last executing test programs:

9m40.341199811s ago: executing program 1 (id=303):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x44e, 0x1215, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x9, [{{0x9, 0x4, 0x0, 0x4, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x4, 0x4, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x0, 0x0, 0x5}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000440)={0x24, &(0x7f0000000180)={0x0, 0x7, 0x1d, {0x1d, 0x11, "8520b6d00da5b33168e395421040e2c347fe64fbd0fe478ee45f5d"}}, &(0x7f0000000280)={0x0, 0x3, 0x74, @string={0x74, 0x3, "2b000e5a9eed6cc94694c521478d3aad94cad29e21db012ce32dbb0a295765bbc44520c10723f999a25199e3434d5426267cec704d35c75560bacca0e32a35fcd8b4f7e2bba386fec044d3f1e9459ff58b5719df2a8a698d6a51333977052be717585cd4ba1942cc663d22510140b19bc44b"}}, &(0x7f00000001c0), &(0x7f0000000200)={0x0, 0x21, 0x9, {0x9, 0x21, 0x401, 0x5, 0x1, {0x22, 0xea0}}}}, &(0x7f00000009c0)={0x2c, 0x0, &(0x7f0000000480)={0x0, 0xa, 0x1, 0x7}, &(0x7f00000004c0)={0x0, 0x8, 0x1, 0x4a}, &(0x7f0000000740), &(0x7f0000000840)={0x20, 0x3, 0x1, 0xd}})
syz_open_dev$hidraw(&(0x7f0000000000), 0x0, 0x10f242)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000000c0)={{}, &(0x7f0000000040), &(0x7f0000000080)='%pK    \x00'}, 0x20)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000100)={@remote}, &(0x7f0000000140)=0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000340)={'dvmrp1\x00', 0x7101})
io_uring_setup(0x2e6d, &(0x7f0000000000)={0x0, 0xf585, 0x0, 0x2, 0xea})
r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x86, &(0x7f0000000240)=ANY=[@ANYRESOCT=r1, @ANYRES8=r1], &(0x7f0000000080)={0x0, 0x3, [0x2e9, 0x567, 0x865, 0x5f5]})
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0xc, 0x4, 0x0, [], [0xa7200], 0x2}}})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xb0}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20008b}, 0x0)
r2 = syz_open_dev$video(&(0x7f0000000040), 0xe, 0x0)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05640, &(0x7f0000000080)={0x1, @pix={0x0, 0x0, 0x33565348, 0x0, 0x0, 0x0, 0x3, 0xfeedcafe, 0x0, 0xffffff80}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f000001aa40)=""/102400, 0x19000)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000f40))
arch_prctl$ARCH_SHSTK_LOCK(0x5003, 0x1)
syz_open_dev$tty1(0xc, 0x4, 0x1)

9m37.740604697s ago: executing program 1 (id=311):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000ac0)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k', 0x0)
r0 = io_uring_setup(0x7bdb, &(0x7f0000000580)={0x0, 0x80000000, 0x400, 0xffffffff, 0xb})
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r1, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = fsopen(&(0x7f0000000000)='hugetlbfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b000100001000090433"], 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7f)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102390, 0x18ff6)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f00000001c0)={'vlan1\x00', &(0x7f0000000000)=@ethtool_drvinfo={0x3, "87d52890d86dde1f66f6917dcad7d7ad92f7eb71ae6687481d34af7f8009c03e", "282e2debe5b6e2d9cad8f3518100f38f417d72544a2bb7fa11b662fef4dcc9a3", "cc23b1f369d519afed2d88adb87a656e481839cf34fadf59616c090876643d4d", "fde867d2e299226caad10a947624655f91c4544c05b52b7ec7e68e27a55c6afb", "bee1fd21ead56db3e38ff37c0ad23d47f9aaeca9c5831008e79c20a71128d4c6", "0f0c3b4a2fe52f95297b7b93", 0x1, 0x4, 0x40, 0x5, 0xb0}})
r5 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaac1414bb0180c2000003ac1414300000000000"], 0x0)
sendmsg$nl_route_sched(r5, 0x0, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r6, 0x4b72, &(0x7f0000000000)={0x4, 0x0, 0x16, 0x1, 0x100, &(0x7f0000000040)="387ed7626d850509a2d6c1aa38f15cd0c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88731b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d461d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8ddbf5e20d604413ed2ddf9bcbf881caf811852806175d638909f6234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a266639438ac5252d9bccff4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a9013923167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"})
ioctl$VT_DISALLOCATE(r6, 0x5608)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'macsec0\x00', <r7=>0x0})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000140)={'veth0_to_team\x00', &(0x7f0000000100)=@ethtool_sset_info={0x2b}})
r8 = accept4$packet(r4, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14, 0x80800)
setsockopt$packet_add_memb(r8, 0x107, 0x1, &(0x7f0000000040)={r7, 0x1, 0x6, @local}, 0x10)

9m33.980052108s ago: executing program 1 (id=320):
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
msgsnd(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000000000000ff7f1c823e695237825488d5e047d09602c1017642c6ca17e11ecf866b5b33b179d065bdcb1b5e01481dfb6a2c73cc623a60ca094f1a550aba92acd8a69444d52f86e5db83b032f4c6cbfcd0c084237048eefc30d84c82b62811c1ed61c0d1cc88dbb7e55311885b8c03a47e40dc0a477e793c06fe89f41fe664acdf6434e5cf7eca1eed5afb2f9e91e889b97755d343257d850a78e65af2d1f1b4ff08fd506422d93d3b8b9ee5580b0eb7f573bd411b8a27de0a2d011cf5bf2940dfc6dd679d19b42d2caa34c32fa898432365273970a5082329e61912d4eef4f24b926ae601579fc8f0fa2a3c2af89591ffce34b75eebb33b8156902d50adc2bcdb24763d29716bfd0626e59496e45c150cf7e89132f467ebaa62301278af495c0e9bc64c588aa6e805255b85c7d90fe5c01aa73969671fd0e29b206006309aeb4615a4b5b0d066b3fa6bce7be06c51410e3ea7e031e6a8edd63d3c44f5ddd104222c649edb056ece9ce94e7a1d115f79b4f2d26a1d29f3213f0d647cafbbb8ef825c1226ed716bfb0d187df7463bc949b8281cd1e5343f1f2d37f5690a5557262a2053e34484be6267897bcba5f709a52a00a6255c58ef0f46632e05c2ccfe33e8258daf59413151812ebddc6b4293ca132b3612b1cf78b5f83285393979c5d07c3a01db4aba7bf8bca1705673b1a6f218fc971ebfc5ef5accc6fea12d0c0369d290bd9684eab10b88cad97cb10ea58ffc615c54212574874ee72289b96f8f3f00be319ebf72ddfeb45e36b9055f042dad6a290a01101452c3d0e2dd43ea4779f62bee347f05eb191b877dad4c5bdabfd0210b6a39fc8a93e0c2efab44426a3c9e0dbdc4626f4ffa245992c519d624a29b25ed65151ecc38e67d071e01886d922b2ec23728e8445223882b60e6dc2f8551bcbddc2f3d8bc106c8aa2ad0edcf0d1ee8af02ad69e57114f302f13acbda7b97730f4f141cd041198f9a3cb806b7db72b2c05e0aaf6a786bd367d38402a9087b669ec9b557ca2571688cfffffffffffffff655ff0bcaa853891b0ef2b0cf9914a2b886e6c3a0d3eb8d9225557baff7573bd6d45a4b64d4b3d8d5b596a0c944845cb79ca0b1eccd0048f3195b77ec0d2d16158a80cb5937b6f78066ad1e97c8afa5c654c8a68befd2a253280497c7ea2e0409f1fbfc3b507dbb6574dd111ffed8e2de29b5d696596ac949398971d217e9418c08715fe11e29c454ece4a0570000002307645a9ce3c71f4148cd57575e4106568b8b"], 0x375, 0x0)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000540)={0x0, 0xf691, 0x10100, 0x0, 0x2b4}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000080)={0x11, @loopback, 0x15, 0x0, 'rr\x00', 0x3c, 0xa, 0x80}, 0x2c)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_pidfd_open(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x8010002})
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x97052, 0xffffffffffffffff, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r7 = dup(r6)
write$FUSE_BMAP(r7, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r7, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r7, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_INIT(r7, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[{@cache_fscache}]}})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)

9m32.715094584s ago: executing program 1 (id=326):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mount$9p_unix(&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)='./file0\x00', 0x0, 0x12c5c18, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2a05004, 0x0)
umount2(&(0x7f0000000180)='./file0/file0\x00', 0x0) (fail_nth: 2)

9m31.903109863s ago: executing program 1 (id=330):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x482, 0x0)
ioctl$RTC_IRQP_SET(r0, 0x4008700c, 0x1)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(aes)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000100), 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@delchain={0x24, 0x2c, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x5}, {0xfff2, 0xffff}, {0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4008844}, 0x42f2a6166aa24f20)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="10000000040000000800"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r2, &(0x7f0000000300), &(0x7f0000000000)=""/10, 0x2}, 0x20)
r3 = accept$alg(r1, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xfffffd9d)
r5 = socket(0x1e, 0x4, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_X86_SETUP_MCE(r7, 0x4008ae9c, &(0x7f0000000280)={0x14, 0x4, 0x3})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$tipc(r5, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10)
sendfile(r5, r4, 0x0, 0x8010002b)
recvmsg(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000004c0)=""/9, 0x9}], 0x1}, 0x1102)
syz_open_dev$evdev(&(0x7f0000000180), 0x1, 0x101000)

9m31.000540604s ago: executing program 4 (id=333):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000140)}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {r0}}, './file0\x00'})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x0, 0x28, &(0x7f00000004c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000080)='pagemap\x00')
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, 0x0, 0x0)
sendto$packet(r3, &(0x7f0000000040), 0x0, 0x1, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})

9m30.683513191s ago: executing program 1 (id=334):
mknod(&(0x7f00000048c0)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0xc0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000000)={0x0, 0x7, 0x80000000})

9m30.212109161s ago: executing program 32 (id=334):
mknod(&(0x7f00000048c0)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',grou', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0xc0)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000000)={0x0, 0x7, 0x80000000})

9m30.203735118s ago: executing program 4 (id=338):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000044e22008d31324320dcb010c03010902120001040020000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000740)={0x84, &(0x7f0000000300)={0x40, 0x16, 0x15, "a4171ffdf92d68a670d099a1fcdb922292224aaa36"}, &(0x7f0000000380)={0x0, 0xa, 0x1, 0x7}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x2}, &(0x7f0000000400)={0x20, 0x0, 0x4, {0x2, 0x58dc75524153d0c0}}, &(0x7f0000000440)={0x20, 0x0, 0x4, {0x140, 0x10}}, &(0x7f0000000480)={0x40, 0x7, 0x2, 0x6}, &(0x7f00000004c0)={0x40, 0x9, 0x1, 0xe5}, &(0x7f0000000500)={0x40, 0xb, 0x2, "0f6f"}, &(0x7f0000000540)={0x40, 0xf, 0x2, 0x4000}, &(0x7f0000000580)={0x40, 0x13, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3d}}, &(0x7f00000005c0)={0x40, 0x17, 0x6, @remote}, &(0x7f0000000600)={0x40, 0x19, 0x2, "7bb3"}, &(0x7f0000000640)={0x40, 0x1a, 0x2, 0xfff9}, &(0x7f0000000680)={0x40, 0x1c, 0x1, 0x6}, &(0x7f00000006c0)={0x40, 0x1e, 0x1, 0x1}, &(0x7f0000000700)={0x40, 0x21, 0x1, 0x9}})

9m28.360348038s ago: executing program 4 (id=341):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
getpid()
syz_emit_ethernet(0x66, &(0x7f0000000040)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaaaa08004500005800000000002f90780000000000000000248065580000000010000800000086dd080088be08000000100000009244bd0100000000000000080022eb00000000200000000200000000000000000000000800655800"], 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
select(0x0, 0x0, &(0x7f00000000c0)={0x3, 0x1, 0xff, 0xfffffffffffffe5e, 0x4, 0x5, 0x6, 0x9}, &(0x7f00000001c0)={0x9, 0xffffffff, 0x8, 0x2fdd64c9, 0x10001, 0x6, 0x7ff, 0x20000}, &(0x7f0000000240)={0x77359400})
r2 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r2, &(0x7f0000000040)={0x1f, @none, 0x2}, 0xa)
sendmsg$sock(r2, &(0x7f00000022c0)={0x0, 0x0, &(0x7f0000002200)=[{&(0x7f0000000200)}, {&(0x7f0000001200)="f55d42593d0684c8aa70712dcfc9c1065096404b96a3a7f93a4614407f4112937b99add88419c7aed853f4288cdffa731e07af240f24e6a396e9499518d50a53613b2efd83d251c791ed1c7d6b1b225c46e12a06f80cba57a435ff4bee841085028ce0a869a57acdd17bafe6e8fd7234b9f31d9f2c3de189679f29d320d21c0ccd88a1331ed9943582a1ed9a2b461ff780b37de13f6fc36976b67b4c3a823d93df0679689cb8578b89f557578c1717fbb07d9c238b2b73a0b6c7d726c8c02e68be42c7262f17cb14a59885fbb73ff37f03b7eb56a683346ac5aa1ac344c98f392596593cc3711f2f1592922022eb91880f5f1bcd1ffc832a1e99f5737a13e71cbbb6019ee730698e9866560c3600981e1d48411aee1dc9524f42a0e35607ccb3e68a8e7b2c08e81db32038cc9873e30432152f1e8b125f3a2f7b38c3161554816c0ba7322e80190f8f95ce690d2c8671b3ce53f384ce5c4bdd96738e18c26b55c19f41eb7881f3076b1eef59d57704d249873c2ef058bf82d18f517c61066ef4f20546b0323afc85911180152748bec5b657bfb3ddc78f34c552659d262d9eb37f4ecd75495074e1377a4dcaf0b07b461f0757629a202a3ed4c33be39a92d2cf92fdcbb5dde6cf7019018a86a81a4c016c834e93cbb374a8452ad60db54f5ce593438f895e79ac4fe4c1fa1b08516d605436a13b6fc802d525752bcff60715f345e12dd48032e6519e79459ce869e45103c4d1df1b845e1bdf23ee73b53b5bd3bb6872b1913948c8095637ea01d6a667f5fd1a2b2c73a16e9f21c8e7add1275cd60973337b5941d1c2b58048aea1554d2cd18dd9c37b22d0c6bb6e9b8d68217bcef62890f9089606bc4ec44257dac9bcec02ead78f207a2d4d7f5e6f9be80b7f6bf65fc147b80697d6c5b8dd5c5b7a8cfba22a56d518dd936fdaa799eb329c1f00e45542862e8e2122e1cfd0b84889e594aa54c68103a8181737c53c4e00367dd300b0c00715eefcb983aa24e00dc68bc3b09cf8f2be6f360f42d4aa58c426198a0eb76d6d60e8f74933c50153d546dc991024cef921e32206600d359e45e44c67ce9f3ef3c7538ccb7dcdb8e60e02c570e104b9fff4d29d18759f0e5c16d2a293cbea01f6e69804b3651ea6b2a8ba5f8ba6be1835c6a30e7224197bb4910fcbfd4e3add9d4ba2b7003241ead23e5937bbf2d7932ffe835f6ab729fa5b95be10042e6f740a2c09bb371cc8a49c26863fc3101116adc25ae6495d321a49248db0467b7e16df783d2e4e854bf7e37eed3d959a14ebd3a7f235130e89cff3b1dde698a2d558d6ef286d293d44b5c571a350ee53d7d911e37a6bb7956fe893249e4b84d596cd47750b133706919bb353d27f05102ea019c698c08c0aff0c2b4e01b9910a61ce33ef4401489058fcf3178adc7149c29434fd94ad49afd0eb2ef288c62a67866d1f6d031b9d532bfde6198c0454be303a5f1e0527500760684bb8dd95c33c97e19fce64eb9fa2fc4728a9183e26e25fb6b46b8fde2e8973d4f50e8e4da21a301c92e11688cf6d3f22cd21f164029e89aaa69f21c72c2c0238f1e8319f18e9c657c5164f22d9b053126440e7c1d5d60d8af86947e9df26907ddff7f942a736c1a24ff68a643d814733f0ef8b82ad61a7aa8981e6dd4f166df8c80bdac44709cd8f441578b4eb9357377048fe09b7267c98d3f9c0ee2897d9d11de7ed724616e4d1e2a8ea37ba7bd7c7c25ce18a4d6fac26eec2a2589295762c84bed23e7664d175581f5e6f8544e85c67a5dbfd5cbb6036e71082b3dbef29432e8f368ac1c68c49c3c21eb78e197f8933b8d71d717f2d0871c7861a52639079fd1c965f04047e374f4d1abeabfb2b40751244a0465f3489a00f05742e744d550c4ec3a24ddd4fcc169d62d911f38bc7aa3ceb285ec7e9293e75041ce8dda2dd68b26e5832a1dd7d71f92ced44f9e4e846f4ada1811da2c64c97b3689878beb02936e37b8dc0d70471916dfb4ffecd4225995785e9654ff668f305fd8857fdfcc500ba88d1e83f44f62c38e71091014037224296b61e9cfd8ec875e26b148db3cd2e590338279a87c5ddb4f70bf03b75f7a426b182572d91933d8e3394ed9621eb500c2705cc858c9e2cf1f1dede8d59aa72fc67d98a50a51d4b55727d0f14dc0d458c749f311337250f7eacf120a5efb4d2df25de99a09d2d3e2ed54dfe0213aed2035cf2074d757d7cdbbd21e3fe44ccd09c9c6f32a598fee80da6c9aa07578f76ccd5aaa72e6779e5104d048670406c972b35ec107283c9ab4bac88e1deb9ba3303158fe53409974190a17014da89f7f4b7c31662dc3c9b76217df4a56230a1248970dd18ff4195b083520b94c0e6594175095dec768b6f006f9c85c2d2c251b4e7faa01982e1d87f7cd56ac879cb1db665bd275a92e5e318f4641312c9f32868c25b7f7d766113ddea4e92bf27f1f3b4f02ed946b193f00cc6931e9b6e1b6df1e6cde744fa7d881ea1ccb5dc21871076d2b989ac760f0e850a40084cd7566484364371a71a94ba95ff4005d54685240c4f449a1cc9e730e5fea643caf2c2d7a245253cc26a82451775e95125c5c46f8f5c51cb9f2d3b3820d56e53970f83029f0e130140a8fdb75d5793ebb2076ffc6a7328910bde1578fc98ec3d2ec99fd0a321edfb78593545e762dac5086b127192507495bceda6d11d5be304008dd8a68d54bbc7959a2c8ab635cc7820e5d742e6c5cfd012a2a0519a25b2c659e9cd351ce4c2e7acb88d29d1d98090108a7dff3cdc46c18943c057dc9b65b20da6e27e8c0e975f04d703df1005395ef7fb10e7d60a43782144c2f9c64682c7516f5027d62f7eefb04a22245e081691ebde93b5c577cf33363b63718d1b2923b2d8e687cbffa3a1c8f06d3c466c1ad20a8d0e79a61aed620da4a85c30786b55938814b47e0f876b35a38ec4e5dd09977f40ea66fd53c87d6a54febfd44b0ad6e846b1147bb7621d512ccc682911b44de0f0baf5ff07e79d51e5c5480ccfd5a2ff8e14b489de1359a5420424f6a8890ce21e7e71afc800869c16867473bdafd8c71b1ae475ee437ce3326a23acda7cc603445aa84329c3ed6c2d9814985dff777f77744e0ebc7076fe791b8561e82938379956646151d0d2592f8238747d61626fca44b003526b2cf693da02e77e0c798d96", 0x8cb}], 0x2}, 0x4008804)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
shutdown(r2, 0x1)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$getregset(0x4204, r4, 0x204, &(0x7f0000000040)={&(0x7f0000000080)=""/28, 0x8})
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_GET_STATS_FD_cpu(r6, 0xaece)
close_range(r5, r6, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

9m27.076666816s ago: executing program 4 (id=343):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0) (fail_nth: 2)

9m26.801237058s ago: executing program 4 (id=345):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newsa={0xf0, 0x10, 0x1b020ba487bfd163, 0x0, 0x0, {{@in6=@local, @in6=@local}, {@in6=@private1, 0x0, 0x33}, @in6=@empty, {0x0, 0x0, 0x4, 0x0, 0xb, 0x0, 0xffffffffffffffff}, {}, {}, 0x3, 0x0, 0xa}}, 0xf0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x15, 0x1c, &(0x7f00000002c0)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRESHEX, @ANYBLOB="0000000000000000b702000014000000b7060000000000008500000005000000bf0900000000000035090100000000009500000000000000b7020000000000007b9af8ff00000000b5090000000000007baaf0ff00000000ae8900000000000007080000f8ffffffbf8400000000000007040000f0ffffffc70200000800000018260000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf980000000000005608f8ffffff00008500000007000000b70000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sk_reuseport=0x27, r2, 0x0, 0x0, 0xffffffffffffff42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)

9m23.520970245s ago: executing program 4 (id=353):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x1000)
ppoll(&(0x7f0000000040)=[{r1, 0x9620}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000b, 0x1010, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB='\n\x00\x00\x00\t\x00\x00\x00\b\x00'/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="100200000000000000ff00000000000018130000", @ANYRES32=r3, @ANYBLOB="000000000000000085200000050000009500000000000000"], &(0x7f0000001680)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x35, 0x0, &(0x7f0000000440)="9e36d449b388dd965ff25b1a86ddb4bb9ab224ac56206d7000759b319995d6196ff0f3e63d447045be59ebb916d28eb5ce89313007", 0x0, 0x2, 0xe8030000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffff}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan1\x00'})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0x13, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@generic={0x1, 0x6, 0x9, 0x88, 0x5}, @map_fd={0x18, 0x1, 0x1, 0x0, r5}, @generic={0x0, 0xe, 0x5, 0xffff, 0x4}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r6, 0x80047210, &(0x7f0000000240))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYRES16=r2], 0x7c}, 0x1, 0x0, 0x0, 0x24000800}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a0b0400000000000000000100636f6e6e6c696d69740000000c0002800800014076080000100001800900010000100001800a000100726564697273797a30000000000900020073797a3200000000140000001100010000000000000000000000000a00"/152], 0x98}}, 0x0)
close(r7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x18)
r8 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @remote, 0x3}, 0x1c)
connect$inet6(r8, &(0x7f0000000280)={0xa, 0x4e22, 0x2, @dev={0xfe, 0x80, '\x00', 0x2c}, 0x2}, 0x1c)
socket(0xf, 0x80000, 0xa)
dup(r0)
syz_emit_vhci(&(0x7f0000000600)=ANY=[@ANYBLOB="042fa8300401fa0d25758aee2855088a9db86a3f69c5d235b254bd6eb9ec34c49f5025a38111161ff1e0af41fffd2cbf4113eeaddb42262080245abbc58c8b73fb4af54fd901cffa53605018cd0c9cda30f3075face6471b3eec9f488aa7a805be87c2605242e43846b46285dc6338dd4647d59eddd1db51ab47ef7bd8092e2e6f7847d629be2f18bbb6e91a7be1e38a9a79680574f796124fbf16a1d4192fc511f6a94b2ce424a1979be3ce7c882895741d2f6fc718ceddcaabf76ff20e9e0e6cb0a779a14e237c0553397ee2a961748597fb7327fd2ef3da010fa56c5c"], 0x7)
sendmmsg$inet6(r8, &(0x7f0000003340)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x200, @remote, 0x7}, 0x1c, 0x0}}], 0x1, 0x14000001)
r9 = socket(0xa, 0x2, 0x0)
setsockopt$inet6_int(r9, 0x29, 0x1f, &(0x7f0000000000)=0x1, 0x4)

9m23.096536791s ago: executing program 33 (id=353):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x1000)
ppoll(&(0x7f0000000040)=[{r1, 0x9620}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000b, 0x1010, r1, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000000)=0x4000)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB='\n\x00\x00\x00\t\x00\x00\x00\b\x00'/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x50)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x3, 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="100200000000000000ff00000000000018130000", @ANYRES32=r3, @ANYBLOB="000000000000000085200000050000009500000000000000"], &(0x7f0000001680)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r4, 0x18000000000002a0, 0x35, 0x0, &(0x7f0000000440)="9e36d449b388dd965ff25b1a86ddb4bb9ab224ac56206d7000759b319995d6196ff0f3e63d447045be59ebb916d28eb5ce89313007", 0x0, 0x2, 0xe8030000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffff}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan1\x00'})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0x13, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@generic={0x1, 0x6, 0x9, 0x88, 0x5}, @map_fd={0x18, 0x1, 0x1, 0x0, r5}, @generic={0x0, 0xe, 0x5, 0xffff, 0x4}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r6, 0x80047210, &(0x7f0000000240))
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYRES16=r2], 0x7c}, 0x1, 0x0, 0x0, 0x24000800}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a0b0400000000000000000100636f6e6e6c696d69740000000c0002800800014076080000100001800900010000100001800a000100726564697273797a30000000000900020073797a3200000000140000001100010000000000000000000000000a00"/152], 0x98}}, 0x0)
close(r7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r6}, 0x18)
r8 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r8, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @remote, 0x3}, 0x1c)
connect$inet6(r8, &(0x7f0000000280)={0xa, 0x4e22, 0x2, @dev={0xfe, 0x80, '\x00', 0x2c}, 0x2}, 0x1c)
socket(0xf, 0x80000, 0xa)
dup(r0)
syz_emit_vhci(&(0x7f0000000600)=ANY=[@ANYBLOB="042fa8300401fa0d25758aee2855088a9db86a3f69c5d235b254bd6eb9ec34c49f5025a38111161ff1e0af41fffd2cbf4113eeaddb42262080245abbc58c8b73fb4af54fd901cffa53605018cd0c9cda30f3075face6471b3eec9f488aa7a805be87c2605242e43846b46285dc6338dd4647d59eddd1db51ab47ef7bd8092e2e6f7847d629be2f18bbb6e91a7be1e38a9a79680574f796124fbf16a1d4192fc511f6a94b2ce424a1979be3ce7c882895741d2f6fc718ceddcaabf76ff20e9e0e6cb0a779a14e237c0553397ee2a961748597fb7327fd2ef3da010fa56c5c"], 0x7)
sendmmsg$inet6(r8, &(0x7f0000003340)=[{{&(0x7f0000000080)={0xa, 0x4e24, 0x200, @remote, 0x7}, 0x1c, 0x0}}], 0x1, 0x14000001)
r9 = socket(0xa, 0x2, 0x0)
setsockopt$inet6_int(r9, 0x29, 0x1f, &(0x7f0000000000)=0x1, 0x4)

3m8.850715169s ago: executing program 5 (id=1510):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004340)=""/102376, 0x18fe8)
ptrace$getsig(0x4202, 0xffffffffffffffff, 0x9, &(0x7f0000000040))
getpid()
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, 0x0, 0x0)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000280)={0x0, 0x0, 0x7, 0x81, 0xffffffff})
faccessat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$rds(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000400), 0x0, 0x8004}, 0x0)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
preadv2(r5, &(0x7f0000000240)=[{&(0x7f0000000300)=""/155, 0x9b}], 0x1, 0x2, 0x402, 0x15)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r6}, 0x10)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x6001)
r7 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r7, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)

3m6.04935396s ago: executing program 5 (id=1517):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x80000000, 0x9, 0x31363553, 0x0, 0xa, [{0x4, 0x5}, {0x6, 0x7f36}, {0x8, 0x70}, {0x3, 0xf}, {0xa, 0xff}, {0x6, 0x589}, {0x8, 0x7}, {0x10041, 0x8}], 0x10, 0x8, 0x2, 0x2, 0x5}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
accept4$unix(0xffffffffffffffff, &(0x7f0000000380), &(0x7f0000000300)=0x6e, 0x80000)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_mreqn(r0, 0x0, 0x28, &(0x7f0000000080)={@multicast1, @local}, 0xc)
io_submit(0x0, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040)="5c00ffff", 0x4, 0x0, 0x0, 0x2}])
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x49, &(0x7f00000000c0)})
bind$bt_hci(r1, &(0x7f0000000240)={0x1f, 0x2, 0x3}, 0x6)
write$bt_hci(r1, &(0x7f0000000040)=ANY=[], 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$kcm(0x10, 0x2, 0x4)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f00000005c0)=ANY=[@ANYBLOB="e8000000000005000000f59407a0125d9bca29ed421ca373a0c0f1c95f4b660bf55aa5916dd9ac95478dbb0ae2a64fe7a85090203472eb242b0120bf4f878a4d611db7ef7c80fc593391de47faab5ff2c2fabb6e4f1f2b0bbae2a612c4e7524b69d3ea493fbfd916b93ebf0e98f5f3ba01800000669c46f380691ada2e49fd64837179c518d545df2f3c6ca46d57223bf89aaa63af670b1be7a72e8010d5f4e50ab0a41a6777eabc75cf9421655490f7d37dc0c6c57f1fdc7d96e51756c68f39b404a00b5be196cb72b6a5a644041eeb88c4d3eb419d12af54b55b6a753a4636dd19b743848158dd722a"])
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x803, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0xd, &(0x7f0000000140)=@req3={0x10000, 0x1, 0x100, 0x100, 0xe, 0x0, 0x3}, 0x1c)
r4 = dup(0xffffffffffffffff)
ioctl$DRM_IOCTL_AUTH_MAGIC(r4, 0x40046411, 0x0)

3m5.706453521s ago: executing program 5 (id=1519):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
msgsnd(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100000000000000ff7f1c823e695237825488d5e047d09602c1017642c6ca17e11ecf866b5b33b179d065bdcb1b5e01481dfb6a2c73cc623a60ca094f1a550aba92acd8a69444d52f86e5db83b032f4c6cbfcd0c084237048eefc30d84c82b62811c1ed61c0d1cc88dbb7e55311885b8c03a47e40dc0a477e793c06fe89f41fe664acdf6434e5cf7eca1eed5afb2f9e91e889b97755d343257d850a78e65af2d1f1b4ff08fd506422d93d3b8b9ee5580b0eb7f573bd411b8a27de0a2d011cf5bf2940dfc6dd679d19b42d2caa34c32fa898432365273970a5082329e61912d4eef4f24b926ae601579fc8f0fa2a3c2af89591ffce34b75eebb33b8156902d50adc2bcdb24763d29716bfd0626e59496e45c150cf7e89132f467ebaa62301278af495c0e9bc64c588aa6e805255b85c7d90fe5c01aa73969671fd0e29b206006309aeb4615a4b5b0d066b3fa6bce7be06c51410e3ea7e031e6a8edd63d3c44f5ddd104222c649edb056ece9ce94e7a1d115f79b4f2d26a1d29f3213f0d647cafbbb8ef825c1226ed716bfb0d187df7463bc949b8281cd1e5343f1f2d37f5690a5557262a2053e34484be6267897bcba5f709a52a00a6255c58ef0f46632e05c2ccfe33e8258daf59413151812ebddc6b4293ca132b3612b1cf78b5f83285393979c5d07c3a01db4aba7bf8bca1705673b1a6f218fc971ebfc5ef5accc6fea12d0c0369d290bd9684eab10b88cad97cb10ea58ffc615c54212574874ee72289b96f8f3f00be319ebf72ddfeb45e36b9055f042dad6a290a01101452c3d0e2dd43ea4779f62bee347f05eb191b877dad4c5bdabfd0210b6a39fc8a93e0c2efab44426a3c9e0dbdc4626f4ffa245992c519d624a29b25ed65151ecc38e67d071e01886d922b2ec23728e8445223882b60e6dc2f8551bcbddc2f3d8bc106c8aa2ad0edcf0d1ee8af02ad69e57114f302f13acbda7b97730f4f141cd041198f9a3cb806b7db72b2c05e0aaf6a786bd367d38402a9087b669ec9b557ca2571688cfffffffffffffff655ff0bcaa853891b0ef2b0cf9914a2b886e6c3a0d3eb8d9225557baff7573bd6d45a4b64d4b3d8d5b596a0c944845cb79ca0b1eccd0048f3195b77ec0d2d16158a80cb5937b6f78066ad1e97c8afa5c654c8a68befd2a253280497c7ea2e0409f1fbfc3b507dbb6574dd111ffed8e2de29b5d696596ac949398971d217e9418c08715fe11e29c454ece4a0570000002307645a9ce3c71f4148cd57575e4106568b8bcb43f70672c6614ae19a0b6944e52d30ce94f3b434d3d4d8efc8b50327"], 0x375, 0x0)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000540)={0x0, 0xf691, 0x10100, 0x0, 0x2b4}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000080)={0x11, @loopback, 0x15, 0x0, 'rr\x00', 0x3c, 0xa, 0x80}, 0x2c)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_pidfd_open(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, 0x0, 0x0)
r5 = memfd_create(&(0x7f00000000c0)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x6)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000980)={0x0, 0x0, 0x0, 0x8010002})
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x2000003, 0x97052, r5, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r8 = dup(r7)
write$FUSE_BMAP(r8, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r8, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r8, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_INIT(r8, 0x0, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@cache_fscache}]}})
r9 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r9, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)

3m4.387769972s ago: executing program 5 (id=1523):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000001, 0x1010, r0, 0x97d64000)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000100)='cpuacct.usage\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BTRFS_IOC_DEFAULT_SUBVOL(r4, 0x40089413, &(0x7f0000000040)=0x5)
ioctl$sock_SIOCGSKNS(0xffffffffffffffff, 0x894c, &(0x7f0000000000)=0x1)
r5 = fsopen(&(0x7f0000000280)='9p\x00', 0x0)
getrlimit(0x1, &(0x7f00000000c0))
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r6 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})

3m3.013407937s ago: executing program 5 (id=1526):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0x1, <r0=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000140)}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {r0}}, './file0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x0, 0x28, &(0x7f00000004c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='pagemap\x00')
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0xf, 0x0, 0x0)
sendto$packet(r3, &(0x7f0000000040), 0x0, 0x1, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x5}})
fchdir(r4)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000040)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602000000000e000a000f000000028000001294", 0x2e}, {0x0}], 0x2}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b00010062726964676500"], 0x6c}}, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x48000)
sendmmsg$alg(r5, &(0x7f0000000140), 0x4924b68, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40200003809000061194c00000000008508000000000000950000000000"], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r6=>0x0})
bind$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x1b, r6, 0x1, 0x0, 0x6, @random="0256e946884b"}, 0x14)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(0xffffffffffffffff, 0x2def, 0x4000, 0x0, 0x0, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f00000003c0))
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

3m2.535773172s ago: executing program 5 (id=1528):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x10, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb00"/267], 0x190)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@link_local={0x3}, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x7, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000001c0000000a"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioperm(0x0, 0x2, 0x7e)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id'])
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)

3m1.757993496s ago: executing program 34 (id=1528):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x10, 0x0, @mcast2}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="0b000000000000000a00000000000000ff020000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000020000000a00000000000000fe8000000000000000000000000000bb00"/267], 0x190)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@link_local={0x3}, @link_local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x7, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000001c0000000a"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
ioperm(0x0, 0x2, 0x7e)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id'])
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)

9.259678573s ago: executing program 7 (id=2172):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff, 0x1f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

8.873310859s ago: executing program 7 (id=2175):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410c17ff5d810009050f1f05e13f000009058303"], 0x0)
r1 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f00000001c0)='./file1\x00', 0x60)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
r2 = creat(&(0x7f0000000100)='./file0/file0\x00', 0xbc9dc8fbd81cb4a1)
write$binfmt_elf64(r2, &(0x7f00000011c0)={{0x7f, 0x45, 0x4c, 0x46, 0x29, 0x7d, 0xa, 0x2, 0xad, 0x3, 0x3, 0x10001, 0x384, 0x40, 0x239, 0x2, 0x9, 0x38, 0x1, 0x9, 0x4, 0x18}, [{0x6, 0xff, 0x9, 0xc4, 0x7f3e, 0x2, 0x7, 0x6}]}, 0x78)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c)
sendto$inet6(r3, &(0x7f0000000240)='\x00', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSSL2CALL(r4, 0x89e2, &(0x7f0000000080)=@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000040)={0x28, 0x3, r5, 0x0, &(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x6})
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, 0x0, 0x0)
recvmmsg(r3, &(0x7f0000000dc0)=[{{0x0, 0x0, 0x0}, 0x5e}], 0x1, 0x40000040, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x300, 0x0)
ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f00000009c0)=ANY=[@ANYBLOB="0020000002"])

7.000167043s ago: executing program 7 (id=2187):
r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='cmdline\x00')
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4094, 0xffe}], 0x1, 0x33, 0x0)
flock(r0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000040)='devfreq_frequency\x00', r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$alg(0x26, 0x5, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006200000050005000a00000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b"], 0x4c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)={0x4c, 0x9, 0x6, 0x401, 0x0, 0x0, {0x5, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @local}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}}, 0x4000080)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000010c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x5c0c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
syz_usb_connect(0x0, 0x38, &(0x7f00000002c0)=ANY=[@ANYBLOB="120110038121e940e60491553994010203010902260001000000000904000002e515bb0009050402090000000009058802"], &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0})
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x5f, 0x10103, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720af0fff8ffffff71a4f0ff0000000071103100000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0af8fe000000007203000000000006b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f18564a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccc99069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad24b89b6a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c87852730a3bd7ac923fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca4856ff03b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec860cde7c79f7b4d4e24c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b450100000001000000393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00400000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd599c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb80610eb37bd2d40ebdfed687f0b093e68f10b72146a0b749ee2105e2da94a288146abbbaf7c0b24fe0000000000000000f1a4f4de6a8d12dc9e71a20cbd412898586843b534d36e21379a8a06133c1babde9e5bd5b6afc5f684aada43ee560e800f58cb33b8483f6518abde7c86bd5d389c1b3c40fdd4bebe4adf87b1025ff57eb50984cc5bad9ea1c15484ea627c3c1501d612ed65939266e7332966f03e0376076e7c5dfe25f367dda7f69db89829b360dd2f59cbaad10f13e269eca792725bbacb96aa0a5c426ca76f84322661"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffa3}, 0x48)

6.43298645s ago: executing program 3 (id=2189):
r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f00000002c0)={0x6, 0x7b, 0x800, 0x200, 0xb64, 0xfa9})
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x3}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='io_uring_cqring_wait\x00', r2}, 0x18)
r3 = syz_io_uring_setup(0x6148, &(0x7f0000001b80)={0x0, 0x13ea, 0x2, 0x2, 0x3c6}, &(0x7f0000000040), &(0x7f0000000140))
io_uring_enter(r3, 0x2241, 0x1b86, 0x1, 0x0, 0x0) (fail_nth: 1)

6.379187737s ago: executing program 6 (id=2190):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r0, 0xfeffff, 0x113, 0x3f00f000, &(0x7f0000000700)="c45c573d395de5b2891a7d637a223920f181c2e57d71483cfb2d075a3fa67258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0x4a, 0xffffff0c}, 0x40)

6.285360061s ago: executing program 6 (id=2191):
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b04, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1d34, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x0, 0x3}}}}}]}}]}}, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000140)=<r1=>0x0)
capset(&(0x7f0000000080)={0x20071026, r1}, &(0x7f0000000040)={0x200000, 0x1ffffd, 0x0, 0x0, 0x0, 0xfffffffb})
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x8, {0x8, 0x0, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

5.085562479s ago: executing program 3 (id=2194):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-sse2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45", 0xc8}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

5.049836743s ago: executing program 3 (id=2195):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r1 = socket(0xa, 0x1, 0x84) (rerun: 64)
setsockopt$inet_group_source_req(r1, 0x0, 0x0, &(0x7f00000002c0)={0x1, {{0x2, 0x4e24, @multicast2}}, {{0x2, 0x4e22, @loopback}}}, 0x108) (async)
r2 = socket(0xa, 0x1, 0x84) (async, rerun: 64)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0) (async, rerun: 64)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0]) (async, rerun: 64)
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040)) (async, rerun: 64)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
setpgid(r3, r3) (async)
setpgid(0x0, r3) (async)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
fspick(r4, &(0x7f0000000240)='./file0\x00', 0x0)
futex(0x0, 0x80000000000b, 0x4, 0x0, 0x0, 0x0) (async)
lseek(r4, 0x5, 0x1) (async)
r5 = dup3(r1, r2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r5, 0x0, 0x30, &(0x7f0000000440)=ANY=[@ANYBLOB="010000000000000002004e20e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000002004e21e0000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c9dcb5f0bc67dadbe5fe50a3a3317befb5917cf41881ae3e3455aaa01cc5f2a77f1ad8cfa003eaa72751c54ecb5094c7995e6383ce1fd86442aa68267d21c7c0e8da1c111805dbc6317914c42db0452721b079f3012d17d5632c938e8c3516f0f971a99ac2ba37315bf0bc9ab67bd3aee627ac7c3a3a79688305a3af2bc43e5a0b18bb7ff52931b00e3546aff775a23fdd7256a15328089a4b457e3541334cf212b6ad97ddc000"], 0x110) (async)
r6 = socket(0xa, 0x1, 0x84)
setsockopt$inet_group_source_req(r6, 0x0, 0x2e, &(0x7f00000002c0)={0x1, {{0x2, 0x4e24, @multicast2}}, {{0x2, 0x4e23, @multicast2}}}, 0x108)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r7, &(0x7f0000000180)=ANY=[], 0x118) (async, rerun: 32)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r7, 0x0) (async, rerun: 32)
setsockopt$MRT6_INIT(r7, 0x29, 0xc8, &(0x7f0000000000), 0x4) (async)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000001000c501002bbd700000000000000000", @ANYRES32=0x0, @ANYBLOB="a83100000100050014000300776c616e3100000000000000000000000a000100aaaaaaaaaa1c0000"], 0x40}}, 0x0)

4.953789566s ago: executing program 0 (id=2197):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)={0x28, r1, 0xa01, 0x70bd35, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0xd0}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x220440d0)
r3 = socket$netlink(0x10, 0x3, 0x0)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x80, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120020000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa00"], 0xa8}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400000000000a5a066e97f892b76ee9e6dfd3d60bd786240e2ebf0388b3a6d685d7c5000000"], 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r5], 0x3c}}, 0x40000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x700, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vcan={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)
symlink(&(0x7f0000002080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)

4.897082312s ago: executing program 3 (id=2198):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x22, &(0x7f0000000000)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2c}, @val={@void, {0x8100, 0x3, 0x0, 0x4}}, {@can={0xc, {{0x1, 0x1}, 0x5, 0x3, 0x0, 0x0, "8808d52b23be237f"}}}}, &(0x7f0000000040)={0x1, 0x3, [0x8d3, 0xb19, 0x465, 0x57b]})
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x40, &(0x7f0000000080)=0x7fffffff, 0x4)
getsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, 0x0, &(0x7f00000001c0))
r1 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x382, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
r3 = socket(0x1, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0xfffffffffffffe77}, 0x1, 0x0, 0x0, 0x8800}, 0x4000885)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(0xffffffffffffffff, &(0x7f0000000580)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00022bbd7000fddbdf25070000002200070073797374656d5f753a73797374656d5f723a6b65726e656c5f743a733000000014000200fe880000000000000000000000000101080005000000000014000200ff0200000000000000000000000000012800070073797374656d5f753a6f626a6563745f723a6576656e745f6465766963655f743a733000"], 0x90}, 0x1, 0x0, 0x0, 0x40050}, 0x11)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb}, [@printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x83000000}, {0x85, 0x0, 0x0, 0x71}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', <r6=>0x0})
r7 = socket(0x10, 0x803, 0x0)
bind$netlink(r7, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x1, 0x803, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001400)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r6}, @IFLA_MASTER={0x8, 0xa, r10}]}, 0x44}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0xd, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000009000000000000000061197400000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe}, 0x80)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r12=>0x0})
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x19, 0x5, 0x8, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
r14 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r13, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008900000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r14, r12}, 0x14)
setsockopt$inet6_IPV6_PKTINFO(r1, 0x29, 0x32, &(0x7f0000000100)={@private1, r12}, 0x14)

4.867659143s ago: executing program 0 (id=2199):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={0x0}, 0x18)
socket$nl_rdma(0x10, 0x3, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
syz_emit_ethernet(0x66, &(0x7f0000000440)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaaaa08004500005800000000002f90780000000040000000248000000086dd080088be08000000100000000100001000000000080022eb00000000200000000200000000000000000000000800655800000000b2d3bc412dbca85051fdf2c43003164070704b5171cf11e657c857b4359cd4f238718305838d28338a442b967923a941267c6365c4419dc061ede37f172c22f757d81dfdaa34909ea8ce932cb75ff08d4a63c94471cc43134b0aeeb75f9e5a80fddde8322e1604e34702b7733652256805f906e4dc643669788fedffb75c00f4ea240eaefb2324fd32ed0000000000000000007a7aeaf7e90cc99fa48e4187a85feb75559e0b61bf0232007afbe54914d2ff8bce975986bdd90fa300bf57eba73725248093243e11659690"], 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
select(0x40, &(0x7f0000000000)={0x3, 0x6, 0xfb, 0x7, 0x516fc7f6, 0x9, 0x0, 0x9b8a}, &(0x7f00000000c0)={0x3, 0x1, 0xff, 0x10004, 0x4, 0x5, 0x6, 0x9}, &(0x7f00000001c0)={0x7, 0xfffffffd, 0x8, 0x2fdd64c9, 0x40, 0x6, 0x7ff, 0x20000}, &(0x7f0000000240)={0x77359400})
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000140)=0x20)
ioctl$PPPIOCSPASS(r4, 0x40107447, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x60}]})
ioctl$PPPIOCSDEBUG(r4, 0x40047440, &(0x7f0000000240)=0x7)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=ANY=[@ANYBLOB="14200000100001000000000000000000000000fbbbf5213c8e0a28000000002601040000000000000000010000000240000000020900010073797a30000000001108a3"], 0x50}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000140)=0x14)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r5, 0x0, 0xc881)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x80)

4.573700313s ago: executing program 7 (id=2200):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x5, 0x1000001c, 0x8001, 0x0, 0x4, 0xfff, 0xffff7e0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r2 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x842, 0x0)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_OCC_MAX_CLEAR(r2, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x400008}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x3c, r3, 0x10, 0x70bd25, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x250f}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20008090}, 0x40010)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r2, 0xc0189374, &(0x7f0000000040)={{0x1, 0x1, 0x18, r1, {0xdaf}}, './file0\x00'})
r4 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, &(0x7f0000000000)=@n={0x1, 0x40, @generic=0x9, 0x9})
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
r6 = socket(0x1e, 0x5, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000040)=@req3={0x80000000}, 0xfeda)
listen(r6, 0x0)
r7 = socket(0x1e, 0x805, 0x0)
sendmsg$tipc(r7, &(0x7f0000000080)={&(0x7f0000000100)=@name, 0x10, 0x0}, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f00000000c0)=@req3={0x80000000, 0x0, 0x2}, 0x1c)
accept4$inet6(r6, 0x0, 0x0, 0x0)
sendmsg$tipc(r7, &(0x7f0000000640)={&(0x7f0000000300)=@nameseq={0x1e, 0x1, 0x2, {0x43, 0x0, 0x3}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

4.0537274s ago: executing program 3 (id=2201):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0x10, 0x803, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f00000001c0)=0x1)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448ca, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e25, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r3 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x20000000000002b7, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000208500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="740000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="2b030040000000004c0012800b00010067656e65766500003c0002800800010001000000140007000000000000"], 0x74}, 0x1, 0x0, 0x0, 0x2000000}, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
dup3(r3, r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x400000b4e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x2)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
write(r0, &(0x7f0000000240)="aefc00001a0025f00385bc04fef7681d0a0b49ff708800008002280008020200ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae)

3.707823721s ago: executing program 0 (id=2202):
r0 = socket(0x2, 0x3, 0x67)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x52c)
sendto$unix(r0, 0x0, 0x0, 0x2000000, &(0x7f00000000c0)=@abs={0x0, 0x7, 0xd0000e0}, 0x6e)

3.692689624s ago: executing program 6 (id=2203):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x20040010)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2c0c2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
fcntl$lock(r2, 0x7, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000100)={'veth0_to_team\x00', 0x400})
ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000240)={'gre0\x00', 0x200})
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r5, 0x6, 0x17, &(0x7f0000000080)=0xffffffff, 0x4)
r6 = openat$adsp1(0xffffffffffffff9c, 0x0, 0x301341, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r6, 0xc004500a, &(0x7f0000000000)=0xe4)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

3.628487983s ago: executing program 0 (id=2204):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x800002)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x240800, 0x103)
mkdirat(r3, 0x0, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
memfd_create(0x0, 0x7)
r6 = syz_open_dev$dri(0x0, 0x3, 0x2200)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x15)
writev(r7, &(0x7f00000000c0)=[{&(0x7f0000000180)="39000000130003470fbb65e1c3e4ffff060060001600000056000000250000001900b3c0b6d20300070a0000000084db26b9e4e20000000000", 0x39}], 0x1)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x8, 0x2c, 0x0, @remote, @local, {[], {{0x0, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

3.584009181s ago: executing program 3 (id=2205):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000540)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x24, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYRESOCT=r0], 0xb0}, 0x1, 0x0, 0x0, 0x8004}, 0x24000014)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x400, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {0xffff, 0x6}, {0x0, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x4, 0x6cf8}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44041}, 0x4000851)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000003e000701feffffff00000000017c0000040042800c00018006000600800a0000200002801c00178018"], 0x44}, 0x1, 0x0, 0x0, 0x40040c0}, 0xc000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sw_sync_info(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port0\x00', 0xf3, 0x1b1c07, 0xfffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8})
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x80d02, 0x0)
r3 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r4=>0x0})
bind$can_j1939(r3, &(0x7f0000000340)={0x1d, r4, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r3, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r3, 0x0, 0x4048081)
close(r3)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))

3.031933977s ago: executing program 2 (id=2207):
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffe11)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x4a040, 0x0) (fail_nth: 4)

2.766559347s ago: executing program 2 (id=2208):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0x6, 0x4, 0xdd, 0xa}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x7b}]}, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)

2.3904817s ago: executing program 2 (id=2209):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)={0x28, r1, 0xa01, 0x70bd35, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_MAX_PEER_LINKS={0x6, 0x4, 0xd0}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x220440d0)
r3 = socket$netlink(0x10, 0x3, 0x0)
mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x80, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120020000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa00"], 0xa8}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400000000000a5a066e97f892b76ee9e6dfd3d60bd786240e2ebf0388b3a6d685d7c5000000"], 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000600)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r5], 0x3c}}, 0x40000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x700, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vcan={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0)
symlink(&(0x7f0000002080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000400)='cpuset.effective_cpus\x00', 0x275a, 0x0)

2.285546365s ago: executing program 0 (id=2210):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x5)
ioctl$KVM_SET_SREGS2(r4, 0x4140aecd, &(0x7f0000000300)={{0x3001, 0xdddd1000, 0xd, 0x7, 0x2, 0x7, 0xc, 0x82, 0x0, 0xd, 0x1f, 0x5}, {0xeeee0000, 0x4000, 0xa, 0xa, 0x7, 0xf5, 0xf7, 0x2, 0x5, 0x6, 0x4, 0x9}, {0x64c38916b49bda64, 0xffff1000, 0x8, 0x8, 0x7, 0x2d, 0x3, 0x7f, 0x7, 0x6, 0x9, 0x80}, {0xeeee8000, 0x3000, 0xc, 0x4, 0x6, 0x2, 0x80, 0x0, 0x5, 0x3, 0x6, 0xe7}, {0x80a0000, 0x6000, 0x10, 0xbb, 0x7f, 0xad, 0x2, 0xfc, 0x10, 0x3, 0x1, 0x6}, {0x1, 0x8000000, 0xa, 0x9, 0x7f, 0xe8, 0x5, 0x7, 0x2, 0x25, 0x6, 0x9}, {0x8000000, 0xdddd0000, 0xb, 0x0, 0x6, 0x4, 0x2, 0xfc, 0xc6, 0x20, 0x0, 0x81}, {0xeeee0000, 0x2, 0xb, 0x51, 0x7f, 0x0, 0x2, 0x0, 0x5, 0x8, 0x5, 0x3}, {0xeeee0000, 0xebed}, {0xd000, 0x43}, 0x80000000, 0x0, 0x1, 0x0, 0x9, 0xb100, 0xdddd1000, 0x0, [0x40, 0xd4df, 0x8, 0x6bbb]})
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x8800)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
io_setup(0x8, &(0x7f0000000000)=<r5=>0x0)
syz_open_procfs(0x0, 0x0)
r6 = getpid()
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x0, 0x0)
preadv(r7, &(0x7f0000004ec0), 0x0, 0x8000, 0x0)
r8 = syz_pidfd_open(r6, 0x0)
setns(r8, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0x8, 0x72, 0x80000}, 0x20)
open$dir(0x0, 0x400000, 0x100)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r9, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r9, &(0x7f0000000000)="e6", 0x1, 0x24048000, &(0x7f0000000100)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
r10 = syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="01002dbd7000fddbdf2508000000b9bef018f66f40614c4bfaec05c5b1442949b75f0617073720bae6c9499c048158d3c604c9c4c2061f8f05f6bb0532233912fc47ac8d0f7324c4cbf633ddd2a2378a20e71af865490858488c3c76ca6e319b4197f98130ba964f7bb2b3a63663be3302b9cadb63614b354012cac422c4089379dc31dae3fbf9537bcf9ecdc8bb8310154be2ed3378c569f6d70e3d746fc9b43fe332ed5bbe48e5d40b402d6bdad328", @ANYRES16=r10, @ANYBLOB="14000000", @ANYRES8=r0, @ANYRES8=r5, @ANYRESOCT, @ANYRES16=r10, @ANYRES64=r10, @ANYRESHEX], 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x80)
shutdown(r9, 0x1)
recvfrom(r9, 0x0, 0x0, 0x61, 0x0, 0x0)

2.243511882s ago: executing program 7 (id=2211):
timer_create(0x3, 0x0, &(0x7f0000044000))
timer_delete(0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xc)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
timer_create(0x0, 0x0, 0x0)
ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, &(0x7f0000000040)=[0x6, 0x6])
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_UNLOCK(0xffffffffffffffff, 0x4008642b, &(0x7f00000002c0))
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_TIMEOUT={0x8}]}, 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)

2.177482596s ago: executing program 2 (id=2212):
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x8, 0x40000)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f00000000c0)={0x0, 0x0, 0x80800})
r1 = syz_usb_connect(0x0, 0x24, &(0x7f00000005c0)={{0x12, 0x1, 0x0, 0xa3, 0xb3, 0x70, 0x8, 0x46d, 0x8ae, 0x1158, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x6, 0x0, 0x9, 0x6e, 0x7e}}]}}]}}, 0x0)
syz_usb_disconnect(r1)
syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000580)=ANY=[@ANYBLOB], 0x90)

1.561982904s ago: executing program 6 (id=2213):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000140)={'syztnl0\x00', &(0x7f00000000c0)={'ip6tnl0\x00', <r1=>0x0, 0x2f, 0x9, 0x25, 0x2, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, 0xc8, 0x10, 0x9, 0x2}})
fstat(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000200)={&(0x7f0000000380)=@polexpire={0x22c, 0x1b, 0x0, 0x70bd28, 0x25dfdbfc, {{{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @in6=@loopback, 0x4e20, 0x2c7, 0x4e24, 0xffff, 0x0, 0xa0, 0x100, 0x11, r1, r2}, {0x2, 0x7fffffffffffffff, 0x400, 0x8, 0x91e, 0xc1, 0x6, 0x7ff}, {0x1, 0xffffffff, 0x2c0, 0x9c5}, 0x3c, 0x6e6bbe, 0x2, 0x1, 0x6}, 0x3}, [@coaddr={0x14, 0xe, @in=@local}, @coaddr={0x14, 0xe, @in=@remote}, @tmpl={0x144, 0x5, [{{@in=@rand_addr=0x64010102, 0x4d5, 0x2b}, 0x0, @in=@multicast2, 0x3503, 0x4, 0x0, 0x9, 0x1c, 0x9, 0x575}, {{@in=@empty, 0x4d3, 0x33}, 0x2, @in=@dev={0xac, 0x14, 0x14, 0x31}, 0x3501, 0x2, 0x1, 0x1, 0xfb, 0x4, 0x956}, {{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4d5, 0x3c}, 0x2, @in=@multicast1, 0x3507, 0x4, 0x2, 0x3, 0x7fff, 0x81, 0x8}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d2, 0x15}, 0xa, @in=@dev={0xac, 0x14, 0x14, 0xa}, 0x3507, 0x0, 0x0, 0x4, 0x2, 0x200, 0x10000}, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, 0x4d3, 0x2b}, 0xa, @in6=@private2, 0x0, 0x2, 0x0, 0x7, 0x81, 0x1, 0x1}]}]}, 0x22c}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
listen(r0, 0x8)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY_LEVEL(r4, 0x0, 0x2, &(0x7f0000000000)=0x1, 0x4)
accept4$nfc_llcp(r0, &(0x7f0000002980), 0x0, 0x80000)

1.514762285s ago: executing program 7 (id=2214):
sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100ff2bbe11a5ce7879edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r3, &(0x7f0000000200)=[{&(0x7f0000000340)="01", 0x1}], 0x1, 0x8, 0x6, 0x0)
write$FUSE_POLL(r3, &(0x7f0000000380)={0x18, 0xfffffffffffffff5, 0x0, {0x1}}, 0x18) (fail_nth: 4)

1.425965107s ago: executing program 6 (id=2215):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @empty}, 0x4}, 0x1c)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x659, @empty, 0xff}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000100), 0x4)
socket$key(0xf, 0x3, 0x2)
syz_open_dev$dri(0x0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa101, 0x0)
write$binfmt_aout(r1, &(0x7f0000000100)=ANY=[], 0xff2e)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x38)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x13, r2, 0x0)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x3, 0x0, 0x0, "0062ba7d82000000000000000000f7fffeff00"})
r3 = syz_open_pts(r1, 0x8182)
r4 = dup3(r3, r1, 0x0)
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0x17)
r5 = fcntl$dupfd(r0, 0x406, r0)
write$cgroup_pid(r5, 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000f00)={0x2020}, 0xfffffffffffffee8)

693.260291ms ago: executing program 6 (id=2216):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000402000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0d0000000400000004000000070000000000", @ANYRES32=r0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000b9b2e438392ea81800"/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$MAP_LOOKUP_BATCH(0x18, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x94eb2000)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000c0000000400000001000084010000000a000000030000000000000000000000000000010500000020000000000000000000000300000000020000000200000000000000006100302e61616161006100"], 0x0, 0x64}, 0x28)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYRESOCT, @ANYRESDEC=r2, @ANYRES32=r0, @ANYRES16, @ANYRES16], 0x24}, 0x1, 0x0, 0x0, 0x51}, 0x20000010)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x5})
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, &(0x7f0000000340)=ANY=[])
r7 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r8, 0x25, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4})
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='cgroup.events\x00', 0x275a, 0x0)
fcntl$lock(r9, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000000)={0x1})
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f00000000c0))
close_range(r7, r6, 0x0)
r10 = syz_open_dev$vivid(&(0x7f00000002c0), 0x2, 0x2)
ioctl$VIDIOC_G_FBUF(r10, 0x8030560a, &(0x7f0000000380)={0xba0df39051661db9, 0x70, &(0x7f00000003c0)="aea33cbca2abf82c1d2b6f5217c07224649aab0618b49467707f2907dc26d937bcd2b73014cd06534a5e375b452c77791e2e1ab837d6d5f904f08860013ada1b3e5d4f4c99a54693660a986fed0edee6bd9d7c0df09f8d9b", {0x1, 0x74, 0x52424750, 0x2, 0x7f, 0xa02, 0xa, 0x7}})
ioctl$int_out(r3, 0x2, &(0x7f0000000000))
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000300), 0x100, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r11 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
ioctl$USBDEVFS_IOCTL(r11, 0xc0105512, &(0x7f0000000280)=@usbdevfs_connect={0x8})

664.308505ms ago: executing program 0 (id=2217):
timer_create(0x3, 0x0, &(0x7f0000044000))
timer_delete(0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$netlink(0x10, 0x3, 0xc)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
timer_create(0x0, 0x0, 0x0)
ioctl$EVIOCSREP(0xffffffffffffffff, 0x40084503, &(0x7f0000000040)=[0x6, 0x6])
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_UNLOCK(0xffffffffffffffff, 0x4008642b, &(0x7f00000002c0))
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x64, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}]}, @CTA_TIMEOUT={0x8}]}, 0x64}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)

500.389733ms ago: executing program 2 (id=2218):
sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100ff2bbe11a5ce7879edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
socket$pppoe(0x18, 0x1, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r3, 0x800448f0, &(0x7f00000000c0)={0x0, 0x0, "a4cd91", 0x9})
syz_open_dev$sndpcmp(&(0x7f0000007640), 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00')
mount$9p_fd(0x0, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r4}})
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000140)={0x1f, 0xffff, 0x3}, 0x6)
write(r6, &(0x7f0000000040)="05000000010000", 0x7)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',cache=mmap'])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r7 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
pwritev2(r7, &(0x7f0000000200)=[{&(0x7f0000000340)="01", 0x1}], 0x1, 0x8, 0x6, 0x0)
write$FUSE_POLL(r7, &(0x7f0000000380)={0x18, 0xfffffffffffffff5, 0x0, {0x1}}, 0x18)

0s ago: executing program 2 (id=2219):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r1, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r2}], 0x2c, 0xffffffffffbffff8)
dup2(r1, r2)
fcntl$setown(r1, 0x8, r0)
tkill(r0, 0x13)
unlinkat(0xffffffffffffffff, 0x0, 0x200)
r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x299e, 0x0, 0x0, 0x0)
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, 0x0, &(0x7f0000000040)={'U+', 0x101}, 0x16, 0x6)
io_uring_setup(0x3322, &(0x7f0000000040)={0x0, 0x9811, 0x20, 0x1, 0x2002f5})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0xff)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x890b, &(0x7f0000000000))
setreuid(0x0, 0xee00)
request_key(&(0x7f00000002c0)='logon\x00', &(0x7f0000000300)={'syz', 0x3}, &(0x7f0000000380)='\t\x85\x05\x84/vc\t\x00#\x00', 0x0)
write$vga_arbiter(r3, &(0x7f0000000040)=@other={'lock', ' ', 'io+mem'}, 0xc)
write$vga_arbiter(r3, &(0x7f0000000080)=@other={'decodes', ' ', 'none'}, 0x3f)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
symlinkat(&(0x7f0000000140)='./file0\x00', 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

eek: false
[  673.338342][T13623] vivid-002: RDS Rx I/O Mode: Block I/O
[  673.345261][T13623] vivid-002: Generate RBDS Instead of RDS: false
[  673.352303][T13623] vivid-002: RDS Reception: true
[  673.357313][T13623] vivid-002: RDS Program Type: 0 inactive
[  673.375130][T13623] vivid-002: RDS PS Name:  inactive
[  673.388414][T13623] vivid-002: RDS Radio Text:  inactive
[  673.394221][T13623] vivid-002: RDS Traffic Announcement: false inactive
[  673.403370][T13623] vivid-002: RDS Traffic Program: false inactive
[  673.410781][T13623] vivid-002: RDS Music: false inactive
[  673.421138][T13623] vivid-002: ==================  END STATUS  ==================
[  673.592848][T13628] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1897'.
[  673.607463][T13628] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1897'.
[  673.680418][T13628] geneve2: entered promiscuous mode
[  673.708373][T13628] geneve2: entered allmulticast mode
[  673.966764][T13633] netlink: 64138 bytes leftover after parsing attributes in process `syz.7.1897'.
[  674.787230][T13643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  674.796259][T13643] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  674.841332][T13646] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1904'.
[  674.866778][T13646] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1904'.
[  674.960117][T13646] geneve2: entered promiscuous mode
[  674.965542][T13646] geneve2: entered allmulticast mode
[  675.085248][T12841] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  675.151049][   T10] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  675.196605][T12836] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  675.205954][T12836] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  675.235069][T12836] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  675.256598][T13650] FAULT_INJECTION: forcing a failure.
[  675.256598][T13650] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  675.270834][T13650] CPU: 1 UID: 0 PID: 13650 Comm: syz.6.1905 Not tainted syzkaller #0 PREEMPT(full) 
[  675.270860][T13650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  675.270871][T13650] Call Trace:
[  675.270878][T13650]  <TASK>
[  675.270885][T13650]  dump_stack_lvl+0x16c/0x1f0
[  675.270910][T13650]  should_fail_ex+0x512/0x640
[  675.270934][T13650]  _copy_to_user+0x32/0xd0
[  675.270961][T13650]  do_pagemap_scan+0xb81/0xcf0
[  675.270992][T13650]  ? __pfx_do_pagemap_scan+0x10/0x10
[  675.271012][T13650]  ? do_vfs_ioctl+0x128/0x14f0
[  675.271041][T13650]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  675.271086][T13650]  ? selinux_file_ioctl+0x180/0x270
[  675.271107][T13650]  ? selinux_file_ioctl+0xb4/0x270
[  675.271133][T13650]  do_pagemap_cmd+0x58/0x80
[  675.271160][T13650]  ? __pfx_do_pagemap_cmd+0x10/0x10
[  675.271174][T13650]  __x64_sys_ioctl+0x18b/0x210
[  675.271191][T13650]  do_syscall_64+0xcd/0x4c0
[  675.271206][T13650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  675.271217][T13650] RIP: 0033:0x7fbfc418ebe9
[  675.271228][T13650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  675.271239][T13650] RSP: 002b:00007fbfc5004038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  675.271250][T13650] RAX: ffffffffffffffda RBX: 00007fbfc43c5fa0 RCX: 00007fbfc418ebe9
[  675.271257][T13650] RDX: 0000200000000100 RSI: 00000000c0606610 RDI: 0000000000000003
[  675.271263][T13650] RBP: 00007fbfc5004090 R08: 0000000000000000 R09: 0000000000000000
[  675.271270][T13650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  675.271276][T13650] R13: 00007fbfc43c6038 R14: 00007fbfc43c5fa0 R15: 00007ffe31584ce8
[  675.271291][T13650]  </TASK>
[  675.448191][T13648] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.1904'.
[  675.523556][   T10] usb 4-1: Using ep0 maxpacket: 32
[  675.561489][   T10] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  675.846029][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  675.853054][T13656] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1907'.
[  675.868198][   T10] usb 4-1: Product: syz
[  675.872536][T13656] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1907'.
[  675.933217][   T10] usb 4-1: Manufacturer: syz
[  675.938009][   T10] usb 4-1: SerialNumber: syz
[  675.945467][   T10] usb 4-1: config 0 descriptor??
[  675.953705][   T10] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  675.971689][   T30] audit: type=1400 audit(1756994903.643:2150): avc:  denied  { watch } for  pid=13657 comm="syz.0.1909" path="/386/file0" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  675.984386][T13658] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  676.006759][   T30] audit: type=1400 audit(1756994903.683:2151): avc:  denied  { relabelto } for  pid=13657 comm="syz.0.1909" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  676.036893][   T30] audit: type=1400 audit(1756994903.683:2152): avc:  denied  { associate } for  pid=13657 comm="syz.0.1909" name="/" dev="cgroup2" ino=1 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 srawcon="system_u:object_r:fsadm_exec_t:s0"
[  676.131134][ T5915] usb 7-1: new full-speed USB device number 43 using dummy_hcd
[  676.414887][ T5915] usb 7-1: config 0 has an invalid interface number: 110 but max is 0
[  676.423242][ T5915] usb 7-1: config 0 has no interface number 0
[  676.429538][ T5915] usb 7-1: config 0 interface 110 has no altsetting 0
[  676.444042][ T5915] usb 7-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=af.55
[  676.453728][ T5915] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  676.461992][ T5915] usb 7-1: Product: syz
[  676.527597][ T5915] usb 7-1: Manufacturer: syz
[  676.532313][ T5915] usb 7-1: SerialNumber: syz
[  676.541274][ T5862] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  676.541655][ T5915] usb 7-1: config 0 descriptor??
[  676.704175][ T5862] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  676.716944][ T5862] usb 1-1: config 0 interface 0 has no altsetting 0
[  676.723761][ T5862] usb 1-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00
[  676.732973][ T5862] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  676.743051][ T5862] usb 1-1: config 0 descriptor??
[  676.761751][ T5915] cdc_subset 7-1:0.110: probe with driver cdc_subset failed with error -71
[  676.775728][ T5915] usb 7-1: USB disconnect, device number 43
[  677.000331][   T10] gspca_stk1135: reg_w 0x7 err -71
[  677.008489][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  677.015049][   T10] gspca_stk1135: Sensor write failed
[  677.020407][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  677.027867][   T10] gspca_stk1135: Sensor write failed
[  677.033382][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  677.039845][   T10] gspca_stk1135: Sensor read failed
[  677.045219][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  677.052489][   T10] gspca_stk1135: Sensor read failed
[  677.057737][   T10] gspca_stk1135: Detected sensor type unknown (0x0)
[  677.064454][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  677.076356][   T10] gspca_stk1135: Sensor read failed
[  677.081643][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  677.087978][   T10] gspca_stk1135: Sensor read failed
[  677.093241][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  677.099821][   T10] gspca_stk1135: Sensor write failed
[  677.105235][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  677.111700][   T10] gspca_stk1135: Sensor write failed
[  677.117039][   T10] stk1135 4-1:0.0: probe with driver stk1135 failed with error -71
[  677.130074][   T10] usb 4-1: USB disconnect, device number 35
[  677.161788][ T5862] hid-alps 0003:044E:1215.001C: hidraw0: USB HID v0.04 Device [HID 044e:1215] on usb-dummy_hcd.0-1/input0
[  677.422685][T13687] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1914'.
[  677.837575][T13687] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  677.846256][T13687] batman_adv: batadv0: Removing interface: batadv_slave_0
[  677.855567][T13687] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  677.864289][T13687] batman_adv: batadv0: Removing interface: batadv_slave_1
[  677.873151][T13687] batman_adv: batadv0: Interface deactivated: wlan0
[  677.893301][T13687] batman_adv: batadv0: Removing interface: wlan0
[  678.004957][ T5915] usb 1-1: USB disconnect, device number 51
[  678.651231][T13705] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1918'.
[  679.197416][   T30] audit: type=1400 audit(1756994906.773:2153): avc:  denied  { write } for  pid=13706 comm="syz.2.1920" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  679.683877][T13722] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1923'.
[  681.089146][T13732] FAULT_INJECTION: forcing a failure.
[  681.089146][T13732] name failslab, interval 1, probability 0, space 0, times 0
[  681.210159][T13732] CPU: 0 UID: 0 PID: 13732 Comm: syz.0.1926 Not tainted syzkaller #0 PREEMPT(full) 
[  681.210187][T13732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  681.210197][T13732] Call Trace:
[  681.210204][T13732]  <TASK>
[  681.210212][T13732]  dump_stack_lvl+0x16c/0x1f0
[  681.210238][T13732]  should_fail_ex+0x512/0x640
[  681.210257][T13732]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  681.210279][T13732]  should_failslab+0xc2/0x120
[  681.210300][T13732]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  681.210316][T13732]  ? __pfx___might_resched+0x10/0x10
[  681.210340][T13732]  ? __anon_vma_prepare+0xae/0x5e0
[  681.210375][T13732]  __anon_vma_prepare+0xae/0x5e0
[  681.210406][T13732]  uffd_lock_vma+0x360/0x3f0
[  681.210431][T13732]  mfill_atomic_zeropage+0x1a2/0x14a0
[  681.210460][T13732]  ? find_held_lock+0x2b/0x80
[  681.210481][T13732]  ? __might_fault+0xe3/0x190
[  681.210500][T13732]  ? __pfx_mfill_atomic_zeropage+0x10/0x10
[  681.210530][T13732]  userfaultfd_ioctl+0x2f20/0x3930
[  681.210553][T13732]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  681.210572][T13732]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  681.210619][T13732]  ? selinux_file_ioctl+0x180/0x270
[  681.210645][T13732]  ? selinux_file_ioctl+0xb4/0x270
[  681.210669][T13732]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  681.210691][T13732]  ? __x64_sys_ioctl+0x18b/0x210
[  681.210716][T13732]  __x64_sys_ioctl+0x18b/0x210
[  681.210744][T13732]  do_syscall_64+0xcd/0x4c0
[  681.210766][T13732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  681.210784][T13732] RIP: 0033:0x7f029e78ebe9
[  681.210799][T13732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  681.210816][T13732] RSP: 002b:00007f029f6d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  681.210837][T13732] RAX: ffffffffffffffda RBX: 00007f029e9c5fa0 RCX: 00007f029e78ebe9
[  681.210848][T13732] RDX: 0000200000000000 RSI: 00000000c020aa04 RDI: 0000000000000004
[  681.210860][T13732] RBP: 00007f029f6d4090 R08: 0000000000000000 R09: 0000000000000000
[  681.210871][T13732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  681.210880][T13732] R13: 00007f029e9c6038 R14: 00007f029e9c5fa0 R15: 00007ffc9ce3d5d8
[  681.210907][T13732]  </TASK>
[  682.555407][T13764] o2cb: This node has not been configured.
[  682.561739][T13764] o2cb: Cluster check failed. Fix errors before retrying.
[  682.569215][T13764] (syz.2.1936,13764,0):user_dlm_register:674 ERROR: status = -22
[  682.577175][T13764] (syz.2.1936,13764,0):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[  682.608518][T13764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  682.620389][T13764] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  683.138920][T13773] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1939'.
[  683.161185][T13773] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1939'.
[  683.379388][T13777] netlink: 64138 bytes leftover after parsing attributes in process `syz.7.1939'.
[  683.687682][T13782] FAULT_INJECTION: forcing a failure.
[  683.687682][T13782] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  684.039337][T13782] CPU: 0 UID: 0 PID: 13782 Comm: syz.2.1943 Not tainted syzkaller #0 PREEMPT(full) 
[  684.039366][T13782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  684.039376][T13782] Call Trace:
[  684.039382][T13782]  <TASK>
[  684.039388][T13782]  dump_stack_lvl+0x16c/0x1f0
[  684.039407][T13782]  should_fail_ex+0x512/0x640
[  684.039422][T13782]  _copy_from_user+0x2e/0xd0
[  684.039438][T13782]  copy_from_sockptr_offset.constprop.0+0x136/0x170
[  684.039453][T13782]  ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[  684.039471][T13782]  ip_mroute_getsockopt+0x285/0x3f0
[  684.039487][T13782]  ? __pfx_ip_mroute_getsockopt+0x10/0x10
[  684.039504][T13782]  ? __lock_acquire+0x62e/0x1ce0
[  684.039524][T13782]  do_ip_getsockopt+0x1b7/0x2220
[  684.039544][T13782]  ? __pfx_do_ip_getsockopt+0x10/0x10
[  684.039563][T13782]  ? avc_has_perm_noaudit+0x117/0x3b0
[  684.039578][T13782]  ? avc_has_perm_noaudit+0x149/0x3b0
[  684.039591][T13782]  ? avc_has_perm+0x144/0x1f0
[  684.039602][T13782]  ? __pfx_avc_has_perm+0x10/0x10
[  684.039615][T13782]  ? __lock_acquire+0xb97/0x1ce0
[  684.039635][T13782]  ? sock_has_perm+0x259/0x2f0
[  684.039650][T13782]  ip_getsockopt+0x9b/0x1e0
[  684.039668][T13782]  ? __pfx_ip_getsockopt+0x10/0x10
[  684.039683][T13782]  ? __might_fault+0xe3/0x190
[  684.039694][T13782]  ? __might_fault+0x13b/0x190
[  684.039708][T13782]  raw_getsockopt+0x4d/0x1f0
[  684.039725][T13782]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  684.039740][T13782]  do_sock_getsockopt+0x34a/0x440
[  684.039755][T13782]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  684.039772][T13782]  ? __fget_files+0x204/0x3c0
[  684.039797][T13782]  __sys_getsockopt+0x12f/0x260
[  684.039812][T13782]  __x64_sys_getsockopt+0xbd/0x160
[  684.039822][T13782]  ? do_syscall_64+0x91/0x4c0
[  684.039834][T13782]  ? lockdep_hardirqs_on+0x7c/0x110
[  684.039846][T13782]  do_syscall_64+0xcd/0x4c0
[  684.039860][T13782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.039872][T13782] RIP: 0033:0x7fd25198ebe9
[  684.039881][T13782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  684.039891][T13782] RSP: 002b:00007fd2527d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  684.039903][T13782] RAX: ffffffffffffffda RBX: 00007fd251bc5fa0 RCX: 00007fd25198ebe9
[  684.039910][T13782] RDX: 00000000000000ce RSI: 0000000000000000 RDI: 0000000000000003
[  684.039916][T13782] RBP: 00007fd2527d3090 R08: 0000200000000440 R09: 0000000000000000
[  684.039923][T13782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  684.039929][T13782] R13: 00007fd251bc6038 R14: 00007fd251bc5fa0 R15: 00007ffd350c39e8
[  684.039944][T13782]  </TASK>
[  685.403034][T13796] netlink: 40 bytes leftover after parsing attributes in process `syz.7.1946'.
[  685.437048][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  686.114453][T13810] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1949'.
[  686.222851][T13810] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1949'.
[  686.455886][T13820] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.1949'.
[  686.777687][T13822] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13822 comm=syz.6.1953
[  686.779547][T13825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1954'.
[  686.794521][T13822] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1953'.
[  686.857816][T13825] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1954'.
[  689.296023][T13856] FAULT_INJECTION: forcing a failure.
[  689.296023][T13856] name failslab, interval 1, probability 0, space 0, times 0
[  689.309026][T13856] CPU: 0 UID: 0 PID: 13856 Comm: syz.0.1964 Not tainted syzkaller #0 PREEMPT(full) 
[  689.309053][T13856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  689.309070][T13856] Call Trace:
[  689.309077][T13856]  <TASK>
[  689.309084][T13856]  dump_stack_lvl+0x16c/0x1f0
[  689.309112][T13856]  should_fail_ex+0x512/0x640
[  689.309139][T13856]  should_failslab+0xc2/0x120
[  689.309163][T13856]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  689.309182][T13856]  ? lock_acquire+0x179/0x350
[  689.309210][T13856]  ? dst_alloc+0x99/0x1a0
[  689.309232][T13856]  ? __pfx_ip6_dst_gc+0x10/0x10
[  689.309252][T13856]  dst_alloc+0x99/0x1a0
[  689.309272][T13856]  ip6_pol_route+0x96b/0x1230
[  689.309295][T13856]  ? __pfx_ip6_pol_route+0x10/0x10
[  689.309315][T13856]  ? find_held_lock+0x2b/0x80
[  689.309343][T13856]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  689.309373][T13856]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  689.309390][T13856]  fib6_rule_lookup+0x386/0x720
[  689.309421][T13856]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  689.309467][T13856]  ip6_route_output_flags+0x1d0/0x640
[  689.309497][T13856]  ip6_dst_lookup_tail.constprop.0+0xa52/0x2140
[  689.309526][T13856]  ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10
[  689.309543][T13856]  ? bpf_ksym_find+0x127/0x1c0
[  689.309567][T13856]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  689.309607][T13856]  ? is_bpf_text_address+0x94/0x1a0
[  689.309627][T13856]  ? kernel_text_address+0x8d/0x100
[  689.309647][T13856]  ? __kernel_text_address+0xd/0x40
[  689.309666][T13856]  ? unwind_get_return_address+0x59/0xa0
[  689.309687][T13856]  ? arch_stack_walk+0xa6/0x100
[  689.309711][T13856]  ip6_dst_lookup_flow+0x99/0x1d0
[  689.309730][T13856]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  689.309751][T13856]  ? __lock_acquire+0x62e/0x1ce0
[  689.309776][T13856]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  689.309795][T13856]  addr6_resolve.constprop.0+0x223/0x4a0
[  689.309817][T13856]  ? __lock_acquire+0xb97/0x1ce0
[  689.309844][T13856]  ? __pfx_addr6_resolve.constprop.0+0x10/0x10
[  689.309877][T13856]  ? do_raw_spin_lock+0x12c/0x2b0
[  689.309901][T13856]  addr_resolve+0x2cc/0x1d30
[  689.309925][T13856]  ? lockdep_hardirqs_on+0x51/0x110
[  689.309947][T13856]  ? __debug_object_init+0x2de/0x3d0
[  689.309971][T13856]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  689.309991][T13856]  ? __pfx_addr_resolve+0x10/0x10
[  689.310011][T13856]  ? __pfx___debug_object_init+0x10/0x10
[  689.310046][T13856]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[  689.310071][T13856]  ? lockdep_init_map_type+0x5c/0x280
[  689.310094][T13856]  rdma_resolve_ip+0x429/0x6b0
[  689.310115][T13856]  ? __pfx_addr_handler+0x10/0x10
[  689.310139][T13856]  rdma_resolve_addr+0x3e7/0x20c0
[  689.310159][T13856]  ? xa_load+0x153/0x2c0
[  689.310189][T13856]  ? __pfx_rdma_resolve_addr+0x10/0x10
[  689.310207][T13856]  ? do_raw_spin_unlock+0x172/0x230
[  689.310231][T13856]  ? __pfx_ucma_get_ctx+0x10/0x10
[  689.310260][T13856]  ? ucma_resolve_ip+0x15f/0x220
[  689.310280][T13856]  ucma_resolve_ip+0x15f/0x220
[  689.310300][T13856]  ? __pfx_ucma_resolve_ip+0x10/0x10
[  689.310332][T13856]  ? __pfx_ucma_resolve_ip+0x10/0x10
[  689.310354][T13856]  ucma_write+0x1f8/0x330
[  689.310374][T13856]  ? __pfx_ucma_write+0x10/0x10
[  689.310393][T13856]  ? bpf_lsm_file_permission+0x9/0x10
[  689.310414][T13856]  ? security_file_permission+0x71/0x210
[  689.310441][T13856]  ? rw_verify_area+0xcf/0x6c0
[  689.310468][T13856]  ? __pfx_ucma_write+0x10/0x10
[  689.310481][T13856]  vfs_write+0x29d/0x11d0
[  689.310496][T13856]  ? __pfx_vfs_write+0x10/0x10
[  689.310506][T13856]  ? find_held_lock+0x2b/0x80
[  689.310520][T13856]  ? __fget_files+0x204/0x3c0
[  689.310534][T13856]  ? __fget_files+0x20e/0x3c0
[  689.310551][T13856]  ksys_write+0x1f8/0x250
[  689.310562][T13856]  ? __pfx_ksys_write+0x10/0x10
[  689.310577][T13856]  do_syscall_64+0xcd/0x4c0
[  689.310591][T13856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.310602][T13856] RIP: 0033:0x7f029e78ebe9
[  689.310612][T13856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  689.310623][T13856] RSP: 002b:00007f029f6d4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  689.310634][T13856] RAX: ffffffffffffffda RBX: 00007f029e9c5fa0 RCX: 00007f029e78ebe9
[  689.310641][T13856] RDX: 0000000000000048 RSI: 0000200000000480 RDI: 0000000000000004
[  689.310648][T13856] RBP: 00007f029f6d4090 R08: 0000000000000000 R09: 0000000000000000
[  689.310654][T13856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  689.310661][T13856] R13: 00007f029e9c6038 R14: 00007f029e9c5fa0 R15: 00007ffc9ce3d5d8
[  689.310675][T13856]  </TASK>
[  690.091304][T13858] FAULT_INJECTION: forcing a failure.
[  690.091304][T13858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  690.105413][T13858] CPU: 1 UID: 0 PID: 13858 Comm: syz.3.1965 Not tainted syzkaller #0 PREEMPT(full) 
[  690.105440][T13858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  690.105452][T13858] Call Trace:
[  690.105458][T13858]  <TASK>
[  690.105465][T13858]  dump_stack_lvl+0x16c/0x1f0
[  690.105491][T13858]  should_fail_ex+0x512/0x640
[  690.105517][T13858]  copy_fpstate_to_sigframe+0x854/0xaf0
[  690.105549][T13858]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  690.105573][T13858]  ? posixtimer_deliver_signal+0x105/0x6b0
[  690.105600][T13858]  ? x86_task_fpu+0x5f/0x90
[  690.105625][T13858]  get_sigframe+0x4a8/0x9c0
[  690.105652][T13858]  ? __pfx_get_sigframe+0x10/0x10
[  690.105674][T13858]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  690.105697][T13858]  ? _raw_spin_unlock_irq+0x29/0x50
[  690.105715][T13858]  ? siginfo_layout+0x177/0x290
[  690.105740][T13858]  x64_setup_rt_frame+0x12e/0xcf0
[  690.105776][T13858]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  690.105808][T13858]  arch_do_signal_or_restart+0x5e4/0x7d0
[  690.105831][T13858]  ? __fget_files+0x20e/0x3c0
[  690.105851][T13858]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  690.105881][T13858]  ? ksys_write+0x1ac/0x250
[  690.105900][T13858]  ? __pfx_ksys_write+0x10/0x10
[  690.105924][T13858]  exit_to_user_mode_loop+0x84/0x110
[  690.105945][T13858]  do_syscall_64+0x3f6/0x4c0
[  690.105968][T13858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  690.105986][T13858] RIP: 0033:0x7f35fa98d69f
[  690.106001][T13858] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  690.106017][T13858] RSP: 002b:00007f35fb88d030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  690.106035][T13858] RAX: 0000000000000001 RBX: 0000000000000003 RCX: 00007f35fa98d69f
[  690.106045][T13858] RDX: 0000000000000001 RSI: 00007f35fb88d090 RDI: 0000000000000003
[  690.106056][T13858] RBP: 00007f35fb88d090 R08: 0000000000000000 R09: 00007f35fb88cdf7
[  690.106066][T13858] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  690.106076][T13858] R13: 00007f35fabc6038 R14: 00007f35fabc5fa0 R15: 00007ffcb0033e98
[  690.106102][T13858]  </TASK>
[  690.329653][   T30] audit: type=1400 audit(1756994917.853:2154): avc:  denied  { ioctl } for  pid=13859 comm="syz.7.1966" path="socket:[50245]" dev="sockfs" ino=50245 ioctlcmd=0x5604 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  690.641076][ T5862] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  690.661089][T10713] usb 7-1: new high-speed USB device number 44 using dummy_hcd
[  690.851108][ T5862] usb 1-1: Using ep0 maxpacket: 8
[  690.857981][ T5862] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89
[  690.869605][T10713] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  690.961721][T10713] usb 7-1: config 0 interface 0 has no altsetting 0
[  690.969495][   T30] audit: type=1326 audit(1756994918.643:2155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.2.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25198ebe9 code=0x7ffc0000
[  691.011181][ T5862] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  691.041087][T10713] usb 7-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00
[  691.093092][T10713] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  691.121903][ T5862] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[  691.146618][T10713] usb 7-1: config 0 descriptor??
[  691.151793][ T5862] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  691.219436][   T30] audit: type=1326 audit(1756994918.693:2156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.2.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25198ebe9 code=0x7ffc0000
[  691.227724][ T5862] usb 1-1: Product: syz
[  691.498320][   T30] audit: type=1326 audit(1756994918.693:2157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.2.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7fd25198ebe9 code=0x7ffc0000
[  691.574285][   T30] audit: type=1326 audit(1756994918.693:2158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.2.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25198ebe9 code=0x7ffc0000
[  691.581017][ T5862] usb 1-1: Manufacturer: syz
[  691.658124][   T30] audit: type=1326 audit(1756994918.693:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.2.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25198ebe9 code=0x7ffc0000
[  691.684717][ T5862] usb 1-1: SerialNumber: syz
[  691.705357][ T5862] usb 1-1: config 0 descriptor??
[  691.744914][   T30] audit: type=1326 audit(1756994918.693:2160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.2.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fd25198ebe9 code=0x7ffc0000
[  691.780405][ T5862] streamzap 1-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0200
[  691.791729][T10713] hid-alps 0003:044E:1215.001D: hidraw0: USB HID v0.04 Device [HID 044e:1215] on usb-dummy_hcd.6-1/input0
[  691.847005][   T30] audit: type=1326 audit(1756994918.693:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.2.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25198ebe9 code=0x7ffc0000
[  692.588558][ T5862] usb 7-1: USB disconnect, device number 44
[  692.601551][   T30] audit: type=1326 audit(1756994918.693:2162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.2.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd25198ebe9 code=0x7ffc0000
[  692.634914][   T30] audit: type=1326 audit(1756994918.693:2163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13874 comm="syz.2.1971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fd25198ebe9 code=0x7ffc0000
[  693.178598][T13903] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  693.196476][T13892] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  693.196714][T13903] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  693.213271][T12841] Bluetooth: hci5: Frame reassembly failed (-84)
[  693.490673][ T5916] usb 1-1: USB disconnect, device number 52
[  694.010682][T13917] __nla_validate_parse: 4 callbacks suppressed
[  694.010708][T13917] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1979'.
[  694.029315][T13917] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1979'.
[  694.043743][T13917] geneve2: entered promiscuous mode
[  694.049089][T13917] geneve2: entered allmulticast mode
[  694.414717][T13919] netlink: 64138 bytes leftover after parsing attributes in process `syz.6.1979'.
[  695.090049][T13937] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13937 comm=syz.7.1984
[  695.135409][T13937] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1984'.
[  695.284246][ T5850] Bluetooth: hci5: command 0x1003 tx timeout
[  695.292626][ T5852] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  695.716342][T13951] FAULT_INJECTION: forcing a failure.
[  695.716342][T13951] name failslab, interval 1, probability 0, space 0, times 0
[  695.739222][T13951] CPU: 0 UID: 0 PID: 13951 Comm: syz.3.1988 Not tainted syzkaller #0 PREEMPT(full) 
[  695.739250][T13951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  695.739265][T13951] Call Trace:
[  695.739274][T13951]  <TASK>
[  695.739282][T13951]  dump_stack_lvl+0x16c/0x1f0
[  695.739307][T13951]  should_fail_ex+0x512/0x640
[  695.739324][T13951]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  695.739351][T13951]  should_failslab+0xc2/0x120
[  695.739372][T13951]  __kmalloc_cache_noprof+0x6a/0x3e0
[  695.739399][T13951]  ? kvm_irqfd+0x177/0x1ab0
[  695.739422][T13951]  kvm_irqfd+0x177/0x1ab0
[  695.739449][T13951]  ? __pfx_kvm_irqfd+0x10/0x10
[  695.739465][T13951]  ? __might_fault+0xe3/0x190
[  695.739484][T13951]  ? __might_fault+0xe3/0x190
[  695.739511][T13951]  kvm_vm_ioctl+0x19f3/0x4000
[  695.739537][T13951]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  695.739568][T13951]  ? kasan_quarantine_put+0x10a/0x240
[  695.739583][T13951]  ? lockdep_hardirqs_on+0x7c/0x110
[  695.739608][T13951]  ? find_held_lock+0x2b/0x80
[  695.739633][T13951]  ? tomoyo_path_number_perm+0x295/0x580
[  695.739657][T13951]  ? tomoyo_path_number_perm+0x18d/0x580
[  695.739685][T13951]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  695.739710][T13951]  ? find_held_lock+0x2b/0x80
[  695.739735][T13951]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  695.739754][T13951]  ? do_vfs_ioctl+0x128/0x14f0
[  695.739779][T13951]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  695.739804][T13951]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  695.739839][T13951]  ? hook_file_ioctl_common+0x145/0x410
[  695.739861][T13951]  ? selinux_file_ioctl+0x180/0x270
[  695.739882][T13951]  ? selinux_file_ioctl+0xb4/0x270
[  695.739905][T13951]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  695.739925][T13951]  __x64_sys_ioctl+0x18b/0x210
[  695.739952][T13951]  do_syscall_64+0xcd/0x4c0
[  695.739972][T13951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  695.739988][T13951] RIP: 0033:0x7f35fa98ebe9
[  695.740001][T13951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  695.740016][T13951] RSP: 002b:00007f35fb88d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  695.740059][T13951] RAX: ffffffffffffffda RBX: 00007f35fabc5fa0 RCX: 00007f35fa98ebe9
[  695.740069][T13951] RDX: 0000200000000000 RSI: 000000004020ae76 RDI: 0000000000000004
[  695.740080][T13951] RBP: 00007f35fb88d090 R08: 0000000000000000 R09: 0000000000000000
[  695.740089][T13951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  695.740097][T13951] R13: 00007f35fabc6038 R14: 00007f35fabc5fa0 R15: 00007ffcb0033e98
[  695.740120][T13951]  </TASK>
[  697.361383][ T5916] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  697.712892][ T5916] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  697.751125][ T5916] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  697.773635][ T5916] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  697.783217][ T5850] Bluetooth: hci3: command 0x0405 tx timeout
[  697.821361][ T5916] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  697.834439][ T5916] usb 4-1: Manufacturer: syz
[  697.842130][ T5916] usb 4-1: config 0 descriptor??
[  698.021443][ T5916] rc_core: IR keymap rc-hauppauge not found
[  698.061023][ T5916] Registered IR keymap rc-empty
[  698.210592][ T5916] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  698.279691][ T5916] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input28
[  698.583007][ T5852] Bluetooth: hci2: unexpected event for opcode 0x1003
[  698.972139][ T5862] usb 4-1: USB disconnect, device number 36
[  699.326576][   T30] kauditd_printk_skb: 64 callbacks suppressed
[  699.326594][   T30] audit: type=1400 audit(1756994926.993:2228): avc:  denied  { checkpoint_restore } for  pid=13990 comm="syz.2.1998" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  699.327837][T13991] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1998'.
[  700.798265][T14014] FAULT_INJECTION: forcing a failure.
[  700.798265][T14014] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  700.887290][T14014] CPU: 1 UID: 0 PID: 14014 Comm: syz.7.2006 Not tainted syzkaller #0 PREEMPT(full) 
[  700.887317][T14014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  700.887327][T14014] Call Trace:
[  700.887333][T14014]  <TASK>
[  700.887340][T14014]  dump_stack_lvl+0x16c/0x1f0
[  700.887363][T14014]  should_fail_ex+0x512/0x640
[  700.887382][T14014]  _copy_from_user+0x2e/0xd0
[  700.887397][T14014]  __do_sys_clock_adjtime+0x96/0x290
[  700.887410][T14014]  ? __pfx___do_sys_clock_adjtime+0x10/0x10
[  700.887431][T14014]  ? __pfx_ksys_write+0x10/0x10
[  700.887446][T14014]  ? rcu_is_watching+0x12/0xc0
[  700.887461][T14014]  do_syscall_64+0xcd/0x4c0
[  700.887476][T14014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.887487][T14014] RIP: 0033:0x7f194b78ebe9
[  700.887497][T14014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.887509][T14014] RSP: 002b:00007f194c6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[  700.887520][T14014] RAX: ffffffffffffffda RBX: 00007f194b9c5fa0 RCX: 00007f194b78ebe9
[  700.887527][T14014] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[  700.887533][T14014] RBP: 00007f194c6b7090 R08: 0000000000000000 R09: 0000000000000000
[  700.887540][T14014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  700.887546][T14014] R13: 00007f194b9c6038 R14: 00007f194b9c5fa0 R15: 00007fffbe2b94c8
[  700.887561][T14014]  </TASK>
[  702.254907][T14041] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2013'.
[  702.358402][T14044] netlink: 'syz.6.2013': attribute type 2 has an invalid length.
[  702.366325][T14044] netlink: 'syz.6.2013': attribute type 7 has an invalid length.
[  702.632279][ T5852] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  702.661610][ T5852] Bluetooth: hci2: Injecting HCI hardware error event
[  702.681938][ T5850] Bluetooth: hci2: hardware error 0x00
[  703.531276][ T5862] usb 1-1: new full-speed USB device number 53 using dummy_hcd
[  703.539197][   T10] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  703.681068][ T5862] usb 1-1: device descriptor read/64, error -71
[  703.721247][   T10] usb 4-1: Using ep0 maxpacket: 32
[  703.733699][   T10] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  703.847860][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  703.865745][   T10] usb 4-1: Product: syz
[  703.876231][   T10] usb 4-1: Manufacturer: syz
[  703.890184][   T10] usb 4-1: SerialNumber: syz
[  703.905429][   T10] usb 4-1: config 0 descriptor??
[  703.918999][   T10] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  703.941100][ T5862] usb 1-1: new full-speed USB device number 54 using dummy_hcd
[  704.074583][ T5862] usb 1-1: device descriptor read/64, error -71
[  704.191465][ T5862] usb usb1-port1: attempt power cycle
[  704.503292][T14061] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  704.536293][T14061] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  704.561170][ T5862] usb 1-1: new full-speed USB device number 55 using dummy_hcd
[  704.711134][ T5850] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  704.747223][T14064] FAULT_INJECTION: forcing a failure.
[  704.747223][T14064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  704.760917][T14064] CPU: 1 UID: 0 PID: 14064 Comm: syz.6.2019 Not tainted syzkaller #0 PREEMPT(full) 
[  704.760943][T14064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  704.760954][T14064] Call Trace:
[  704.760962][T14064]  <TASK>
[  704.760973][T14064]  dump_stack_lvl+0x16c/0x1f0
[  704.760998][T14064]  should_fail_ex+0x512/0x640
[  704.761022][T14064]  _copy_from_user+0x2e/0xd0
[  704.761046][T14064]  get_timespec64+0x8b/0x240
[  704.761071][T14064]  ? __pfx_get_timespec64+0x10/0x10
[  704.761103][T14064]  io_timeout_remove_prep+0x2af/0x3e0
[  704.761123][T14064]  io_submit_sqes+0x853/0x25c0
[  704.761156][T14064]  __do_sys_io_uring_enter+0xd6a/0x1630
[  704.761177][T14064]  ? __fget_files+0x20e/0x3c0
[  704.761197][T14064]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  704.761219][T14064]  ? fput+0x9b/0xd0
[  704.761241][T14064]  ? ksys_write+0x1ac/0x250
[  704.761257][T14064]  ? __pfx_ksys_write+0x10/0x10
[  704.761284][T14064]  do_syscall_64+0xcd/0x4c0
[  704.761308][T14064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  704.761326][T14064] RIP: 0033:0x7fbfc418ebe9
[  704.761342][T14064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  704.761359][T14064] RSP: 002b:00007fbfc5004038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  704.761376][T14064] RAX: ffffffffffffffda RBX: 00007fbfc43c5fa0 RCX: 00007fbfc418ebe9
[  704.761387][T14064] RDX: 0000000000007721 RSI: 0000000000002219 RDI: 0000000000000000
[  704.761398][T14064] RBP: 00007fbfc5004090 R08: 0000000000000000 R09: 0000000000000000
[  704.761408][T14064] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000001
[  704.761419][T14064] R13: 00007fbfc43c6038 R14: 00007fbfc43c5fa0 R15: 00007ffe31584ce8
[  704.761446][T14064]  </TASK>
[  705.091566][ T5862] usb 1-1: device descriptor read/8, error -71
[  705.290159][   T10] gspca_stk1135: reg_w 0x7 err -71
[  705.297486][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  705.304604][   T10] gspca_stk1135: Sensor write failed
[  705.310772][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  705.311300][ T5915] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  705.317750][   T10] gspca_stk1135: Sensor write failed
[  705.330013][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  705.618538][T14080] bond2: entered promiscuous mode
[  705.623717][T14080] bond2: entered allmulticast mode
[  705.663843][T14080] 8021q: adding VLAN 0 to HW filter on device bond2
[  705.798110][   T10] gspca_stk1135: Sensor read failed
[  705.803434][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  705.809770][   T10] gspca_stk1135: Sensor read failed
[  705.822538][   T10] gspca_stk1135: Detected sensor type unknown (0x0)
[  705.829357][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  705.831171][ T5915] usb 8-1: Using ep0 maxpacket: 32
[  705.846339][ T5915] usb 8-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  705.860404][ T5915] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  705.860730][   T10] gspca_stk1135: Sensor read failed
[  705.868611][ T5915] usb 8-1: Product: syz
[  705.868631][ T5915] usb 8-1: Manufacturer: syz
[  705.868645][ T5915] usb 8-1: SerialNumber: syz
[  705.878020][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  705.892143][ T5915] usb 8-1: config 0 descriptor??
[  705.909132][ T5915] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  705.919499][   T10] gspca_stk1135: Sensor read failed
[  705.919536][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  705.919547][   T10] gspca_stk1135: Sensor write failed
[  705.919576][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  705.919586][   T10] gspca_stk1135: Sensor write failed
[  705.919653][   T10] stk1135 4-1:0.0: probe with driver stk1135 failed with error -71
[  705.930736][   T10] usb 4-1: USB disconnect, device number 37
[  705.997763][   T30] audit: type=1400 audit(1756994933.673:2229): avc:  denied  { create } for  pid=14075 comm="syz.6.2024" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  706.551125][T14094] random: crng reseeded on system resumption
[  706.970433][T14098] infiniband syz!: set down
[  706.975502][T14098] infiniband syz!: added team_slave_0
[  707.209808][ T5915] gspca_stk1135: reg_w 0x7 err -71
[  707.218563][ T5915] gspca_stk1135: serial bus timeout: status=0x00
[  707.224932][ T5915] gspca_stk1135: Sensor write failed
[  707.230250][ T5915] gspca_stk1135: serial bus timeout: status=0x00
[  707.330722][T14098] RDS/IB: syz!: added
[  707.335582][T14098] smc: adding ib device syz! with port count 1
[  707.341987][T14098] smc:    ib device syz! port 1 has pnetid 
[  707.850026][ T5915] gspca_stk1135: Sensor write failed
[  707.855841][ T5915] gspca_stk1135: serial bus timeout: status=0x00
[  707.865948][ T5915] gspca_stk1135: Sensor read failed
[  707.883111][ T5915] gspca_stk1135: serial bus timeout: status=0x00
[  707.903303][ T5915] gspca_stk1135: Sensor read failed
[  707.908554][ T5915] gspca_stk1135: Detected sensor type unknown (0x0)
[  707.941970][ T5915] gspca_stk1135: serial bus timeout: status=0x00
[  707.948476][ T5915] gspca_stk1135: Sensor read failed
[  707.954290][ T5915] gspca_stk1135: serial bus timeout: status=0x00
[  707.963144][ T5915] gspca_stk1135: Sensor read failed
[  707.968646][ T5915] gspca_stk1135: serial bus timeout: status=0x00
[  707.975210][   T30] audit: type=1400 audit(1756994935.643:2230): avc:  denied  { write } for  pid=14103 comm="syz.0.2029" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  708.000477][ T5915] gspca_stk1135: Sensor write failed
[  708.009423][ T5915] gspca_stk1135: serial bus timeout: status=0x00
[  708.019029][ T5915] gspca_stk1135: Sensor write failed
[  708.020187][T14104] FAULT_INJECTION: forcing a failure.
[  708.020187][T14104] name failslab, interval 1, probability 0, space 0, times 0
[  708.025026][ T5915] stk1135 8-1:0.0: probe with driver stk1135 failed with error -71
[  708.037450][T14104] CPU: 0 UID: 0 PID: 14104 Comm: syz.0.2029 Not tainted syzkaller #0 PREEMPT(full) 
[  708.037475][T14104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  708.037487][T14104] Call Trace:
[  708.037492][T14104]  <TASK>
[  708.037506][T14104]  dump_stack_lvl+0x16c/0x1f0
[  708.037533][T14104]  should_fail_ex+0x512/0x640
[  708.037556][T14104]  ? io_alloc_ocqe+0x7e/0x610
[  708.037578][T14104]  should_failslab+0xc2/0x120
[  708.037596][T14104]  __kmalloc_noprof+0xd2/0x510
[  708.037619][T14104]  io_alloc_ocqe+0x7e/0x610
[  708.037638][T14104]  ? io_cqe_cache_refill+0x221/0x2c0
[  708.037662][T14104]  __io_submit_flush_completions+0x9b3/0x1690
[  708.037694][T14104]  io_submit_sqes+0xa09/0x25c0
[  708.037723][T14104]  __do_sys_io_uring_enter+0xd6a/0x1630
[  708.037743][T14104]  ? __fget_files+0x20e/0x3c0
[  708.037760][T14104]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  708.037779][T14104]  ? fput+0x9b/0xd0
[  708.037800][T14104]  ? ksys_write+0x1ac/0x250
[  708.037816][T14104]  ? __pfx_ksys_write+0x10/0x10
[  708.037840][T14104]  do_syscall_64+0xcd/0x4c0
[  708.037860][T14104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.037876][T14104] RIP: 0033:0x7f029e78ebe9
[  708.037890][T14104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  708.037905][T14104] RSP: 002b:00007f029f6d4038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  708.037921][T14104] RAX: ffffffffffffffda RBX: 00007f029e9c5fa0 RCX: 00007f029e78ebe9
[  708.037931][T14104] RDX: 0000000000007721 RSI: 0000000000002219 RDI: 0000000000000000
[  708.037941][T14104] RBP: 00007f029f6d4090 R08: 0000000000000000 R09: 0000000000000000
[  708.037950][T14104] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000001
[  708.037959][T14104] R13: 00007f029e9c6038 R14: 00007f029e9c5fa0 R15: 00007ffc9ce3d5d8
[  708.037982][T14104]  </TASK>
[  708.249197][ T5915] usb 8-1: USB disconnect, device number 11
[  708.538679][T14112] netlink: 48 bytes leftover after parsing attributes in process `syz.7.2032'.
[  708.624099][T14124] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  708.635913][T14124] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  708.752089][ T5915] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  708.986100][ T5862] usb 7-1: new high-speed USB device number 45 using dummy_hcd
[  709.001085][ T5915] usb 4-1: Using ep0 maxpacket: 32
[  709.015966][ T5915] usb 4-1: config 0 has an invalid interface number: 194 but max is 0
[  709.025610][ T5915] usb 4-1: config 0 has no interface number 0
[  709.166183][ T5915] usb 4-1: config 0 interface 194 has no altsetting 0
[  709.173308][ T5915] usb 4-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  709.182410][ T5915] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  709.225005][ T5915] usb 4-1: config 0 descriptor??
[  709.284125][ T5915] as10x_usb: device has been detected
[  709.331573][ T5915] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  709.369743][ T5915] usb 4-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  709.426568][ T5915] as10x_usb: error during firmware upload part1
[  709.434346][ T5915] Registered device nBox DVB-T Dongle
[  709.462554][ T5862] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  709.481645][ T5862] usb 7-1: config 0 interface 0 has no altsetting 0
[  709.541147][ T5862] usb 7-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00
[  709.550298][ T5862] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  709.561769][ T5862] usb 7-1: config 0 descriptor??
[  709.647106][   T10] usb 4-1: USB disconnect, device number 38
[  709.668526][   T10] Unregistered device nBox DVB-T Dongle
[  709.670263][   T10] as10x_usb: device has been disconnected
[  709.682029][T10713] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  709.831113][T10713] usb 1-1: Using ep0 maxpacket: 32
[  709.841509][T10713] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  709.852626][T10713] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  709.860855][T10713] usb 1-1: Product: syz
[  709.865843][T10713] usb 1-1: Manufacturer: syz
[  709.873228][T10713] usb 1-1: SerialNumber: syz
[  709.882946][T10713] usb 1-1: config 0 descriptor??
[  709.894584][T10713] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  709.995090][ T5862] hid-alps 0003:044E:1215.001E: hidraw0: USB HID v0.04 Device [HID 044e:1215] on usb-dummy_hcd.6-1/input0
[  710.557646][ T5915] usb 7-1: USB disconnect, device number 45
[  710.735387][T14153] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14153 comm=syz.7.2045
[  710.749371][T14153] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2045'.
[  711.021948][ T5915] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  711.036282][ T5862] kernel write not supported for file [eventfd] (pid: 5862 comm: kworker/0:3)
[  711.045363][T10713] gspca_stk1135: reg_w 0x7 err -71
[  711.052344][T10713] gspca_stk1135: serial bus timeout: status=0x00
[  711.058681][T10713] gspca_stk1135: Sensor write failed
[  711.068205][T10713] gspca_stk1135: serial bus timeout: status=0x00
[  711.074641][T10713] gspca_stk1135: Sensor write failed
[  711.079950][T10713] gspca_stk1135: serial bus timeout: status=0x00
[  711.086762][T10713] gspca_stk1135: Sensor read failed
[  711.095118][T10713] gspca_stk1135: serial bus timeout: status=0x00
[  711.102346][T10713] gspca_stk1135: Sensor read failed
[  711.108268][T10713] gspca_stk1135: Detected sensor type unknown (0x0)
[  711.116560][T10713] gspca_stk1135: serial bus timeout: status=0x00
[  711.122943][T10713] gspca_stk1135: Sensor read failed
[  711.128220][T10713] gspca_stk1135: serial bus timeout: status=0x00
[  711.136651][T10713] gspca_stk1135: Sensor read failed
[  711.146941][T10713] gspca_stk1135: serial bus timeout: status=0x00
[  711.157803][T10713] gspca_stk1135: Sensor write failed
[  711.163360][T10713] gspca_stk1135: serial bus timeout: status=0x00
[  711.169720][T10713] gspca_stk1135: Sensor write failed
[  711.169789][T10713] stk1135 1-1:0.0: probe with driver stk1135 failed with error -71
[  711.172135][ T5915] usb 4-1: Using ep0 maxpacket: 8
[  711.172299][T10713] usb 1-1: USB disconnect, device number 57
[  711.174637][ T5915] usb 4-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[  711.174663][ T5915] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  711.177454][ T5915] usb 4-1: config 0 descriptor??
[  711.188355][T14164] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2050'.
[  711.406319][T14168] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2051'.
[  711.490479][T14170] netlink: 'syz.6.2051': attribute type 2 has an invalid length.
[  711.498555][T14170] netlink: 'syz.6.2051': attribute type 7 has an invalid length.
[  713.461090][   T30] audit: type=1326 audit(1756994941.073:2231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14178 comm="syz.6.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  713.591119][   T30] audit: type=1326 audit(1756994941.073:2232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14178 comm="syz.6.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  714.030361][   T30] audit: type=1326 audit(1756994941.083:2233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14178 comm="syz.6.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  714.391294][   T30] audit: type=1326 audit(1756994941.083:2234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14178 comm="syz.6.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  714.443623][   T30] audit: type=1326 audit(1756994941.083:2235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14178 comm="syz.6.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  714.510045][   T30] audit: type=1326 audit(1756994941.083:2236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14178 comm="syz.6.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  714.557371][   T30] audit: type=1326 audit(1756994941.083:2237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14178 comm="syz.6.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  714.793784][   T30] audit: type=1326 audit(1756994941.083:2238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14178 comm="syz.6.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  714.819244][   T30] audit: type=1326 audit(1756994941.083:2239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14178 comm="syz.6.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  714.892356][   T30] audit: type=1326 audit(1756994941.083:2240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14178 comm="syz.6.2054" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  714.961300][ T5915] usb 4-1: string descriptor 0 read error: -71
[  714.967609][ T5915] usb 4-1: Found UVC 0.00 device <unnamed> (2833:0201)
[  714.993144][ T5915] usb 4-1: No valid video chain found.
[  715.311227][ T5915] usb 4-1: USB disconnect, device number 39
[  715.361548][T14201] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  715.416647][T14201] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  715.811983][T14213] FAULT_INJECTION: forcing a failure.
[  715.811983][T14213] name failslab, interval 1, probability 0, space 0, times 0
[  715.826007][T14213] CPU: 0 UID: 0 PID: 14213 Comm: syz.7.2063 Not tainted syzkaller #0 PREEMPT(full) 
[  715.826033][T14213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  715.826044][T14213] Call Trace:
[  715.826050][T14213]  <TASK>
[  715.826057][T14213]  dump_stack_lvl+0x16c/0x1f0
[  715.826083][T14213]  should_fail_ex+0x512/0x640
[  715.826108][T14213]  should_failslab+0xc2/0x120
[  715.826129][T14213]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  715.826149][T14213]  ? __might_fault+0xe3/0x190
[  715.826166][T14213]  ? __might_fault+0x13b/0x190
[  715.826183][T14213]  ? getname_flags.part.0+0x4c/0x550
[  715.826215][T14213]  getname_flags.part.0+0x4c/0x550
[  715.826244][T14213]  getname_flags+0x93/0xf0
[  715.826264][T14213]  user_path_at+0x24/0x60
[  715.826284][T14213]  __x64_sys_mount+0x1fc/0x310
[  715.826308][T14213]  ? __pfx___x64_sys_mount+0x10/0x10
[  715.826340][T14213]  do_syscall_64+0xcd/0x4c0
[  715.826363][T14213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.826380][T14213] RIP: 0033:0x7f194b78ebe9
[  715.826395][T14213] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  715.826418][T14213] RSP: 002b:00007f194c675038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  715.826435][T14213] RAX: ffffffffffffffda RBX: 00007f194b9c6180 RCX: 00007f194b78ebe9
[  715.826447][T14213] RDX: 0000200000000640 RSI: 0000200000000600 RDI: 0000000000000000
[  715.826458][T14213] RBP: 00007f194c675090 R08: 0000000000000000 R09: 0000000000000000
[  715.826469][T14213] R10: 0000000002208010 R11: 0000000000000246 R12: 0000000000000001
[  715.826480][T14213] R13: 00007f194b9c6218 R14: 00007f194b9c6180 R15: 00007fffbe2b94c8
[  715.826506][T14213]  </TASK>
[  716.467343][T14222] netlink: 40 bytes leftover after parsing attributes in process `syz.6.2062'.
[  716.616531][T14225] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2064'.
[  717.227179][T14226] netlink: 'syz.7.2064': attribute type 2 has an invalid length.
[  717.235494][T14226] netlink: 'syz.7.2064': attribute type 7 has an invalid length.
[  717.559450][T14234] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2067'.
[  717.591506][T14234] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2067'.
[  718.150754][T14250] pim6reg: entered allmulticast mode
[  718.324787][T14262] FAULT_INJECTION: forcing a failure.
[  718.324787][T14262] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  718.431101][T14262] CPU: 1 UID: 0 PID: 14262 Comm: syz.6.2074 Not tainted syzkaller #0 PREEMPT(full) 
[  718.431132][T14262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  718.431143][T14262] Call Trace:
[  718.431149][T14262]  <TASK>
[  718.431157][T14262]  dump_stack_lvl+0x16c/0x1f0
[  718.431183][T14262]  should_fail_ex+0x512/0x640
[  718.431208][T14262]  _copy_from_iter+0x29f/0x1720
[  718.431234][T14262]  ? __alloc_skb+0x200/0x380
[  718.431254][T14262]  ? __pfx__copy_from_iter+0x10/0x10
[  718.431278][T14262]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  718.431308][T14262]  netlink_sendmsg+0x829/0xdd0
[  718.431333][T14262]  ? __pfx_netlink_sendmsg+0x10/0x10
[  718.431365][T14262]  ____sys_sendmsg+0xa95/0xc70
[  718.431395][T14262]  ? copy_msghdr_from_user+0x10a/0x160
[  718.431415][T14262]  ? __pfx_____sys_sendmsg+0x10/0x10
[  718.431452][T14262]  ___sys_sendmsg+0x134/0x1d0
[  718.431473][T14262]  ? __pfx____sys_sendmsg+0x10/0x10
[  718.431527][T14262]  __sys_sendmsg+0x16d/0x220
[  718.431547][T14262]  ? __pfx___sys_sendmsg+0x10/0x10
[  718.431586][T14262]  do_syscall_64+0xcd/0x4c0
[  718.431608][T14262]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  718.431626][T14262] RIP: 0033:0x7fbfc418ebe9
[  718.431640][T14262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  718.431657][T14262] RSP: 002b:00007fbfc5004038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  718.431674][T14262] RAX: ffffffffffffffda RBX: 00007fbfc43c5fa0 RCX: 00007fbfc418ebe9
[  718.431686][T14262] RDX: 0000000000000000 RSI: 0000200000002f80 RDI: 0000000000000003
[  718.431696][T14262] RBP: 00007fbfc5004090 R08: 0000000000000000 R09: 0000000000000000
[  718.431707][T14262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  718.431717][T14262] R13: 00007fbfc43c6038 R14: 00007fbfc43c5fa0 R15: 00007ffe31584ce8
[  718.431743][T14262]  </TASK>
[  718.628213][   T30] kauditd_printk_skb: 73 callbacks suppressed
[  718.628225][   T30] audit: type=1326 audit(1756994946.103:2314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14255 comm="syz.0.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  718.658627][   T30] audit: type=1326 audit(1756994946.123:2315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14255 comm="syz.0.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  718.701115][   T30] audit: type=1326 audit(1756994946.363:2316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14255 comm="syz.0.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  718.724722][   T30] audit: type=1326 audit(1756994946.363:2317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14255 comm="syz.0.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  718.843596][   T30] audit: type=1326 audit(1756994946.523:2318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14255 comm="syz.0.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  718.875142][   T30] audit: type=1326 audit(1756994946.523:2319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14255 comm="syz.0.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  719.112644][   T30] audit: type=1326 audit(1756994946.523:2320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14255 comm="syz.0.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  719.161098][   T30] audit: type=1326 audit(1756994946.523:2321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14255 comm="syz.0.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  719.188211][   T30] audit: type=1326 audit(1756994946.523:2322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14255 comm="syz.0.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  719.214374][   T30] audit: type=1326 audit(1756994946.523:2323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14255 comm="syz.0.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  720.376162][T14273] (unnamed net_device) (uninitialized): option arp_interval: invalid value (18446744073709551615)
[  720.386899][T14273] (unnamed net_device) (uninitialized): option arp_interval: allowed values 0 - 2147483647
[  720.667027][T14281] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3089888063 (3089888063 ns) > initial count (2126324423 ns). Using initial count to start timer.
[  721.436624][T14297] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2084'.
[  722.072859][T14297] batman_adv: batadv0: Removing interface: batadv_slave_1
[  722.166601][T14318] FAULT_INJECTION: forcing a failure.
[  722.166601][T14318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  722.181513][T14318] CPU: 0 UID: 0 PID: 14318 Comm: syz.3.2091 Not tainted syzkaller #0 PREEMPT(full) 
[  722.181539][T14318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  722.181549][T14318] Call Trace:
[  722.181555][T14318]  <TASK>
[  722.181562][T14318]  dump_stack_lvl+0x16c/0x1f0
[  722.181586][T14318]  should_fail_ex+0x512/0x640
[  722.181612][T14318]  _copy_from_iter+0x29f/0x1720
[  722.181638][T14318]  ? __alloc_skb+0x200/0x380
[  722.181656][T14318]  ? __pfx__copy_from_iter+0x10/0x10
[  722.181675][T14318]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[  722.181699][T14318]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  722.181733][T14318]  netlink_sendmsg+0x829/0xdd0
[  722.181759][T14318]  ? __pfx_netlink_sendmsg+0x10/0x10
[  722.181791][T14318]  ____sys_sendmsg+0xa95/0xc70
[  722.181815][T14318]  ? copy_msghdr_from_user+0x10a/0x160
[  722.181834][T14318]  ? __pfx_____sys_sendmsg+0x10/0x10
[  722.181871][T14318]  ___sys_sendmsg+0x134/0x1d0
[  722.181891][T14318]  ? __pfx____sys_sendmsg+0x10/0x10
[  722.181941][T14318]  __sys_sendmsg+0x16d/0x220
[  722.181962][T14318]  ? __pfx___sys_sendmsg+0x10/0x10
[  722.181999][T14318]  do_syscall_64+0xcd/0x4c0
[  722.182021][T14318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.182039][T14318] RIP: 0033:0x7f35fa98ebe9
[  722.182054][T14318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  722.182072][T14318] RSP: 002b:00007f35fb88d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  722.182089][T14318] RAX: ffffffffffffffda RBX: 00007f35fabc5fa0 RCX: 00007f35fa98ebe9
[  722.182101][T14318] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  722.182112][T14318] RBP: 00007f35fb88d090 R08: 0000000000000000 R09: 0000000000000000
[  722.182122][T14318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  722.182132][T14318] R13: 00007f35fabc6038 R14: 00007f35fabc5fa0 R15: 00007ffcb0033e98
[  722.182157][T14318]  </TASK>
[  722.574880][T14329] FAULT_INJECTION: forcing a failure.
[  722.574880][T14329] name failslab, interval 1, probability 0, space 0, times 0
[  722.612517][T14329] CPU: 1 UID: 0 PID: 14329 Comm: syz.3.2092 Not tainted syzkaller #0 PREEMPT(full) 
[  722.612547][T14329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  722.612557][T14329] Call Trace:
[  722.612564][T14329]  <TASK>
[  722.612573][T14329]  dump_stack_lvl+0x16c/0x1f0
[  722.612599][T14329]  should_fail_ex+0x512/0x640
[  722.612620][T14329]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  722.612642][T14329]  should_failslab+0xc2/0x120
[  722.612663][T14329]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  722.612682][T14329]  ? copy_process+0x4b6/0x7690
[  722.612707][T14329]  ? _raw_spin_unlock_irq+0x23/0x50
[  722.612728][T14329]  copy_process+0x4b6/0x7690
[  722.612764][T14329]  ? __pfx_copy_process+0x10/0x10
[  722.612792][T14329]  ? lockdep_init_map_type+0x5c/0x280
[  722.612812][T14329]  ? lockdep_init_map_type+0x5c/0x280
[  722.612828][T14329]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  722.612852][T14329]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  722.612880][T14329]  vhost_task_create+0x1d2/0x2e0
[  722.612899][T14329]  ? __pfx_vhost_task_create+0x10/0x10
[  722.612925][T14329]  ? __pfx_vhost_task_fn+0x10/0x10
[  722.612957][T14329]  kvm_mmu_post_init_vm+0x1b7/0x380
[  722.612979][T14329]  kvm_arch_vcpu_ioctl_run+0x66/0x1980
[  722.613005][T14329]  ? kvm_vcpu_ioctl+0x14c6/0x1690
[  722.613036][T14329]  kvm_vcpu_ioctl+0x5eb/0x1690
[  722.613063][T14329]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  722.613086][T14329]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  722.613108][T14329]  ? do_vfs_ioctl+0x128/0x14f0
[  722.613135][T14329]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  722.613162][T14329]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  722.613197][T14329]  ? hook_file_ioctl_common+0x145/0x410
[  722.613223][T14329]  ? selinux_file_ioctl+0x180/0x270
[  722.613246][T14329]  ? selinux_file_ioctl+0xb4/0x270
[  722.613272][T14329]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  722.613303][T14329]  __x64_sys_ioctl+0x18b/0x210
[  722.613331][T14329]  do_syscall_64+0xcd/0x4c0
[  722.613355][T14329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.613372][T14329] RIP: 0033:0x7f35fa98ebe9
[  722.613387][T14329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  722.613405][T14329] RSP: 002b:00007f35fb86b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  722.613422][T14329] RAX: ffffffffffffffda RBX: 00007f35fabc6090 RCX: 00007f35fa98ebe9
[  722.613434][T14329] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000007
[  722.613444][T14329] RBP: 00007f35fb86b090 R08: 0000000000000000 R09: 0000000000000000
[  722.613454][T14329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  722.613465][T14329] R13: 00007f35fabc6128 R14: 00007f35fabc6090 R15: 00007ffcb0033e98
[  722.613491][T14329]  </TASK>
[  723.035727][T14331] random: crng reseeded on system resumption
[  723.723026][   T30] kauditd_printk_skb: 56 callbacks suppressed
[  723.723040][   T30] audit: type=1326 audit(1756994951.403:2380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14332 comm="syz.6.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  723.770456][   T30] audit: type=1326 audit(1756994951.403:2381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14332 comm="syz.6.2094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbfc418ebe9 code=0x7ffc0000
[  723.984212][T14349] netlink: 'syz.2.2096': attribute type 10 has an invalid length.
[  724.000851][T14349] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2096'.
[  724.014160][T14349] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2096'.
[  724.674459][T14355] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2098'.
[  726.068064][   T30] audit: type=1400 audit(1756994953.743:2382): avc:  denied  { write } for  pid=14368 comm="syz.0.2102" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  726.811253][ T5862] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  727.067863][T14385] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14385 comm=syz.2.2106
[  727.144416][ T5862] usb 1-1: config 0 has an invalid descriptor of length 137, skipping remainder of the config
[  727.179583][ T5862] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  727.241474][ T5862] usb 1-1: New USB device found, idVendor=044f, idProduct=b323, bcdDevice= 0.00
[  727.257933][ T5862] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.378146][ T5862] usb 1-1: config 0 descriptor??
[  727.963594][ T5862] usb 1-1: string descriptor 0 read error: -71
[  728.061987][ T5916] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  728.312397][ T5862] usb 1-1: USB disconnect, device number 58
[  728.345452][T14408] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  728.359746][T14408] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  728.471130][ T5916] usb 4-1: Using ep0 maxpacket: 32
[  728.478909][ T5916] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  728.487224][ T5916] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  728.498173][ T5916] usb 4-1: config 0 has no interface number 0
[  728.507256][ T5916] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  728.517741][ T5916] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  728.527958][ T5916] usb 4-1: Product: syz
[  728.532380][ T5916] usb 4-1: Manufacturer: syz
[  728.537976][ T5916] usb 4-1: SerialNumber: syz
[  728.551352][ T5916] usb 4-1: config 0 descriptor??
[  728.564874][ T5916] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  728.631182][ T5862] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  728.980603][ T5916] usb 4-1: qt2_attach - failed to power on unit: -71
[  728.992555][ T5862] usb 1-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  729.002776][ T5916] quatech2 4-1:0.51: probe with driver quatech2 failed with error -71
[  729.011506][ T5862] usb 1-1: config 0 interface 0 has no altsetting 0
[  729.019593][ T5862] usb 1-1: New USB device found, idVendor=044e, idProduct=1215, bcdDevice= 0.00
[  729.031816][ T5916] usb 4-1: USB disconnect, device number 40
[  729.032220][ T5862] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  729.058221][ T5862] usb 1-1: config 0 descriptor??
[  729.208220][T14419] netlink: 'syz.6.2116': attribute type 10 has an invalid length.
[  729.230563][T14419] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2116'.
[  729.239709][T14419] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2116'.
[  729.371132][   T78] usb 8-1: new full-speed USB device number 12 using dummy_hcd
[  729.478342][ T5862] hid-alps 0003:044E:1215.001F: hidraw0: USB HID v0.04 Device [HID 044e:1215] on usb-dummy_hcd.0-1/input0
[  729.553861][   T78] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  729.568332][   T78] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  729.579679][   T78] usb 8-1: New USB device found, idVendor=2505, idProduct=0220, bcdDevice= 0.00
[  729.590468][   T78] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  729.619286][   T78] usb 8-1: config 0 descriptor??
[  730.215366][ T5916] usb 1-1: USB disconnect, device number 59
[  730.340810][T14431] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  730.891149][T11693] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  731.168135][T14439] random: crng reseeded on system resumption
[  732.199930][   T78] usb 8-1: string descriptor 0 read error: -71
[  732.358075][   T78] usbhid 8-1:0.0: can't add hid device: -71
[  732.493817][   T78] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  732.676420][   T78] usb 8-1: USB disconnect, device number 12
[  732.782557][   T30] audit: type=1400 audit(1756994960.463:2383): avc:  denied  { watch_mount } for  pid=14458 comm="syz.2.2124" path="/457" dev="tmpfs" ino=2484 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  732.961037][   T10] usb 7-1: new low-speed USB device number 46 using dummy_hcd
[  733.121698][T14469] FAULT_INJECTION: forcing a failure.
[  733.121698][T14469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  733.134907][T14469] CPU: 1 UID: 0 PID: 14469 Comm: syz.3.2126 Not tainted syzkaller #0 PREEMPT(full) 
[  733.134933][T14469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  733.134945][T14469] Call Trace:
[  733.134951][T14469]  <TASK>
[  733.134959][T14469]  dump_stack_lvl+0x16c/0x1f0
[  733.134986][T14469]  should_fail_ex+0x512/0x640
[  733.135011][T14469]  _copy_from_iter+0x29f/0x1720
[  733.135038][T14469]  ? __alloc_skb+0x200/0x380
[  733.135057][T14469]  ? __pfx__copy_from_iter+0x10/0x10
[  733.135082][T14469]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  733.135113][T14469]  netlink_sendmsg+0x829/0xdd0
[  733.135138][T14469]  ? __pfx_netlink_sendmsg+0x10/0x10
[  733.135170][T14469]  ____sys_sendmsg+0xa95/0xc70
[  733.135194][T14469]  ? copy_msghdr_from_user+0x10a/0x160
[  733.135212][T14469]  ? __pfx_____sys_sendmsg+0x10/0x10
[  733.135251][T14469]  ___sys_sendmsg+0x134/0x1d0
[  733.135273][T14469]  ? __pfx____sys_sendmsg+0x10/0x10
[  733.135328][T14469]  __sys_sendmsg+0x16d/0x220
[  733.135349][T14469]  ? __pfx___sys_sendmsg+0x10/0x10
[  733.135386][T14469]  do_syscall_64+0xcd/0x4c0
[  733.135409][T14469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.135427][T14469] RIP: 0033:0x7f35fa98ebe9
[  733.135442][T14469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  733.135459][T14469] RSP: 002b:00007f35fb88d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  733.135477][T14469] RAX: ffffffffffffffda RBX: 00007f35fabc5fa0 RCX: 00007f35fa98ebe9
[  733.135489][T14469] RDX: 0000000000048084 RSI: 00002000000000c0 RDI: 0000000000000003
[  733.135500][T14469] RBP: 00007f35fb88d090 R08: 0000000000000000 R09: 0000000000000000
[  733.135511][T14469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  733.135521][T14469] R13: 00007f35fabc6038 R14: 00007f35fabc5fa0 R15: 00007ffcb0033e98
[  733.135548][T14469]  </TASK>
[  733.349580][T14473] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2128'.
[  733.357480][   T10] usb 7-1: config 0 has an invalid interface number: 207 but max is 0
[  733.361048][T14473] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2128'.
[  733.366980][   T10] usb 7-1: config 0 has no interface number 0
[  733.381715][   T30] audit: type=1400 audit(1756994961.053:2384): avc:  denied  { bind } for  pid=14472 comm="syz.2.2128" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  733.406079][   T10] usb 7-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=da.df
[  733.413124][   T78] usb 8-1: new full-speed USB device number 13 using dummy_hcd
[  733.424927][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.440345][   T10] usb 7-1: config 0 descriptor??
[  733.463605][   T10] usb 7-1: selecting invalid altsetting 3
[  733.469566][   T10] comedi comedi4: could not set alternate setting 3 in high speed
[  733.469924][T14477] macvlan2: entered promiscuous mode
[  733.483844][T14477] macvlan2: entered allmulticast mode
[  733.494828][   T10] usbdux 7-1:0.207: driver 'usbdux' failed to auto-configure device.
[  733.510672][   T10] usbdux 7-1:0.207: probe with driver usbdux failed with error -22
[  733.556993][T14483] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2132'.
[  733.566836][T14483] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2132'.
[  733.578424][   T78] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  733.585015][T14483] geneve2: entered promiscuous mode
[  733.590289][   T78] usb 8-1: New USB device found, idVendor=04f2, idProduct=1421, bcdDevice= 0.00
[  733.595020][T14483] geneve2: entered allmulticast mode
[  733.604243][   T78] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.612466][T12849] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  733.619224][   T78] usb 8-1: config 0 descriptor??
[  733.628577][T12849] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  733.631788][T14461] raw-gadget.2 gadget.7: fail, usb_ep_enable returned -22
[  733.654251][T12849] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  733.664440][T12849] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  733.717626][ T5916] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  733.769996][T14483] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.2132'.
[  733.861303][ T5916] usb 4-1: device descriptor read/64, error -71
[  733.880596][   T10] usb 7-1: USB disconnect, device number 46
[  733.976758][   T30] audit: type=1326 audit(1756994961.653:2385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14485 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7fc00000
[  734.028684][   T30] audit: type=1326 audit(1756994961.703:2386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14485 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7fc00000
[  734.054286][   T30] audit: type=1326 audit(1756994961.703:2387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14485 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7fc00000
[  734.105269][   T10] IPVS: starting estimator thread 0...
[  734.119163][   T78] chicony 0003:04F2:1421.0020: hidraw0: USB HID v1.01 Device [HID 04f2:1421] on usb-dummy_hcd.7-1/input0
[  734.141181][ T5916] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  734.231055][T14494] IPVS: using max 76 ests per chain, 182400 per kthread
[  734.281048][ T5916] usb 4-1: device descriptor read/64, error -71
[  734.391207][T14461] nbd7: detected capacity change from 0 to 1024
[  734.398540][ T5916] usb usb4-port1: attempt power cycle
[  734.407163][T14461] block nbd7: shutting down sockets
[  734.408066][T14496] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  734.437006][T14496] Buffer I/O error on dev nbd7, logical block 0, async page read
[  734.461685][T10372] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  734.471429][T10372] Buffer I/O error on dev nbd7, logical block 0, async page read
[  734.481591][T14496] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  734.490850][T14496] Buffer I/O error on dev nbd7, logical block 0, async page read
[  734.502046][T14496] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  734.513039][T14496] Buffer I/O error on dev nbd7, logical block 0, async page read
[  734.522343][T14496] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  734.532730][T14496] Buffer I/O error on dev nbd7, logical block 0, async page read
[  734.540635][T14496] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  734.550480][T14496] Buffer I/O error on dev nbd7, logical block 0, async page read
[  734.563707][T14496] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  734.572989][T14496] Buffer I/O error on dev nbd7, logical block 0, async page read
[  734.580827][T14496] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  734.590025][T14496] Buffer I/O error on dev nbd7, logical block 0, async page read
[  734.598022][T14496] ldm_validate_partition_table(): Disk read failed.
[  734.605471][T14496] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  734.614576][T14496] Buffer I/O error on dev nbd7, logical block 0, async page read
[  734.622640][T14496] I/O error, dev nbd7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  734.631877][T14496] Buffer I/O error on dev nbd7, logical block 0, async page read
[  734.639978][T14496] Dev nbd7: unable to read RDB block 0
[  734.647328][T14496]  nbd7: unable to read partition table
[  734.683510][   T30] audit: type=1326 audit(1756994962.353:2388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14485 comm="syz.0.2133" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7fc00000
[  734.725858][T14503] FAULT_INJECTION: forcing a failure.
[  734.725858][T14503] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  734.739077][T14503] CPU: 1 UID: 0 PID: 14503 Comm: syz.0.2137 Not tainted syzkaller #0 PREEMPT(full) 
[  734.739103][T14503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  734.739114][T14503] Call Trace:
[  734.739120][T14503]  <TASK>
[  734.739127][T14503]  dump_stack_lvl+0x16c/0x1f0
[  734.739145][T14503]  should_fail_ex+0x512/0x640
[  734.739160][T14503]  strncpy_from_user+0x3b/0x2e0
[  734.739178][T14503]  getname_flags.part.0+0x8f/0x550
[  734.739198][T14503]  getname_flags+0x93/0xf0
[  734.739209][T14503]  user_path_at+0x24/0x60
[  734.739221][T14503]  __x64_sys_mount+0x1fc/0x310
[  734.739236][T14503]  ? __pfx___x64_sys_mount+0x10/0x10
[  734.739255][T14503]  do_syscall_64+0xcd/0x4c0
[  734.739270][T14503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.739282][T14503] RIP: 0033:0x7f029e78ebe9
[  734.739291][T14503] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.739302][T14503] RSP: 002b:00007f029f6d4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  734.739313][T14503] RAX: ffffffffffffffda RBX: 00007f029e9c5fa0 RCX: 00007f029e78ebe9
[  734.739320][T14503] RDX: 0000200000000200 RSI: 00002000000001c0 RDI: 0000000000000000
[  734.739327][T14503] RBP: 00007f029f6d4090 R08: 0000000000000000 R09: 0000000000000000
[  734.739333][T14503] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000001
[  734.739340][T14503] R13: 00007f029e9c6038 R14: 00007f029e9c5fa0 R15: 00007ffc9ce3d5d8
[  734.739355][T14503]  </TASK>
[  734.889877][ T5916] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  734.897701][ T5915] usb 7-1: new high-speed USB device number 47 using dummy_hcd
[  734.906601][   T78] usb 8-1: USB disconnect, device number 13
[  734.922674][ T5916] usb 4-1: device descriptor read/8, error -71
[  735.083039][ T5915] usb 7-1: config index 0 descriptor too short (expected 45, got 36)
[  735.097914][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  735.130823][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  735.146298][ T5915] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  735.160903][ T5915] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  735.170454][ T5915] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.179670][ T5916] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  735.190073][ T5915] usb 7-1: config 0 descriptor??
[  735.195845][T14501] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  735.204440][ T5916] usb 4-1: device descriptor read/8, error -71
[  735.316867][ T5916] usb usb4-port1: unable to enumerate USB device
[  735.655282][T14514] netlink: 9 bytes leftover after parsing attributes in process `syz.6.2136'.
[  735.666860][T14514] gretap0: entered promiscuous mode
[  735.774345][T14514] netlink: 5 bytes leftover after parsing attributes in process `syz.6.2136'.
[  735.793324][T14514] 0ªî{X¹¦: renamed from gretap0
[  735.861956][T14514] 0ªî{X¹¦: left promiscuous mode
[  735.887334][T14514] 0ªî{X¹¦: entered allmulticast mode
[  736.057268][T14514] A link change request failed with some changes committed already. Interface 
30ªî{X¹¦ may have been left with an inconsistent configuration, please check.
[  736.090288][ T5915] usbhid 7-1:0.0: can't add hid device: -71
[  736.097294][ T5915] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  736.135926][ T5915] usb 7-1: USB disconnect, device number 47
[  736.241145][ T5862] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  736.269621][ T5850] Bluetooth: hci4: ACL packet for unknown connection handle 201
[  736.452586][ T5862] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  736.491631][ T5862] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  736.543174][ T5862] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  736.571107][ T5862] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  736.654023][ T5862] usb 1-1: SerialNumber: syz
[  736.656183][T14530] raw_sendmsg: syz.3.2146 forgot to set AF_INET. Fix it!
[  737.725311][T14541] FAULT_INJECTION: forcing a failure.
[  737.725311][T14541] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  737.738780][T14541] CPU: 0 UID: 0 PID: 14541 Comm: syz.7.2149 Not tainted syzkaller #0 PREEMPT(full) 
[  737.738798][T14541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  737.738805][T14541] Call Trace:
[  737.738809][T14541]  <TASK>
[  737.738815][T14541]  dump_stack_lvl+0x16c/0x1f0
[  737.738832][T14541]  should_fail_ex+0x512/0x640
[  737.738851][T14541]  _copy_to_user+0x32/0xd0
[  737.738868][T14541]  simple_read_from_buffer+0xcb/0x170
[  737.738882][T14541]  proc_fail_nth_read+0x197/0x240
[  737.738896][T14541]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  737.738910][T14541]  ? rw_verify_area+0xcf/0x6c0
[  737.738928][T14541]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  737.738941][T14541]  vfs_read+0x1e1/0xcf0
[  737.738954][T14541]  ? __pfx___mutex_lock+0x10/0x10
[  737.738967][T14541]  ? __pfx_vfs_read+0x10/0x10
[  737.738983][T14541]  ? __fget_files+0x20e/0x3c0
[  737.739000][T14541]  ksys_read+0x12a/0x250
[  737.739011][T14541]  ? __pfx_ksys_read+0x10/0x10
[  737.739027][T14541]  do_syscall_64+0xcd/0x4c0
[  737.739042][T14541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  737.739054][T14541] RIP: 0033:0x7f194b78d5fc
[  737.739063][T14541] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  737.739074][T14541] RSP: 002b:00007f194c6b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  737.739085][T14541] RAX: ffffffffffffffda RBX: 00007f194b9c5fa0 RCX: 00007f194b78d5fc
[  737.739092][T14541] RDX: 000000000000000f RSI: 00007f194c6b70a0 RDI: 0000000000000007
[  737.739099][T14541] RBP: 00007f194c6b7090 R08: 0000000000000000 R09: 0000000000000000
[  737.739105][T14541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  737.739113][T14541] R13: 00007f194b9c6038 R14: 00007f194b9c5fa0 R15: 00007fffbe2b94c8
[  737.739129][T14541]  </TASK>
[  737.928900][T14536] o2cb: This node has not been configured.
[  737.934787][T14536] o2cb: Cluster check failed. Fix errors before retrying.
[  737.941941][T14536] (syz.3.2148,14536,1):user_dlm_register:674 ERROR: status = -22
[  737.949649][T14536] (syz.3.2148,14536,1):dlmfs_mkdir:437 ERROR: Error -22 could not register domain "bus"
[  738.139984][   T30] audit: type=1400 audit(1756994965.813:2389): avc:  denied  { unmount } for  pid=12254 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  738.221158][T11693] usb 4-1: new low-speed USB device number 46 using dummy_hcd
[  738.327016][T14551] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=259 sclass=netlink_route_socket pid=14551 comm=syz.7.2152
[  738.341199][T14551] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2152'.
[  738.350164][T14551] netlink: 'syz.7.2152': attribute type 22 has an invalid length.
[  738.358128][T14551] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2152'.
[  738.378832][T14551] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2152'.
[  738.387878][T14551] netlink: 'syz.7.2152': attribute type 22 has an invalid length.
[  738.395896][T14551] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2152'.
[  738.414053][T12859] netdevsim netdevsim7 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  738.446543][T11693] usb 4-1: config 0 has an invalid interface number: 207 but max is 0
[  738.452957][T12859] netdevsim netdevsim7 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  738.470522][T11693] usb 4-1: config 0 has no interface number 0
[  738.481427][T11693] usb 4-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=da.df
[  738.494772][T12859] netdevsim netdevsim7 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  738.503716][T11693] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.568263][   T30] audit: type=1400 audit(1756994966.243:2390): avc:  denied  { mount } for  pid=14546 comm="syz.7.2152" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  738.619757][T12859] netdevsim netdevsim7 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  738.663163][T11693] usb 4-1: config 0 descriptor??
[  738.780916][T14552] random: crng reseeded on system resumption
[  738.824014][   T30] audit: type=1400 audit(1756994966.243:2391): avc:  denied  { mounton } for  pid=14546 comm="syz.7.2152" path="/111/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  738.888932][T11693] usb 4-1: selecting invalid altsetting 3
[  738.899911][T11693] comedi comedi4: could not set alternate setting 3 in high speed
[  738.922526][T11693] usbdux 4-1:0.207: driver 'usbdux' failed to auto-configure device.
[  738.960641][T11693] usbdux 4-1:0.207: probe with driver usbdux failed with error -22
[  739.059081][ T5862] usb 1-1: 0:2 : does not exist
[  739.068985][ T5862] usb 1-1: unit 5: unexpected type 0x03
[  739.127191][T11693] usb 4-1: USB disconnect, device number 46
[  739.291410][ T5862] usb 1-1: USB disconnect, device number 60
[  739.486230][   T30] audit: type=1326 audit(1756994967.123:2392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14555 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  739.661314][   T30] audit: type=1326 audit(1756994967.123:2393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14555 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  739.685495][   T30] audit: type=1326 audit(1756994967.133:2394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14555 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  739.714786][   T30] audit: type=1326 audit(1756994967.133:2395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14555 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  739.739539][   T30] audit: type=1326 audit(1756994967.133:2396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14555 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  739.901179][   T30] audit: type=1326 audit(1756994967.133:2397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14555 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  740.153910][   T30] audit: type=1326 audit(1756994967.133:2398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14555 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  740.272838][T14562] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14562 comm=syz.2.2155
[  740.316907][T14562] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2155'.
[  740.429110][T10713] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  740.531741][T14571] vivid-000: =================  START STATUS  =================
[  740.541022][T14571] vivid-000: Radio HW Seek Mode: Bounded
[  740.802451][T10713] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  740.827870][T10713] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  740.852203][T14571] vivid-000: Radio Programmable HW Seek: false
[  740.872809][T10713] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  740.890681][T14571] vivid-000: RDS Rx I/O Mode: Block I/O
[  740.897056][T14571] vivid-000: Generate RBDS Instead of RDS: false
[  740.903821][T14571] vivid-000: RDS Reception: true
[  740.911515][T14571] vivid-000: RDS Program Type: 0 inactive
[  740.917407][T14571] vivid-000: RDS PS Name:  inactive
[  740.922812][T14571] vivid-000: RDS Radio Text:  inactive
[  740.928736][T14571] vivid-000: RDS Traffic Announcement: false inactive
[  740.935937][T14571] vivid-000: RDS Traffic Program: false inactive
[  740.944364][T14571] vivid-000: RDS Music: false inactive
[  740.951999][T14571] vivid-000: ==================  END STATUS  ==================
[  740.970159][T10713] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  741.010494][T10713] usb 4-1: SerialNumber: syz
[  742.506829][T14587] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2161'.
[  742.591303][   T78] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  742.771306][   T78] usb 8-1: Using ep0 maxpacket: 32
[  742.789901][   T78] usb 8-1: unable to get BOS descriptor or descriptor too short
[  742.807319][   T78] usb 8-1: config 128 has an invalid interface number: 127 but max is 3
[  742.821667][   T78] usb 8-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[  742.931166][   T78] usb 8-1: config 128 has 1 interface, different from the descriptor's value: 4
[  742.954873][   T78] usb 8-1: config 128 has no interface number 0
[  743.001080][   T78] usb 8-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  743.066615][   T78] usb 8-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0
[  743.085353][   T78] usb 8-1: config 128 interface 127 has no altsetting 0
[  743.095971][   T78] usb 8-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[  743.109265][   T78] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.119677][   T78] usb 8-1: Product: syz
[  743.124407][   T78] usb 8-1: Manufacturer: syz
[  743.129089][   T78] usb 8-1: SerialNumber: syz
[  743.177133][T14597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  743.200882][T10713] usb 4-1: 0:2 : does not exist
[  743.209272][T14597] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  743.219941][T10713] usb 4-1: unit 5 not found!
[  743.289178][T10713] usb 4-1: USB disconnect, device number 47
[  743.387780][T14582] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  743.394987][T14604] macvlan2: entered promiscuous mode
[  743.404136][T14582] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  743.409503][T14604] bridge0: entered promiscuous mode
[  743.442940][   T78] usb 8-1: USB disconnect, device number 14
[  743.459673][   T30] kauditd_printk_skb: 40 callbacks suppressed
[  743.459691][   T30] audit: type=1400 audit(1756994971.133:2439): avc:  denied  { nlmsg_tty_audit } for  pid=14609 comm="syz.6.2170" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  743.536470][   T30] audit: type=1326 audit(1756994971.213:2440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14603 comm="syz.0.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  743.621110][   T30] audit: type=1326 audit(1756994971.223:2441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14603 comm="syz.0.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=451 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  743.646920][   T30] audit: type=1326 audit(1756994971.223:2442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14603 comm="syz.0.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  743.747571][T10713] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  743.755747][   T10] usb 7-1: new high-speed USB device number 48 using dummy_hcd
[  743.774266][   T30] audit: type=1326 audit(1756994971.223:2443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14603 comm="syz.0.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  743.800546][   T30] audit: type=1326 audit(1756994971.223:2444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14603 comm="syz.0.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  743.824838][   T30] audit: type=1326 audit(1756994971.223:2445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14603 comm="syz.0.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  743.904463][   T30] audit: type=1326 audit(1756994971.223:2446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14603 comm="syz.0.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  743.928039][   T10] usb 7-1: Using ep0 maxpacket: 8
[  743.933176][T10713] usb 4-1: Using ep0 maxpacket: 32
[  743.940678][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  743.952939][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  743.965430][T10713] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  744.002310][T10713] usb 4-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  744.014060][T10713] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  744.023712][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  744.050446][T10713] usb 4-1: Product: syz
[  744.076959][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  744.077022][   T30] audit: type=1326 audit(1756994971.223:2447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14603 comm="syz.0.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f029e78ebe9 code=0x7ffc0000
[  744.088247][T10713] usb 4-1: Manufacturer: syz
[  744.088266][T10713] usb 4-1: SerialNumber: syz
[  744.091986][T10713] usb 4-1: config 0 descriptor??
[  744.143706][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  744.159358][   T10] usb 7-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  744.188354][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  744.208757][T14606] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  744.224168][T10713] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input30
[  744.236115][   T10] usb 7-1: config 0 descriptor??
[  744.292563][   T30] audit: type=1326 audit(1756994971.233:2448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14603 comm="syz.0.2169" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f029e78ec23 code=0x7ffc0000
[  744.316923][T14610] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  744.425739][ T5915] usb 4-1: USB disconnect, device number 48
[  744.425885][    C0] usbtouchscreen 4-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  744.464342][T14624] vivid-004: =================  START STATUS  =================
[  744.475812][T14624] vivid-004: Radio HW Seek Mode: Bounded
[  744.482323][T14624] vivid-004: Radio Programmable HW Seek: false
[  744.489670][T14624] vivid-004: RDS Rx I/O Mode: Block I/O
[  744.495979][T14624] vivid-004: Generate RBDS Instead of RDS: false
[  744.504182][T14624] vivid-004: RDS Reception: true
[  744.509319][T14624] vivid-004: RDS Program Type: 0 inactive
[  744.547178][T14624] vivid-004: RDS PS Name:  inactive
[  744.554181][T14624] vivid-004: RDS Radio Text:  inactive
[  744.559747][T14624] vivid-004: RDS Traffic Announcement: false inactive
[  744.569890][T14624] vivid-004: RDS Traffic Program: false inactive
[  744.578960][T14624] vivid-004: RDS Music: false inactive
[  744.617938][T14624] vivid-004: ==================  END STATUS  ==================
[  744.701063][   T10] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[  744.783557][   T78] usb 7-1: USB disconnect, device number 48
[  744.792237][ T5850] Bluetooth: hci5: Opcode 0x0c03 failed: -19
[  744.861241][   T10] usb 8-1: Using ep0 maxpacket: 8
[  744.872547][   T10] usb 8-1: config 179 has an invalid interface number: 65 but max is 0
[  744.881541][   T10] usb 8-1: config 179 has no interface number 0
[  744.888358][   T10] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  744.899913][   T10] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  744.911623][   T10] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  744.923110][   T10] usb 8-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  744.933522][   T10] usb 8-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  744.949207][   T10] usb 8-1: config 179 interface 65 has no altsetting 0
[  744.956928][   T10] usb 8-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  744.966273][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  745.014064][   T10] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:179.65/input/input31
[  745.028686][T14632] FAULT_INJECTION: forcing a failure.
[  745.028686][T14632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  745.050314][T14632] CPU: 0 UID: 0 PID: 14632 Comm: syz.3.2177 Not tainted syzkaller #0 PREEMPT(full) 
[  745.050343][T14632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  745.050354][T14632] Call Trace:
[  745.050359][T14632]  <TASK>
[  745.050368][T14632]  dump_stack_lvl+0x16c/0x1f0
[  745.050396][T14632]  should_fail_ex+0x512/0x640
[  745.050420][T14632]  _copy_to_user+0x32/0xd0
[  745.050448][T14632]  simple_read_from_buffer+0xcb/0x170
[  745.050471][T14632]  proc_fail_nth_read+0x197/0x240
[  745.050493][T14632]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  745.050516][T14632]  ? rw_verify_area+0xcf/0x6c0
[  745.050543][T14632]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  745.050564][T14632]  vfs_read+0x1e1/0xcf0
[  745.050585][T14632]  ? __pfx___mutex_lock+0x10/0x10
[  745.050608][T14632]  ? __pfx_vfs_read+0x10/0x10
[  745.050633][T14632]  ? __fget_files+0x20e/0x3c0
[  745.050661][T14632]  ksys_read+0x12a/0x250
[  745.050679][T14632]  ? __pfx_ksys_read+0x10/0x10
[  745.050697][T14632]  ? fput+0x9b/0xd0
[  745.050725][T14632]  do_syscall_64+0xcd/0x4c0
[  745.050748][T14632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  745.050766][T14632] RIP: 0033:0x7f35fa98d5fc
[  745.050782][T14632] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  745.050798][T14632] RSP: 002b:00007f35fb88d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  745.050809][T14632] RAX: ffffffffffffffda RBX: 00007f35fabc5fa0 RCX: 00007f35fa98d5fc
[  745.050817][T14632] RDX: 000000000000000f RSI: 00007f35fb88d0a0 RDI: 0000000000000006
[  745.050823][T14632] RBP: 00007f35fb88d090 R08: 0000000000000000 R09: 0000000000000000
[  745.050830][T14632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  745.050836][T14632] R13: 00007f35fabc6038 R14: 00007f35fabc5fa0 R15: 00007ffcb0033e98
[  745.050851][T14632]  </TASK>
[  745.355532][    C0] xpad 8-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  745.363966][T10713] usb 8-1: USB disconnect, device number 15
[  745.467396][T14635] netlink: 'syz.3.2179': attribute type 10 has an invalid length.
[  746.308641][T14648] FAULT_INJECTION: forcing a failure.
[  746.308641][T14648] name failslab, interval 1, probability 0, space 0, times 0
[  746.331572][T14648] CPU: 1 UID: 0 PID: 14648 Comm: syz.3.2183 Not tainted syzkaller #0 PREEMPT(full) 
[  746.331599][T14648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  746.331609][T14648] Call Trace:
[  746.331616][T14648]  <TASK>
[  746.331623][T14648]  dump_stack_lvl+0x16c/0x1f0
[  746.331649][T14648]  should_fail_ex+0x512/0x640
[  746.331669][T14648]  ? fs_reclaim_acquire+0xae/0x150
[  746.331695][T14648]  ? tomoyo_encode2+0x100/0x3e0
[  746.331718][T14648]  should_failslab+0xc2/0x120
[  746.331739][T14648]  __kmalloc_noprof+0xd2/0x510
[  746.331757][T14648]  ? d_absolute_path+0x136/0x1a0
[  746.331789][T14648]  tomoyo_encode2+0x100/0x3e0
[  746.331818][T14648]  tomoyo_encode+0x29/0x50
[  746.331842][T14648]  tomoyo_realpath_from_path+0x18f/0x6e0
[  746.331877][T14648]  tomoyo_path_number_perm+0x245/0x580
[  746.331898][T14648]  ? tomoyo_path_number_perm+0x237/0x580
[  746.331921][T14648]  ? core_kernel_text+0xa6/0xb0
[  746.331942][T14648]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  746.331997][T14648]  ? kmem_cache_free+0x2d1/0x4d0
[  746.332012][T14648]  ? putname+0x154/0x1a0
[  746.332038][T14648]  ? from_kuid+0x8d/0xd0
[  746.332058][T14648]  ? __pfx_from_kuid+0x10/0x10
[  746.332090][T14648]  tomoyo_path_chown+0x173/0x1b0
[  746.332108][T14648]  ? __pfx_tomoyo_path_chown+0x10/0x10
[  746.332127][T14648]  ? from_vfsuid+0xea/0x140
[  746.332152][T14648]  ? __pfx_from_vfsuid+0x10/0x10
[  746.332180][T14648]  security_path_chown+0x12a/0x2e0
[  746.332206][T14648]  chown_common+0x3d3/0x680
[  746.332235][T14648]  ? __pfx_chown_common+0x10/0x10
[  746.332257][T14648]  ? find_held_lock+0x2b/0x80
[  746.332288][T14648]  ? mnt_get_write_access+0x20c/0x300
[  746.332320][T14648]  do_fchownat+0x1a7/0x200
[  746.332342][T14648]  ? __pfx_do_fchownat+0x10/0x10
[  746.332367][T14648]  ? __pfx_ksys_write+0x10/0x10
[  746.332390][T14648]  __x64_sys_fchownat+0xbd/0x160
[  746.332411][T14648]  ? do_syscall_64+0x91/0x4c0
[  746.332431][T14648]  ? lockdep_hardirqs_on+0x7c/0x110
[  746.332453][T14648]  do_syscall_64+0xcd/0x4c0
[  746.332475][T14648]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.332493][T14648] RIP: 0033:0x7f35fa98ebe9
[  746.332508][T14648] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  746.332525][T14648] RSP: 002b:00007f35fb88d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104
[  746.332542][T14648] RAX: ffffffffffffffda RBX: 00007f35fabc5fa0 RCX: 00007f35fa98ebe9
[  746.332554][T14648] RDX: 000000000000ee01 RSI: 0000200000000180 RDI: ffffffffffffff9c
[  746.332566][T14648] RBP: 00007f35fb88d090 R08: 0000000000001000 R09: 0000000000000000
[  746.332576][T14648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  746.332587][T14648] R13: 00007f35fabc6038 R14: 00007f35fabc5fa0 R15: 00007ffcb0033e98
[  746.332614][T14648]  </TASK>
[  746.332676][T14648] ERROR: Out of memory at tomoyo_realpath_from_path.
[  746.875190][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  747.081091][T11693] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[  747.309910][T14666] FAULT_INJECTION: forcing a failure.
[  747.309910][T14666] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  747.324349][   T78] usb 7-1: new high-speed USB device number 49 using dummy_hcd
[  747.332369][T14666] CPU: 1 UID: 0 PID: 14666 Comm: syz.3.2189 Not tainted syzkaller #0 PREEMPT(full) 
[  747.332396][T14666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  747.332407][T14666] Call Trace:
[  747.332413][T14666]  <TASK>
[  747.332419][T14666]  dump_stack_lvl+0x16c/0x1f0
[  747.332444][T14666]  should_fail_ex+0x512/0x640
[  747.332468][T14666]  copy_fpstate_to_sigframe+0x854/0xaf0
[  747.332499][T14666]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  747.332531][T14666]  ? collect_signal+0x263/0x540
[  747.332548][T14666]  ? x86_task_fpu+0x5f/0x90
[  747.332574][T14666]  get_sigframe+0x4a8/0x9c0
[  747.332601][T14666]  ? __pfx_get_sigframe+0x10/0x10
[  747.332626][T14666]  ? _raw_spin_unlock_irq+0x23/0x50
[  747.332644][T14666]  ? siginfo_layout+0x1d2/0x290
[  747.332669][T14666]  x64_setup_rt_frame+0x12e/0xcf0
[  747.332700][T14666]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  747.332723][T14666]  ? fput+0x9b/0xd0
[  747.332747][T14666]  ? __do_sys_io_uring_enter+0x62c/0x1630
[  747.332769][T14666]  arch_do_signal_or_restart+0x5e4/0x7d0
[  747.332792][T14666]  ? __fget_files+0x20e/0x3c0
[  747.332812][T14666]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  747.332852][T14666]  exit_to_user_mode_loop+0x84/0x110
[  747.332874][T14666]  do_syscall_64+0x3f6/0x4c0
[  747.332897][T14666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.332915][T14666] RIP: 0033:0x7f35fa98ebe9
[  747.332930][T14666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  747.332948][T14666] RSP: 002b:00007f35fb88d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  747.332966][T14666] RAX: 0000000000002241 RBX: 00007f35fabc5fa0 RCX: 00007f35fa98ebe9
[  747.332986][T14666] RDX: 0000000000001b86 RSI: 0000000000002241 RDI: 0000000000000008
[  747.332998][T14666] RBP: 00007f35fb88d090 R08: 0000000000000000 R09: 0000000000000000
[  747.333009][T14666] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  747.333019][T14666] R13: 00007f35fabc6038 R14: 00007f35fabc5fa0 R15: 00007ffcb0033e98
[  747.333045][T14666]  </TASK>
[  747.543202][    C1] vkms_vblank_simulate: vblank timer overrun
[  747.567310][T14677] FAULT_INJECTION: forcing a failure.
[  747.567310][T14677] name failslab, interval 1, probability 0, space 0, times 0
[  747.579979][T14677] CPU: 1 UID: 0 PID: 14677 Comm: syz.2.2192 Not tainted syzkaller #0 PREEMPT(full) 
[  747.580001][T14677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  747.580007][T14677] Call Trace:
[  747.580012][T14677]  <TASK>
[  747.580017][T14677]  dump_stack_lvl+0x16c/0x1f0
[  747.580035][T14677]  should_fail_ex+0x512/0x640
[  747.580048][T14677]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  747.580062][T14677]  should_failslab+0xc2/0x120
[  747.580075][T14677]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  747.580087][T14677]  ? alloc_empty_file+0x55/0x1e0
[  747.580108][T14677]  alloc_empty_file+0x55/0x1e0
[  747.580124][T14677]  path_openat+0xda/0x2cb0
[  747.580135][T14677]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.580152][T14677]  ? __pfx_path_openat+0x10/0x10
[  747.580169][T14677]  do_filp_open+0x20b/0x470
[  747.580182][T14677]  ? __pfx_do_filp_open+0x10/0x10
[  747.580206][T14677]  ? alloc_fd+0x471/0x7d0
[  747.580223][T14677]  do_sys_openat2+0x11b/0x1d0
[  747.580239][T14677]  ? __pfx_do_sys_openat2+0x10/0x10
[  747.580260][T14677]  __do_sys_openat2+0x1c0/0x2d0
[  747.580275][T14677]  ? __pfx___do_sys_openat2+0x10/0x10
[  747.580289][T14677]  ? ksys_write+0x1ac/0x250
[  747.580306][T14677]  do_syscall_64+0xcd/0x4c0
[  747.580320][T14677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  747.580331][T14677] RIP: 0033:0x7fd25198ebe9
[  747.580341][T14677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  747.580352][T14677] RSP: 002b:00007fd2527d3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b5
[  747.580364][T14677] RAX: ffffffffffffffda RBX: 00007fd251bc5fa0 RCX: 00007fd25198ebe9
[  747.580371][T14677] RDX: 0000200000000140 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  747.580378][T14677] RBP: 00007fd2527d3090 R08: 0000000000000000 R09: 0000000000000000
[  747.580384][T14677] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[  747.580390][T14677] R13: 00007fd251bc6038 R14: 00007fd251bc5fa0 R15: 00007ffd350c39e8
[  747.580406][T14677]  </TASK>
[  747.779633][    C1] vkms_vblank_simulate: vblank timer overrun
[  747.831379][T11693] usb 8-1: unable to get BOS descriptor or descriptor too short
[  747.839968][T11693] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  747.850202][T11693] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 9
[  747.860030][T11693] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  747.869774][T11693] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  747.892611][T11693] usb 8-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[  747.908189][T11693] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  747.916494][T11693] usb 8-1: Product: syz
[  747.920630][T11693] usb 8-1: Manufacturer: syz
[  747.926025][T11693] usb 8-1: SerialNumber: syz
[  747.932726][T11693] usb 8-1: config 0 descriptor??
[  747.938161][T14659] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  747.948687][    C1] usb 8-1: NFC: Urb failure (status -71)
[  747.955707][T11693] usb 8-1: NFC: Unable to get FW version
[  747.962205][T11693] pn533_usb 8-1:0.0: probe with driver pn533_usb failed with error -90
[  748.071313][   T78] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  748.118122][   T78] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  748.157227][   T10] usb 8-1: USB disconnect, device number 16
[  748.157801][   T78] usb 7-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[  748.193472][   T78] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  748.210721][   T78] usb 7-1: config 0 descriptor??
[  748.376724][T14689] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  748.388595][T14689] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  748.407803][T14691] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14691 comm=syz.0.2197
[  748.421753][T14691] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2197'.
[  748.731380][   T78] hid_parser_main: 28 callbacks suppressed
[  748.731402][   T78] hid-led 0003:1D34:0004.0021: unknown main item tag 0x0
[  748.989981][   T78] hid-led 0003:1D34:0004.0021: probe with driver hid-led failed with error -71
[  749.200148][   T78] usb 7-1: USB disconnect, device number 49
[  749.255160][T14706] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2201'.
[  749.265031][T14706] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2201'.
[  749.347863][T14709] netlink: 64138 bytes leftover after parsing attributes in process `syz.3.2201'.
[  750.211130][T10713] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  750.273512][T14729] FAULT_INJECTION: forcing a failure.
[  750.273512][T14729] name failslab, interval 1, probability 0, space 0, times 0
[  750.291493][T14729] CPU: 0 UID: 0 PID: 14729 Comm: syz.2.2207 Not tainted syzkaller #0 PREEMPT(full) 
[  750.291511][T14729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  750.291519][T14729] Call Trace:
[  750.291523][T14729]  <TASK>
[  750.291527][T14729]  dump_stack_lvl+0x16c/0x1f0
[  750.291544][T14729]  should_fail_ex+0x512/0x640
[  750.291558][T14729]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  750.291572][T14729]  should_failslab+0xc2/0x120
[  750.291585][T14729]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  750.291597][T14729]  ? security_file_alloc+0x34/0x2b0
[  750.291617][T14729]  security_file_alloc+0x34/0x2b0
[  750.291633][T14729]  init_file+0x93/0x4c0
[  750.291649][T14729]  alloc_empty_file+0x73/0x1e0
[  750.291665][T14729]  path_openat+0xda/0x2cb0
[  750.291677][T14729]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.291693][T14729]  ? __pfx_path_openat+0x10/0x10
[  750.291710][T14729]  do_filp_open+0x20b/0x470
[  750.291723][T14729]  ? __pfx_do_filp_open+0x10/0x10
[  750.291746][T14729]  ? alloc_fd+0x471/0x7d0
[  750.291763][T14729]  do_sys_openat2+0x11b/0x1d0
[  750.291779][T14729]  ? __pfx_do_sys_openat2+0x10/0x10
[  750.291796][T14729]  ? __fget_files+0x20e/0x3c0
[  750.291811][T14729]  __x64_sys_openat+0x174/0x210
[  750.291827][T14729]  ? __pfx___x64_sys_openat+0x10/0x10
[  750.291841][T14729]  ? ksys_write+0x1ac/0x250
[  750.291858][T14729]  do_syscall_64+0xcd/0x4c0
[  750.291872][T14729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.291883][T14729] RIP: 0033:0x7fd25198ebe9
[  750.291893][T14729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  750.291904][T14729] RSP: 002b:00007fd2527d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  750.291915][T14729] RAX: ffffffffffffffda RBX: 00007fd251bc5fa0 RCX: 00007fd25198ebe9
[  750.291922][T14729] RDX: 000000000004a040 RSI: 0000200000000240 RDI: ffffffffffffff9c
[  750.291929][T14729] RBP: 00007fd2527d3090 R08: 0000000000000000 R09: 0000000000000000
[  750.291936][T14729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  750.291942][T14729] R13: 00007fd251bc6038 R14: 00007fd251bc5fa0 R15: 00007ffd350c39e8
[  750.291957][T14729]  </TASK>
[  750.596746][T14722] random: crng reseeded on system resumption
[  750.805503][T10713] usb 4-1: Using ep0 maxpacket: 8
[  750.914301][T10713] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  750.936203][T10713] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  750.944247][T10713] usb 4-1: Product: syz
[  750.951069][T10713] usb 4-1: Manufacturer: syz
[  750.963544][T10713] usb 4-1: SerialNumber: syz
[  750.982783][T14735] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=14735 comm=syz.2.2209
[  751.061758][T14735] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2209'.
[  751.080886][T10713] usb 4-1: config 0 descriptor??
[  751.152025][T14741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  751.179408][T14741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  751.450823][T10713] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  751.646247][T14741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  751.655452][T14741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  751.822948][T14748] RDS: rds_bind could not find a transport for ::ffff:100.1.1.1, load rds_tcp or rds_rdma?
[  751.838451][   T30] kauditd_printk_skb: 84 callbacks suppressed
[  751.838465][   T30] audit: type=1400 audit(1756994979.513:2533): avc:  denied  { setopt } for  pid=14747 comm="syz.6.2213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  752.095179][T14751] FAULT_INJECTION: forcing a failure.
[  752.095179][T14751] name failslab, interval 1, probability 0, space 0, times 0
[  752.129466][T14751] CPU: 1 UID: 0 PID: 14751 Comm: syz.7.2214 Not tainted syzkaller #0 PREEMPT(full) 
[  752.129495][T14751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  752.129506][T14751] Call Trace:
[  752.129512][T14751]  <TASK>
[  752.129522][T14751]  dump_stack_lvl+0x16c/0x1f0
[  752.129548][T14751]  should_fail_ex+0x512/0x640
[  752.129568][T14751]  ? fs_reclaim_acquire+0xae/0x150
[  752.129594][T14751]  should_failslab+0xc2/0x120
[  752.129615][T14751]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  752.129634][T14751]  ? p9_tag_alloc+0x9c/0x640
[  752.129658][T14751]  p9_tag_alloc+0x9c/0x640
[  752.129679][T14751]  ? __pfx_p9_tag_alloc+0x10/0x10
[  752.129698][T14751]  ? lockdep_hardirqs_on+0x7c/0x110
[  752.129716][T14751]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  752.129735][T14751]  ? stack_depot_save_flags+0x3de/0x9c0
[  752.129762][T14751]  p9_client_prepare_req+0x19b/0x4d0
[  752.129784][T14751]  ? __pfx_p9_client_prepare_req+0x10/0x10
[  752.129802][T14751]  ? netfs_advance_write+0x3fd/0xc50
[  752.129825][T14751]  ? __lock_acquire+0x62e/0x1ce0
[  752.129856][T14751]  p9_client_rpc+0x1c4/0xc50
[  752.129880][T14751]  ? __pfx_p9_client_rpc+0x10/0x10
[  752.129904][T14751]  ? check_irq_usage+0xcb/0x920
[  752.129947][T14751]  p9_client_write+0x245/0x6f0
[  752.129985][T14751]  ? __pfx_p9_client_write+0x10/0x10
[  752.130012][T14751]  ? __pfx_mempool_alloc_noprof+0x10/0x10
[  752.130042][T14751]  v9fs_issue_write+0xe3/0x1b0
[  752.130067][T14751]  ? __pfx_v9fs_issue_write+0x10/0x10
[  752.130086][T14751]  ? find_held_lock+0x2b/0x80
[  752.130109][T14751]  ? rcu_is_watching+0x12/0xc0
[  752.130134][T14751]  netfs_do_issue_write+0x95/0x110
[  752.130152][T14751]  netfs_advance_write+0x387/0xc50
[  752.130176][T14751]  netfs_write_folio+0xb34/0x16f0
[  752.130207][T14751]  netfs_writepages+0x2b9/0x920
[  752.130229][T14751]  ? __pfx_netfs_writepages+0x10/0x10
[  752.130254][T14751]  ? __pfx_netfs_writepages+0x10/0x10
[  752.130273][T14751]  do_writepages+0x27a/0x600
[  752.130303][T14751]  ? __pfx_do_writepages+0x10/0x10
[  752.130326][T14751]  ? do_raw_spin_unlock+0x172/0x230
[  752.130346][T14751]  ? _raw_spin_unlock+0x28/0x50
[  752.130365][T14751]  filemap_fdatawrite_wbc+0x104/0x160
[  752.130394][T14751]  __filemap_fdatawrite_range+0xb9/0x100
[  752.130414][T14751]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  752.130473][T14751]  ? folio_wait_stable+0x59/0x90
[  752.130494][T14751]  ? __filemap_get_folio+0x32b/0xc30
[  752.130519][T14751]  filemap_write_and_wait_range+0xa3/0x130
[  752.130543][T14751]  netfs_perform_write+0xaa2/0x1e60
[  752.130585][T14751]  ? __pfx_netfs_perform_write+0x10/0x10
[  752.130645][T14751]  ? inode_needs_update_time.part.0+0x191/0x270
[  752.130677][T14751]  netfs_file_write_iter+0x495/0x570
[  752.130702][T14751]  v9fs_file_write_iter+0x9b/0x100
[  752.130726][T14751]  vfs_write+0x7d3/0x11d0
[  752.130746][T14751]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  752.130771][T14751]  ? __pfx___mutex_lock+0x10/0x10
[  752.130792][T14751]  ? __pfx_vfs_write+0x10/0x10
[  752.130831][T14751]  ksys_write+0x12a/0x250
[  752.130849][T14751]  ? __pfx_ksys_write+0x10/0x10
[  752.130877][T14751]  do_syscall_64+0xcd/0x4c0
[  752.130899][T14751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  752.130918][T14751] RIP: 0033:0x7f194b78ebe9
[  752.130933][T14751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  752.130954][T14751] RSP: 002b:00007f194c6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  752.130970][T14751] RAX: ffffffffffffffda RBX: 00007f194b9c5fa0 RCX: 00007f194b78ebe9
[  752.130985][T14751] RDX: 0000000000000018 RSI: 0000200000000380 RDI: 0000000000000007
[  752.130995][T14751] RBP: 00007f194c6b7090 R08: 0000000000000000 R09: 0000000000000000
[  752.131005][T14751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  752.131015][T14751] R13: 00007f194b9c6038 R14: 00007f194b9c5fa0 R15: 00007fffbe2b94c8
[  752.131041][T14751]  </TASK>
[  752.507816][    C1] vkms_vblank_simulate: vblank timer overrun
[  752.538148][T14751] page: refcount:1 mapcount:0 mapping:ffff888056003c10 index:0x0 pfn:0x3d80b
[  752.549982][T14751] memcg:ffff888033b66800
[  752.555902][T14751] aops:v9fs_addr_operations ino:2 dentry name(?):"/"
[  752.582202][T14751] flags: 0xfff20000000020(lru|node=0|zone=1|lastcpupid=0x7ff)
[  752.589866][T14751] raw: 00fff20000000020 ffff88801caee4a0 ffff88801caee4a0 ffff888056003c10
[  752.600239][T14751] raw: 0000000000000000 0000000000000000 00000001ffffffff ffff888033b66800
[  752.615933][T14751] page dumped because: VM_BUG_ON_FOLIO(!folio_test_locked(folio))
[  752.654728][T14751] page_owner tracks the page as allocated
[  752.661101][T14751] page last allocated via order 0, migratetype Movable, gfp_mask 0x141cca(GFP_HIGHUSER_MOVABLE|__GFP_WRITE|__GFP_COMP), pid 14751, tgid 14749 (syz.7.2214), ts 752093875267, free_ts 751046573992
[  752.691966][T14718] openvswitch: netlink: Duplicate or invalid key (type 0).
[  752.709403][T14751]  post_alloc_hook+0x1c0/0x230
[  752.714355][T14718] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  752.724485][T14751]  get_page_from_freelist+0x132b/0x38e0
[  752.735615][T14751]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  753.111889][T14762] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  753.126302][T14751]  alloc_pages_mpol+0x1fb/0x550
[  753.131520][T10713] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  753.142542][T14751]  folio_alloc_noprof+0x20/0x2d0
[  753.143013][T10713] usb 4-1: USB disconnect, device number 49
[  753.147554][T14751]  filemap_alloc_folio_noprof+0x3a1/0x470
[  753.163590][T14751]  __filemap_get_folio+0x5e1/0xc30
[  753.169588][T14751]  netfs_perform_write+0x3dc/0x1e60
[  753.175679][T14751]  netfs_file_write_iter+0x495/0x570
[  753.182587][T14751]  v9fs_file_write_iter+0x9b/0x100
[  753.188005][T14751]  do_iter_readv_writev+0x662/0x9e0
[  753.193978][T14751]  vfs_writev+0x35f/0xde0
[  753.198550][T14751]  do_pwritev+0x1a6/0x270
[  753.207257][T14751]  __x64_sys_pwritev2+0xef/0x160
[  753.214548][T14751]  do_syscall_64+0xcd/0x4c0
[  753.219396][T14751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.227253][T14751] page last free pid 14707 tgid 14702 stack trace:
[  753.234854][T14751]  free_unref_folios+0xa61/0x16b0
[  753.291580][T14751]  folios_put_refs+0x56f/0x740
[  753.296617][T14751]  free_pages_and_swap_cache+0x245/0x4a0
[  753.304643][T14751]  __tlb_batch_free_encoded_pages+0xf9/0x290
[  753.310929][T14751]  tlb_flush_mmu+0xe9/0x5a0
[  753.318201][T14751]  unmap_page_range+0x1f43/0x42c0
[  753.327518][T14751]  unmap_single_vma.constprop.0+0x153/0x240
[  753.334855][T14751]  unmap_vmas+0x218/0x470
[  753.339330][T14751]  exit_mmap+0x1b9/0xb90
[  753.345358][T14751]  __mmput+0x12a/0x410
[  753.349565][T14751]  mmput+0x62/0x70
[  753.354022][T14751]  do_exit+0x7c7/0x2bf0
[  753.358300][T14751]  do_group_exit+0xd3/0x2a0
[  753.365432][T14751]  get_signal+0x2673/0x26d0
[  753.370099][T14751]  arch_do_signal_or_restart+0x8f/0x7d0
[  753.376590][T14751]  exit_to_user_mode_loop+0x84/0x110
[  753.384336][T14751] ------------[ cut here ]------------
[  753.389819][T14751] kernel BUG at mm/filemap.c:1498!
[  753.395698][T14751] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  753.402130][T14751] CPU: 1 UID: 0 PID: 14751 Comm: syz.7.2214 Not tainted syzkaller #0 PREEMPT(full) 
[  753.411474][T14751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  753.421512][T14751] RIP: 0010:folio_unlock+0xb3/0xd0
[  753.426632][T14751] Code: b3 5c c9 ff 48 89 ef 31 f6 e8 f9 ed ff ff 5b 5d e9 a2 5c c9 ff e8 9d 5c c9 ff 48 c7 c6 60 19 b9 8b 48 89 ef e8 0e 0d 12 00 90 <0f> 0b 48 89 df e8 d3 bb 2f 00 e9 7b ff ff ff 66 66 2e 0f 1f 84 00
[  753.446248][T14751] RSP: 0018:ffffc90004f47980 EFLAGS: 00010293
[  753.452319][T14751] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  753.460286][T14751] RDX: ffff888059c2c880 RSI: ffffffff81f231a2 RDI: ffff888059c2ccc4
[  753.468251][T14751] RBP: ffffea0000f602c0 R08: 0000000000000001 R09: 0000000000000001
[  753.476202][T14751] R10: ffffffff90ab5c97 R11: 0000000000000000 R12: ffff888056003c10
[  753.484156][T14751] R13: ffffc90004f47de8 R14: ffffea0000f602c0 R15: dffffc0000000000
[  753.492108][T14751] FS:  00007f194c6b76c0(0000) GS:ffff8881247b8000(0000) knlGS:0000000000000000
[  753.501109][T14751] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  753.507679][T14751] CR2: 0000200000000180 CR3: 000000007612b000 CR4: 00000000003526f0
[  753.515631][T14751] Call Trace:
[  753.518888][T14751]  <TASK>
[  753.521799][T14751]  netfs_perform_write+0xacd/0x1e60
[  753.526992][T14751]  ? __pfx_netfs_perform_write+0x10/0x10
[  753.532636][T14751]  ? inode_needs_update_time.part.0+0x191/0x270
[  753.538864][T14751]  netfs_file_write_iter+0x495/0x570
[  753.544135][T14751]  v9fs_file_write_iter+0x9b/0x100
[  753.549233][T14751]  vfs_write+0x7d3/0x11d0
[  753.553545][T14751]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[  753.559264][T14751]  ? __pfx___mutex_lock+0x10/0x10
[  753.564272][T14751]  ? __pfx_vfs_write+0x10/0x10
[  753.569046][T14751]  ksys_write+0x12a/0x250
[  753.573355][T14751]  ? __pfx_ksys_write+0x10/0x10
[  753.578188][T14751]  do_syscall_64+0xcd/0x4c0
[  753.582684][T14751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.588560][T14751] RIP: 0033:0x7f194b78ebe9
[  753.592956][T14751] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  753.612552][T14751] RSP: 002b:00007f194c6b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  753.620970][T14751] RAX: ffffffffffffffda RBX: 00007f194b9c5fa0 RCX: 00007f194b78ebe9
[  753.628922][T14751] RDX: 0000000000000018 RSI: 0000200000000380 RDI: 0000000000000007
[  753.636870][T14751] RBP: 00007f194c6b7090 R08: 0000000000000000 R09: 0000000000000000
[  753.644821][T14751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  753.652775][T14751] R13: 00007f194b9c6038 R14: 00007f194b9c5fa0 R15: 00007fffbe2b94c8
[  753.660733][T14751]  </TASK>
[  753.663743][T14751] Modules linked in:
[  753.667685][    C1] vkms_vblank_simulate: vblank timer overrun
[  753.674087][T14751] ---[ end trace 0000000000000000 ]---
[  753.680160][T14751] RIP: 0010:folio_unlock+0xb3/0xd0
[  753.690034][T14765] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  753.700728][T14751] Code: b3 5c c9 ff 48 89 ef 31 f6 e8 f9 ed ff ff 5b 5d e9 a2 5c c9 ff e8 9d 5c c9 ff 48 c7 c6 60 19 b9 8b 48 89 ef e8 0e 0d 12 00 90 <0f> 0b 48 89 df e8 d3 bb 2f 00 e9 7b ff ff ff 66 66 2e 0f 1f 84 00
[  753.750410][T14751] RSP: 0018:ffffc90004f47980 EFLAGS: 00010293
[  753.757813][T14751] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[  753.766561][T14751] RDX: ffff888059c2c880 RSI: ffffffff81f231a2 RDI: ffff888059c2ccc4
[  753.776058][T14751] RBP: ffffea0000f602c0 R08: 0000000000000001 R09: 0000000000000001
[  753.788086][T14751] R10: ffffffff90ab5c97 R11: 0000000000000000 R12: ffff888056003c10
[  753.809625][T14751] R13: ffffc90004f47de8 R14: ffffea0000f602c0 R15: dffffc0000000000
[  753.820017][T14751] FS:  00007f194c6b76c0(0000) GS:ffff8881246b8000(0000) knlGS:0000000000000000
[  753.829298][T14751] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  753.838659][T14751] CR2: 0000001b2f712ff8 CR3: 000000007612b000 CR4: 00000000003526f0
[  753.846957][T14751] Kernel panic - not syncing: Fatal exception
[  753.853236][T14751] Kernel Offset: disabled
[  753.857542][T14751] Rebooting in 86400 seconds..