c7aee223fb4bcec97efe8668a2bab7cb8e7b38ce4863516e5f96a058696da9bc58446a63ebc21bd10d3ef637ff577d4972458ef46f04f19dfb2a91b33face5d9d7e03c3febfaf9f779c744c5e5313b77e6b3882d2118624a3b6e0644117ebf8e4a38d7edd92ecc1291151cd8cda9880374267dd485716a90553b639d403fe2da121bf4e2325c20949c03d282ad68bac07ded50bb7e58f87e2ce3b5f325d4958997876c8f80ce156e3a374406a88a93ab07c000649bec5cb7baa525418cbbf8f5f7890cfd0269cf44a98f7a9af55e66096fc69f2e0697b4e2ae805099712c7977b68d87c073271f0128c18e002e00562ebcd3b5319fdb0ce590c28b05167f2e2f46a035cda757f3223f4b08d99348df219454e5c5d5911532068ccb0f05534aa7411ed37810fa09ebd682252ccb509a4c5981072856e085fc3f5aafa2d07267673409c7e951689492511de89afde785f7d049849f6af6f12e620faea4093b948167151c78d4e8645fc4bdce47eea178e280756d0cf6b322d076533002ccfba18d6cec62124b21fbddb4ff1fe426eefa", @ANYBLOB="163dbef70745b35e900bc8d134f5216850255301000000000000007a8d6da3ab358587f04f724ec87b56651c7ea04203069ab6275c2e8e9201259016f95def80318a5d00d88d18807a1c8928dfe1b457b66647cb02f311f48bba099b73f1d2047507ef62312b6746581f2234f67cfba393567680b6e38b07952e63651eaf5eabb3636fcf4f1fbd31e4607202a6037dfd42e17a5387ae64aa7657adbc47e2a65718bdf93fec71766ab9f4022924f2cace431ded3d1ccd2d6577765f83613dda5917a913c69d60efc1332a88ebd1674be0c8e0743f505a7c93b1124fdd6c5f0d69b05e", @ANYBLOB="1d000000062000", @ANYRES32, @ANYBLOB="fcd734c134a83248dbc53030a04b3687edebd7e31c95c0692817ad07059728013e8be3e60405d3faf487a9919abae639eb2045a3937ed1c18463ba1273d0b64a0ee6b9dae959f030dd0c0ec8204c52bd10e37407402ecb7fc5cec88cf3acf2543a813ad11d5a21845316e0260a826ea730d100d78fcc8bd1c2e99ef9871bead9a075e7dcf5350790f10e3f7f2af231df4a498efd1f55907684386f1058df5b834d1e96622b79fc8615d046ec260c202ab604e2d4fe3e51a008"], 0x20)
r7 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, 0x0, 0x0)
socket$kcm(0x10, 0x7, 0x10)
openat$snapshot(0xffffffffffffff9c, 0x0, 0x40000, 0x19)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB], 0x7)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000280)={'gre0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x2810, 0x8, 0x0, 0x2, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x7, 0x2f, 0x0, @loopback, @multicast1}}}})

4.120471022s ago: executing program 4 (id=1185):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000000)={0x400000000000030d})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, 0x0, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000000000000080000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000800)="240000001e005f031420654400000000000000000100000001000800080008c01300ff00", 0x24)

4.009632691s ago: executing program 4 (id=1186):
socket(0xa, 0x1, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x0, 0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000003c0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
socket(0x400000000010, 0x3, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r4, &(0x7f0000000180)=ANY=[@ANYBLOB="5245434c45560a50484f4e454f55540a535045414b455220274344272030303030303030303030303030303030303030300a4449474954414c32202706b86e65204361707455"], 0xb8)
r5 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
dup3(r5, r4, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r6, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x103, 0x1}, 0x20)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000040)={0xa, 0x4e22, 0xfffffff7, @dev={0xfe, 0x80, '\x00', 0xb}}, 0x1c, 0x0, 0x0, &(0x7f0000000300)}, 0x0)
connect$inet(r6, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10)

3.352425263s ago: executing program 1 (id=1187):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x2adc0, 0x1c1}, 0x18)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
mount$tmpfs(0x0, &(0x7f0000000540)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={[{@mode={'mode', 0x3d, 0x6}}]})
write$binfmt_register(r2, &(0x7f0000000040)={0x3a, 'syz3', 0x3a, 'E', 0x3a, 0x9, 0x3a, 'M', 0x3a, '^', 0x3a, './file0', 0x3a, [0x46]}, 0x2a)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0xa00, 0x40)
bind$alg(r0, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'gcm(aes)\x00'}, 0x58)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f00000000c0)=0x800000)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000340)="71e67a15cdf0311cfcf33a52a7d86bd1", 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000002180)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x21, 0x1}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GRE_FLAGS={0x8, 0xd, 0x7}, @IFLA_GRE_FLOWINFO={0x8, 0xc, 0x80}]}}}]}, 0x44}}, 0x0)
io_setup(0xff, &(0x7f0000000380))

2.906897572s ago: executing program 1 (id=1188):
r0 = syz_io_uring_setup(0x24fa, 0x0, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READ_FIXED)
io_uring_enter(r0, 0x2d3f, 0x0, 0x0, 0x0, 0x0)

2.848759487s ago: executing program 6 (id=1189):
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000800), 0x0)

2.66401104s ago: executing program 1 (id=1190):
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB="00000000000010000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="18020000801000000000000004000000850000002e00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="050000"], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
mmap$binder(&(0x7f0000ffb000/0x5000)=nil, 0x5000, 0x1, 0x11, 0xffffffffffffffff, 0xffffffffffffff5f)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x20000000)
sendmsg$inet(r1, &(0x7f0000000980)={0x0, 0x6000, &(0x7f0000000900)=[{&(0x7f0000000640)='U', 0xa00120}], 0x1}, 0x3)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)

2.588618156s ago: executing program 5 (id=1191):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
tkill(r1, 0x1a)
syz_open_procfs$userns(r1, 0x0)
r5 = socket(0x28, 0x5, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000140)={'dummy0\x00', &(0x7f0000000100)=@ethtool_gfeatures})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0xce, r6, {0x1}}, './file0\x00'})
connect$vsock_stream(r5, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
sendmmsg(r5, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000890)
accept4$unix(r0, 0x0, 0x0, 0x0)

1.946304197s ago: executing program 6 (id=1192):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_QOS_MAP(r2, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={&(0x7f0000000300)={0x9c, r3, 0x1, 0x70bd2d, 0x25dfdbfd, {{}, {@void, @val={0xc, 0x99, {0x2, 0x5b}}}}, [@NL80211_ATTR_QOS_MAP={0x30, 0xc7, {[{0x4, 0x5}, {0x4a, 0x4}, {0x6, 0x7}, {0x9}, {0x80, 0x3}, {0x9, 0x6}, {0x7, 0x3}, {0x7, 0x1}, {0x2, 0x1}, {0x9, 0x5}, {0x2, 0x1}, {0x6, 0x2}, {0x2, 0x1}, {0x5, 0x3}, {0x2}, {0x3, 0x1}, {0x5, 0x1}, {0x0, 0x9}], "bf56a2eaab55a9e7"}}, @NL80211_ATTR_QOS_MAP={0x1e, 0xc7, {[{0x7, 0x7}, {0x5, 0x3}, {0x0, 0x4}, {0x3, 0x5}, {0x3, 0x1}, {0x3, 0x5}, {0x5, 0x2}, {0x8, 0x7}, {0x0, 0x1}], "59523cd16d276484"}}, @NL80211_ATTR_QOS_MAP={0x2a, 0xc7, {[{0x6, 0x5}, {0x4, 0x6}, {0x9, 0x5}, {0x81, 0x4}, {0x5, 0x2}, {0x7, 0x3}, {0x3d, 0x5}, {0xa, 0x6}, {0x2, 0x4}, {0x9, 0x2}, {0x73, 0x3}, {0x4, 0x1}, {0x9, 0x2}, {0x4}, {0x2, 0x6}], "95db79834749b258"}}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4000010}, 0x40)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
msgsnd(0x0, &(0x7f00000005c0)=ANY=[], 0x12f, 0x0)
msgrcv(0x0, 0x0, 0x0, 0x0, 0x1800)
msgctl$MSG_STAT_ANY(0x0, 0xd, &(0x7f0000000000)=""/29)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
pipe(&(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
splice(r6, 0x0, r5, 0x0, 0x6, 0x0)
vmsplice(r7, &(0x7f0000000480)=[{&(0x7f00000000c0)="799e", 0x2}], 0x1, 0xe)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
r8 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r8, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000b40)=@delchain={0x3c, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0xffe0, 0xffe0}, {0xffe0, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_IP_TOS={0x5, 0x50, 0xf}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.727121399s ago: executing program 4 (id=1193):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0xc, 0x1}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%pB    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r1, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x37)

1.619965478s ago: executing program 4 (id=1194):
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
umount2(&(0x7f0000000040)='./file0/file0\x00', 0x8)
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x1)

1.599150947s ago: executing program 4 (id=1195):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x2, 0xb, &(0x7f00000000c0)=ANY=[@ANYRESOCT=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)={0x2, 0x17, 0xa, 0x0, 0x25, 0x0, 0x70bd26, 0x25dfdbff, [@sadb_x_sec_ctx={0x1, 0x18, 0x81, 0x9}, @sadb_key={0x5, 0x9, 0xe8, 0x0, "7816c4da66656f24f1714f1b5e7cd56bfb0d35fd2b9a3827fa621ff24f"}, @sadb_x_filter={0x5, 0x1a, @in=@empty, @in=@multicast1, 0x1f, 0x4, 0x10}, @sadb_key={0x18, 0x8, 0x5b0, 0x0, "d76b8220d16751986e5733c79b8507932e026b98f2a23b39288e18b53ac05c1f55e21d8c12c552a0347dd724d4d3e173128315d4392895c704902dac8a36f84355fa6fabe2cf15d9f86f83304aec74b4ef1888fcd666b1fa6b4eda065b17405f169bcaa03b39f99f17919596e8767b69f0521f342a04f2b2117c7bb66a45bcf0888b4fa404334153f50452206c508179883a7aaab5a10fd0c498fe5609dc8a9c3f75e8bbf1637cf92a6a8ed1ee2157bda6691d946793"}]}, 0x128}}, 0x4000050)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, &(0x7f0000004780))
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e25, 0x8, @mcast1, 0x3}, 0x1c)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x33, @loopback}, 0x1c)
socket$netlink(0x10, 0x3, 0x4)
socket$netlink(0x10, 0x3, 0x15)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000140)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
r8 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x101000)
ioctl$VIDIOC_QUERY_EXT_CTRL(r8, 0xc0445624, &(0x7f0000000300)={0x980915, 0x8, "9a555c14c966e134d198b9aaaa7da80f8e4fa888dece6ffdb507a3c83e58e128", 0x0, 0x100000000, 0xfffffffffdfff003, 0x0, 0x9, 0x5, 0x2, 0x2, [0x9, 0x2, 0x0, 0xfffffffd]})
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES16])
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r7, 0x4068aea3, &(0x7f0000000740)={0xbe, 0x0, 0x1})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
writev(r2, &(0x7f0000000940)=[{&(0x7f0000000380)="5cadb52ee802b25ae0447e9d951f76d1bc5ff283539cc69b3c842ea5bc3642ddc43e040f48d4a86e90953dc1465e02dad655a1fa9c9bced2715aaf1f9829d1ab1c02904eb05b178a491ea75cecfb5a04a9c3fc55e3a140c079cd5ff8cae4c9ee3ff48fcfaf94e5068b7d6173f22be2a0f3d93b374f8554965647e73717821557db446c96f8360785ba757b05af80e1be36f5fe789547baa12a3f78cda5da302b9b2a819b561f1bef2ea37bd9e04e5909e026", 0xb2}, {&(0x7f0000000480)="abae77051fecc78d535fb29292620b5e8a9fc84a88dcdc91508501e47f709d6d1d38a0c28f5ed9848ad202e8d2f9c9d9155e24c715450791817c1d83763b7805b8f5a5f819519bf664a0d29887e919d9648b1c538d9483561e6ccaeb9e472cf918eae4a1d7c93a16f7b5337050bc004f2d7187ecf1d163e2f7924e2f3ef1519ddc464574810327a446ffc54984cec0242be8f8ca82a5145f50092ad08afe96e8dad3f50dc1b5e34d2c5866c644fde9c23df6729c08a63bcc3faa848dfb72", 0xbe}, {&(0x7f0000000580)="4290e346c93a4c0491aaaa503aaebb2324b189e9db23cbff41cfb8569a2d6b0f0eadddf6fd2abfc4e569df6ad3d833ac64fa3c28be365f67c05256434b8505fdd69ae4cd73548d9d32b4d95fe40ba4d03830650319ad794021760b8ce679606c79b02f3250", 0xffffffffffffff27}, {&(0x7f0000001780)="ab2b602c639df3c3ad5b00065cdf1f8537f10e64d7f4b5bf704dc9ab8e01cc63191d4166e85b4b9846cabd75ae199e539269ab9cb4595f16ed7add260a19940910256eddc640720c6bdb714f41ea01422912f7051dd3d0234a35a5241f6eeb406e656ecf47acc3d990fd7a96318d1761c285df21362a6dda59d0fa7ddc8558ddee9f49475cbaf6da5d2691d35df2677bd2149c0921c128c74d3f47457737d00a01f0e290d5498adf60df2cb2193b95fc2329d37bfc57b14c72d50da1732541735b2eca125a43f06864f24f1eb676f81fbcb04da95912cdc27b148f212f4ab3c1dab27d38e43e5e4035251f3964ca9b74d44937efb6c04f106630666c88d322f545d0f6ec4a1c6f5fe40ef8ead37a41c25651069058fec7745e037a1bf68b829b5f1740676db81aa8013af977229421b92ba770a0197aedada3a5545c3df9a17a3024ba319eb185432d57e0b7e5e5a6798881c2dbfbfee0359bcab4f5d913ede91522dbd01b7cf89739903c37a69b8c6eb7a9dd74883c52bbf3e29970fad15fb0e9ab9fb886c146c167ed53519c4950437c35cb4360479f97b22761a8cb1326d8cc8f15eb369249144af83019a8592e6359302fd4e17225d124d56030d9be8294c16cada23b208299453c57b2b5d3754b9d2cb8c9a9421ec45d71b4050104a3508583f54a931b4fc435181d355dfb8a5e4567adf06e22a4a1d1196ce973b0ce2c1e7e99729e72e374c2f01a429054d264c4fd269019b62c7d0dc204f514933e272b35bbd9698baa2c6f9b2c395256f242edb55b8cec73b6f142e5086ccbb032536d050755abbd4b25de09a86e09b739c2f13bb0a0aaff1efff45c8a30b82f6e51a4e9ad2679eec28e909cd011d4f99924db2386b3c4d03b68e5023ccb3872ffa68cf810c6cfd3d59885b05747899925f21a95485312e6d8333b44135d6a30526069ea139183d2530b732376a392cc564feac39532bf06b69349ef1d4f87949a9cc9c8007680a54cb6ce9f6b92bdf1204419a08ee4cca9fadb693fb934380eb064ebe67415849f1c7ceaef4511f8687f7565228c160cbbe29d037c5d946c2e068b4e28f8833af8010580fdcb852408adf155f2fa96c94fbf5549cf928d67d2c72e928e1081d40a1e916f5ce0bb6c0cb3fbd779df14eb374e2640febc5b830617ccf56bee40ca4bb4ec17621f6c366724069ca5f5bd15fbceb256447531412cac7f93e728fbbd195e020dec465eaaf9f1c4a2aa7a0524406321910bb8c69c5794f83b1c8af46cdf783ca3de7a5e60592b2a4dfd982a40bd80783dda0c95412b135617d4c6e6059729068b1bfcf94311a9dbe12bc60e906407efd5271950b77fb66b71c694b0aeb79eef248626c3eb13035146a73c88b2d2604099670f66641da109efb85915a6136a62c9bd90557e88522d99b629d45c2337cea34c9710241e414b057a0ec3a955d02d95349506ee9b915fbc7dfcdaf65fca26dae12da544a69d6e5e039436b64be90492a1814861dd1e655b4b58b9c3f2ce7b032362e2bf105d397eccc472303bfb833e5d341a570e645c34a35c5c626fec8505834b931d0593438536179330f96f90a3708706851490717dba7842b2ea976cc512e25bf2e9211dfa5e83e491cf6dd2bcbe450a1d8e9a82ae97a8776722d0bb22ab4b450f92ac992f545244e78ce25e82e649164d7aee0491c87571e623961d62164bb428b2624ec58f523ffc53f2988ba638ee4a50a3928ff8795981ea1f83f260515f35eab98f4a576d0c5b876be6f0f1af99ff8910bc9e370c6bfb7e47a6a7dd1bfb86d0e9bb18ac48ada7af2eaaf21aef2add7b6d2b0f9aadcdca60e91a1cb2841d9a88385b27bdf37d7f431698c54673eb9664ebb60fede761dfb12752444bd6b9561141094ccf60dc59e06eb86b48355a4b3f86c25b0be3d12d13d8ff009bf2a1485d9ab2842c26965564746d83d009709bcaf6e9367fcce0e3ef4eb96035feefd84d4322008d3b4c4cd07c07c8a6ce4f67a5e4f896d9736f1bdff5add17919c910345a8fee9cd772c31b0ee71d411882ad3498493f2512673fb63f39a3f8178b43faf981ecbac4338a4525a40aa974f6ae1a7705f93f9576805f7484a3436dd545df48dfae1aece538f926c3616cbfb1b96114078ce381aec9dc00a8c1fd86f0c513e02791651e11032585d2c1a3d65e0c30accae6debbd911af9f04d20c6aa6aa93e6dff2a34a5b8468500da043766f319dda7e026445a650e083af00d5acd808386dda6f68028d744a13f010d5a15442a83fdbc075a4bc0091af110502595a798c8b8b3d69ce8d27fe406d3396a1e03cdabd563081071df61f8a4e4eb1764d17393955edcbb5822ccdf4e05ae27d5fccf7b39f6d5847fe3f1a4c7f2b2b888d5fc5de63c55b4ca4aa1763340b059371d774908f324af939e1afa1146b68d4358740771e7f56b94260ae47e2aa2bfe9d9fd36b763b64fc761d22b1ebb6ec0566e0cf3772647c242646ed323142e84e8a63e062f6765691540809b4496fadb2ce4365fb445cde27693aac3b838f0b14d36ab31872ef06d604349a42e7e80d58ff116f7e715a391eb82c03472aaa0bfab5f64e2575d86bfccb45a4ec426df2a2ac59eb2c24d66f70a12ebbc774a0b06fac6218f40c127cd4fe0cbbf0bace2bd128242b63578809224b6c2f3ca12cf42d36d5e6b89a25ea3698ee10185d20b7b43c687435e51324fe86600cb85094c29c0cb202f04842d42d9533541f382c309cd4710e00ff6fcd35a0deaed3b7c86085d3cde588396ea92c7ab7821663d0fda6dcce712714bc59e14e9d551c24e475d870007d2aae9d4b379c32af67a718a81ad7eae3f66b0477b1484799297a91853b6c0cc5c8ce4cd7eb3f063c9b03aa5cb15fbebe6f50934dc9547017f1d28b872f5f02dcaf3a696e46662079e5de7ba69657ce6435042cb439604a5a3e4d915d04061a897577b0f0b09e17a187eb6e18e040943f39d48fc45134c56c684eaf2ca35b0d6ef3b807581d3a7e2f64887227a034bf42408571308dd723918eb25ea58ade58d0f64a3643e233fb0b330eae969ad7c9bcc6aa3d7046bb013e1db8a09626e5d942f3384959cb4e67e4bcb925419aa5451fdc5fb14562a1df4745300ece84de7cb0eac174138a35328dc0d8ba21bbff5f5870c5a33d365378f8f049fa72dde3b78cc85895c377d86e28a46bd55bc3f0aa39d3177a53ce64692790c2899508e7ce9d8263c34b75f162931954a519139b31ea288e29987c95576970a6093ecd89d44f4da29b8c87ab04112b5c3a5fbdb6a079fa2e9122b1a715675c900a7943362b39db7169282a5783fb45f53996c3e4d651fbdaf4d417f68c4ad2cad4bda24420f736a42a2119593e7ab5d7fb62fae7c109b34f972fc158e6b9b2f39486fb0be8d7b4308c4735c271667976c0b6a59b4dd642508354fb0e374336de19a84c9125ef319e16393b8c60ee818baa434280d10667c9a8bafbfa0a2e585d6994edfdbd392cefdc85436e5dd002135bdff6a909df0872ca975ff6646e2feccce85790e518f396b0dad6256390551101aeae4558ec71db7c944ad7e52778392e716775f29a8215eca7e902b88960bdf225697af5cf9cf131f9ec549f354be1b52bece080b9249737561233186dcd41a3b01a9cfafb640afc7ddb2501213510d213d0be34cb28987ac9bfe4567d0f743824512e1921a4dfe81a7171f1ac76d67a7503d0aa9f2047b2e0141d33274e7c26861c61039048c9f2f47689702f4c405f2ac1fcc370441dbdde96e1d2cc982e9a2adec9701edce1e4c6a8801cb0b30bd4c4bdbf24c34ef24133f313afbf2ea5f6fae9e1d153c3c163676e00f8c83c31b74e9e50efc4bf6f21c6f5792a6fb7ca840ac9ad3ffebf9d20695d6600eb8260b8e5bd4f7aff2a3fb6accb5a01977cdd8367bf214dacc23006f696d8638149f5a7289387884b25bb3548e3b1bba1e09e7bc816ad95cefa345a4e49c949fdb96e8c7704e62bdf911105bc2e1ee25f0d0603712a4c39f17fc8d56ea98b2b08b7c7b38193d128c254facd73554a4da58d0b6b95037af807e2a2ec492d290be73f9809410b20cc9c85682a5e0bd4053d566ec7de43fc7cd22d4ae02e766c87a4ce57bbf410f0b05133e3567a9f7b9a9b8c86a01ce16276be9fd5406f85ab492e5ca2a7de6009024b90450a0e1d2b7b62a5eca297a99411209d42c7582a805e82890362983f0ad807f8eee37cc1ac7aae9f3893b235605aa213569ee31edb32dd624b518015b285f42e4ce5562ccecd7a6243175d810b26bc50ad94b2bb039e38759686cff9e5117e4ad86a4183f6c6e50df338eaa8648ef015cd753042eddf14ff493368c5d4e7c1bed6ba9ebda6994c10154e82200dc633525ba964b2938c114cdaef5a0210642c8730a2ab930d1b8119b87561c7ebbe9a9ed18e174b3a71c6dfbb7cd30bf5157b1ccf49d54be5b36ca432be73bb01f0698db66116b2ab0a51ecb747dc6e90efdf6a64a0f2618ed954e57108d6900aec145b2f61329fa09cd0ac5e9a71da152d9f571a9f0054dc2958a295c6f80c7a2aa72b785f7b800fd8f2382062a567533331675022dc755da7acfeb08a7ffa429b20d1eae2590632dcc7eefe6354aff9d19ec0d13434c5f0a8ca0bfd762f4986d061d512128dd6487e80853607d41da5cf74af91e187c56bc2ccdd6c9170b0ca39d540ae40d9427bbf0316c442d73b97284d5f37936ba96d5c97df8453fc1605d2a75fde401705be921cacc9fa0bd19b0cf072080874bfb42a08efcf41ae7c4fbc275d8e273883f68f6477c1e009e94f37e455d41971c807dc51645a849380a1c40faf771e929e95e36ddb30a9c359e6e1817b93739034940b1758ef297129a7826fa83fd24a7e8d97911b98f29ca7b9cd400e28a3b67ced4629db17f49eecd21d0f414364cc2960c369f1abd7d219d916af0f55d76b4f8619da0d28ad72db2226617c477e9848fc017604baa49a70aa93ce04286482d5a0ce684d8f1b44b626b771740040bae00f1e046cb2dbd6394bd160a6df2130b952aa246d27ceb1692ec66cb777e90b0723ed4bd04004d07b89d231c3232a0286bd295f3ba9777738953a3ca3fe1ab246dc4abfe2310469af9bf901f344346ce6d238f55fc3277b16f8575c9e07bac4775deca09f769e3a948dce0700c8d0aa2f49db9c58afac896e78404cb1cb045c5fa81bdb9b97c34968676382e56a15dc3938e1f48229b3cad01f1a34dd24f82623c1a657f2474a2b828ed40a9f4aea6658990fb04a91faba8866536c119d3feef0eeb325e558eaff94014d39df8b19b0b2ddcc689bb01f92d40943a466716c89175ad7069255051b03ca0290c51d3ae0272251e6e80c9034a45cbfeefe655a032271707ac6e800f65ae4c50e8b130094960a67c09a33abe85163f3fcd9065ba2409144e344cfcd36059c602dbdda545f68afd0ecfb5abfff1316aaa31ba67d30346284185e9ffe26710934fa0dd833e0a2efa655bc58604def7ffdce1306d20ab56553be2c66984421e56c07ee7f8e802f3a2aca0c30e64f05cd620eb541a11326ee4cf2619a87e82197c5a0834536aec9bb3ffb5fef94d94f3b0ec26026821b9acc548ebd7c348565dd108d3ce599b7da4ec9952633f6c67a3fb53198c6836e5ce7fe86722b9be40abf4ba8402b0e08f5cc40177f69ec6ba15910fdb1fd1eb845954aa79945737979b58abe37da01a11e227130f5bbc62ec3853aaad09867b96ebeb46c7fdaa838ed729dcd17a11cd7f0699b4c91bb86edc977f30752ef8f0cc5a48e80a47cbb1bee17b1d3936ba09208c1c30e098c04dacd050c7a74bf3a8a040060fea7110d45735cbcc3f9b01b9abfad500de037d4998c6995e31426844ac4427e91bba9703e99123706bcfce32a1e56818e47b48081fe8dbeb9aa09d7761da043cd90b3311d9ed31510fed236f346740a8155ca111478837b1accb01178895568ab2899ff83c9b256e142d27e996c3169377b8db248c373175008da9f48cd4091ed1aeb2a1931eac4282e2378d94b4092fb99f3147458b657fcf79b7c97a10c08cb441c0290e1c73c1ce9e2732444b5484a05d27421a9", 0x10db}, {&(0x7f0000000600)="5a73586c7106c4c268130352b072aa28596c520cf142a8592bfddc753b739c5c6925d4a69ff430a9a6e5aecc802852d103cad2a879e4b54c287aa8fb4e9314efc1f41308972f9a99c1e0a4ae35368b5c6089c1e5fb180172e752247ed78b96a41d85fb0a11006790a3c03b9431cc540f0d59c13137d555964f4d889bd812c07d5cd3699e9ef77d8a147b222c64594375493c0207959268edd3c1b352e5974b7dbd3aae94f7a91115c7ee680cc56e8a544846b5f96971b2b7388357361eb5095c4a0cfc7345886db110a8dbaf42b354d204dbf667c7d958f0278acdd04c0f439994e967e32f000562c47a64773fe649bd978fd9f5bbfebf527d6ffefe", 0x102}, {&(0x7f0000000840)="5c83d79a367c191877ec732b190f605455e1b1376c465268ea27712548b19b3c1dd9bf67fd502118374bbc7f72f0d1d7bcfd91d20bb155695db491604e0827b0d61ed66c7f4e4d8f44b9f128f2ba9360df0cb1363fde2844d10d455dea83af53bd8d3498eabdf2d7f6d8cac9be3730207a8909d250d14082467c9587b5c5c1b971186ac0d2c21f0b9feb8391aac9ea50aeb9f1da151b83064ac12c3968891aba24aa22b9564f98609f2e4da4648aea1e3aa1c5af136bdf0cb3b7991b399b7bb1c6b8ec7e364be5c742af645d1f1a68dbc6f82d922505ec9d46577ed0407a48"}], 0x5)
r9 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r9, 0x3b81, &(0x7f0000000200)={0xc})

1.411755013s ago: executing program 2 (id=1196):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000000)={0x400000000000030d})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x46, 0x0, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000001fc0)=""/184, 0xb8)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000000000000080000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000800)="240000001e005f031420654400000000000000000100000001000800080008c01300ff00", 0x24)

1.410519753s ago: executing program 5 (id=1197):
syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
r0 = syz_io_uring_setup(0x24fa, &(0x7f00000002c0)={0x0, 0x0, 0x10100}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READ_FIXED)
io_uring_enter(r0, 0x2d3f, 0x0, 0x0, 0x0, 0x0)

500.166717ms ago: executing program 5 (id=1198):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x840, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x41100}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x38, 0x701, 0xfffffffc, 0x80000, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x6, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r2 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x48f, &(0x7f0000000000)={0x11, @private, 0x0, 0x0, 'lc\x00'}, 0x2c)
ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, &(0x7f0000000040))

409.485736ms ago: executing program 4 (id=1199):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x840, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x94)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000040)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x41100}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x14, 0x38, 0x701, 0xfffffffc, 0x80000, {0x4}}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x40)
syz_usb_control_io(r0, 0x0, &(0x7f0000000300)={0x84, &(0x7f0000000140)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000000)={0x6, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x0, 0x0, 'lblcr\x00'}, 0x2c)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r3 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r3, 0x0, 0x48f, &(0x7f0000000000)={0x11, @private, 0x0, 0x0, 'lc\x00'}, 0x2c)
ioctl$FS_IOC_GETVERSION(r2, 0xc0145b0e, &(0x7f0000000040))

407.657176ms ago: executing program 2 (id=1200):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000002280)={0x50, 0x0, r1, {0x7, 0x2b, 0x4, 0x801c0, 0x4, 0x4, 0xe03, 0x4, 0x0, 0x0, 0x20, 0x1}}, 0x50)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004580)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r2}, 0x10)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup3(r3, r0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1cd042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x6, 0x11, r4, 0x0)

405.330376ms ago: executing program 6 (id=1201):
r0 = syz_io_uring_setup(0x24fa, 0x0, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='2'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READ_FIXED)
io_uring_enter(r0, 0x2d3f, 0x0, 0x0, 0x0, 0x0)

355.090885ms ago: executing program 1 (id=1202):
r0 = socket(0x10, 0x2, 0x0)
write(r0, &(0x7f0000000800), 0x0)

201.253067ms ago: executing program 6 (id=1203):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000080)=0xf3e, 0x4)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa000000000034abcf690086dd6000200000183aff000000000000000000000000fe8000000000000000000000000000aadd000000000000000000000000001ac076f374153e74977c5d5c0ce185"], 0x0)
recvmmsg(r0, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x0, 0x0)

176.872232ms ago: executing program 1 (id=1204):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b0f, &(0x7f0000000000)={'wlan1\x00', @random="00000c37d7ac"})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8be0, &(0x7f0000000000)={'wlan1\x00'})

174.805099ms ago: executing program 2 (id=1205):
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
umount2(&(0x7f0000000040)='./file0/file0\x00', 0x8)
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x1)

71.605079ms ago: executing program 2 (id=1206):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000007040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000007000)={0x20}, 0x0})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
pipe(&(0x7f00000000c0)={<r3=>0xffffffffffffffff})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f00000002c0), 0xa8000, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r6, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0xfffffffffffffffe, 0x3, 0x20000e691, 0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffe, 0x0, 0xd1, 0xfffffffffffffffc, 0x6, 0x6, 0x0, 0x100000000000000], 0x0, 0x8340})
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYRESHEX, @ANYRESHEX, @ANYBLOB="2c726f6f746d6f6465d7995d072de0ccc52c1fd73d3030303030303030303030303030303030313030303030", @ANYRESDEC=0x0])
ioctl$KVM_RUN(r6, 0xae80, 0x0)
connect$bt_l2cap(r3, &(0x7f0000000280)={0x1f, 0xd4, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x1}, 0xe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000200)=@raw=[@call={0x85, 0x0, 0x0, 0xbf}, @exit], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x74, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x0, 0x0, &(0x7f0000000240))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
rt_sigaction(0x16, &(0x7f0000000080)={0x0, 0x98000004, 0x0}, 0x0, 0x0, 0x0)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x5})
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x4000)

0s ago: executing program 1 (id=1207):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
tkill(r1, 0x1a)
syz_open_procfs$userns(r1, 0x0)
r5 = socket(0x28, 0x5, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000140)={'dummy0\x00', &(0x7f0000000100)=@ethtool_gfeatures})
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000000c0)={{0x1, 0x1, 0xce, r6, {0x1}}, './file0\x00'})
connect$vsock_stream(r5, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
sendmmsg(r5, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000890)
accept4$unix(r0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 entered blocking state
[  488.402762][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state
[  488.457147][   T10] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  488.693718][   T10] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  488.731280][   T10] [drm] Initialized udl on minor 2
[  489.090819][   T10] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  489.143637][   T10] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  489.153871][ T5880] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  489.197592][ T5880] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  489.208133][   T10] usb 2-1: USB disconnect, device number 19
[  489.230134][ T5880] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  489.636131][ T5854] Bluetooth: hci2: command 0x0406 tx timeout
[  492.625492][ T8523] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  492.660287][ T8691] Falling back ldisc for ptm0.
[  492.669237][ T8523] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  492.839895][ T8698] bio_check_eod: 2 callbacks suppressed
[  492.839946][ T8698] syz.1.675: attempt to access beyond end of device
[  492.839946][ T8698] loop1: rw=0, sector=64, nr_sectors = 1 limit=0
[  492.861745][ T8698] syz.1.675: attempt to access beyond end of device
[  492.861745][ T8698] loop1: rw=0, sector=256, nr_sectors = 1 limit=0
[  492.875121][ T8698] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  492.886600][ T8698] syz.1.675: attempt to access beyond end of device
[  492.886600][ T8698] loop1: rw=0, sector=512, nr_sectors = 1 limit=0
[  492.900119][ T8698] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  492.909829][ T8698] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  492.917651][ T8698] UDF-fs: Scanning with blocksize 512 failed
[  492.930092][ T8698] syz.1.675: attempt to access beyond end of device
[  492.930092][ T8698] loop1: rw=0, sector=64, nr_sectors = 2 limit=0
[  492.946013][ T8698] syz.1.675: attempt to access beyond end of device
[  492.946013][ T8698] loop1: rw=0, sector=512, nr_sectors = 2 limit=0
[  492.959539][ T8698] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  492.970880][ T8698] syz.1.675: attempt to access beyond end of device
[  492.970880][ T8698] loop1: rw=0, sector=1024, nr_sectors = 2 limit=0
[  492.984631][ T8698] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  492.995103][ T8698] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  493.002879][ T8698] UDF-fs: Scanning with blocksize 1024 failed
[  493.014243][ T8698] syz.1.675: attempt to access beyond end of device
[  493.014243][ T8698] loop1: rw=0, sector=64, nr_sectors = 4 limit=0
[  493.028466][ T8698] syz.1.675: attempt to access beyond end of device
[  493.028466][ T8698] loop1: rw=0, sector=1024, nr_sectors = 4 limit=0
[  493.042583][ T8698] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  493.054784][ T8698] syz.1.675: attempt to access beyond end of device
[  493.054784][ T8698] loop1: rw=0, sector=2048, nr_sectors = 4 limit=0
[  493.068407][ T8698] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  493.078168][ T8698] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  493.085963][ T8698] UDF-fs: Scanning with blocksize 2048 failed
[  493.095670][ T8698] syz.1.675: attempt to access beyond end of device
[  493.095670][ T8698] loop1: rw=0, sector=64, nr_sectors = 8 limit=0
[  493.110615][ T8698] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  493.121742][ T8698] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  493.131849][ T8698] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  493.139757][ T8698] UDF-fs: Scanning with blocksize 4096 failed
[  493.146559][ T8698] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1)
[  493.683520][ T8325] 8021q: adding VLAN 0 to HW filter on device batadv0
[  493.744427][ T8523] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  494.145714][ T5906] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  494.174637][ T8523] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  494.389624][ T5906] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  494.424106][ T5906] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  494.475507][ T5906] usb 5-1: config 0 descriptor??
[  494.620686][ T8523] 8021q: adding VLAN 0 to HW filter on device bond0
[  494.700461][ T8523] 8021q: adding VLAN 0 to HW filter on device team0
[  494.704133][ T5906] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  494.746970][ T6012] bridge0: port 1(bridge_slave_0) entered blocking state
[  494.754227][ T6012] bridge0: port 1(bridge_slave_0) entered forwarding state
[  494.836568][ T6012] bridge0: port 2(bridge_slave_1) entered blocking state
[  494.843833][ T6012] bridge0: port 2(bridge_slave_1) entered forwarding state
[  494.985475][ T5906] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[  495.024881][ T5906] [drm] Initialized udl on minor 2
[  495.146361][ T8726] netlink: 300 bytes leftover after parsing attributes in process `syz.2.674'.
[  495.239627][ T8325] veth0_vlan: entered promiscuous mode
[  495.248121][ T8726] ntfs3(nullb0): Primary boot signature is not NTFS.
[  495.271400][ T8726] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  495.310917][ T8325] veth1_vlan: entered promiscuous mode
[  495.318884][ T5906] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  495.372214][ T5906] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  495.407162][   T24] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  495.429682][ T5906] usb 5-1: USB disconnect, device number 22
[  495.443626][   T24] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  495.612452][ T8325] veth0_macvtap: entered promiscuous mode
[  495.711370][ T8325] veth1_macvtap: entered promiscuous mode
[  495.876589][ T8325] batman_adv: batadv0: Interface activated: batadv_slave_0
[  495.953450][ T8325] batman_adv: batadv0: Interface activated: batadv_slave_1
[  495.988196][ T8325] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  496.022747][ T8325] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  496.052561][ T8325] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  496.093787][ T8325] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.670786][ T8523] 8021q: adding VLAN 0 to HW filter on device batadv0
[  497.056695][ T6012] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.107976][ T6012] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  497.676121][   T79] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  497.744508][   T79] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  498.048650][ T8765] netlink: 8 bytes leftover after parsing attributes in process `syz.1.681'.
[  501.095609][ T8523] veth0_vlan: entered promiscuous mode
[  501.236008][ T8523] veth1_vlan: entered promiscuous mode
[  501.847382][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  501.853872][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  502.057042][ T8523] veth0_macvtap: entered promiscuous mode
[  502.112088][ T8523] veth1_macvtap: entered promiscuous mode
[  502.462183][ T8523] batman_adv: batadv0: Interface activated: batadv_slave_0
[  502.583281][ T8523] batman_adv: batadv0: Interface activated: batadv_slave_1
[  502.763065][ T8523] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  502.843810][ T8523] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  502.879399][ T8523] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  502.923619][ T8523] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  504.497110][   T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  504.675200][   T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  505.925380][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  505.933720][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  508.059380][ T8839] netlink: 24 bytes leftover after parsing attributes in process `syz.6.697'.
[  508.429097][ T8839] bridge0: port 2(bridge_slave_1) entered forwarding state
[  508.499352][ T8839] bridge0: port 2(bridge_slave_1) entered disabled state
[  508.530660][ T8860] tipc: Started in network mode
[  508.564654][ T8860] tipc: Node identity 4, cluster identity 4711
[  508.599343][ T8860] tipc: Node number set to 4
[  508.671386][ T8863] netlink: 4 bytes leftover after parsing attributes in process `syz.2.701'.
[  510.186217][ T8878] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  510.341423][ T8878] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  510.717845][ T8881] FAULT_INJECTION: forcing a failure.
[  510.717845][ T8881] name failslab, interval 1, probability 0, space 0, times 0
[  510.732236][ T8881] CPU: 0 UID: 0 PID: 8881 Comm: syz.6.706 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  510.732267][ T8881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  510.732275][ T8881] Call Trace:
[  510.732280][ T8881]  <TASK>
[  510.732286][ T8881]  dump_stack_lvl+0x189/0x250
[  510.732306][ T8881]  ? __pfx____ratelimit+0x10/0x10
[  510.732321][ T8881]  ? __pfx_dump_stack_lvl+0x10/0x10
[  510.732334][ T8881]  ? __pfx__printk+0x10/0x10
[  510.732353][ T8881]  ? __pfx___might_resched+0x10/0x10
[  510.732366][ T8881]  ? fs_reclaim_acquire+0x7d/0x100
[  510.732384][ T8881]  should_fail_ex+0x414/0x560
[  510.732406][ T8881]  should_failslab+0xa8/0x100
[  510.732421][ T8881]  __kmalloc_noprof+0xcb/0x4f0
[  510.732432][ T8881]  ? kfree+0x4d/0x440
[  510.732447][ T8881]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  510.732467][ T8881]  tomoyo_realpath_from_path+0xe3/0x5d0
[  510.732483][ T8881]  ? tomoyo_domain+0xda/0x130
[  510.732506][ T8881]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  510.732519][ T8881]  tomoyo_path_number_perm+0x1e8/0x5a0
[  510.732533][ T8881]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  510.732557][ T8881]  ? __lock_acquire+0xab9/0xd20
[  510.732582][ T8881]  ? __fget_files+0x2a/0x420
[  510.732598][ T8881]  ? __fget_files+0x2a/0x420
[  510.732610][ T8881]  ? __fget_files+0x3a0/0x420
[  510.732622][ T8881]  ? __fget_files+0x2a/0x420
[  510.732638][ T8881]  security_file_ioctl+0xcb/0x2d0
[  510.732654][ T8881]  __se_sys_ioctl+0x47/0x170
[  510.732673][ T8881]  do_syscall_64+0xfa/0x3b0
[  510.732686][ T8881]  ? lockdep_hardirqs_on+0x9c/0x150
[  510.732698][ T8881]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.732710][ T8881]  ? clear_bhb_loop+0x60/0xb0
[  510.732725][ T8881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  510.732736][ T8881] RIP: 0033:0x7f0d8ad8ebe9
[  510.732749][ T8881] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  510.732759][ T8881] RSP: 002b:00007f0d8bc1c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  510.732774][ T8881] RAX: ffffffffffffffda RBX: 00007f0d8afb5fa0 RCX: 00007f0d8ad8ebe9
[  510.732783][ T8881] RDX: 00002000000000c0 RSI: 0000000040946400 RDI: 0000000000000003
[  510.732791][ T8881] RBP: 00007f0d8bc1c090 R08: 0000000000000000 R09: 0000000000000000
[  510.732798][ T8881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  510.732805][ T8881] R13: 00007f0d8afb6038 R14: 00007f0d8afb5fa0 R15: 00007fff7b879698
[  510.732825][ T8881]  </TASK>
[  510.732928][ T8881] ERROR: Out of memory at tomoyo_realpath_from_path.
[  511.474423][ T5880] usb 2-1: new full-speed USB device number 20 using dummy_hcd
[  511.556920][ T8881] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  511.563557][ T8881] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  511.648017][ T5880] usb 2-1: config 1 interface 0 has no altsetting 0
[  511.660311][ T5880] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  511.711120][ T5880] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  511.752731][ T5880] usb 2-1: Product: syz
[  511.786299][ T5880] usb 2-1: Manufacturer: syz
[  511.809852][ T5880] usb 2-1: SerialNumber: syz
[  513.034280][ T5880] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 20 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  513.367739][ T5880] usb 2-1: USB disconnect, device number 20
[  513.473858][ T5880] usblp0: removed
[  513.666089][ T8906] mkiss: ax0: crc mode is auto.
[  515.849771][ T8912] FAULT_INJECTION: forcing a failure.
[  515.849771][ T8912] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  515.881239][ T8912] CPU: 0 UID: 0 PID: 8912 Comm: syz.1.711 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  515.881271][ T8912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  515.881283][ T8912] Call Trace:
[  515.881292][ T8912]  <TASK>
[  515.881300][ T8912]  dump_stack_lvl+0x189/0x250
[  515.881330][ T8912]  ? __pfx____ratelimit+0x10/0x10
[  515.881353][ T8912]  ? __pfx_dump_stack_lvl+0x10/0x10
[  515.881420][ T8912]  ? __pfx__printk+0x10/0x10
[  515.881456][ T8912]  should_fail_ex+0x414/0x560
[  515.881482][ T8912]  _copy_to_user+0x31/0xb0
[  515.881513][ T8912]  simple_read_from_buffer+0xe1/0x170
[  515.881538][ T8912]  proc_fail_nth_read+0x1df/0x250
[  515.881567][ T8912]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  515.881593][ T8912]  ? rw_verify_area+0x258/0x650
[  515.881623][ T8912]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  515.881645][ T8912]  vfs_read+0x200/0x980
[  515.881682][ T8912]  ? __pfx___mutex_lock+0x10/0x10
[  515.881704][ T8912]  ? __pfx_vfs_read+0x10/0x10
[  515.881735][ T8912]  ? __fget_files+0x2a/0x420
[  515.881762][ T8912]  ? __fget_files+0x3a0/0x420
[  515.881782][ T8912]  ? __fget_files+0x2a/0x420
[  515.881813][ T8912]  ksys_read+0x145/0x250
[  515.881834][ T8912]  ? __pfx_ksys_read+0x10/0x10
[  515.881850][ T8912]  ? rcu_is_watching+0x15/0xb0
[  515.881879][ T8912]  ? do_syscall_64+0xbe/0x3b0
[  515.881915][ T8912]  do_syscall_64+0xfa/0x3b0
[  515.881936][ T8912]  ? lockdep_hardirqs_on+0x9c/0x150
[  515.881956][ T8912]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.881975][ T8912]  ? clear_bhb_loop+0x60/0xb0
[  515.882000][ T8912]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.882019][ T8912] RIP: 0033:0x7f667118d5fc
[  515.882039][ T8912] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  515.882054][ T8912] RSP: 002b:00007f667202f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  515.882076][ T8912] RAX: ffffffffffffffda RBX: 00007f66713b6090 RCX: 00007f667118d5fc
[  515.882089][ T8912] RDX: 000000000000000f RSI: 00007f667202f0a0 RDI: 0000000000000003
[  515.882101][ T8912] RBP: 00007f667202f090 R08: 0000000000000000 R09: 0000000000000000
[  515.882112][ T8912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  515.882123][ T8912] R13: 00007f66713b6128 R14: 00007f66713b6090 R15: 00007ffc4f20a358
[  515.882158][ T8912]  </TASK>
[  516.334390][  T981] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  516.494370][  T981] usb 3-1: Using ep0 maxpacket: 16
[  516.512528][  T981] usb 3-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  516.523598][  T981] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  516.541282][  T981] usb 3-1: Product: syz
[  516.547188][  T981] usb 3-1: Manufacturer: syz
[  516.552214][  T981] usb 3-1: SerialNumber: syz
[  516.567522][  T981] usb 3-1: config 0 descriptor??
[  516.622199][  T981] ums-onetouch 3-1:0.0: USB Mass Storage device detected
[  517.377199][ T8931] netlink: 8 bytes leftover after parsing attributes in process `syz.6.715'.
[  517.474371][ T5880] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  517.634114][ T5880] usb 2-1: Using ep0 maxpacket: 16
[  517.636369][ T5880] usb 2-1: config 1 has an invalid descriptor of length 191, skipping remainder of the config
[  517.636390][ T5880] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  517.639707][ T5880] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  517.639729][ T5880] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.639742][ T5880] usb 2-1: Product: syz
[  517.639752][ T5880] usb 2-1: Manufacturer: syz
[  517.639762][ T5880] usb 2-1: SerialNumber: syz
[  517.916685][ T5880] usb 2-1: 0:2 : does not exist
[  517.937250][ T5880] usb 2-1: 5:0: failed to get current value for ch 1 (-22)
[  517.973756][ T5880] usb 2-1: 5:0: cannot get min/max values for control 2 (id 5)
[  518.008382][ T5880] usb 2-1: 5:0: failed to get current value for ch 1 (-22)
[  518.048058][ T5880] usb 2-1: 5:0: cannot get min/max values for control 8 (id 5)
[  518.737912][ T5880] usb 2-1: USB disconnect, device number 21
[  518.814858][   T24] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  518.898840][ T8952] netlink: 4 bytes leftover after parsing attributes in process `syz.1.719'.
[  518.911063][ T5906] usb 3-1: USB disconnect, device number 15
[  518.962430][ T7160] udevd[7160]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  519.045837][   T24] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  519.122137][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  519.289333][   T24] usb 6-1: Product: syz
[  519.436955][   T24] usb 6-1: Manufacturer: syz
[  519.790125][   T24] usb 6-1: SerialNumber: syz
[  519.985871][   T24] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  521.371973][ T8976] syz_tun: entered allmulticast mode
[  521.393362][ T5921] usb 6-1: ath9k_htc: Firmware - ath9k_htc/htc_9271-1.4.0.fw download failed
[  521.402211][ T5957] usb 6-1: USB disconnect, device number 2
[  521.502693][ T5957] usb 6-1: ath9k_htc: USB layer deinitialized
[  521.682592][ T8977] syz_tun: left allmulticast mode
[  524.287647][ T9005] geneve2: left promiscuous mode
[  524.909909][ T9001] bio_check_eod: 2 callbacks suppressed
[  524.909995][ T9001] syz.5.730: attempt to access beyond end of device
[  524.909995][ T9001] loop5: rw=0, sector=64, nr_sectors = 1 limit=0
[  524.930910][ T9001] syz.5.730: attempt to access beyond end of device
[  524.930910][ T9001] loop5: rw=0, sector=256, nr_sectors = 1 limit=0
[  524.944624][ T9001] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  524.960729][ T9001] syz.5.730: attempt to access beyond end of device
[  524.960729][ T9001] loop5: rw=0, sector=512, nr_sectors = 1 limit=0
[  524.977355][ T9001] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[  524.987435][ T9001] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  525.042341][ T9001] UDF-fs: Scanning with blocksize 512 failed
[  525.077589][ T9001] syz.5.730: attempt to access beyond end of device
[  525.077589][ T9001] loop5: rw=0, sector=64, nr_sectors = 2 limit=0
[  525.096682][ T9001] syz.5.730: attempt to access beyond end of device
[  525.096682][ T9001] loop5: rw=0, sector=512, nr_sectors = 2 limit=0
[  525.110363][ T9001] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  525.121212][ T9001] syz.5.730: attempt to access beyond end of device
[  525.121212][ T9001] loop5: rw=0, sector=1024, nr_sectors = 2 limit=0
[  525.135092][ T9001] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[  525.145219][ T9001] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  525.152940][ T9001] UDF-fs: Scanning with blocksize 1024 failed
[  525.164338][ T9001] syz.5.730: attempt to access beyond end of device
[  525.164338][ T9001] loop5: rw=0, sector=64, nr_sectors = 4 limit=0
[  525.179328][ T9001] syz.5.730: attempt to access beyond end of device
[  525.179328][ T9001] loop5: rw=0, sector=1024, nr_sectors = 4 limit=0
[  525.196838][ T9001] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  525.208028][ T9001] syz.5.730: attempt to access beyond end of device
[  525.208028][ T9001] loop5: rw=0, sector=2048, nr_sectors = 4 limit=0
[  525.221819][ T9001] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[  525.231689][ T9001] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  525.239727][ T9001] UDF-fs: Scanning with blocksize 2048 failed
[  525.248989][ T9001] syz.5.730: attempt to access beyond end of device
[  525.248989][ T9001] loop5: rw=0, sector=64, nr_sectors = 8 limit=0
[  525.263455][ T9001] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  525.274261][ T9001] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[  525.284163][ T9001] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  525.291980][ T9001] UDF-fs: Scanning with blocksize 4096 failed
[  525.304042][ T9001] UDF-fs: warning (device loop5): udf_fill_super: No partition found (1)
[  525.726483][ T9013] netlink: 4 bytes leftover after parsing attributes in process `syz.5.733'.
[  525.904293][  T981] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  526.253998][  T981] usb 3-1: Using ep0 maxpacket: 32
[  526.496869][  T981] usb 3-1: config 0 interface 0 altsetting 74 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  526.681140][  T981] usb 3-1: config 0 interface 0 altsetting 74 endpoint 0x81 has invalid wMaxPacketSize 0
[  526.711499][  T981] usb 3-1: config 0 interface 0 has no altsetting 0
[  526.718766][  T981] usb 3-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  526.742957][  T981] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  526.834728][  T981] usb 3-1: config 0 descriptor??
[  529.850877][  T981] usbhid 3-1:0.0: can't add hid device: -71
[  529.894232][  T981] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  530.037093][  T981] usb 3-1: USB disconnect, device number 16
[  530.134062][ T9044] FAULT_INJECTION: forcing a failure.
[  530.134062][ T9044] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  530.754317][ T9044] CPU: 1 UID: 0 PID: 9044 Comm: syz.2.739 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  530.754345][ T9044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  530.754355][ T9044] Call Trace:
[  530.754361][ T9044]  <TASK>
[  530.754367][ T9044]  dump_stack_lvl+0x189/0x250
[  530.754387][ T9044]  ? __pfx____ratelimit+0x10/0x10
[  530.754409][ T9044]  ? __pfx_dump_stack_lvl+0x10/0x10
[  530.754422][ T9044]  ? __pfx__printk+0x10/0x10
[  530.754438][ T9044]  ? __might_fault+0xb0/0x130
[  530.754457][ T9044]  should_fail_ex+0x414/0x560
[  530.754474][ T9044]  _copy_from_user+0x2d/0xb0
[  530.754491][ T9044]  ___sys_sendmsg+0x158/0x2a0
[  530.754511][ T9044]  ? __pfx____sys_sendmsg+0x10/0x10
[  530.754552][ T9044]  ? __fget_files+0x2a/0x420
[  530.754564][ T9044]  ? __fget_files+0x3a0/0x420
[  530.754584][ T9044]  __x64_sys_sendmsg+0x19b/0x260
[  530.754604][ T9044]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  530.754632][ T9044]  ? __pfx_ksys_write+0x10/0x10
[  530.754642][ T9044]  ? rcu_is_watching+0x15/0xb0
[  530.754659][ T9044]  ? do_syscall_64+0xbe/0x3b0
[  530.754675][ T9044]  do_syscall_64+0xfa/0x3b0
[  530.754686][ T9044]  ? lockdep_hardirqs_on+0x9c/0x150
[  530.754699][ T9044]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.754711][ T9044]  ? clear_bhb_loop+0x60/0xb0
[  530.754726][ T9044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.754737][ T9044] RIP: 0033:0x7fce7098ebe9
[  530.754749][ T9044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  530.754760][ T9044] RSP: 002b:00007fce6ebf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  530.754774][ T9044] RAX: ffffffffffffffda RBX: 00007fce70bb5fa0 RCX: 00007fce7098ebe9
[  530.754783][ T9044] RDX: ea5bc50b6199d77e RSI: 0000200000000280 RDI: 0000000000000003
[  530.754792][ T9044] RBP: 00007fce6ebf6090 R08: 0000000000000000 R09: 0000000000000000
[  530.754799][ T9044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  530.754806][ T9044] R13: 00007fce70bb6038 R14: 00007fce70bb5fa0 R15: 00007ffc2ac975e8
[  530.754825][ T9044]  </TASK>
[  533.577876][ T6013] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  534.163585][ T6013] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.542662][ T6013] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  537.138831][ T6013] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  537.511779][ T9099] loop8: detected capacity change from 0 to 8
[  538.098848][ T9099] Dev loop8: unable to read RDB block 8
[  538.119022][ T9099]  loop8: unable to read partition table
[  538.147460][ T9099] loop8: partition table beyond EOD, truncated
[  538.192004][ T9099] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– �) failed (rc=-5)
[  538.217392][ T9106] netlink: 96 bytes leftover after parsing attributes in process `syz.5.752'.
[  538.241791][ T9109] IPVS: length: 212 != 24
[  538.634970][ T6013] bridge_slave_1: left allmulticast mode
[  538.654733][ T6013] bridge_slave_1: left promiscuous mode
[  538.660861][ T5854] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  538.680456][ T6013] bridge0: port 2(bridge_slave_1) entered disabled state
[  538.688166][ T5854] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  538.699244][ T5854] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  538.718533][ T5854] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  538.729918][ T5854] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  538.810748][ T6013] bridge_slave_0: left allmulticast mode
[  538.819359][ T6013] bridge_slave_0: left promiscuous mode
[  538.825602][ T6013] bridge0: port 1(bridge_slave_0) entered disabled state
[  539.011896][ T9124] netlink: 40 bytes leftover after parsing attributes in process `syz.5.756'.
[  539.091094][ T9125] netlink: 212408 bytes leftover after parsing attributes in process `syz.5.756'.
[  540.075736][ T6013] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  540.089304][ T6013] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  540.101514][ T6013] bond0 (unregistering): Released all slaves
[  540.834128][ T5854] Bluetooth: hci3: command tx timeout
[  540.932403][ T9115] wg1 speed is unknown, defaulting to 1000
[  541.777154][ T9156] netlink: 308 bytes leftover after parsing attributes in process `syz.5.764'.
[  541.932650][ T9158] mkiss: ax0: crc mode is auto.
[  544.032039][ T5854] Bluetooth: hci3: command tx timeout
[  544.424896][ T6013] hsr_slave_0: left promiscuous mode
[  544.477098][ T9164] ntfs3(nullb0): Primary boot signature is not NTFS.
[  544.484255][ T6013] hsr_slave_1: left promiscuous mode
[  544.485093][ T6013] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  544.497841][ T9164] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  544.517077][ T9167] program syz.5.767 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  544.535784][ T6013] batman_adv: batadv0: Removing interface: batadv_slave_0
[  544.618480][ T6013] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  544.639739][ T6013] batman_adv: batadv0: Removing interface: batadv_slave_1
[  544.807007][ T6013] veth1_macvtap: left promiscuous mode
[  544.859902][ T6013] veth0_macvtap: left promiscuous mode
[  544.867638][ T6013] veth1_vlan: left promiscuous mode
[  544.873134][ T6013] veth0_vlan: left promiscuous mode
[  545.973805][ T9178] netlink: 'syz.1.769': attribute type 1 has an invalid length.
[  546.048402][ T9179] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  546.118429][ T5854] Bluetooth: hci3: command tx timeout
[  547.130614][ T6013] team0 (unregistering): Port device team_slave_1 removed
[  547.309953][ T6013] team0 (unregistering): Port device team_slave_0 removed
[  547.558025][ T9190] netlink: 4 bytes leftover after parsing attributes in process `syz.1.771'.
[  548.194060][ T5854] Bluetooth: hci3: command tx timeout
[  549.307652][ T5957] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  549.372984][ T9203] netlink: 308 bytes leftover after parsing attributes in process `syz.5.777'.
[  549.391679][ T9115] chnl_net:caif_netlink_parms(): no params data found
[  549.518636][ T5957] usb 3-1: unable to get BOS descriptor or descriptor too short
[  549.537027][ T5957] usb 3-1: not running at top speed; connect to a high speed hub
[  549.548960][ T5957] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  549.561878][ T5957] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  549.577638][ T5957] usb 3-1: config 1 has no interface number 1
[  549.590110][ T5957] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  549.610278][ T5957] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  549.630695][ T5957] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  549.641175][ T5957] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.700468][ T5957] usb 3-1: Product: syz
[  549.708949][ T5957] usb 3-1: Manufacturer: syz
[  549.775424][ T9210] fuse: Bad value for 'fd'
[  550.516519][ T5957] usb 3-1: SerialNumber: syz
[  550.837032][ T9115] bridge0: port 1(bridge_slave_0) entered blocking state
[  550.851157][ T9115] bridge0: port 1(bridge_slave_0) entered disabled state
[  550.859712][ T9115] bridge_slave_0: entered allmulticast mode
[  550.877909][ T9115] bridge_slave_0: entered promiscuous mode
[  550.881539][ T5957] usb 3-1: 2:1 : no or invalid class specific endpoint descriptor
[  550.897140][ T9115] bridge0: port 2(bridge_slave_1) entered blocking state
[  550.897813][ T9115] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.898030][ T9115] bridge_slave_1: entered allmulticast mode
[  550.900193][ T9115] bridge_slave_1: entered promiscuous mode
[  550.955218][ T9219] netlink: 172 bytes leftover after parsing attributes in process `syz.5.778'.
[  550.971361][ T5957] usb 3-1: USB disconnect, device number 17
[  551.012422][ T9115] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  551.021253][ T9115] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  551.154830][ T7769] udevd[7769]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  551.226745][ T9115] team0: Port device team_slave_0 added
[  551.248971][ T9115] team0: Port device team_slave_1 added
[  551.594059][ T9115] batman_adv: batadv0: Adding interface: batadv_slave_0
[  551.644513][ T9115] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  552.089511][ T9115] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  552.136415][ T9115] batman_adv: batadv0: Adding interface: batadv_slave_1
[  552.163697][ T9115] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  552.358233][ T9115] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  552.746643][ T9243] netlink: 8 bytes leftover after parsing attributes in process `syz.1.781'.
[  552.756894][ T9243] netlink: 48 bytes leftover after parsing attributes in process `syz.1.781'.
[  553.651140][ T9242] netlink: 4 bytes leftover after parsing attributes in process `syz.4.775'.
[  553.712747][ T9115] hsr_slave_0: entered promiscuous mode
[  554.232560][ T9115] hsr_slave_1: entered promiscuous mode
[  554.262486][ T9115] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  554.291878][ T9115] Cannot create hsr debugfs directory
[  554.328796][ T9243] geneve3: entered promiscuous mode
[  554.344473][ T9243] geneve3: entered allmulticast mode
[  555.148817][ T9256] program syz.2.784 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  555.556152][ T9269] netlink: 316 bytes leftover after parsing attributes in process `syz.5.788'.
[  555.935363][ T5957] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  556.087971][ T9280] netlink: 8 bytes leftover after parsing attributes in process `syz.2.793'.
[  556.105714][ T9280] netlink: 20 bytes leftover after parsing attributes in process `syz.2.793'.
[  556.134895][ T5957] usb 2-1: Using ep0 maxpacket: 8
[  556.136645][ T9280] netlink: 8 bytes leftover after parsing attributes in process `syz.2.793'.
[  556.151144][ T5957] usb 2-1: config 0 has an invalid interface number: 37 but max is 0
[  556.164175][ T9280] netlink: 20 bytes leftover after parsing attributes in process `syz.2.793'.
[  556.181136][ T5957] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  556.203260][ T5957] usb 2-1: config 0 has no interface number 0
[  556.214772][ T5957] usb 2-1: New USB device found, idVendor=0421, idProduct=0508, bcdDevice=50.d3
[  556.225410][ T5957] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.233462][ T5957] usb 2-1: Product: syz
[  556.237943][ T5880] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  556.247577][ T5957] usb 2-1: Manufacturer: syz
[  556.252236][ T5957] usb 2-1: SerialNumber: syz
[  556.274583][ T5957] usb 2-1: config 0 descriptor??
[  556.290823][ T5957] usb 2-1: bad CDC descriptors
[  556.404479][ T5880] usb 6-1: Using ep0 maxpacket: 16
[  556.412694][ T5880] usb 6-1: config 1 has an invalid descriptor of length 191, skipping remainder of the config
[  557.398109][ T5880] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  557.509190][ T5880] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  557.529631][ T5880] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  557.540934][ T5957] usb 2-1: USB disconnect, device number 22
[  557.569405][ T5880] usb 6-1: Product: syz
[  557.576753][ T5880] usb 6-1: Manufacturer: syz
[  557.581549][ T5880] usb 6-1: SerialNumber: syz
[  557.682806][ T9115] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  557.711357][ T9115] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  557.731151][ T9115] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  557.746877][ T9115] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  557.862798][ T5880] usb 6-1: 0:2 : does not exist
[  557.874808][  T981] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  557.899175][ T5880] usb 6-1: 5:0: failed to get current value for ch 1 (-22)
[  557.927924][ T5880] usb 6-1: 5:0: cannot get min/max values for control 2 (id 5)
[  557.966675][ T5880] usb 6-1: 5:0: failed to get current value for ch 1 (-22)
[  558.004992][ T5880] usb 6-1: 5:0: cannot get min/max values for control 8 (id 5)
[  558.052460][ T5880] usb 6-1: USB disconnect, device number 3
[  558.077341][  T981] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  558.110515][  T981] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.132655][ T9115] 8021q: adding VLAN 0 to HW filter on device bond0
[  558.172172][  T981] usb 3-1: config 0 descriptor??
[  558.238516][ T9115] 8021q: adding VLAN 0 to HW filter on device team0
[  558.301422][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  558.308880][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  559.042862][  T981] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  559.097952][   T79] bridge0: port 2(bridge_slave_1) entered blocking state
[  559.105303][   T79] bridge0: port 2(bridge_slave_1) entered forwarding state
[  559.319662][  T981] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[  559.454698][  T981] [drm] Initialized udl on minor 2
[  559.714856][  T981] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  559.744952][  T981] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  559.753580][   T10] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  559.787784][   T10] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  559.814663][  T981] usb 3-1: USB disconnect, device number 18
[  561.822755][ T9115] 8021q: adding VLAN 0 to HW filter on device batadv0
[  561.863936][ T9330] netlink: 4 bytes leftover after parsing attributes in process `syz.2.799'.
[  562.064104][ T5880] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  562.233685][ T5880] usb 5-1: New USB device found, idVendor=1f71, idProduct=3301, bcdDevice=ce.1a
[  562.272484][ T5880] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  562.333132][ T5880] usb 5-1: Product: syz
[  562.371028][ T5880] usb 5-1: Manufacturer: syz
[  562.407295][ T5880] usb 5-1: SerialNumber: syz
[  562.469796][ T5880] usb 5-1: config 0 descriptor??
[  563.159549][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  563.166170][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  563.377573][ T5880] usb 5-1: USB disconnect, device number 23
[  563.916612][ T9363] netlink: 316 bytes leftover after parsing attributes in process `syz.1.802'.
[  564.216057][ T9115] veth0_vlan: entered promiscuous mode
[  564.353484][ T9115] veth1_vlan: entered promiscuous mode
[  565.562921][ T5906] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[  565.838925][ T9383] bio_check_eod: 2 callbacks suppressed
[  565.838947][ T9383] syz.4.805: attempt to access beyond end of device
[  565.838947][ T9383] loop4: rw=0, sector=64, nr_sectors = 1 limit=0
[  565.859875][ T9383] syz.4.805: attempt to access beyond end of device
[  565.859875][ T9383] loop4: rw=0, sector=256, nr_sectors = 1 limit=0
[  565.872923][ T9383] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  565.882891][ T9383] syz.4.805: attempt to access beyond end of device
[  565.882891][ T9383] loop4: rw=0, sector=512, nr_sectors = 1 limit=0
[  565.896007][ T9383] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  565.905633][ T9383] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  565.913311][ T9383] UDF-fs: Scanning with blocksize 512 failed
[  565.920625][ T9383] syz.4.805: attempt to access beyond end of device
[  565.920625][ T9383] loop4: rw=0, sector=64, nr_sectors = 2 limit=0
[  565.934190][ T9383] syz.4.805: attempt to access beyond end of device
[  565.934190][ T9383] loop4: rw=0, sector=512, nr_sectors = 2 limit=0
[  565.948624][ T9383] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  565.958939][ T9383] syz.4.805: attempt to access beyond end of device
[  565.958939][ T9383] loop4: rw=0, sector=1024, nr_sectors = 2 limit=0
[  565.972098][ T9383] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  565.981860][ T9383] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  565.989608][ T9383] UDF-fs: Scanning with blocksize 1024 failed
[  565.996512][ T9383] syz.4.805: attempt to access beyond end of device
[  565.996512][ T9383] loop4: rw=0, sector=64, nr_sectors = 4 limit=0
[  566.009730][ T9383] syz.4.805: attempt to access beyond end of device
[  566.009730][ T9383] loop4: rw=0, sector=1024, nr_sectors = 4 limit=0
[  566.023191][ T9383] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  566.033107][ T9383] syz.4.805: attempt to access beyond end of device
[  566.033107][ T9383] loop4: rw=0, sector=2048, nr_sectors = 4 limit=0
[  566.046661][ T9383] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  566.057224][ T9383] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  566.065738][ T9383] UDF-fs: Scanning with blocksize 2048 failed
[  566.072569][ T9383] syz.4.805: attempt to access beyond end of device
[  566.072569][ T9383] loop4: rw=0, sector=64, nr_sectors = 8 limit=0
[  566.086061][ T9383] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  566.095926][ T9383] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  566.105588][ T9383] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  566.113355][ T9383] UDF-fs: Scanning with blocksize 4096 failed
[  566.120206][ T9383] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1)
[  566.432269][ T5906] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  566.457605][ T9380] geneve3: left promiscuous mode
[  567.285747][ T9115] veth0_macvtap: entered promiscuous mode
[  567.349965][ T9115] veth1_macvtap: entered promiscuous mode
[  567.437970][ T9385] fido_id[9385]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  567.500664][ T9115] batman_adv: batadv0: Interface activated: batadv_slave_0
[  567.561696][ T9115] batman_adv: batadv0: Interface activated: batadv_slave_1
[  567.657640][ T9115] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  567.689811][ T9115] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  567.715681][ T9115] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  567.737428][ T9115] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  567.971140][ T6005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  567.999887][ T6005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  568.079972][ T6020] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  568.103307][ T6020] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  568.429763][ T9404] overlayfs: conflicting lowerdir path
[  568.469007][ T9407] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  569.131047][ T9419] FAULT_INJECTION: forcing a failure.
[  569.131047][ T9419] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  569.144332][ T9419] CPU: 1 UID: 0 PID: 9419 Comm: syz.6.812 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  569.144359][ T9419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  569.144371][ T9419] Call Trace:
[  569.144381][ T9419]  <TASK>
[  569.144390][ T9419]  dump_stack_lvl+0x189/0x250
[  569.144419][ T9419]  ? lockdep_hardirqs_on+0x9c/0x150
[  569.144443][ T9419]  ? __pfx_dump_stack_lvl+0x10/0x10
[  569.144466][ T9419]  ? __pfx__printk+0x10/0x10
[  569.144508][ T9419]  should_fail_ex+0x414/0x560
[  569.144537][ T9419]  _copy_to_user+0x31/0xb0
[  569.144568][ T9419]  simple_read_from_buffer+0xe1/0x170
[  569.144597][ T9419]  proc_fail_nth_read+0x1df/0x250
[  569.144627][ T9419]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  569.144656][ T9419]  ? rw_verify_area+0x258/0x650
[  569.144685][ T9419]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  569.144712][ T9419]  vfs_read+0x200/0x980
[  569.144750][ T9419]  ? __pfx___mutex_lock+0x10/0x10
[  569.144774][ T9419]  ? __pfx_vfs_read+0x10/0x10
[  569.144807][ T9419]  ? __fget_files+0x2a/0x420
[  569.144836][ T9419]  ? __fget_files+0x3a0/0x420
[  569.144857][ T9419]  ? __fget_files+0x2a/0x420
[  569.144891][ T9419]  ksys_read+0x145/0x250
[  569.144914][ T9419]  ? __pfx_ksys_read+0x10/0x10
[  569.144940][ T9419]  ? do_syscall_64+0xbe/0x3b0
[  569.144969][ T9419]  do_syscall_64+0xfa/0x3b0
[  569.144993][ T9419]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.145013][ T9419]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  569.145041][ T9419]  ? clear_bhb_loop+0x60/0xb0
[  569.145068][ T9419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.145088][ T9419] RIP: 0033:0x7f67e1f8d5fc
[  569.145108][ T9419] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  569.145126][ T9419] RSP: 002b:00007f67e2e44030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  569.145148][ T9419] RAX: ffffffffffffffda RBX: 00007f67e21b6180 RCX: 00007f67e1f8d5fc
[  569.145163][ T9419] RDX: 000000000000000f RSI: 00007f67e2e440a0 RDI: 0000000000000006
[  569.145176][ T9419] RBP: 00007f67e2e44090 R08: 0000000000000000 R09: 0000000000000000
[  569.145189][ T9419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  569.145201][ T9419] R13: 00007f67e21b6218 R14: 00007f67e21b6180 R15: 00007ffd515c0908
[  569.145237][ T9419]  </TASK>
[  569.679430][ T9423] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  569.746345][ T9423] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  569.789035][ T9432] ntfs3(nullb0): Primary boot signature is not NTFS.
[  569.801064][ T9423] iommufd_mock iommufd_mock2: Adding to iommu group 2
[  569.924587][ T5880] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  569.933632][ T9432] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  569.942210][ T5957] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  570.633183][ T5880] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  570.652670][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.675520][ T5957] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  570.713227][ T5957] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.722913][ T5880] usb 2-1: config 0 descriptor??
[  570.854299][ T5957] usb 5-1: config 0 descriptor??
[  571.031122][ T5880] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  571.108205][ T5957] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  571.847871][ T5880] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  571.906756][ T5880] [drm] Initialized udl on minor 2
[  571.913623][ T5957] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 3
[  571.979067][ T5957] [drm] Initialized udl on minor 3
[  572.172316][ T5880] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  572.817926][ T5880] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  572.872723][   T10] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  572.954504][ T5880] usb 2-1: USB disconnect, device number 23
[  572.964433][   T10] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  573.564211][ T5957] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  573.594545][ T5957] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  573.604100][   T10] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  573.615117][ T9459] program syz.5.820 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  573.650539][ T5957] usb 5-1: USB disconnect, device number 24
[  573.662983][   T10] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[  573.723572][   T10] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  575.657261][ T5957] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[  575.925101][ T5957] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  576.062613][ T9476] capability: warning: `syz.6.824' uses deprecated v2 capabilities in a way that may be insecure
[  577.033188][ T9474] fido_id[9474]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  577.170342][   T30] audit: type=1804 audit(1755201171.914:30): pid=9485 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.1.826" name="/newroot/196/file1" dev="fuse" ino=1 res=1 errno=0
[  577.247912][   T30] audit: type=1800 audit(1755201171.944:31): pid=9485 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.826" name="/" dev="fuse" ino=1 res=0 errno=0
[  577.411197][   T30] audit: type=1800 audit(1755201171.944:32): pid=9481 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.826" name="/" dev="fuse" ino=1 res=0 errno=0
[  577.438437][   T30] audit: type=1804 audit(1755201171.964:33): pid=9487 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.827" name="/newroot/181/file1" dev="fuse" ino=1 res=1 errno=0
[  578.350557][ T9504] FAULT_INJECTION: forcing a failure.
[  578.350557][ T9504] name failslab, interval 1, probability 0, space 0, times 0
[  578.363500][ T9504] CPU: 1 UID: 0 PID: 9504 Comm: syz.1.830 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  578.363525][ T9504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  578.363537][ T9504] Call Trace:
[  578.363545][ T9504]  <TASK>
[  578.363553][ T9504]  dump_stack_lvl+0x189/0x250
[  578.363580][ T9504]  ? __pfx____ratelimit+0x10/0x10
[  578.363601][ T9504]  ? __pfx_dump_stack_lvl+0x10/0x10
[  578.363623][ T9504]  ? __pfx__printk+0x10/0x10
[  578.363650][ T9504]  ? __pfx___might_resched+0x10/0x10
[  578.363671][ T9504]  ? fs_reclaim_acquire+0x7d/0x100
[  578.363699][ T9504]  should_fail_ex+0x414/0x560
[  578.363725][ T9504]  should_failslab+0xa8/0x100
[  578.363763][ T9504]  __kmalloc_noprof+0xcb/0x4f0
[  578.363780][ T9504]  ? tomoyo_encode+0x28b/0x550
[  578.363810][ T9504]  tomoyo_encode+0x28b/0x550
[  578.363840][ T9504]  tomoyo_realpath_from_path+0x58d/0x5d0
[  578.363883][ T9504]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  578.363904][ T9504]  tomoyo_path_number_perm+0x1e8/0x5a0
[  578.363927][ T9504]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  578.363966][ T9504]  ? __lock_acquire+0xab9/0xd20
[  578.364007][ T9504]  ? __fget_files+0x2a/0x420
[  578.364031][ T9504]  ? __fget_files+0x2a/0x420
[  578.364051][ T9504]  ? __fget_files+0x3a0/0x420
[  578.364070][ T9504]  ? __fget_files+0x2a/0x420
[  578.364096][ T9504]  security_file_ioctl+0xcb/0x2d0
[  578.364122][ T9504]  __se_sys_ioctl+0x47/0x170
[  578.364153][ T9504]  do_syscall_64+0xfa/0x3b0
[  578.364172][ T9504]  ? lockdep_hardirqs_on+0x9c/0x150
[  578.364200][ T9504]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.364219][ T9504]  ? clear_bhb_loop+0x60/0xb0
[  578.364241][ T9504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.364259][ T9504] RIP: 0033:0x7f667118ebe9
[  578.364277][ T9504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  578.364294][ T9504] RSP: 002b:00007f667200e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  578.364315][ T9504] RAX: ffffffffffffffda RBX: 00007f66713b6180 RCX: 00007f667118ebe9
[  578.364329][ T9504] RDX: 0000200000000540 RSI: 00000000c4c85513 RDI: 0000000000000006
[  578.364341][ T9504] RBP: 00007f667200e090 R08: 0000000000000000 R09: 0000000000000000
[  578.364353][ T9504] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  578.364365][ T9504] R13: 00007f66713b6218 R14: 00007f66713b6180 R15: 00007ffc4f20a358
[  578.364397][ T9504]  </TASK>
[  578.604593][ T9504] ERROR: Out of memory at tomoyo_realpath_from_path.
[  578.905261][ T9498] delete_channel: no stack
[  579.041018][ T9502] overlayfs: metacopy with no lower data found - abort lookup (/bus)
[  579.308406][ T9513] bio_check_eod: 2 callbacks suppressed
[  579.308431][ T9513] syz.1.833: attempt to access beyond end of device
[  579.308431][ T9513] loop1: rw=0, sector=64, nr_sectors = 1 limit=0
[  579.327480][ T9513] syz.1.833: attempt to access beyond end of device
[  579.327480][ T9513] loop1: rw=0, sector=256, nr_sectors = 1 limit=0
[  579.340547][ T9513] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  579.350603][ T9513] syz.1.833: attempt to access beyond end of device
[  579.350603][ T9513] loop1: rw=0, sector=512, nr_sectors = 1 limit=0
[  579.364673][ T9513] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  579.375124][ T9513] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  579.382853][ T9513] UDF-fs: Scanning with blocksize 512 failed
[  579.390000][ T9513] syz.1.833: attempt to access beyond end of device
[  579.390000][ T9513] loop1: rw=0, sector=64, nr_sectors = 2 limit=0
[  579.403387][ T9513] syz.1.833: attempt to access beyond end of device
[  579.403387][ T9513] loop1: rw=0, sector=512, nr_sectors = 2 limit=0
[  579.416450][ T9513] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  579.426417][ T9513] syz.1.833: attempt to access beyond end of device
[  579.426417][ T9513] loop1: rw=0, sector=1024, nr_sectors = 2 limit=0
[  579.439689][ T9513] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  579.449407][ T9513] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  579.457310][ T9513] UDF-fs: Scanning with blocksize 1024 failed
[  579.466002][ T9513] syz.1.833: attempt to access beyond end of device
[  579.466002][ T9513] loop1: rw=0, sector=64, nr_sectors = 4 limit=0
[  579.479209][ T9513] syz.1.833: attempt to access beyond end of device
[  579.479209][ T9513] loop1: rw=0, sector=1024, nr_sectors = 4 limit=0
[  579.492423][ T9513] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  579.502545][ T9513] syz.1.833: attempt to access beyond end of device
[  579.502545][ T9513] loop1: rw=0, sector=2048, nr_sectors = 4 limit=0
[  579.515673][ T9513] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  579.525646][ T9513] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  579.533367][ T9513] UDF-fs: Scanning with blocksize 2048 failed
[  579.540668][ T9513] syz.1.833: attempt to access beyond end of device
[  579.540668][ T9513] loop1: rw=0, sector=64, nr_sectors = 8 limit=0
[  579.554149][ T9513] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  579.564071][ T9513] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=512, location=512
[  579.574696][ T9513] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  579.583142][ T9513] UDF-fs: Scanning with blocksize 4096 failed
[  579.589423][ T9513] UDF-fs: warning (device loop1): udf_fill_super: No partition found (1)
[  579.966009][ T5921] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  580.339290][ T9519] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  580.346236][ T9519] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  580.355275][ T9519] vhci_hcd vhci_hcd.0: Device attached
[  580.634322][   T10] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  580.829570][ T5921] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  580.905241][ T9520] vhci_hcd: connection reset by peer
[  581.434101][ T5921] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.486048][ T5921] usb 5-1: config 0 descriptor??
[  581.679559][   T79] vhci_hcd: stop threads
[  583.515078][   T79] vhci_hcd: release socket
[  583.537422][   T79] vhci_hcd: disconnect device
[  583.644319][ T5921] usb 5-1: can't set config #0, error -71
[  583.726047][ T5921] usb 5-1: USB disconnect, device number 25
[  583.896411][ T9533] program syz.4.837 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  585.899327][   T10] vhci_hcd: vhci_device speed not set
[  586.219001][   T30] audit: type=1804 audit(1755201180.914:34): pid=9565 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=ToMToU comm="syz.5.842" name="/newroot/34/file1" dev="fuse" ino=1 res=1 errno=0
[  586.692176][ T9570] overlayfs: failed to resolve './file0': -2
[  587.019698][ T9571] netlink: 76 bytes leftover after parsing attributes in process `syz.6.843'.
[  587.314115][   T30] audit: type=1800 audit(1755201181.524:35): pid=9565 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.842" name="/" dev="fuse" ino=1 res=0 errno=0
[  587.405358][ T9574] netlink: 'syz.2.844': attribute type 1 has an invalid length.
[  587.465143][ T9574] netlink: 180 bytes leftover after parsing attributes in process `syz.2.844'.
[  588.124871][ T9586] netlink: 'syz.5.845': attribute type 10 has an invalid length.
[  588.769570][ T9586] netlink: 192 bytes leftover after parsing attributes in process `syz.5.845'.
[  589.123975][ T5906] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  589.886051][ T5906] usb 7-1: Using ep0 maxpacket: 16
[  589.895832][ T5906] usb 7-1: config 1 has an invalid descriptor of length 191, skipping remainder of the config
[  589.926753][ T5906] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  589.947057][ T5906] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  590.000000][ T5906] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  590.074063][ T5906] usb 7-1: Product: syz
[  590.133562][ T5906] usb 7-1: Manufacturer: syz
[  591.709708][ T5906] usb 7-1: SerialNumber: syz
[  592.040513][ T5906] usb 7-1: can't set config #1, error -71
[  592.129101][ T5906] usb 7-1: USB disconnect, device number 2
[  592.338361][ T9614] IPv6: NLM_F_CREATE should be specified when creating new route
[  593.471899][ T9616] netlink: 96 bytes leftover after parsing attributes in process `syz.2.853'.
[  596.288652][ T9649] netlink: 'syz.2.860': attribute type 10 has an invalid length.
[  596.313947][ T5921] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  596.484139][ T9649] netlink: 192 bytes leftover after parsing attributes in process `syz.2.860'.
[  596.634037][ T5921] usb 2-1: Using ep0 maxpacket: 16
[  596.671084][ T9661] netlink: 'syz.5.862': attribute type 1 has an invalid length.
[  596.680119][ T5921] usb 2-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  596.777604][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.842364][ T5921] usb 2-1: Product: syz
[  596.894525][ T5921] usb 2-1: Manufacturer: syz
[  596.938712][ T5921] usb 2-1: SerialNumber: syz
[  597.086713][ T9667] program syz.6.865 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  597.138636][ T5921] usb 2-1: config 0 descriptor??
[  597.268067][ T5921] visor 2-1:0.0: Sony Clie 3.5 converter detected
[  597.453632][ T5921] usb 2-1: clie_3_5_startup: get config number failed: -71
[  597.590870][ T5921] visor 2-1:0.0: probe with driver visor failed with error -71
[  597.714203][ T5921] usb 2-1: USB disconnect, device number 24
[  597.798437][ T9680] netem: incorrect ge model size
[  597.838825][ T9680] netem: change failed
[  598.426198][    T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  598.440821][ T9697] netlink: 96 bytes leftover after parsing attributes in process `syz.5.871'.
[  599.873376][    T9] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[  600.110987][    T9] usb 7-1: config 220 has an invalid descriptor of length 1, skipping remainder of the config
[  601.051553][    T9] usb 7-1: config 220 has no interface number 2
[  601.137872][    T9] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  601.403992][    T9] usb 7-1: config 220 interface 0 has no altsetting 0
[  601.874075][ T9705] Bluetooth: hci1: command 0x0406 tx timeout
[  602.204818][    T9] usb 7-1: config 220 interface 76 has no altsetting 0
[  602.211770][    T9] usb 7-1: config 220 interface 1 has no altsetting 0
[  602.453548][    T9] usb 7-1: string descriptor 0 read error: -71
[  602.583294][ T9727] program syz.4.880 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  602.629878][    T9] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  602.723946][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.864710][    T9] usb 7-1: can't set config #220, error -71
[  602.953813][    T9] usb 7-1: USB disconnect, device number 3
[  607.214079][ T5957] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  608.219615][ T5957] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  608.269903][ T5957] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.439337][ T5957] usb 5-1: config 0 descriptor??
[  608.696392][ T9777] netlink: 308 bytes leftover after parsing attributes in process `syz.5.892'.
[  608.739606][ T5957] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  609.018224][ T5957] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 2
[  609.753937][ T5957] [drm] Initialized udl on minor 2
[  610.426388][ T5957] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  610.504293][ T5957] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  610.554459][   T10] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  610.582860][ T5957] usb 5-1: USB disconnect, device number 26
[  610.596715][   T10] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[  611.110642][   T10] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  613.618776][ T9817] ieee802154 phy0 wpan0: encryption failed: -22
[  615.526156][ T5854] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  617.257401][ T9858] Invalid logical block size (4)
[  619.815379][ T9886] netlink: 300 bytes leftover after parsing attributes in process `syz.1.913'.
[  619.939077][ T9886] ntfs3(nullb0): Primary boot signature is not NTFS.
[  619.954153][ T9886] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  620.109769][ T9892] netlink: 'syz.6.915': attribute type 10 has an invalid length.
[  620.122043][ T9892] bridge0: port 2(bridge_slave_1) entered disabled state
[  620.130265][ T9892] bridge0: port 1(bridge_slave_0) entered disabled state
[  620.157650][ T9892] bridge0: port 2(bridge_slave_1) entered blocking state
[  620.165207][ T9892] bridge0: port 2(bridge_slave_1) entered forwarding state
[  620.172828][ T9892] bridge0: port 1(bridge_slave_0) entered blocking state
[  620.180086][ T9892] bridge0: port 1(bridge_slave_0) entered forwarding state
[  620.218710][ T9893] netlink: 4 bytes leftover after parsing attributes in process `syz.6.915'.
[  620.246652][ T9892] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  620.568659][ T9893] bridge_slave_1: left allmulticast mode
[  620.574577][ T9893] bridge_slave_1: left promiscuous mode
[  620.582105][ T9893] bridge0: port 2(bridge_slave_1) entered disabled state
[  620.866854][ T9893] bridge_slave_0: left allmulticast mode
[  620.872861][ T9893] bridge_slave_0: left promiscuous mode
[  620.879857][ T9893] bridge0: port 1(bridge_slave_0) entered disabled state
[  621.130025][ T9893] bond0: (slave bridge0): Releasing backup interface
[  623.004035][ T9904] ieee802154 phy0 wpan0: encryption failed: -22
[  623.432078][ T9915] netlink: 8 bytes leftover after parsing attributes in process `syz.6.919'.
[  623.441261][ T9915] netlink: 'syz.6.919': attribute type 5 has an invalid length.
[  623.449215][ T9915] netlink: 20 bytes leftover after parsing attributes in process `syz.6.919'.
[  623.485738][ T9915] netdevsim netdevsim6 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  623.494576][ T9915] netdevsim netdevsim6 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  623.504381][ T9915] netdevsim netdevsim6 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  623.513127][ T9915] netdevsim netdevsim6 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  623.523271][ T9915] geneve2: entered promiscuous mode
[  623.528860][ T9915] geneve2: entered allmulticast mode
[  624.625065][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  624.631718][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  624.722821][ T9918] program syz.6.920 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  624.817343][ T9925] program syz.5.921 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  626.036081][ T5937] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  626.767918][ T5937] usb 6-1: Using ep0 maxpacket: 32
[  627.001161][ T5937] usb 6-1: config 0 has an invalid interface number: 219 but max is 0
[  627.036072][ T5937] usb 6-1: config 0 has no interface number 0
[  627.056402][ T9948] binfmt_misc: register: failed to install interpreter file ./file0
[  627.088055][ T9950] netlink: 36 bytes leftover after parsing attributes in process `syz.6.928'.
[  627.093145][ T5937] usb 6-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  627.128197][ T5937] usb 6-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  627.149645][ T9950] netlink: 36 bytes leftover after parsing attributes in process `syz.6.928'.
[  627.184671][ T5937] usb 6-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  627.290826][ T5937] usb 6-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  627.416102][ T5937] usb 6-1: config 0 interface 219 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  627.513365][ T9959] netlink: 'syz.6.929': attribute type 10 has an invalid length.
[  627.521341][ T9959] netlink: 212 bytes leftover after parsing attributes in process `syz.6.929'.
[  627.776178][   T30] audit: type=1326 audit(1755201222.524:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9960 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  627.822288][   T30] audit: type=1326 audit(1755201222.524:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9960 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  627.848592][   T30] audit: type=1326 audit(1755201222.524:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9960 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  627.870261][    C0] vkms_vblank_simulate: vblank timer overrun
[  627.877996][ T5937] usb 6-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  627.893947][ T5937] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  627.971778][   T30] audit: type=1326 audit(1755201222.524:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9960 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  627.974861][ T5937] usb 6-1: Product: syz
[  628.040377][   T30] audit: type=1326 audit(1755201222.524:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9960 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  628.109169][   T30] audit: type=1326 audit(1755201222.544:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9960 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  628.231428][   T30] audit: type=1326 audit(1755201222.544:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9960 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  628.253071][    C0] vkms_vblank_simulate: vblank timer overrun
[  628.432536][ T5937] usb 6-1: Manufacturer: syz
[  628.441587][ T5937] usb 6-1: SerialNumber: syz
[  628.486325][   T30] audit: type=1326 audit(1755201222.544:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9960 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  628.542731][ T5937] usb 6-1: config 0 descriptor??
[  628.569363][ T5937] usb 6-1: can't set config #0, error -71
[  628.590729][   T30] audit: type=1326 audit(1755201222.544:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9960 comm="syz.4.930" exe="/root/syz-executor" sig=0 arch=c000003e syscall=441 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  628.644481][ T5937] usb 6-1: USB disconnect, device number 4
[  629.822554][ T5957] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  629.991697][ T5957] usb 3-1: config 0 has an invalid interface number: 188 but max is 0
[  630.027917][ T5957] usb 3-1: config 0 has no interface number 0
[  630.089623][ T5957] usb 3-1: config 0 interface 188 has no altsetting 0
[  630.142869][ T5957] usb 3-1: New USB device found, idVendor=0483, idProduct=3747, bcdDevice=dc.ab
[  630.195612][T10000] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  630.225596][ T5957] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.272566][ T5957] usb 3-1: config 0 descriptor??
[  630.306161][ T5957] ftdi_sio 3-1:0.188: FTDI USB Serial Device converter detected
[  630.369579][ T5957] ftdi_sio ttyUSB0: unknown device type: 0xdcab
[  631.678241][ T9985] netlink: 20 bytes leftover after parsing attributes in process `syz.2.936'.
[  631.742572][ T9985] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  631.792876][ T9985] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  631.832298][    T9] usb 3-1: USB disconnect, device number 19
[  632.088726][    T9] ftdi_sio 3-1:0.188: device disconnected
[  634.263876][T10036] overlayfs: failed to resolve './file0': -2
[  634.699032][T10040] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  635.421992][T10049] netlink: 48 bytes leftover after parsing attributes in process `syz.6.947'.
[  635.576147][T10046] netlink: 4 bytes leftover after parsing attributes in process `syz.5.948'.
[  635.687909][T10059] program syz.6.951 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  636.153358][T10062] netlink: 300 bytes leftover after parsing attributes in process `syz.2.950'.
[  636.302982][T10062] ntfs3(nullb0): Primary boot signature is not NTFS.
[  636.379294][T10062] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  637.669582][T10077] netlink: 44 bytes leftover after parsing attributes in process `syz.5.954'.
[  637.841722][T10078] mkiss: ax0: crc mode is auto.
[  640.840296][T10103] netlink: 44 bytes leftover after parsing attributes in process `syz.5.959'.
[  640.884967][ T5937] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  640.972067][T10100] macsec1: entered promiscuous mode
[  640.979808][T10100] macsec1: entered allmulticast mode
[  641.044085][ T5937] usb 5-1: Using ep0 maxpacket: 32
[  641.107914][ T5937] usb 5-1: config 17 has an invalid interface number: 237 but max is 3
[  641.409826][ T5937] usb 5-1: config 17 contains an unexpected descriptor of type 0x1, skipping
[  641.421137][ T5937] usb 5-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[  641.433868][ T5937] usb 5-1: config 17 has 1 interface, different from the descriptor's value: 4
[  641.443319][ T5937] usb 5-1: config 17 has no interface number 0
[  641.484077][ T5937] usb 5-1: config 17 interface 237 altsetting 44 has 0 endpoint descriptors, different from the interface descriptor's value: 15
[  641.492629][T10110] program syz.5.962 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  641.507652][ T5937] usb 5-1: config 17 interface 237 has no altsetting 0
[  641.535813][    T9] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  641.714321][    T9] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  641.756731][    T9] usb 2-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[  641.788694][ T5937] usb 5-1: New USB device found, idVendor=05e0, idProduct=2003, bcdDevice=99.0e
[  641.820754][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  641.843442][ T5937] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.848092][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  641.876921][ T5937] usb 5-1: Product: �
[  641.887544][    T9] usb 2-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[  641.899662][ T5937] usb 5-1: Manufacturer: 㡬笷⎼赗ⰼ憴�苵騉��䵧ᵿ鸹婭㤴든ꓹ扯Ҵ듷䩦錉���ֺ맧闊独䙪�ﲡ諱ꢂ眰�녅讑燚ྦ�裏�䴳節ꉳꤰ㽟˽⳰ﳫ훵ນ�嘑釫뼑譸㵋�焻���Ĺ㫻�嶗쌒騹墤굼ᶴជࡃ�辿჻꡴᫩좻
[  641.911394][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.948571][    T9] usb 2-1: Product: syz
[  641.985935][ T5937] usb 5-1: SerialNumber: �
[  641.987198][    T9] usb 2-1: Manufacturer: syz
[  642.012789][    T9] usb 2-1: SerialNumber: syz
[  642.035230][   T10] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  642.131922][    T9] usb 2-1: config 0 descriptor??
[  642.153322][    T9] usb-storage 2-1:0.0: USB Mass Storage device detected
[  642.183708][    T9] usb-storage 2-1:0.0: Quirks match for vid 1908 pid 1315: 20000
[  642.199206][   T10] usb 3-1: Using ep0 maxpacket: 8
[  642.207496][   T10] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  642.218454][   T10] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  642.232461][   T10] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  642.244254][   T10] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  642.262047][   T10] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  642.271955][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  644.046488][ T5937] usb 5-1: USB disconnect, device number 27
[  644.933540][   T24] usb 2-1: USB disconnect, device number 25
[  644.994089][   T10] usb 3-1: GET_CAPABILITIES returned 0
[  644.999667][   T10] usbtmc 3-1:16.0: can't read capabilities
[  645.441421][ T5880] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  645.484030][ T5957] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  645.513780][ T5880] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  645.554031][   T10] usb 3-1: USB disconnect, device number 20
[  646.875414][T10138] mkiss: ax0: crc mode is auto.
[  649.013203][T10135] fido_id[10135]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  649.394194][ T5957] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  649.514388][ T5880] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  649.594184][ T5957] usb 2-1: Using ep0 maxpacket: 32
[  649.606091][ T5957] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  649.635065][ T5957] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  649.654099][ T5957] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  649.662763][ T5957] usb 2-1: Product: syz
[  649.667642][ T5957] usb 2-1: Manufacturer: syz
[  649.672380][ T5957] usb 2-1: SerialNumber: syz
[  649.677641][ T5880] usb 5-1: Using ep0 maxpacket: 16
[  649.685551][   T10] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  649.701975][ T5880] usb 5-1: config 1 has an invalid descriptor of length 191, skipping remainder of the config
[  649.734825][ T5957] usb 2-1: config 0 descriptor??
[  649.740023][ T5880] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  649.770017][T10143] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  649.788719][ T5880] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  649.833908][ T5880] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  649.841992][ T5880] usb 5-1: Product: syz
[  649.886169][ T5880] usb 5-1: Manufacturer: syz
[  649.890945][ T5880] usb 5-1: SerialNumber: syz
[  649.897536][   T10] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  649.925287][   T10] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  649.938095][   T10] usb 7-1: config 0 interface 0 has no altsetting 0
[  649.945566][   T10] usb 7-1: New USB device found, idVendor=17ef, idProduct=60ee, bcdDevice= 0.00
[  649.963755][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  650.118778][ T9307] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  650.594847][ T5957] usb 2-1: USB disconnect, device number 26
[  650.601492][ T9307] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  650.614313][   T10] usb 7-1: config 0 descriptor??
[  650.848833][ T5880] usb 5-1: 0:2 : does not exist
[  650.881551][ T5880] usb 5-1: 5:0: failed to get current value for ch 1 (-22)
[  650.892585][T10179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  650.919677][T10179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  650.935459][T10180] netlink: 12 bytes leftover after parsing attributes in process `syz.1.977'.
[  650.953714][ T5880] usb 5-1: 5:0: cannot get min/max values for control 2 (id 5)
[  650.982197][T10179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  651.053066][ T5880] usb 5-1: 5:0: failed to get current value for ch 1 (-22)
[  651.070011][T10179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  651.088740][   T10] lenovo 0003:17EF:60EE.000B: hidraw1: USB HID v0.01 Device [HID 17ef:60ee] on usb-dummy_hcd.6-1/input0
[  651.170300][ T5880] usb 5-1: 5:0: cannot get min/max values for control 8 (id 5)
[  651.185843][T10179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  651.281245][T10179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  651.314528][ T5880] usb 5-1: USB disconnect, device number 28
[  651.344249][T10179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  651.431874][T10179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  651.541650][ T7160] udevd[7160]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  651.542458][T10179] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  651.574819][ T5937] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  651.710813][T10179] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  651.754305][ T5937] usb 6-1: unable to get BOS descriptor or descriptor too short
[  651.784413][ T5937] usb 6-1: not running at top speed; connect to a high speed hub
[  651.803624][ T5937] usb 6-1: config 0 has an invalid interface number: 88 but max is 0
[  651.832702][ T5937] usb 6-1: config 0 has no interface number 0
[  651.844766][ T5937] usb 6-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 10
[  651.858615][   T10] usb 7-1: USB disconnect, device number 4
[  651.896265][ T5937] usb 6-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[  651.927405][ T5937] usb 6-1: config 0 interface 88 has no altsetting 0
[  651.967955][ T5937] usb 6-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  652.006482][ T5937] usb 6-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  652.016214][ T5937] usb 6-1: Product: syz
[  652.020451][ T5937] usb 6-1: SerialNumber: syz
[  652.034545][ T5921] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  652.050210][ T5937] usb 6-1: config 0 descriptor??
[  652.204071][ T5921] usb 5-1: Using ep0 maxpacket: 8
[  652.309080][ T5880] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  652.327289][ T5880] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  652.374222][   T10] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[  652.377233][ T5921] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  652.396524][ T5921] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  652.439119][ T5921] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  652.469345][ T5921] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  652.507384][ T5921] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  652.534036][ T5921] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.556379][   T10] usb 7-1: unable to get BOS descriptor or descriptor too short
[  652.560348][T10202] fido_id[10202]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  652.574642][   T10] usb 7-1: not running at top speed; connect to a high speed hub
[  652.595465][   T10] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  652.613877][   T10] usb 7-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  652.632769][   T10] usb 7-1: config 1 has no interface number 1
[  652.644132][   T10] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  652.661670][   T10] usb 7-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  652.698566][   T10] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  652.708335][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  652.717700][   T10] usb 7-1: Product: syz
[  652.722154][   T10] usb 7-1: Manufacturer: syz
[  652.726943][   T10] usb 7-1: SerialNumber: syz
[  652.802998][ T5921] usb 5-1: GET_CAPABILITIES returned 0
[  652.818417][ T5921] usbtmc 5-1:16.0: can't read capabilities
[  652.955856][ T5937] input: syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.88/input/input8
[  653.074272][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.085245][ T5937] usb 6-1: USB disconnect, device number 6
[  653.110522][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.120472][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.129651][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.138996][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.148452][    C0] vkms_vblank_simulate: vblank timer overrun
[  653.177794][   T10] usb 7-1: USB disconnect, device number 5
[  653.211508][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.220687][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.229822][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.238951][    C0] vkms_vblank_simulate: vblank timer overrun
[  653.297081][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.306258][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.315493][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.333280][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.342462][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.351688][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.362323][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.371536][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  653.417338][ T5906] usb 5-1: USB disconnect, device number 29
[  653.506866][ T7790] udevd[7790]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  653.864112][ T5937] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  654.231648][ T5937] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  654.361904][ T5937] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  654.403898][ T5937] usb 6-1: config 4 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  654.445983][ T5937] usb 6-1: config 4 interface 0 altsetting 0 has an endpoint descriptor with address 0xDC, changing to 0x8C
[  654.497988][ T5937] usb 6-1: config 4 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 243
[  654.531541][ T5937] usb 6-1: New USB device found, idVendor=2294, idProduct=425a, bcdDevice=d1.41
[  654.542003][ T5937] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  654.559144][ T5937] usb 6-1: Product: syz
[  654.665505][ T5937] usb 6-1: Manufacturer: syz
[  654.670809][ T5937] usb 6-1: SerialNumber: syz
[  654.740929][T10206] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  654.750108][ T5937] usb 6-1: ucan: probing device on interface #0
[  654.766005][ T5937] usb 6-1: ucan: invalid out_ep MaxPacketSize
[  654.798093][ T5937] usb 6-1: ucan: probe failed; try to update the device firmware
[  654.988695][T10236] FAULT_INJECTION: forcing a failure.
[  654.988695][T10236] name failslab, interval 1, probability 0, space 0, times 0
[  655.001942][T10236] CPU: 0 UID: 0 PID: 10236 Comm: syz.2.990 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  655.001984][T10236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  655.001994][T10236] Call Trace:
[  655.002001][T10236]  <TASK>
[  655.002007][T10236]  dump_stack_lvl+0x189/0x250
[  655.002027][T10236]  ? __pfx____ratelimit+0x10/0x10
[  655.002041][T10236]  ? __pfx_dump_stack_lvl+0x10/0x10
[  655.002055][T10236]  ? __pfx__printk+0x10/0x10
[  655.002074][T10236]  ? __pfx___might_resched+0x10/0x10
[  655.002090][T10236]  should_fail_ex+0x414/0x560
[  655.002107][T10236]  should_failslab+0xa8/0x100
[  655.002122][T10236]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  655.002135][T10236]  ? __alloc_skb+0x112/0x2d0
[  655.002155][T10236]  __alloc_skb+0x112/0x2d0
[  655.002174][T10236]  netlink_sendmsg+0x5c6/0xb30
[  655.002198][T10236]  ? __pfx_netlink_sendmsg+0x10/0x10
[  655.002219][T10236]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  655.002231][T10236]  ? __pfx_netlink_sendmsg+0x10/0x10
[  655.002249][T10236]  __sock_sendmsg+0x21c/0x270
[  655.002266][T10236]  ____sys_sendmsg+0x505/0x830
[  655.002288][T10236]  ? __pfx_____sys_sendmsg+0x10/0x10
[  655.002311][T10236]  ? import_iovec+0x74/0xa0
[  655.002338][T10236]  ___sys_sendmsg+0x21f/0x2a0
[  655.002357][T10236]  ? __pfx____sys_sendmsg+0x10/0x10
[  655.002398][T10236]  ? __fget_files+0x2a/0x420
[  655.002411][T10236]  ? __fget_files+0x3a0/0x420
[  655.002431][T10236]  __x64_sys_sendmsg+0x19b/0x260
[  655.002457][T10236]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  655.002491][T10236]  do_syscall_64+0xfa/0x3b0
[  655.002506][T10236]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.002518][T10236]  ? asm_sysvec_call_function_single+0x1a/0x20
[  655.002530][T10236]  ? clear_bhb_loop+0x60/0xb0
[  655.002545][T10236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.002556][T10236] RIP: 0033:0x7fce7098ebe9
[  655.002569][T10236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.002579][T10236] RSP: 002b:00007fce6ebd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  655.002594][T10236] RAX: ffffffffffffffda RBX: 00007fce70bb6090 RCX: 00007fce7098ebe9
[  655.002603][T10236] RDX: 0000000020000004 RSI: 0000200000000480 RDI: 0000000000000005
[  655.002611][T10236] RBP: 00007fce6ebd5090 R08: 0000000000000000 R09: 0000000000000000
[  655.002618][T10236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  655.002626][T10236] R13: 00007fce70bb6128 R14: 00007fce70bb6090 R15: 00007ffc2ac975e8
[  655.002645][T10236]  </TASK>
[  655.253491][    C0] vkms_vblank_simulate: vblank timer overrun
[  656.476445][T10245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  656.579293][T10245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  656.971624][T10252] can0: slcan on ptm0.
[  657.984693][T10251] can0 (unregistered): slcan off ptm0.
[  659.322335][T10272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  659.347445][T10272] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  662.318060][   T30] audit: type=1326 audit(1755201257.064:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.4.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  662.368660][   T30] audit: type=1326 audit(1755201257.084:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.4.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  662.406587][   T30] audit: type=1326 audit(1755201257.114:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.4.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  662.432453][   T30] audit: type=1326 audit(1755201257.114:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.4.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  662.599024][ T9705] Bluetooth: hci3: command 0x0406 tx timeout
[  662.623982][ T5921] usb 7-1: new full-speed USB device number 6 using dummy_hcd
[  662.628511][   T30] audit: type=1326 audit(1755201257.114:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.4.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  662.806325][ T5921] usb 7-1: config 0 has an invalid interface number: 56 but max is 0
[  663.022049][ T5921] usb 7-1: config 0 has no interface number 0
[  663.087102][ T5921] usb 7-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64
[  663.324069][ T5921] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.332122][ T5921] usb 7-1: Product: syz
[  663.344013][ T5921] usb 7-1: Manufacturer: syz
[  663.353976][ T5921] usb 7-1: SerialNumber: syz
[  663.368135][ T5921] usb 7-1: config 0 descriptor??
[  663.462792][   T30] audit: type=1326 audit(1755201257.114:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.4.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  663.477091][ T5921] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state.
[  663.994375][   T30] audit: type=1326 audit(1755201257.114:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.4.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  664.023980][   T30] audit: type=1326 audit(1755201257.114:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.4.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  664.028018][ T5921] pctv452e: pctv452e_power_ctrl: 1
[  664.028018][ T5921] 
[  664.055631][   T30] audit: type=1326 audit(1755201257.184:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.4.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fcee138ebe9 code=0x7ffc0000
[  664.113181][ T5921] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22
[  664.113181][ T5921] 
[  664.126028][ T5921] dvb-usb: bulk message failed: -22 (5/0)
[  664.164000][   T30] audit: type=1326 audit(1755201257.184:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10314 comm="syz.4.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcee1385ba7 code=0x7ffc0000
[  664.178369][ T5921] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  664.451975][ T5921] dvb-usb: Technotrend TT Connect S2-3600 error while loading driver (-19)
[  664.456374][T10337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  664.467250][ T5921] usb 7-1: USB disconnect, device number 6
[  664.496628][T10337] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  667.311514][T10365] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1019'.
[  669.448296][T10372] program syz.6.1024 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  669.507659][T10381] netlink: 428 bytes leftover after parsing attributes in process `syz.5.1026'.
[  669.582883][T10384] netlink: 152 bytes leftover after parsing attributes in process `syz.5.1026'.
[  671.159887][T10390] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  671.185911][T10390] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  671.475663][T10407] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1030'.
[  671.505839][T10406] netlink: 300 bytes leftover after parsing attributes in process `syz.1.1032'.
[  671.581646][T10406] ntfs3(nullb0): Primary boot signature is not NTFS.
[  671.612735][T10406] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  671.683983][T10413] netlink: 276 bytes leftover after parsing attributes in process `syz.4.1034'.
[  671.930454][T10412] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1033'.
[  673.810659][T10426] fuse: Unknown parameter 'group_i00000000000000000000'
[  675.001096][T10438] xt_SECMARK: invalid mode: 2
[  676.493085][T10449] loop7: detected capacity change from 0 to 16384
[  676.518810][T10440] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  676.528104][T10440] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  676.699312][T10445] netlink: 'syz.5.1039': attribute type 10 has an invalid length.
[  676.709048][T10445] hsr0: entered promiscuous mode
[  676.729406][T10445] bond0: (slave hsr0): The slave device specified does not support setting the MAC address
[  676.741279][T10445] hsr0: A HSR master's MTU cannot be greater than the smallest MTU of its slaves minus the HSR Tag length (6 octets).
[  676.755664][T10445] bond0: (slave hsr0): Error -22 calling dev_set_mtu
[  677.245354][T10451] loop7: detected capacity change from 16384 to 0
[  677.248044][    C1] I/O error, dev loop7, sector 256 op 0x0:(READ) flags 0x80700 phys_seg 2 prio class 0
[  677.393503][T10458] netlink: 276 bytes leftover after parsing attributes in process `syz.6.1045'.
[  678.102542][T10470] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1047'.
[  678.268132][T10467] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1048'.
[  678.420498][T10474] fuse: Unknown parameter 'group_i00000000000000000000'
[  682.758355][T10487] FAULT_INJECTION: forcing a failure.
[  682.758355][T10487] name failslab, interval 1, probability 0, space 0, times 0
[  682.794250][T10486] fuse: Bad value for 'fd'
[  682.811774][   T30] kauditd_printk_skb: 29 callbacks suppressed
[  682.811795][   T30] audit: type=1800 audit(1755201277.554:84): pid=10486 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.1053" name="file1" dev="tmpfs" ino=457 res=0 errno=0
[  682.854134][T10487] CPU: 1 UID: 0 PID: 10487 Comm: syz.1.1054 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  682.854163][T10487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  682.854175][T10487] Call Trace:
[  682.854184][T10487]  <TASK>
[  682.854193][T10487]  dump_stack_lvl+0x189/0x250
[  682.854223][T10487]  ? __pfx____ratelimit+0x10/0x10
[  682.854246][T10487]  ? __pfx_dump_stack_lvl+0x10/0x10
[  682.854268][T10487]  ? __pfx__printk+0x10/0x10
[  682.854297][T10487]  ? __pfx___might_resched+0x10/0x10
[  682.854317][T10487]  ? fs_reclaim_acquire+0x7d/0x100
[  682.854356][T10487]  should_fail_ex+0x414/0x560
[  682.854383][T10487]  should_failslab+0xa8/0x100
[  682.854408][T10487]  __kmalloc_noprof+0xcb/0x4f0
[  682.854428][T10487]  ? sock_kmalloc+0xd6/0x160
[  682.854453][T10487]  sock_kmalloc+0xd6/0x160
[  682.854477][T10487]  ____sys_sendmsg+0x1b5/0x830
[  682.854514][T10487]  ? __pfx_____sys_sendmsg+0x10/0x10
[  682.854555][T10487]  ? import_iovec+0x74/0xa0
[  682.854588][T10487]  ___sys_sendmsg+0x21f/0x2a0
[  682.854620][T10487]  ? __pfx____sys_sendmsg+0x10/0x10
[  682.854687][T10487]  ? __fget_files+0x2a/0x420
[  682.854710][T10487]  ? __fget_files+0x3a0/0x420
[  682.854746][T10487]  __x64_sys_sendmsg+0x19b/0x260
[  682.854780][T10487]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  682.854823][T10487]  ? __pfx_ksys_write+0x10/0x10
[  682.854840][T10487]  ? rcu_is_watching+0x15/0xb0
[  682.854869][T10487]  ? do_syscall_64+0xbe/0x3b0
[  682.854896][T10487]  do_syscall_64+0xfa/0x3b0
[  682.854917][T10487]  ? lockdep_hardirqs_on+0x9c/0x150
[  682.854939][T10487]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  682.854959][T10487]  ? clear_bhb_loop+0x60/0xb0
[  682.854985][T10487]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  682.855004][T10487] RIP: 0033:0x7f667118ebe9
[  682.855022][T10487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  682.855040][T10487] RSP: 002b:00007f6672050038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  682.855064][T10487] RAX: ffffffffffffffda RBX: 00007f66713b5fa0 RCX: 00007f667118ebe9
[  682.855079][T10487] RDX: 0000000000000041 RSI: 0000200000000600 RDI: 0000000000000003
[  682.855093][T10487] RBP: 00007f6672050090 R08: 0000000000000000 R09: 0000000000000000
[  682.855105][T10487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  682.855118][T10487] R13: 00007f66713b6038 R14: 00007f66713b5fa0 R15: 00007ffc4f20a358
[  682.855153][T10487]  </TASK>
[  683.373201][T10496] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  683.398922][T10496] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  683.524002][ T5957] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  683.583943][ T5880] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  684.456555][ T5957] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  684.593476][ T5880] usb 2-1: Using ep0 maxpacket: 16
[  685.657770][ T5957] usb 5-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  685.721150][ T5880] usb 2-1: config 1 has an invalid descriptor of length 191, skipping remainder of the config
[  685.761044][ T5957] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  685.863993][ T5880] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  685.915301][ T5957] usb 5-1: config 220 has no interface number 2
[  685.921685][ T5957] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  685.961111][ T5880] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  685.972498][ T5880] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  685.985832][ T5957] usb 5-1: config 220 interface 0 has no altsetting 0
[  685.990855][T10511] fuse: Unknown parameter 'group_id00000000000000000000'
[  686.014076][ T5880] usb 2-1: Product: syz
[  686.023940][ T5880] usb 2-1: Manufacturer: syz
[  686.028738][ T5957] usb 5-1: config 220 interface 76 has no altsetting 0
[  686.042211][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  686.042318][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  686.061422][ T5880] usb 2-1: SerialNumber: syz
[  686.069873][ T5957] usb 5-1: config 220 interface 1 has no altsetting 0
[  686.089228][ T5957] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  686.098871][ T5957] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  686.111367][ T5957] usb 5-1: Product: syz
[  686.120806][ T5957] usb 5-1: Manufacturer: syz
[  686.126098][ T5957] usb 5-1: SerialNumber: syz
[  686.251442][ T5957] usb 5-1: can't set config #220, error -71
[  686.302917][ T5957] usb 5-1: USB disconnect, device number 30
[  686.562318][ T5880] usb 2-1: 0:2 : does not exist
[  686.768983][ T5880] usb 2-1: 5:0: failed to get current value for ch 1 (-22)
[  687.984214][ T5880] usb 2-1: 5:0: cannot get min/max values for control 2 (id 5)
[  688.006455][T10532] fuse: Bad value for 'fd'
[  688.014085][   T30] audit: type=1800 audit(1755201282.764:85): pid=10532 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.1.1068" name="file1" dev="tmpfs" ino=1322 res=0 errno=0
[  688.166654][T10539] netlink: 'syz.6.1070': attribute type 1 has an invalid length.
[  688.187940][T10534] netlink: 112 bytes leftover after parsing attributes in process `syz.4.1069'.
[  688.264553][ T5880] usb 2-1: 5:0: failed to get current value for ch 1 (-22)
[  688.280997][T10536] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1071'.
[  688.297092][ T5880] usb 2-1: 5:0: cannot get min/max values for control 8 (id 5)
[  688.306998][   T30] audit: type=1326 audit(1755201283.054:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10542 comm="syz.6.1072" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f67e1f8ebe9 code=0x0
[  688.328175][    C0] vkms_vblank_simulate: vblank timer overrun
[  689.081506][ T5880] usb 2-1: USB disconnect, device number 27
[  689.178242][T10553] fuse: Unknown parameter 'group_id00000000000000000000'
[  689.201507][T10488] udevd[10488]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  689.226943][ T5921] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  689.235468][    C1] net_ratelimit: 165 callbacks suppressed
[  689.235488][    C1] 0: reclassify loop, rule prio 0, protocol 800
[  690.283990][    C1] 0: reclassify loop, rule prio 0, protocol 800
[  690.294154][ T5880] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  690.333905][ T5921] usb 5-1: Using ep0 maxpacket: 32
[  690.363946][ T5957] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  690.457729][ T5880] usb 2-1: config 0 has an invalid interface number: 255 but max is 0
[  690.541577][ T5921] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  690.558854][ T5921] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  690.569481][ T5921] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  691.314203][    C1] 0: reclassify loop, rule prio 0, protocol 800
[  691.426048][ T5880] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  691.450373][ T5880] usb 2-1: config 0 has no interface number 0
[  691.456826][ T5880] usb 2-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  691.493492][T10560] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  691.502420][T10560] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  691.519126][ T5921] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  691.531573][ T5921] usb 5-1: config 0 descriptor??
[  691.701657][ T5880] usb 2-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  691.719361][ T5957] usb 7-1: device descriptor read/all, error -71
[  691.733203][ T5880] usb 2-1: config 0 interface 255 has no altsetting 0
[  691.740157][ T5880] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  691.749427][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  691.766431][ T5880] usb 2-1: config 0 descriptor??
[  691.772875][ T5880] usb 2-1: can't set config #0, error -71
[  691.797758][ T5880] usb 2-1: USB disconnect, device number 28
[  692.232396][T10551] tmpfs: Unknown parameter 'usrquota–æW¡
¥Ó¢þ~'
[  692.262319][ T5921] usbhid 5-1:0.0: can't add hid device: -71
[  692.272935][ T5921] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  692.390435][ T5921] usb 5-1: USB disconnect, device number 31
[  692.954203][ T5880] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  693.033105][T10575] fuse: Bad value for 'fd'
[  693.049561][   T30] audit: type=1800 audit(1755201287.784:87): pid=10575 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.6.1081" name="file1" dev="tmpfs" ino=350 res=0 errno=0
[  693.146811][ T5880] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  693.223675][ T5880] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  693.297060][ T5880] usb 2-1: config 0 descriptor??
[  693.536234][ T5880] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  693.584174][ T5957] usb 5-1: new full-speed USB device number 32 using dummy_hcd
[  693.634444][ T5921] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  693.740791][ T5957] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  693.759746][T10588] fuse: Unknown parameter 'group_id00000000000000000000'
[  693.769813][ T5957] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  693.789882][ T5880] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  693.808327][ T5880] [drm] Initialized udl on minor 2
[  693.810201][ T5921] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  693.825625][ T5957] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  693.848411][ T5957] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  693.859124][ T5921] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  693.882404][ T5957] usb 5-1: Product: syz
[  693.888063][ T5957] usb 5-1: Manufacturer: syz
[  693.902929][ T5957] usb 5-1: SerialNumber: syz
[  693.915361][ T5921] usb 7-1: config 0 descriptor??
[  694.138480][T10578] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  694.173606][T10578] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  694.173632][ T5921] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  694.181646][   T10] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  694.202190][ T5880] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  694.259618][ T5880] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  694.271890][    T9] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  694.289315][ T5880] usb 2-1: USB disconnect, device number 29
[  694.296334][    T9] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  694.408747][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  694.458284][   T10] usb 3-1: not running at top speed; connect to a high speed hub
[  694.463004][ T5921] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 3
[  694.482767][ T5921] [drm] Initialized udl on minor 3
[  694.526341][   T10] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  694.568169][   T10] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  694.586780][   T10] usb 3-1: config 1 has no interface number 1
[  694.595203][ T5957] usb 5-1: 0:2 : does not exist
[  694.601741][   T10] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  694.631581][ T5957] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  694.641121][   T10] usb 3-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  694.665206][   T10] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  694.678348][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.690776][   T10] usb 3-1: Product: syz
[  694.715501][   T10] usb 3-1: Manufacturer: syz
[  694.721708][ T5957] usb 5-1: USB disconnect, device number 32
[  694.728750][   T10] usb 3-1: SerialNumber: syz
[  694.781482][ T5921] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  694.821459][ T5921] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  694.839124][   T24] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  694.862860][ T5921] usb 7-1: USB disconnect, device number 9
[  694.870685][   T24] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  694.996788][T10488] udevd[10488]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  695.014061][ T5880] 0: reclassify loop, rule prio 0, protocol 800
[  695.194191][   T10] usb 3-1: USB disconnect, device number 21
[  696.912036][T10492] udevd[10492]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  696.961646][ T5854] Bluetooth: hci0: Malformed MSFT vendor event: 0x02
[  697.050049][   T30] audit: type=1800 audit(1755201291.794:88): pid=10616 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1092" name="file1" dev="tmpfs" ino=1263 res=0 errno=0
[  700.008043][T10633] fuse: Bad value for 'user_id'
[  700.029336][T10633] fuse: Bad value for 'user_id'
[  703.509540][ T5921] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  703.744330][    C0] 0: reclassify loop, rule prio 0, protocol 800
[  703.782272][T10665] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1104'.
[  703.834207][ T5921] usb 5-1: Using ep0 maxpacket: 32
[  703.851048][ T5921] usb 5-1: config 0 has an invalid interface number: 12 but max is 0
[  703.871442][ T5921] usb 5-1: config 0 has no interface number 0
[  703.892483][T10667] 0: reclassify loop, rule prio 0, protocol 800
[  704.343944][ T5921] usb 5-1: config 0 interface 12 has no altsetting 0
[  704.402259][ T5921] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=70.40
[  704.439784][ T5921] usb 5-1: New USB device strings: Mfr=231, Product=2, SerialNumber=3
[  704.462529][ T5921] usb 5-1: Product: syz
[  704.475858][ T5921] usb 5-1: Manufacturer: syz
[  704.514140][    C0] 0: reclassify loop, rule prio 0, protocol 800
[  704.913979][    C0] 0: reclassify loop, rule prio 0, protocol 800
[  705.604157][    C1] 0: reclassify loop, rule prio 0, protocol 800
[  705.927459][ T5921] usb 5-1: SerialNumber: syz
[  705.976937][ T5880] 0: reclassify loop, rule prio 0, protocol 800
[  705.983471][ T5921] usb 5-1: config 0 descriptor??
[  706.007809][ T5957] 0: reclassify loop, rule prio 0, protocol 800
[  706.117137][ T5921] usb 5-1: can't set config #0, error -71
[  706.184538][ T5921] usb 5-1: USB disconnect, device number 33
[  706.359158][T10684] netlink: 84 bytes leftover after parsing attributes in process `syz.4.1109'.
[  706.444083][    C1] 0: reclassify loop, rule prio 0, protocol 800
[  707.657491][T10693] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1111'.
[  708.794026][   T10] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  709.763985][ T5937] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  709.791071][   T10] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  709.810847][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  709.848785][   T10] usb 2-1: config 0 descriptor??
[  709.943135][ T5937] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  709.964485][ T5937] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  710.018885][ T5937] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  710.058633][T10731] kvm: pic: non byte write
[  710.063489][ T5937] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  710.081510][ T5937] usb 7-1: Product: syz
[  710.088281][   T10] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  710.088781][ T5937] usb 7-1: Manufacturer: syz
[  710.106436][ T5937] usb 7-1: SerialNumber: syz
[  710.143195][T10731] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1121'.
[  710.166499][   T30] audit: type=1326 audit(1755201304.914:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10727 comm="syz.2.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce7098ebe9 code=0x7ffc0000
[  710.189319][   T30] audit: type=1326 audit(1755201304.914:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10727 comm="syz.2.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce7098ebe9 code=0x7ffc0000
[  710.318775][   T10] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  710.336665][   T10] [drm] Initialized udl on minor 2
[  710.361303][T10722] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  710.382322][T10722] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  710.384837][ T5957] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  710.409803][ T5937] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[  710.441642][ T5937] usb 7-1: USB disconnect, device number 10
[  710.547807][ T5957] usb 5-1: too many configurations: 13, using maximum allowed: 8
[  710.566814][ T5957] usb 5-1: config 0 has no interfaces?
[  710.581659][ T5957] usb 5-1: config 0 has no interfaces?
[  710.590820][ T5957] usb 5-1: config 0 has no interfaces?
[  710.598876][ T5957] usb 5-1: config 0 has no interfaces?
[  710.619662][ T5957] usb 5-1: config 0 has no interfaces?
[  710.871799][   T10] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  711.115955][ T5957] usb 5-1: config 0 has no interfaces?
[  711.122515][   T10] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  711.155075][ T5957] usb 5-1: config 0 has no interfaces?
[  711.173551][ T9307] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  711.189697][   T10] usb 2-1: USB disconnect, device number 30
[  711.204650][ T5957] usb 5-1: config 0 has no interfaces?
[  711.210699][ T9307] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  711.233535][ T5957] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  711.243403][ T5957] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  711.251770][ T5957] usb 5-1: Product: syz
[  711.254200][ T5937] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  711.256472][ T5957] usb 5-1: Manufacturer: syz
[  711.292177][ T5957] usb 5-1: SerialNumber: syz
[  711.320903][ T5957] usb 5-1: config 0 descriptor??
[  711.434519][ T5937] usb 7-1: Using ep0 maxpacket: 8
[  711.444187][ T5937] usb 7-1: config index 0 descriptor too short (expected 301, got 72)
[  711.452541][ T5937] usb 7-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  711.465444][ T5937] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  711.477005][ T5937] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  711.993237][ T5937] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  712.004253][ T5937] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  712.021735][ T5937] usb 7-1: config 16 interface 0 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  712.042802][ T5937] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  712.043770][ T5957] usb 5-1: USB disconnect, device number 34
[  712.053098][ T5937] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  712.114079][ T5937] usb 7-1: can't set config #16, error -71
[  712.138020][ T5937] usb 7-1: USB disconnect, device number 11
[  712.211931][T10753] program syz.6.1129 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  712.637005][T10760] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1128'.
[  713.137914][ T5937] usb 5-1: new full-speed USB device number 35 using dummy_hcd
[  713.378244][ T5937] usb 5-1: config 1 interface 0 has no altsetting 0
[  713.531803][T10772] netlink: 308 bytes leftover after parsing attributes in process `syz.1.1133'.
[  714.314255][ T5937] usb 5-1: string descriptor 0 read error: -71
[  715.019906][ T5854] Bluetooth: hci1: command 0x0406 tx timeout
[  715.046285][ T5937] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  715.072427][ T5937] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  715.150327][ T5937] usb 5-1: can't set config #1, error -71
[  715.496618][ T5957] 0: reclassify loop, rule prio 0, protocol 800
[  716.349539][ T5937] usb 5-1: USB disconnect, device number 35
[  716.354380][ T9307] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  716.574840][ T9307] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  716.753465][ T9307] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  716.786224][ T9307] usb 7-1: config 0 descriptor??
[  717.042613][ T9307] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  717.273780][ T9307] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2
[  717.281325][ T9307] [drm] Initialized udl on minor 2
[  717.544174][   T10] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  717.679631][T10802] 0: reclassify loop, rule prio 0, protocol 800
[  717.732599][   T10] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  717.763712][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  718.012404][   T10] usb 5-1: config 0 descriptor??
[  718.260604][ T9307] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  718.286115][   T10] udl 5-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  718.296527][ T9307] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  718.305050][ T5957] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  718.321870][ T5957] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  718.334384][ T9307] usb 7-1: USB disconnect, device number 12
[  718.341348][ T5957] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  718.499708][   T10] [drm] Initialized udl 0.0.1 for 5-1:0.0 on minor 3
[  718.548290][   T10] [drm] Initialized udl on minor 3
[  718.608648][T10804] bond_slave_1: entered promiscuous mode
[  718.625335][T10804] bond_slave_1: left promiscuous mode
[  718.916867][   T10] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  718.970466][   T10] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  718.999821][ T5957] udl 5-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  719.045125][   T10] usb 5-1: USB disconnect, device number 36
[  719.058786][ T5957] udl 5-1:0.0: [drm] Cannot find any crtc or sizes
[  719.284192][ T5937] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  719.470073][ T5937] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  719.499552][ T5937] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  719.527602][T10823] netlink: 348 bytes leftover after parsing attributes in process `syz.1.1146'.
[  719.564504][ T5937] usb 7-1: config 0 descriptor??
[  719.764831][T10829] netlink: 300 bytes leftover after parsing attributes in process `syz.4.1147'.
[  719.774061][T10823] wg1 speed is unknown, defaulting to 1000
[  719.803600][ T5937] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  719.807221][T10829] ntfs3(nullb0): Primary boot signature is not NTFS.
[  719.833727][T10829] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  720.104199][ T5937] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2
[  720.139136][ T5937] [drm] Initialized udl on minor 2
[  720.408152][ T5937] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  720.421928][ T5937] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  720.435119][ T5906] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  720.443275][ T5906] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  720.453365][ T5937] usb 7-1: USB disconnect, device number 13
[  722.050364][T10851] binder: 10848:10851 ioctl c00c6211 ffffffffffffffff returned -14
[  722.584380][ T5921] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  722.739597][T10859] netlink: 308 bytes leftover after parsing attributes in process `syz.1.1155'.
[  722.824037][ T5937] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  722.865635][ T5921] usb 3-1: Using ep0 maxpacket: 32
[  722.903676][ T5921] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  722.971199][ T5921] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  723.026859][ T5937] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  723.041278][ T5921] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  723.092010][ T5937] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  723.102796][ T5921] usb 3-1: Product: syz
[  723.109543][ T5921] usb 3-1: Manufacturer: syz
[  723.132041][ T5921] usb 3-1: SerialNumber: syz
[  723.140181][ T5937] usb 7-1: config 0 descriptor??
[  723.185173][ T5921] usb 3-1: config 0 descriptor??
[  723.287755][ T5921] quatech2 3-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected
[  723.375665][ T5937] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  723.429154][ T5921] usb 3-1: qt2_setup_urbs - submit read urb failed -8
[  723.446871][ T5921] quatech2 3-1:0.0: probe with driver quatech2 failed with error -8
[  723.672079][ T5937] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2
[  723.695305][ T5937] [drm] Initialized udl on minor 2
[  724.030192][ T5937] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 1 failed err ffffffb9
[  724.225308][ T5937] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  724.248666][ T5921] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  724.268836][ T5921] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  724.279259][ T5937] usb 7-1: USB disconnect, device number 14
[  725.074445][ T5957] 0: reclassify loop, rule prio 0, protocol 800
[  725.083390][   T10] 0: reclassify loop, rule prio 0, protocol 800
[  725.441256][   T10] usb 3-1: USB disconnect, device number 22
[  725.638692][T10900] netlink: 308 bytes leftover after parsing attributes in process `syz.1.1167'.
[  726.201090][T10905] fuse: Bad value for 'fd'
[  727.079210][T10907] fuse: Bad value for 'fd'
[  729.600473][T10931] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1174'.
[  729.802481][T10934] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1176'.
[  730.265702][T10941] netlink: 308 bytes leftover after parsing attributes in process `syz.5.1179'.
[  730.381460][T10948] fuse: Bad value for 'fd'
[  731.299970][T10943] bio_check_eod: 2 callbacks suppressed
[  731.299986][T10943] syz.6.1178: attempt to access beyond end of device
[  731.299986][T10943] loop6: rw=0, sector=64, nr_sectors = 1 limit=0
[  731.331793][T10950] fuse: Bad value for 'fd'
[  731.361815][T10943] syz.6.1178: attempt to access beyond end of device
[  731.361815][T10943] loop6: rw=0, sector=256, nr_sectors = 1 limit=0
[  731.378704][T10943] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  731.434374][T10943] syz.6.1178: attempt to access beyond end of device
[  731.434374][T10943] loop6: rw=0, sector=512, nr_sectors = 1 limit=0
[  731.460997][T10943] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512
[  731.480015][T10943] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  731.504840][T10943] UDF-fs: Scanning with blocksize 512 failed
[  731.512865][T10943] syz.6.1178: attempt to access beyond end of device
[  731.512865][T10943] loop6: rw=0, sector=64, nr_sectors = 2 limit=0
[  731.527019][T10943] syz.6.1178: attempt to access beyond end of device
[  731.527019][T10943] loop6: rw=0, sector=512, nr_sectors = 2 limit=0
[  731.540348][T10943] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  731.550363][T10943] syz.6.1178: attempt to access beyond end of device
[  731.550363][T10943] loop6: rw=0, sector=1024, nr_sectors = 2 limit=0
[  731.565664][T10943] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512
[  731.575371][T10943] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  731.583113][T10943] UDF-fs: Scanning with blocksize 1024 failed
[  731.590074][T10943] syz.6.1178: attempt to access beyond end of device
[  731.590074][T10943] loop6: rw=0, sector=64, nr_sectors = 4 limit=0
[  731.603905][T10943] syz.6.1178: attempt to access beyond end of device
[  731.603905][T10943] loop6: rw=0, sector=1024, nr_sectors = 4 limit=0
[  731.630545][   T10] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  731.793272][T10943] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  731.804803][T10943] syz.6.1178: attempt to access beyond end of device
[  731.804803][T10943] loop6: rw=0, sector=2048, nr_sectors = 4 limit=0
[  731.819056][T10943] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512
[  731.837654][   T10] usb 3-1: Using ep0 maxpacket: 8
[  731.843710][T10943] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  731.877534][   T10] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  731.893442][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  731.910169][   T10] usb 3-1: Product: syz
[  731.914642][T10943] UDF-fs: Scanning with blocksize 2048 failed
[  731.921159][   T10] usb 3-1: Manufacturer: syz
[  731.938318][   T10] usb 3-1: SerialNumber: syz
[  731.957568][T10943] syz.6.1178: attempt to access beyond end of device
[  731.957568][T10943] loop6: rw=0, sector=64, nr_sectors = 8 limit=0
[  731.972347][T10943] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  731.984024][   T10] usb 3-1: config 0 descriptor??
[  732.011896][T10943] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512
[  732.022211][T10943] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  732.052006][T10943] UDF-fs: Scanning with blocksize 4096 failed
[  732.066073][T10943] UDF-fs: warning (device loop6): udf_fill_super: No partition found (1)
[  732.210811][   T10] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  734.145466][   T10] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  734.332654][   T10] usb 3-1: USB disconnect, device number 23
[  734.678459][ T9307] 0: reclassify loop, rule prio 0, protocol 800
[  734.756469][T10982] netlink: 120 bytes leftover after parsing attributes in process `syz.6.1192'.
[  734.882054][T10983] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1192'.
[  735.005834][T10988] fuse: Bad value for 'fd'
[  736.391969][   T30] audit: type=1800 audit(1755201331.134:91): pid=11008 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.1200" name="file1" dev="tmpfs" ino=1349 res=0 errno=0
[  736.521742][T11014] fuse: Invalid rootmode
[  736.598427][   T10] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  736.732264][T11018] ------------[ cut here ]------------
[  736.738389][T11018] WARNING: CPU: 0 PID: 11018 at ./include/linux/memcontrol.h:371 folio_memcg+0x1a8/0x310
[  736.748521][T11018] Modules linked in:
[  736.752846][T11018] CPU: 0 UID: 0 PID: 11018 Comm: syz.2.1206 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  736.763212][T11018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  736.773404][T11018] RIP: 0010:folio_memcg+0x1a8/0x310
[  736.778841][T11018] Code: 80 3c 28 00 74 08 4c 89 f7 e8 74 ca 1b 00 4d 8b 36 4c 89 f0 5b 41 5c 41 5d 41 5e 41 5f 5d e9 7f 20 65 09 cc e8 19 e3 bb ff 90 <0f> 0b 90 eb c5 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c fe fe ff ff
[  736.798667][T11018] RSP: 0018:ffffc9001416f250 EFLAGS: 00010287
[  736.805103][T11018] RAX: ffffffff820442a7 RBX: 0000000000000000 RCX: 0000000000080000
[  736.813209][T11018] RDX: ffffc9000c7aa000 RSI: 0000000000001cb1 RDI: 0000000000001cb2
[  736.821339][T11018] RBP: 0000000000000000 R08: ffffea0001d24987 R09: 1ffffd40003a4930
[  736.829433][T11018] R10: dffffc0000000000 R11: fffff940003a4931 R12: ffffea0001d249b0
[  736.837715][T11018] R13: dffffc0000000000 R14: ffff8880783b6100 R15: 0000000000000002
[  736.845770][T11018] FS:  00007fce6ebf66c0(0000) GS:ffff888125c57000(0000) knlGS:0000000000000000
[  736.855249][T11018] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  736.861890][T11018] CR2: 0000000000000000 CR3: 0000000033d88000 CR4: 00000000003526f0
[  736.870082][T11018] Call Trace:
[  736.873455][T11018]  <TASK>
[  736.876485][T11018]  workingset_activation+0x5f/0x4a0
[  736.881740][T11018]  ? folio_mark_accessed+0x361/0x4a0
[  736.887175][T11018]  folio_mark_accessed+0x3b5/0x4a0
[  736.892359][T11018]  kvm_release_page_clean+0x9a/0xe0
[  736.898009][T11018]  kvm_tdp_page_fault+0x2dd/0x370
[  736.903201][T11018]  kvm_mmu_do_page_fault+0x2c5/0x640
[  736.908586][T11018]  ? vmx_vcpu_run+0xd8b/0x25d0
[  736.913398][T11018]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[  736.919332][T11018]  ? vmx_handle_exit_irqoff+0x29e/0xad0
[  736.925088][T11018]  kvm_mmu_page_fault+0x22f/0xb70
[  736.930146][T11018]  ? __pfx_handle_ept_violation+0x10/0x10
[  736.935970][T11018]  vmx_handle_exit+0x1090/0x18a0
[  736.940944][T11018]  ? vcpu_run+0x361c/0x6f70
[  736.945517][T11018]  ? rcu_is_watching+0x15/0xb0
[  736.950320][T11018]  vcpu_run+0x432e/0x6f70
[  736.954818][T11018]  ? vcpu_run+0x361c/0x6f70
[  736.959395][T11018]  ? __pfx_vcpu_run+0x10/0x10
[  736.964175][T11018]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  736.969973][T11018]  ? rcu_is_watching+0x15/0xb0
[  736.974881][T11018]  kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[  736.980488][T11018]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  736.986347][T11018]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  736.992378][T11018]  ? rcu_is_watching+0x15/0xb0
[  736.997273][T11018]  ? look_up_lock_class+0x74/0x170
[  737.002533][T11018]  ? register_lock_class+0x51/0x320
[  737.007834][T11018]  ? __lock_acquire+0xab9/0xd20
[  737.013116][T11018]  kvm_vcpu_ioctl+0x95c/0xe90
[  737.017917][T11018]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  737.023157][T11018]  ? __lock_acquire+0xab9/0xd20
[  737.028139][T11018]  ? __asan_memset+0x22/0x50
[  737.032791][T11018]  ? smack_file_ioctl+0x302/0x340
[  737.037932][T11018]  ? __pfx_smack_file_ioctl+0x10/0x10
[  737.043371][T11018]  ? __fget_files+0x2a/0x420
[  737.048097][T11018]  ? __fget_files+0x3a0/0x420
[  737.052860][T11018]  ? __fget_files+0x2a/0x420
[  737.057772][T11018]  ? bpf_lsm_file_ioctl+0x9/0x20
[  737.062928][T11018]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  737.068244][T11018]  __se_sys_ioctl+0xfc/0x170
[  737.072903][T11018]  do_syscall_64+0xfa/0x3b0
[  737.077748][T11018]  ? lockdep_hardirqs_on+0x9c/0x150
[  737.083081][T11018]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  737.089271][T11018]  ? clear_bhb_loop+0x60/0xb0
[  737.094159][T11018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  737.100285][T11018] RIP: 0033:0x7fce7098ebe9
[  737.104952][T11018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  737.124708][T11018] RSP: 002b:00007fce6ebf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  737.133189][T11018] RAX: ffffffffffffffda RBX: 00007fce70bb5fa0 RCX: 00007fce7098ebe9
[  737.141318][T11018] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  737.149621][T11018] RBP: 00007fce70a11e19 R08: 0000000000000000 R09: 0000000000000000
[  737.157863][T11018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  737.166006][T11018] R13: 00007fce70bb6038 R14: 00007fce70bb5fa0 R15: 00007ffc2ac975e8
[  737.174115][T11018]  </TASK>
[  737.177187][T11018] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  737.184613][T11018] CPU: 0 UID: 0 PID: 11018 Comm: syz.2.1206 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  737.194608][T11018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  737.204676][T11018] Call Trace:
[  737.207983][T11018]  <TASK>
[  737.210936][T11018]  dump_stack_lvl+0x99/0x250
[  737.215544][T11018]  ? __asan_memcpy+0x40/0x70
[  737.220200][T11018]  ? __pfx_dump_stack_lvl+0x10/0x10
[  737.225771][T11018]  ? __pfx__printk+0x10/0x10
[  737.230390][T11018]  panic+0x2db/0x790
[  737.234331][T11018]  ? __pfx_panic+0x10/0x10
[  737.238805][T11018]  __warn+0x31b/0x4b0
[  737.242811][T11018]  ? folio_memcg+0x1a8/0x310
[  737.247530][T11018]  ? folio_memcg+0x1a8/0x310
[  737.252131][T11018]  report_bug+0x2be/0x4f0
[  737.256476][T11018]  ? folio_memcg+0x1a8/0x310
[  737.261080][T11018]  ? folio_memcg+0x1a8/0x310
[  737.265689][T11018]  ? folio_memcg+0x1aa/0x310
[  737.270387][T11018]  handle_bug+0x84/0x160
[  737.274646][T11018]  exc_invalid_op+0x1a/0x50
[  737.279205][T11018]  asm_exc_invalid_op+0x1a/0x20
[  737.284073][T11018] RIP: 0010:folio_memcg+0x1a8/0x310
[  737.289292][T11018] Code: 80 3c 28 00 74 08 4c 89 f7 e8 74 ca 1b 00 4d 8b 36 4c 89 f0 5b 41 5c 41 5d 41 5e 41 5f 5d e9 7f 20 65 09 cc e8 19 e3 bb ff 90 <0f> 0b 90 eb c5 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c fe fe ff ff
[  737.309015][T11018] RSP: 0018:ffffc9001416f250 EFLAGS: 00010287
[  737.315129][T11018] RAX: ffffffff820442a7 RBX: 0000000000000000 RCX: 0000000000080000
[  737.323218][T11018] RDX: ffffc9000c7aa000 RSI: 0000000000001cb1 RDI: 0000000000001cb2
[  737.331290][T11018] RBP: 0000000000000000 R08: ffffea0001d24987 R09: 1ffffd40003a4930
[  737.339283][T11018] R10: dffffc0000000000 R11: fffff940003a4931 R12: ffffea0001d249b0
[  737.347270][T11018] R13: dffffc0000000000 R14: ffff8880783b6100 R15: 0000000000000002
[  737.355263][T11018]  ? folio_memcg+0x1a7/0x310
[  737.359878][T11018]  workingset_activation+0x5f/0x4a0
[  737.365091][T11018]  ? folio_mark_accessed+0x361/0x4a0
[  737.370493][T11018]  folio_mark_accessed+0x3b5/0x4a0
[  737.375636][T11018]  kvm_release_page_clean+0x9a/0xe0
[  737.380849][T11018]  kvm_tdp_page_fault+0x2dd/0x370
[  737.385896][T11018]  kvm_mmu_do_page_fault+0x2c5/0x640
[  737.391304][T11018]  ? vmx_vcpu_run+0xd8b/0x25d0
[  737.396121][T11018]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[  737.402066][T11018]  ? vmx_handle_exit_irqoff+0x29e/0xad0
[  737.407643][T11018]  kvm_mmu_page_fault+0x22f/0xb70
[  737.412737][T11018]  ? __pfx_handle_ept_violation+0x10/0x10
[  737.418471][T11018]  vmx_handle_exit+0x1090/0x18a0
[  737.423420][T11018]  ? vcpu_run+0x361c/0x6f70
[  737.427939][T11018]  ? rcu_is_watching+0x15/0xb0
[  737.432722][T11018]  vcpu_run+0x432e/0x6f70
[  737.437106][T11018]  ? vcpu_run+0x361c/0x6f70
[  737.441674][T11018]  ? __pfx_vcpu_run+0x10/0x10
[  737.446373][T11018]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  737.452126][T11018]  ? rcu_is_watching+0x15/0xb0
[  737.456996][T11018]  kvm_arch_vcpu_ioctl_run+0xfc9/0x1940
[  737.462576][T11018]  ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940
[  737.468330][T11018]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  737.474349][T11018]  ? rcu_is_watching+0x15/0xb0
[  737.479126][T11018]  ? look_up_lock_class+0x74/0x170
[  737.484253][T11018]  ? register_lock_class+0x51/0x320
[  737.489487][T11018]  ? __lock_acquire+0xab9/0xd20
[  737.494462][T11018]  kvm_vcpu_ioctl+0x95c/0xe90
[  737.499164][T11018]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  737.504635][T11018]  ? __lock_acquire+0xab9/0xd20
[  737.509502][T11018]  ? __asan_memset+0x22/0x50
[  737.514110][T11018]  ? smack_file_ioctl+0x302/0x340
[  737.519175][T11018]  ? __pfx_smack_file_ioctl+0x10/0x10
[  737.524656][T11018]  ? __fget_files+0x2a/0x420
[  737.529273][T11018]  ? __fget_files+0x3a0/0x420
[  737.534016][T11018]  ? __fget_files+0x2a/0x420
[  737.538630][T11018]  ? bpf_lsm_file_ioctl+0x9/0x20
[  737.543601][T11018]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  737.548831][T11018]  __se_sys_ioctl+0xfc/0x170
[  737.553618][T11018]  do_syscall_64+0xfa/0x3b0
[  737.558132][T11018]  ? lockdep_hardirqs_on+0x9c/0x150
[  737.563351][T11018]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  737.569429][T11018]  ? clear_bhb_loop+0x60/0xb0
[  737.574133][T11018]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  737.580036][T11018] RIP: 0033:0x7fce7098ebe9
[  737.584471][T11018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  737.604094][T11018] RSP: 002b:00007fce6ebf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  737.612523][T11018] RAX: ffffffffffffffda RBX: 00007fce70bb5fa0 RCX: 00007fce7098ebe9
[  737.620508][T11018] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  737.628499][T11018] RBP: 00007fce70a11e19 R08: 0000000000000000 R09: 0000000000000000
[  737.636676][T11018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  737.644745][T11018] R13: 00007fce70bb6038 R14: 00007fce70bb5fa0 R15: 00007ffc2ac975e8
[  737.652826][T11018]  </TASK>
[  737.656175][T11018] Kernel Offset: disabled
[  737.660513][T11018] Rebooting in 86400 seconds..