last executing test programs:

2m22.793606023s ago: executing program 1 (id=1154):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(camellia)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000003540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000003500)}, 0x34000041)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r1)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000e80)={0x6a4, r2, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@ETHTOOL_A_PRIVFLAGS_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x100, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x84, 0x3, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '^$:)\x00'}]}, {0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '\\\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '@%\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x80}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xc92}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'syztnl0\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'syztnl0\x00'}]}]}, @ETHTOOL_A_BITSET_VALUE={0x45, 0x4, "b5e6a14550d2c6df751ec91ecc981339492674516a7c1c82e1ac24a58ea51a96509bb1738518a723c8e9d400712c75dcecfe94cabe29b5356e3738416386274f67"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x5}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_MASK={0x19, 0x5, "b0a9bd57aa9ec35cdb0a9f0d7c574c0b08b736eaef"}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x3ec, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0xd8, 0x3, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x13b5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '\\-\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x679f382f}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '@)-\x00'}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xfffffff7}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x8, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x24, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x13, 0x2, 'xts-aes-neonbs\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x6}]}]}, @ETHTOOL_A_BITSET_BITS={0xfc, 0x3, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'skcipher\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1a5}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x12, 0x2, 'ecb(camellia)\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '-\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, '\'^)]((*\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, '#-]-\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, ':D)-\x00'}]}, {0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8001}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'skcipher\x00'}]}]}, @ETHTOOL_A_BITSET_MASK={0xd2, 0x5, "78a52767b96353d45d8d8e045b11b1e357573e104063e90d20720a9d93b17f769621a90b987579d352a0198243ee0668f5b605dbf1db858e06275377b3ec455c7ba293fe33d03a55cfb98b9adda1dabd46c665adf83aac748b40415c2442ead5c4cf04a27c885291951c0ffbad2813c46c8921c2bd31c5ea84a44d2917b11ffa0efbf2e13de50e5f8774c0a021d7e571e91c8e1b652e231096f6c0caa41a4378fe976382f9befbca641e9fa5bb781bb9847ea76be0d94bb113e310e8a63a8a6a1fcec6f01acd05cfb7bb7ec5d8c9"}, @ETHTOOL_A_BITSET_MASK={0x53, 0x5, "904dbffb9dabd41a8bd6d0b1e0593d3cf228e82bd8d689205b39d844619e1a9f06b0fe3549bece4996a930f62483aede31abb3f48f2a688b754e5a9f680e2331ce993eec746491d0e4407f713c0998"}, @ETHTOOL_A_BITSET_VALUE={0xe9, 0x4, "a6e451298587210a7d90df55945e58d8c6e5f3268190c64f23cc13dfe76f8876430b8e84f33f25c3f595ea87cd08845e7561a66a7a19cdc62085c959c4d3d3426fe4f08c322f8f6f51d2299297ba5b176959f64ad400ae4621ec031f252a91defe0cae32f7a8ea5e75d458353bcebf39d4027a2a4fc95951baffaccce3a17d2ff57c885c58a5d7c391709359d2610385125edc89d09a6b97397e34a0e4317f20a2b49ff0ce30fc86a9537bbb8300b9ed296eacf907ff377030eebe10e2a3bfadffc0ab9435879cb39f74b679839a03543fc38145434a6ca9a471a3e3158b50fc33656ff7c8"}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x188, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_MASK={0x99, 0x5, "843f084505ba8bc269eff9aa72a00cfb0d7a4c49d7ca1b0b429183ef276e684d687bb0cf4868ccd0bf2bbfccc4591746251738c10bc556375f77268dfcf8061875ada2ab14d6302c30fccb948a8fc6ff96e20dc2a5529b299c846cbc592c03349142047372d5ef1f20645a75aaa0112ae51af5383d703b83ae7c53a3317d27bcca66a8cc352639a8826c8a1e41aacf7d0117f94f5c"}, @ETHTOOL_A_BITSET_BITS={0xe8, 0x3, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '#$%,-{).\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xffff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7ff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'skcipher\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, ')\x10\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xed22}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'syztnl1\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x2}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1c}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x4}, {0x4}, {0x10, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x38}]}]}]}]}, 0x6a4}, 0x1, 0x0, 0x0, 0x10}, 0x40000)

2m22.658374112s ago: executing program 1 (id=1158):
socket$netlink(0x10, 0x3, 0x15)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000100)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000000)={0x80, 0xa, 0xf, 0xd, 0x0, 0xb021, 0x0})

2m22.402839775s ago: executing program 1 (id=1160):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x42031, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo\x00')
getdents64(r1, &(0x7f0000002f40)=""/4098, 0x1002)

2m21.174761554s ago: executing program 1 (id=1164):
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x20040000)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000080)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000480)=""/237, 0xed}, {&(0x7f0000000100)=""/35, 0x23}, {&(0x7f0000000600)=""/107, 0x6b}, {&(0x7f0000000c80)=""/146, 0x92}, {&(0x7f00000008c0)=""/101, 0x65}], 0x5, &(0x7f0000000780)=[@mask_cswp={0x58, 0x114, 0x9, {{0x9, 0xfffffffe}, &(0x7f0000000140), &(0x7f0000000240)=0xe3be, 0x8001, 0x5, 0x3, 0x9, 0x46, 0xfffffffffffff198}}, @mask_fadd={0x58, 0x114, 0x8, {{0x9, 0x8}, &(0x7f0000000400)=0x4, &(0x7f0000000580)=0x7, 0x37876c56, 0x7fffffff, 0x0, 0x5756, 0x20, 0x7}}], 0xb0}, 0x20000080)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0041, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000006c0), 0xffffffffffffffff)
syz_usb_connect(0x6, 0x377, &(0x7f0000000d40)={{0x12, 0x1, 0x0, 0x28, 0x5b, 0x96, 0x8, 0x710, 0x1, 0x804d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x365, 0x1, 0x6, 0x3, 0x0, 0x23, [{{0x9, 0x4, 0x5d, 0x53, 0xb, 0x97, 0xa7, 0xc9, 0x8, [@cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, "b7"}, {0x5, 0x24, 0x0, 0x3}, {0xd, 0x24, 0xf, 0x1, 0x4, 0x2, 0x8, 0x1}, {0x6, 0x24, 0x1a, 0x0, 0x32}, [@obex={0x5, 0x24, 0x15, 0x7}, @mdlm_detail={0x63, 0x24, 0x13, 0x84, "c13e5c1421bcb91d05c615286793daea5720224553c3537a090e05983135798026f264980881bb7cb1b6020633a2f78ef171bf01b0d7dd3452904e5adcf69bc10d57befd4abc4ee04f2295449ba23d1699a4c3d4047e7cdbf28249f9b3b021"}, @obex={0x5, 0x24, 0x15, 0xd}, @dmm={0x7, 0x24, 0x14, 0x0, 0x1}]}], [{{0x9, 0x5, 0xd, 0x4, 0x10, 0x8, 0xf4, 0x8}}, {{0x9, 0x5, 0xd, 0x10, 0x40, 0xa, 0x9, 0x7}}, {{0x9, 0x5, 0x1, 0x0, 0x400, 0x1d, 0x47, 0x0, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x4}]}}, {{0x9, 0x5, 0x7, 0x4, 0x8, 0xe5, 0x8, 0x80, [@generic={0x92, 0x23, "3c0dcc659a18c0cf8c309ee690b4c9e4104df81d761aac633a5fe4ea95dffb469d8d2cd835257c215480110a3a71f44257e1fdd54e5ce1f7e3719812e0e8bf2d91a352991769c521315e293c590767566839690733ebfd22db46ee40de8745610ac4b1a51ac2bd317dafd789d6d6be61b0559ca3e5c963e73dbe0d83fc64338db329deded9c8ad4371d18962b9c4cb4c"}, @generic={0xec, 0x11, "57ed994831706eeb67d9a4bbcfbc63dcda142a7540ddd2b8bc511ceb69aca39a9a4d2df2b878001487d529d812c0fb9469d0d108ee0d640ed0426f06e2838db94a95ce5badf7dc5e4d356db54b62ca996cc873ecdc165c474ed49964dcbe4139ad76066736dab2d9c2e26a2559353652b3fa063380189fd78d7659578dc8b693c35c44eb9dd9aa1ca5e0d1bbd5df28c66af1f77cd0272f30fd3753f9556244ce8297e1ae6c7ec9827e8931ed04e7cd401493079681bde43082d6fb7ee5a016a49a9b63eaded6717a17a7957d29efa41a28a25c17a772622fb92ae7f7f8dd15373b8cb470ba0b503e88a2"}]}}, {{0x9, 0x5, 0xe, 0xc, 0x8, 0x0, 0x40, 0x5}}, {{0x9, 0x5, 0xe, 0x2, 0x20, 0x7, 0x7b, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x3, 0x2}, @generic={0xc4, 0x30, "81e99092f7409b3e58047b07e29ce8c13b7e1cd3cdd30c0e661204700e944dcdad8696658a5511073eeaa1779d4ca4089049f263a92afb912bd5a549d7c59c0914edb26796e3bd1ee0e3f116c050e5119bb504cedd412ad7472eb95f997211f970b6f235c469e625bd1629d0ec091d878e78d3bd5736c5ccfb0abe08cc032bd4e38c42ed50ce203e4f3c9597a570a2d43881f49ea8ba81c710c40c98d652de790d8cf2f7a3b8ffbde5021c1c75fe6ab84c97efe1ae4ea720857808918d5e68503105"}]}}, {{0x9, 0x5, 0x80, 0x0, 0x200, 0x81, 0x1, 0x1}}, {{0x9, 0x5, 0x9, 0x10, 0x400, 0x80, 0xa, 0x3}}, {{0x9, 0x5, 0x3, 0x4, 0x200, 0x1, 0x81, 0xf8}}, {{0x9, 0x5, 0x9, 0x0, 0x53f731b063739884, 0x7, 0x3, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x8, 0x7ff}, @uac_iso={0x7, 0x25, 0x1, 0x106, 0x6, 0x80}]}}, {{0x9, 0x5, 0xd, 0x0, 0x10, 0x5, 0x3}}]}}]}}]}}, &(0x7f00000012c0)={0xa, &(0x7f0000000a40)={0xa, 0x6, 0x250, 0x2, 0x2, 0x2, 0x40}, 0x10, &(0x7f0000000a80)={0x5, 0xf, 0x10, 0x1, [@wireless={0xb, 0x10, 0x1, 0xc, 0xa, 0xd7, 0xff, 0x7, 0x1}]}, 0x9, [{0x5d, &(0x7f0000000bc0)=@string={0x5d, 0x3, "5c211d6f5c41835c81e7394652e361d3c759eee2312eaa9551b6ba43a217a1404a25da52dd434b7540c192bf210712fccdaf851de8b446e979d342ac56b12351b4eb9d8c5024ad26be864c6e593868843bc83f46832ce22ffa12ba"}}, {0x4, &(0x7f0000000ac0)=@lang_id={0x4, 0x3, 0x413}}, {0x85, &(0x7f00000010c0)=@string={0x85, 0x3, "a865ddbd1ebe53423d7aaf3ab48a30c749509da9b0b0566cafd4ff66e30c0409eea7118c3bd7fafbca31ceb74bf672496c88b077008c5f02c21c5ea412f5a5609a9033b62f47dd805957d86bc3257edd6b3bb8db28cb148c7ea33f4a463c7989bd8aad334acfb31df2fc0f739da790532b335ed2952d8564bf21820cf8744d3baf4489"}}, {0x1d, &(0x7f0000000c40)=@string={0x1d, 0x3, "b85ba370fdc83c107a49f28aa255889ab5d72c00e59e01f5e74a12"}}, {0x4, &(0x7f0000001180)=@lang_id={0x4, 0x3, 0x3c01}}, {0x4, &(0x7f00000011c0)=@lang_id={0x4, 0x3, 0x422}}, {0x4, &(0x7f0000001200)=@lang_id={0x4, 0x3, 0x444}}, {0x4, &(0x7f0000001240)=@lang_id={0x4, 0x3, 0x807}}, {0x4, &(0x7f0000001280)=@lang_id={0x4, 0x3, 0x1c0a}}]})
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000a00)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x74, r2, 0x200, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x3b}]}, @IPVS_CMD_ATTR_DAEMON={0x54, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e23}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x6}, @IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6erspan0\x00'}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private2}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x40000}, 0x80)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syz_tun\x00', 0x400})
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r3, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$fuse(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x80000, &(0x7f0000000700)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r4 = socket$kcm(0x2, 0xa, 0x2)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000340)=@newtaction={0x68, 0x30, 0x101, 0x0, 0x0, {}, [{0x54, 0x1, [@m_connmark={0x50, 0x1, 0x0, 0x0, {{0xd}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xf8df803362adb335}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
setxattr$trusted_overlay_redirect(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0, 0x1)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000300)=ANY=[@ANYRES32=r0, @ANYRES64=r4, @ANYRESOCT, @ANYRES8=r0, @ANYRESOCT=0x0, @ANYRES32=r0, @ANYRESOCT, @ANYRESOCT=r4], 0xfdef)

2m20.427086957s ago: executing program 1 (id=1168):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0xc73})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x3)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
ioctl$EVIOCGMASK(0xffffffffffffffff, 0x80104592, &(0x7f0000000300)={0x10, 0x0, 0x0})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x6], 0x0, 0x8340})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)=@x86={0x7c, 0x3, 0xfd, 0x0, 0x1, 0x7e, 0xcb, 0x10, 0x8, 0x5, 0xb, 0x8, 0x0, 0x10003, 0x9, 0xff, 0x6, 0x5, 0x12, '\x00', 0x1})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000840)={&(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10, 0x0}, 0x4048041)
ioctl$KVM_RUN(r2, 0xae80, 0x20)

2m19.241633658s ago: executing program 1 (id=1176):
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, &(0x7f00000000c0)) (async)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
fcntl$getownex(r2, 0x10, &(0x7f0000000180)) (async)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18f9ffffff00e3ffffffffffffff0000950000000000fe973aad99ac533be80bd7bd0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000340)=@x86={0x4, 0xfe, 0xff, 0x0, 0x8f5, 0xa, 0x81, 0x3, 0x28, 0x8, 0x6, 0x3, 0x0, 0x8, 0xe0e7, 0x4, 0x6, 0x2, 0x9, '\x00', 0x2, 0x4}) (async)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000000000070000040"])

2m18.785458399s ago: executing program 32 (id=1176):
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, &(0x7f00000000c0)) (async)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) (async)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
fcntl$getownex(r2, 0x10, &(0x7f0000000180)) (async)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="18f9ffffff00e3ffffffffffffff0000950000000000fe973aad99ac533be80bd7bd0000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000340)=@x86={0x4, 0xfe, 0xff, 0x0, 0x8f5, 0xa, 0x81, 0x3, 0x28, 0x8, 0x6, 0x3, 0x0, 0x8, 0xe0e7, 0x4, 0x6, 0x2, 0x9, '\x00', 0x2, 0x4}) (async)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000000000070000040"])

11.938272531s ago: executing program 3 (id=1678):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_RM_DEV(r4, 0x5000940b, &(0x7f0000000a80)={{r2}, "fad7b9428d93038f63c4dafa1da7e07527fe756bde6d960d81bfd34ba5cca803ad5bdebe227152d43a607faa0dc407fc189b0d7e7468ab55f146ff0337aed82849987da5e1ab963dda992d377e4eacce0e342581ab9962694df4a98aef6d7813fb8b796948ff95415e9d71a47ede207b1794f624b034487af5832e243034017f4f93e15abf71e2dc1e26f97de375b5a1f1a24f98467d2d07d33c06c55c3f89c8d5282a18faedb7595cdedc33c345c89deca5b925cf8467200094111705e71154b451ed8407d1c89255b27d9b243d3a333b099595c33db04682ac22a418c49f5c39a0918c015e8393d2cb7c20feb2c54c82b6387812412e3237e938369453e1e8030d49fcd1c91bf36f2422d1a72f49b31ec3889ebc0d28c929b0c6736f00b53b9ccfd3934a7d933a8202fd2bdb2a8b0d58d6180c1a69b7fb41255ce92795786d10a8c7d9e4f680517f4e34b1e8f884e81e09bd5ec5ecf38b7b8f1637afb0aee0e708c4074eec24e3141b9e12ced6b4beaedec6d55dbae69d5a63142b3e81997458d7151a84d0d7cd4ebd25d24f3d2a3b4c403ab707fe38aa61cab1b070d4730625f76dc37f201e8698204637fe62fe52ed11ae0d8f98f69d4f92762bcba03b8b42feeca7a9fa9300ca4759ff9d7e9162479f954b1316775fcbfc6640b91dd1cb976ceaf2f9f28040ecfdc0e28bb9705a1b985274c7d08bd96aacd6a00f865f3a22f86ef2ace146c4f40bb20798e0bc2db4ce62f0873c09a85e7892729489a7b9c8c9a2939812595942b1ca2d3260315bc723ac2edf24d88f0f49d586a8065817ad936dc8161e438eb5b845df96b2c9a56eb7535ee9e255f41def5d9e9720857fbfd84b4bf1c97c574f568933df8f25d6df5d74a374e4f9a6a2e76644df77da621a8c9ce947af8f20feda0e22ef467eb210665589823025c9144ec05d80276574d3cae61c639d3b12438e012ffe1ca3823b4b79185ce1896b7a41aa36a47776fade667af70c25d9543bc036f40aec1c521f39239cdbf2748883f86b89349ffee1f528f955bdf6f29686c57a49b66ebfc26ee604316f27f9547cf3c21c221581458246b04d627e29e8b846e099e5d8234ce0db1d3e77130147580622b8eeaa34707ea25369c250ce5f5adc14b7afcfbce3c25e5e65d04858dc056456e2f2d2bd6afb59afae8d63b7ab5b8b6ad3386d52dbcee60c7f0945517a77edeeda33789acdb3b7b3242704d6c51940c004cde1d3a342477607581a92a50716caf93495cbc1a6b2f1be20081f7ba8a013416e6b8433383299b752feabd1455bc336b868b38f5ad73f397f0381a51748ffa8550510837d9128ab095629b7a159c6b0dfadfd8a8bff53c80481c59d861954790c593524d8a53cd8b2f2c234b850ec7576a46074293453a86cb3c0c346a8cbbac65eda4a2130e00053f5a054603776ea1d2975e4badbaa83518dad9274c22ac17f20686f56315340e5581c787a2f71ab3a2063664bcc82c7380a13cc8eb106c036800c7b0f14ed667f39af9a5cc01dcdd5809b534fad505858508845d9c547e19c632cd8024ecd777e193c2258312b7a5998a875d33dd8b861500946852af487bbefa54e9b16a83b6131ac343eacb2558e759a9b6ce5db0f1ab173d457d144fd5a65f092e553e1d0e3f9972ec57d27bb48c78332c7a6fab0d5958c61898b3a5ae8810e2246ae36291cd5f79f9475e697c9da84d05cc8dc197485ad790d2a8da5400583dce8ffa3c8adfe276884ed5d33f0e7bc4fb1748e83884213c10ec673dbbbf55670da7fbdd6d8927cd41106064ce22cd2ae14084c439e8f07e4e261667507c0acb03033f30665dbf928d31ff9cf38f61a46d6d1286065bfad5839b0247c975673839f6f685ebaad9396c5f93b3a5f346202a40969ab5c72d0355fd609d33b9443093a53dfbf8052a405389ce269f71da8ae1fb39b30f6a701f56838ca11527de58850f17b4fcc6397614da8e2e331f06024f1ee7f6a8b2f910711526361244a585dfacb4bab57738d7938adb436cf17cfeceb95016e339aa5f2ba30515f289ba35118d32504f52710044e78666dd2834fc2d9fad35e2df29b10e0557ab4789c7dc718d2d03434062bb58fd824c13a0bc6298ed9bdc3d0cc79d008972fcc9f751af4824b2be0823313581cd2fd2b436f84b14719b93dd95a38941c11af5b51f3b0503f3db3569ac847a93ea9124622044b37b083fcf8882a788041289905296e1bf2eb12aadb5228f366a925269a20f7ca9db7f317d5117a70d93f90b402993a7f84328409bda0fdc6306dd5c126fdb179fde4e4d7314d2ee419c8635e62895f8dffdf73f38188121f7b24dae40531b6e43054d3b9b459df2f2613536819643e6b7038de55ffa43bc9edc72e2038e2bf9da70a4a24a3fce0b8673f7f8f5099fcf0d23ab90c7f8770bdfd23e6aaabf7d110768ff08c8754ff6d962e43ff215d78d2ebd882353490da27dabd92ab08291338eaacf3e1ebe6a7da8286d3d57e272b9eac7c70a9a1bd67fb3f4e3052779422a7e19b7cfb01760f949ce4562ce5ad5292cb607e42d513d1facd0903a87836d5c30c181b5728db474154d3cb4e524ba5e03336534ca9f6b093fd6d9e5b89ede5becc677996321d65e9022d1c00e2907767a51c75c9f0688e4e82e045dc972e6be8948c7fc8a84ca8e1a992d44ac8e7a962a931d8eb3d0c4756b838c1339758a4a563d108d35940366b582c48567b5ca539839fbd327361ed76f4204f8ec84ec6401079a189b271747129c3d0025ccc25c9d7fbea0aa4f6a0e5f10422e9866e42ab0f86d6e9022688652536eef7fd28dc5961670a4058eaec61ba3e11273111be9cc3da57edc16321e1382d20f4cf52827032b5f79e395e742113303b0aa595f7188a417ddfdc3b6259b56f9f8f7b133774bfb5c181f1288713e3144ac4ff69fc146cc633dc70c8aee1da2384b72115b49cdbdfe9508b2e06fcd02df78d895e12cf6f0cf4171c7570809b949c6bfbff07da4018935a186630be06d42a4844521428afbed6b3a34aa0226a948fa12e8bdfbb27d13fd5627093511f52a51a6dcd33e0122d2dd1736885c797e1d1c65c06739790767be42582349c147d52e377732742f176b79243edd2c6b585d5512702ce4a7395835e2ab038a5deff84f7ff0d4622aebcd31c58d2dbbaad54638473e5fb428b827a577215460489001af429b40d0dae3521be9a381913740ea72a8b707d2ed4a12f5791fc2d0ea9674d59d68ff02a7b7dda9b9a1917db6093bf8ba4a186c952434dfd664cf9607d9b194b874c24ad03b04148d6f1951d4127146b22783be7eceefc686c4bef899e6cce8ce1344e9e49cfc0d43633098983a40276b4b4fcbe4ce0b695d58471afcfcce714ff1da6e975bd1494d127fbcda25c0110f596e4e0882e01acc674446d2c6e3d08d8034eebd4432968b1aab2e825eba0f76612ae6617667ad6c823fb8234363d5bb341c440fe0a0cad018b6c36ca317e3473eedbcc5f6740a7fad23b55a6fb626d8093ea62d6f35d2babd391e138b24a4ddfa86fef5487a710289f2994f36e87fadd178a5e139455d398a8809e30d2569650ceee90ad6b68942087ae0e33c49c6f7952b08da8762be2c9066e56d27a69a926fc58c82565877e913bff08e0827c45f9e74c964f282d5023efb21e976b93177464a686150ef09a32c352505c534e467ce014fec144dbbdcc8e2d28b6bf619ddf63a48054406dfa33aa541cb9beafa70cabcd8600cabf93d138de261f6f5b63273691669e363e06bc583bdee1ed210179f2ab50a6bc0a727475551e90b0265e1e8ca02acabe93b596b7a782151d792a5679e21e730b7e964c38a49717d0a1385bbb1b0459916424133149720bf47ac38687178a8b351ae3f29bf4a6ea369c90f85f4f123416c8c09c3f25b133ddcdb71b1289821d81581b78ae66c075c535e30151ae1bd48e787b55cc45951c83b5ce097711df0764feab81f24d63940915c471479c24222bd5569201ac4c56577168b76c1f0684f981df516cf5ac5d4307ef2bf429d818c9809f6669f43b1eb160bdcb817154bc36cd8bd24cd6c75e037edab6fa0fe9a0f19b6dbaf99dd68f0318382ccf8d20fe2fdc08134a86b5b0794a534992751fca4ec726dfca985cc239bae2b04ce49416e07e14f752767d05f6584479b5da973fa22477be64fef48b5f3c07936c2be9fa8b92c9e8a0412a2718932edf53382efe2aa1531bbde87363fee5a15501a490c16d26354c0ffeeccf0d05705a6b68a0b88de1e15736092014273f7494474a24555e7e7a6b4e274a9dd4d534cac979a0e99758203f74309af7b221e925c592ad25e13c7907c1030fc79bb728bce4437047470cf97ebc48f45ef67695585caa73178057802a24e3e4fea0a55111275c738d2b09aa7e7a00e91be43ee507b6533c6c6e9d1848e708240d7547b08bb9121fc024caed12805a0a8bfb72f72c6787b760ccd3657328507050f8ad3e348597b38685ad6d44125266382dbf433a9628c548f89eea1691e92fc755502e4656d2faa2077ab1d749a3d2d0543cd5248db49cdb1a60f006ec8cb5b3ecfc1b6b38ed802a6885c6733dbdfbe9d6c0a0daacda38f9bdbd728bfae407e2be620cd8e66743c70073e38e87ede0daf00e7e6205bc0f5cc3ff5657ad559ad13a865d01357215e2e813153212d13d6817ff2badace7edac682ea459e30b476b98ea7ca540c9ec3f8a0550ab51340e04425e3eb0d36fcfa6612bfe947263322afb876ef4a86edf8adf41f4bf4fd617c2cc57c0639baa79f4e6468258e53b76ae51c83f37b6d128cbe4eaf3e58e7d24a7c24451289c991984bed04ce060e4ee13a0c0e43fc98baae2352366672075a6c8c26165aa538b1bac0765ffda39bfafaa401cea38646e418fc99704540acd08e128121bb0b8ab8e316f924cfdae1002d54e2ef3cf3477558d77881beaa3c31cb9cc2429eaf858ebaf06709910faf26d7433290a3250cca586c0e49c3d2456a6409da11259bc7b7e2345146a360404f3d7333487343d9dfbb2813bbeba56a1e1f90d421aca2d1e6ca075b1fcb5733df856fc45de7fe5dbe6174ebc4a6241576e46503a3f7e4ad18b5965c0525faa3d031b09b2b9aa1874285c874382359e93775a69701bb63fccc33d095aac42e79a74ec9700218add3c93114c0686f6897f3228cf3bee05ca63f709075df1b5e89e44c05feb00356c0de06190b84e09285443e58a361840e93da22a3ab64d8a4a0474466d13738c07c71847b6b2e47adb22db94e92524a08ca0dbb02de2e0eb5c2edb7e29d89ed5c2d76bb2fc5da5cd57b89bfd47465b5a57ebd72261ddfb443a141415670a59ae82acde715d73b4ab62602b9a347764a05a15159d25abfa2e26531efc90cce8692bb61d859ef6ecb4d9d6d44813085915e8d97916127241aa470b55cdf629ad52b7ad48d4253b2539726f26cf169c208a591ed4a3d4c0474446493a2da85d1226e58d988bcd484ed94d8b18f3298815be6627d1eb5bde9a2f8a3864b2e0c772502854afab501e8cbf1425028bebc3aece71cae8fc40f1606902d0ebcb124be02fcfb6a2810f580942e9f6a2871f9e9bd4a43bb3428c8e4cc16c5b7f3f6cf92bc0aec8c7826c2e759d6062c7409e2e770e3780bbff8e390bc9b551d12c5d295dda72b46cbf9a20c76f6881d69ec27a003b6edb5b2983483d06b246cc3cbd2c8524e601ce0d45c7441bb9e1dcd676ccb5ac3a9e59e6d65c4eee6b120b6bb71eafc80f9ca5de3529ff04fc2f3546"})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

10.401219852s ago: executing program 0 (id=1685):
ioprio_set$uid(0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
connect$caif(0xffffffffffffffff, &(0x7f0000000100), 0x18)

9.415896626s ago: executing program 3 (id=1690):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000001c0), &(0x7f0000000000)=0x8)
r2 = socket$inet(0x2, 0x80001, 0x84)
r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0xa0842, 0x0)
write$dsp(r3, 0x0, 0xffda)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000040)={r4, 0x2}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000000)={r4, 0x13, 0x20}, 0xc)
setresuid(0xee01, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x2, [@func_proto={0x0, 0x0, 0x0, 0x2, 0x2}, @array={0x0, 0x0, 0x0, 0xa, 0x3, {0x0, 0x2000000}}]}}, 0x0, 0x3e, 0x0, 0x1}, 0x28)
timer_create(0x3, 0x0, &(0x7f00000003c0))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_delete(0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0xfeffffff, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001800efe000000000000000000a00000000000000000000000c00090008000000", @ANYRES32=0x0, @ANYBLOB="1400050000000000000000000000000000000002"], 0x3c}, 0x1, 0x11}, 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r6, 0xc4c85513, &(0x7f0000000540)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0xc9, 0x2ea068d3, 0x0, 0x0, 0x7, 0x7, 0x43, 0x0, 0xffffffffffffdfff, 0x6, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x9, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x80000, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffbffff, 0x0, 0x0, 0x64ec, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x1, 0x0, 0x6, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3ff, 0x80003, 0x0, 0x0, 0x3, 0x203, 0x5, 0x40000000000, 0x801, 0x0, 0x5241, 0x0, 0x4, 0x5, 0xa, 0x7, 0x40000, 0x767e, 0x80, 0x0, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x8, 0x0, 0xff, 0x0, 0x0, 0x2000000000000000, 0xa7a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffc, 0x100000001]})

9.070106261s ago: executing program 0 (id=1693):
socket$inet6(0xa, 0x805, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_emit_ethernet(0x1de, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a601a80000fc020000000000000000000000000000fe8000000000000000000000000000aa223405d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24a"], 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r1, 0xc0045627, &(0x7f0000000100)=0x3)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x8, 0x40})
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r4=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000280)={0x3, r4, 0x1, 0xfffd, 0xa, 0x1ff, 0x1})

8.488168777s ago: executing program 0 (id=1696):
unshare(0x42000600)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x24, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0xd27, 0xec0, 0x0, {0x0, 0x0, 0x0, r2, {0xfff3, 0x1}, {0xffff}, {0x4, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x24}, 0x4000000)
openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000573b5d0001"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000080), &(0x7f0000000140)='%pI4   \x00'}, 0x20)

7.449549608s ago: executing program 0 (id=1702):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x20d00, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
exit(0x9)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
unshare(0x2c020400)
syz_io_uring_setup(0x21d7, &(0x7f0000000380)={0x0, 0x5885, 0x100, 0x1, 0xffeffc03}, &(0x7f0000000340), &(0x7f0000000240))
r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

6.454582171s ago: executing program 2 (id=1704):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xaece, 0x0)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={<r3=>r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000240)={r3, 0x2}, &(0x7f00000002c0)=0x8)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
socket$pppoe(0x18, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fcntl$setlease(r7, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x1000000)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_mreq(r8, 0x3a, 0x1, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

6.431076979s ago: executing program 4 (id=1705):
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
openat2$dir(0xffffffffffffff9c, &(0x7f0000000640)='./file0/file0/..\x00', &(0x7f0000000080)={0x200000, 0x0, 0x10}, 0x18)
openat$tun(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f00000000c0)=ANY=[@ANYRESOCT, @ANYRES32], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x78}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x3c, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}], @chandef_params=[@NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8, 0xb7, 0x99}]}, 0x3c}}, 0x0)
sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)={0x14, 0x0, 0x310, 0x70bd2a, 0x25dfdbff, {}, ["", "", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4814}, 0x50)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
mknod$loop(0x0, 0xe050, 0x1)
openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000100), 0x100, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r3, 0x1, 0x19, &(0x7f0000000080)='wg0\x00', 0x4)
sendto$inet(r3, &(0x7f0000000040)="e5", 0xffffffe4, 0xa000a00, 0x0, 0x0)
unshare(0x40020000)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[], 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080))

5.460834353s ago: executing program 3 (id=1706):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x24, r1, 0x1, 0x0, 0x10, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e22}, @FOU_ATTR_PEER_V4={0x8, 0x8, @multicast2}]}, 0x24}}, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'gre0\x00', &(0x7f0000000340)={'gretap0\x00', <r3=>0x0, 0x80, 0x1, 0x7f, 0x67, {{0x15, 0x4, 0x3, 0xa, 0x54, 0x67, 0x0, 0x1, 0x2f, 0x0, @local, @local, {[@timestamp_prespec={0x44, 0xc, 0x96, 0x3, 0x6, [{@private=0xa010101, 0x8}]}, @ssrr={0x89, 0xf, 0xa5, [@multicast1, @multicast1, @broadcast]}, @noop, @timestamp_prespec={0x44, 0x14, 0x76, 0x3, 0x9, [{@dev={0xac, 0x14, 0x14, 0x25}, 0x9}, {@multicast2, 0x9}]}, @generic={0x88, 0xa, "b8e0adf27cd14bf3"}, @noop, @timestamp_addr={0x44, 0x4, 0xf9, 0x1, 0x1}]}}}}})
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000200)=0xffffffffffffffff, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0xd2eceec975ddfe25, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x1, '\x00', r3, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0), 0x10, 0x10001}, 0x94)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x38db6b2295deed12)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000380)={0x0, &(0x7f0000000680)=""/4096, 0x0, 0x0, 0x2}, 0x38)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
r6 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000000240)=r6)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000580)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000180)={0x1, 0x1, &(0x7f0000000380)=""/242, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/60, 0xeeee0000})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000000)=0x1)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0xb, 0x0, 0x0)

5.337299477s ago: executing program 5 (id=1707):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

5.322002779s ago: executing program 4 (id=1708):
syz_open_dev$ttys(0xc, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x20, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000041c0)="6930d8697c97a65b36159a023034632628cd4474514a1368f1e71dd9b7c48436c2ea07f3bd58a6bbc0f065ddba346122dff6ad81d21cea72e7d951c5c5b21a9f0ba768cd18ddcc7de78e2ba9ac88654a1d99806fb236617ff138f15994a6259de4f933ae62cdc98b2e33514066dd1b9ae1546df8db973d467507b2ecb6a4ece57b2ba7b9df20a0d6817b9fc2ee34e709a8bdef99624ab97472db298354edf3c072c710b9ba9d9a0ae44928172ce6a0d2695a17057255ec6e0b09c684a7f808e38302eb375390ae65d665da7f176a45ed0144a762fc666931f1a4c0ed03fb42e8f7ed4439add1a96b90904330d8e3c91527b405f36e89e44599c5ba4e742f1a281f0dab5fc2dc8855a78e1812ba99ce71fbabef429e87295d941c555c0fdacfa1f3256b70c1fc84b2d0df2c589dac34698d8d108474f84dce58efcbe580b8f348c550c6ca9abe230330d05dffea89475391015c707ddc45a3958a68ea44b5f7d81a84b9064111954da3b5c832df657efd5f0849b32834a053f4a052d7fd7d4db17be80879bf6859bc9605664557eceeb74753416e41b92fb84b572b3c78b6aab6f0bdfcfd7d3a830f12d1b3046e615889ae554db34d35775c6272243d7132426dfc9027ea50d62b91f356c58093933ad75013f9470ec90bfe1d9376002dbbcba9b7e7a1e023f878bfa4d88a9421c035951fd3169c5508ecf28c3a8691605242cc858fb56af44956bb5e677d1d90f0a3b97ad30c74adfc2f22232f7f1fa022c1f0492619cf98381039f26c784ca4d4706f67013bf457fe927aad53c1aa0da90d2730155664d84e41792f3f461840e41135c5b82c87834156b9d6403b7001e5ebb1846a6ad80723387bb92f8d991fa8db1fa65ef90a5054798635c18e7ff7649c41e867fb070bcfef61445a7d0c0c5fa02da82969db96aada4095e8cb2bf7728bf95eb020594c0d3617467701d8c4dd01c750712dae33dfba7548032b48ab93ff3c82e104b08116c1a68fb3b28a1b8ccc23c2698803828d1da099a5437b248078b502f7ccd867af9f8c79bc55643414c57466a781032bdd6dea9acd5cde821480a85c308dd03af012d03cb552b3770124ac279c9427c0e1b761c525eb251598d326bc650b5f055b610688fdaf9789e60fc234f1881536016901ddb2597b47e7bc675cac3ae8c50169230af084998dd6be35dc3609c5edbc93da3fe98ebb475a0d30437017ef640b96fd48ef52f509cf57e65c73ac09603081cd980e8b9d73ef4acf4511cfbb07d5074a6561192c2b2bce29cef8ec70ff599d4751103ffec500a8657d6ef30499b9ad0b10f3e7b6b53fc61dfbbb209e3691b1cba1af62468ebcb61c4c0a776fbfc92c5d2a10350bad29915e44cc952de4226ab646e28ab008683e470ccae3486bdb4ab4a6ffea9a671237bf0943660d929667ebe4a5f9cd1bdecbb53262a4fe3eaeed7fbb4ed1ca40da9e2efdaae4da05b14c754360f3c3e5b96f203c4f87e5feeb73abb88aa57fb850702339b5ac192810597e99fefedd52558fc6aad5d2ac0eaec00dda68467a3c7c7cdc3b724990f1b2f4f65e9181e5ebd0a343c491a1fe0e4378f241bd071fabeb1487044fe5c5eb942eb92dc80ff317cabfa10c75434441716a7339115a3071e45eb2d0800627b99a4fb59e260b26d53953ff3f255dc4bf40d3cc8797287fe3d6356d1eaaf67745ef73844b4c64e89ca0f04a87659427c26f0d6bfa2f4881ef69dc5c7b4515c7c4394f621fb98f2c6f496b7ac640d3a1fcd483ae10c4ee9710a896e67175a679f2461be09c722be20df30c9670299db21bc8aeae63e57ebeab1ca61c265f10d8def8243583e6967c5e40162110025a65f0c658db29f5eb0e50b2dd318ac55209721c8c0d51fb05c9ff3106731b058e14c8c89dd33bef6333f218c9f66e2bd9fd897b985bda3747c88fbd24d90cc8428380048330abb044f9e7107ccae059b961e0c6a53d182de21cb77e12d1ed0faeeb214c9ab6b7dd5f99d9278df393958a7a46aa734726938ca2172e4cba5f0a68cc2823bd5aa622c099fd936e303549ea4a80521b12b616526fdaf00779de369a5a83dcedbb739d426eb7f3864cbe346ff458433ca67a86ccbc703939216e4a001d9ccc84b4c438e5bb583e733973b3b0d2fa9a1bd4be4fc2b497b80e1455657a3f339f512cd38428e022d311075190c8d443cd94505dc52b0c7b6138f2279dcfd0a20a564e45b8f144a6f09e5beda5303f885a7d9fbdb4a6f3778ff9e9fc6e0dbee5bdd0330c3c956ddc36f10fb6811320ab30b4817934bd7e11bdcefb58132a17ac76fb54aaab0188a32eec2284f1a24835cc79c6909f742ab35631b919673eb84d53715dc8bdac9b6d28a24b869929d7fb7bcb34b5b5bab1ee69ee38c86541982806b84db06d0dc81e940a872ca89a5a7e1c191bec2808ac6aa0d733c1d647f88df8455ccfbd35fd5bef780bc8c4fb86efb1951b8382915939779493c20279b165c2b775b7d5b63ea0ceec09a17472bab7ec8122dbcf5ebaf4ac3db25fd0776f13cd67a36ce6cfa58acd262cbf4bdcbf2fa7239c79386dc580121e986de5b78a4351388e7fa6461a7657bdb4383c659409f16c7508d5e5618d116a659bc0462c130b088d63ac4bb69c0d756b5fa2e80004019d6ca5371ea361e8cc613954332ee959de1766f8f3689ab8daf45b69ec0810d0ab7e3b402860c8b94ffc25de57920f8da7a3bc7badc4dc9088bc7f6c71b1d4d960c258cd87abcd739bbd5115aef29f994f062318e8accab85f5c64a263ca14c1629284f7369d86436d174f6f2b1a5e014dc5cc3021efbce66bb88d7b3827be33365d8ab2daed7c6dc0651b77af1dd289684df8e21b6a81c66a27294c7cbf5cd90add094477cd6dec894b140a409add754727459c695c4e63dc73fb491af8c22edf1dbabe56a9969146056259a65f9c1c62973abba625b8065fdcccddda10cd7ff7b2144c63b754af792cfe395902608da630aeed913e9f014bdd184c9341c62fe0c7dd2660e26eab22cbd0d9e21ba0552e71f1ce17407672f01ef1012877fb7da93cdc92056ecad3ab01922b3a8e13661ef1372d84ce5167153ca2551edfed8c2c6557626f2554d67a852a8d2b566fa40c6dfeee3b63e2be83523f64365922531ac93ae196fa6a98b3b8708eb90f410f150c3e8680d9cb7265f108f2b860e7d8c7dd64405bd545eea08520cb33857b3090fe1b364e47151eb847ff444fab989dbe1e03b29409d46fff338d6ae5a4c61426ba4b170d96617774b6f3ae64beb7f791334f4d48d3fd26969d4a4342a8f1088bafdbefbcb1990e9d0fc95edf96113137e619cb15df9c4d9a21de468e40d284f5af88cb8b038540b91ba070f311efe1b081000da886eaddb3aaad90bca70e2ed34dadacccebb095d8e116ac9911c2c4f2a7a95e939853950b5e04a98b6bc9340b28e323ad7cc58888e33ef8bf438080dc26c71c8e12e0bbccb1fde98231ebf61a9011a2190b33c941d927128d30570c11b2a51d919d4caf1fbca673931fb2016b81c12e4a31b3458d0f215c97c9dfec8d514d66e748931b6e8bd06085c7ee8e7b845912053766ceaa20f1917d075fdcf2e9cca3e21bbbb1dc0a5cad36ee44e7a4e136ec5e5fc233cb63d5f035f96628a7abb281b493d9cf8fc4251fc9c3c004bd5d64713c05ba68de2318826b01db27661561b6dd381e5973b887797bb21f7a7f30c9343696a60775c36e5b05eb19dc62fef3ff99f8f00e8ccd25e00bd1863609f51e6a69f7e9c650aff3c8897ed6ee4c8d0b0356627cf69a3a3abd0c352e255b2c6250834c9fb272d83bdeb959ebc1e7207546da012b3eb4861c98fa1fd126b18a14585a2e142b98e5fe902a4961ccbdf7b7728588b7559511b30a2d2e86857d0281bd5e08103dcd11becfeb8e9c5b3e4813c79c14055e46203a5cebaa30fedec57ed23538afa85711e0ef3f72541af4d3e6c938590ee053d4ad1de8ecac6c49f1d70707c4d93e031b6f930658425fb0dfc3cde7c9f775eb3cf28fff76097c35e532335a80053fc198b6de7fb09b87e2219ec04782f35bedffef4c08e6316b25824caffef257d7a072fcd6251450dd9882e25e3e0a05a63b022e53ffcbff4097ad150095fb7065c47f7b8a9fc2c8186a5942663e661d80649af235707a87619d277dc8b5ef70190663991a531d67660c74f778301f9939d4511eca1f8bdee0706fec004a6042e45954f710a9e90081a8b297bcde440bc8d54676ba38397734196aa3835d361d8f36acbe4c1bf0f2782d27611555b19d1b9bd1ba493ab4c3a884216bc143629d8d418518f9a06b2b0d25a5e10ce515f47c5a54fa63212a686eab067600d56b234fba7be63b4d40f8be1fef0e69a55373f8faaa8f02b2b85aaee0720d0dff9a0e84850d998959df6397cd824c1a7bed9b73ca92f83ba66e3f170c3b34a3f7ad509d7bdf916d5367c22454f2252ecbb9a334e2fd2032c569fbf4bfcf6f41bd003ed10911f2644d66f4a6ec4a2eca936fcaff29ea9f454d5fc68575cfcb7e6cf8cffca37d1c5d374ca1ed77ffde5a01d349e4d18ddd15cc7397e696d6a92e0ed7260efd42ac23b5396840df636f85f83b6fcfb27f3503e130200a77c61c01b3c80a5b77c90eff390e27c3c1256efae5da2cb7ca7169cb824a164da49078e461f4640ff4d7b074a32676aac9f96746c36fa151145e1d13187191dc9739fe3c3af9418d6258e525ac82f626666278fc888cc0b8616d851469d3c676c1a0ac6c71b5914009b9797a914f1498f6f439a92205f855a4bf69843489dd425c4b5482522b96f385ab8138aefa8833eaf2056cfd068da37229fc7a5900d30c152cf92cf2a4f7a7505190268b08c9acd3839d560ab5762a0dfca0f2db56e2298c1f7d894b98ae8c98dfc81ef6e8e7a8a7138f12005f54bcfb93c9244468b7c76fc3afdc4c59abea57ce6302291c5130697834e838147d62112c96acefb57900eef463048068a0344f2e09d4c5a9488b63b92c5a67d1486ef56aff7f79c06fc5eb3eed23ea56f4331a638bbde8e9b022c29c08a803fb2e386012a1cf008106e619b5fab2a60653fba60c6ec7fd19f33a8e2ff6dc8046c117d3d8131d5f23b70f900ae5d632a51bf76420b9a1055c4bf49e22b5011e0fd12c12c403b42f54f799ba61b57c0bc0933adabdb909f0609602e73e583a9747a8f0477f0ea3621669343960f2dad82056471f596449ba52bef2fb24959f80659df251df5443dfe6b6a91fe0919cf0193afb37a786f9d13eeeafacd839f876e70c791e911b6e8c35fff3e4dbb787bf50fdcf9c8d001d8c078c0cb994f17a95f08d8de87700286c251011ffd8baf2e976e587730390e412e35b664a1dbff7744b68c91eee7356348c2fbe5a2e38985337cdeceb12c836cb1bade7c4c999eff6333bc5c0f779573080d046f96cca17802a0a2b7b0d36560868c2e54a883bf3ed16d5067adb0f4ff81d246b00ab30aaa58ba139e0e2d84c2b86e77934ff04cbb05f5ce568ceeb3ceb1baaf084160617f6821fc503c238a6daa5ffc19321a878ebad11a898f8d0d27b823c2e3ce57a9333d9d40a492da5ba26593ccf97b25c7b6698d9b8b4a46dce1c81c98093a790075411a6a7abca59e592f37eac9d588ab3a2e86edfbba12bbb83af804afb015a8c240dda9124a0c9c9691569eae6e948b48d4cf470f898075a1d5f13a239b3c1e31e8d98ddde799d8c3035d1e3949c2ec5a760a0f38314f66b3bf40de785c7a60a8f22d701a9e70d6a3f1b35d6d1e94038f8a7f4c97fb5370c9f83e31daa73a6e648a21e929324faa27482b039bf2d55032bfd8d1b5712b9250c8269b0daae8dbb5c8d4a243484b0d5f941a987242d06987bedfa97a3e062510c9b4cd3b82222ef22a4927749f38bd4259c3e6c8d8cbf0a1224bb80d8a5923827e18b18778dd44e7e3fa8b8b407c0cdec6fbccb5e33c2fbd9f5f0a7e35c4a04dedd69cdda7d888f2082903dd86e45732a687568a248a9af16253db86bae7e893a8a8c380e53d596733523499c74ab1c1b1ab26888533bf2d3ccfe221033442ce0d34aa34bd9c420d4e39413c95de2c2acdc520fc6ce524149bc80e9bd32bc7d72e7def1c425391fdee15cd89a090ec7aa29a4b9c0bfc01df19b9bf692c4569a9f3e0e19b288710089f677905780d2c3132c909cb29bee3bd6d62f060a944d66c78493b01279203e7a1185001ee8f6cb0967e8b3ce9aa50106c5576912a7dae46229ff03b65cc659cf49dae6aa6b162d6dba82119c511119225d6a536fc24bbc55f6e237d957a43f351c50378d0efc9ba1eac7d6a1b280c16454452294c457b8eb10dabc768edd67877b2ed08abba8768bc6579eccde4839ee7d68f80cc4aa318fd458f97ea9609f3135ea417aa455592e394b1f5ab6ccc14385ddbb416d47279e5748ee4e02e76ecba7d7474fb6ed6a851da3e156a7542bb9ad9b48b8362bff43755ce5b657d5a752ef632bb416184e70f1937c494ed9db084cc1177ac6c491772b739fba1b4be52acc2cc0975c8dc0b00929f503fb3cfe4c7e6670295edaef2327cec950737f0cc96eb30e7fa8217d9b9968274c413ec79e1b050814145432bf164f6e7b75a43424dec600502011190097ffd1edf795be01c4135a9be178b6b050d82d8542375abb40f0fe776965bf3f0630a2652e5bcf3dc237a84a4634081d0a9ba1842e6ddd4faf787aa6449a50fa9498ffe97c2759558112d1b0ec0db512d7990fc0efce6bde80f4b1ec9799d0cdcd41e6863eb473c3edb5c2e70ddc7d3aba52c2ad2e054b01eb3d92c2023b33975b23a72211fec063bb4fbaa49abacc47efea7d5ede3675ad49eb74b7fdaa5667b9ddff2e6007eccc90a7cfda32a053d9fd2aa1d01fe54c112b955d8c26e3e0ac2994fcf3f50d1fb129ee3df3db886d93faad74cec81c11e2e0922fcd0b2187cb75369598a3b5c8c8495870403b2593647a8a2d4d86601da9fbf49f1222dcfe5b64d0102d3c9296d0c0d459c5a7bab1580fb0b25a5ef71eb579546bda6ea58be241ec8ac9737e0e30ea47fa93c4cf2d44d2b6421c856dd5e1c2c3569040113d7006be693b293074a2a6188b228129fc79f9984f5bafd6f7a32f68bd3dc7197a7094e93561d208f0c948d364743854efc6af051a3e2a7eea8f132442d1e3a87e670190f3752ef0699f470ed15719ba274371179935ff79853b928cda754d1045929f8db75ca71825f21642f738622e392bc0b35ca98eff3821b7d122732f8ccf8d251d84589ce028d2efe7d7cbd34e8137f518e2feda64d9c788713df3e1450e8a36dc031c22f3d5bf7d294a66f90b64fd285aeded6e4a07b82c740c87598a9684f8f6d47b266169696b126e66d7b4532ace038a2b7921bd62fc806bb552676abb8204b4ad975d449d1be97ec9b55dc8b2b10a3dfe4880487de3f8c6a3b4426ac6adfa03845b4d0cf1e6cbd86be473d154bf7439dee05d555268a769ab339b299379cb8546f16ed8bbb789049eb57dcaca48c26e78982cc331ba474bcdd9f893f5f6526b4999fabcadc7bc6e8805ecc68902a31522e20b3f1817c1b516f16ab5bcdc7101165d59ce074e633dc68202221d2bae4ea62a13f6a5e7c82e8fd232fc076ca7399b5d01c325d67ab82f50acc789dfe8cab35de7e2131081a9d90606e5dc5a9c3af3fc9bc895174215d8aeae8dfe75b33be25298a11eabf2e0481050731edb27894df45a17985ffb4f3f27ad6393af9ac6f461737394ffc89f9549b7607dbecbf7803899d2e6513a74473ec0fb6569f6d27cc9a83f242f4ab78aea3c293ee846a2e0b3114991d5543902c848a7e451da4789e478f707e585defb47e3ce3525cfa17571772e1526c16c1065e5f438442c25e43e1023511022647244415f0bb7d28be2f7a75dae78b5da0f9d063c66ac396ef0b66fdb7e701e4caf9a435ccc476cdf3e5356ade531a3e33640ede4af542bcdb1ec54fcfe6f0ba105e0fd72b707611020ae1adc3f794b3c66e3c1f9ab0c87e5641a4891d74a194b9cd8ce14c81ad35df9a3c7862921e2d8c3942d4a57f4f4d13a6d82d75a21f1b862e8f4402c8b2c0fe2fb788ab761a22a4377497b34d137d0184d2d7bce69826e7ecbf63a89b133f263d58945627bd79472e3cbef5595a0c9d2e512605b578f2e558d4c4b31416c12f5709f68bd4e7ab1b0954f395299d634102bbbc97506e2dc938c5ecd9fdb26566eeb4de1621954ecb5af9b0d9d39b0fb1b972fd92b959277bf78d0a1763df9d9bc4182ad3f3b8eeb19d00cf41016f4d0d4623f2541a73f588f5108cde960b0bdc93ec260c14a498931226c981b41804bc09ca8a9168d9a4e17d269815e7ada71be1fc410b38874aa5782abc7ba7976daa94d724c9687c419165e77b7effe77d07e5fd6f55993b8a151889e57166c2ff63f04e3e09eead6f8c92e49e926c8f60a2f933c8926be5fb83b650b126cdbd9d239f6f11d717f8f32fd757350e7db0bd32e191052524922b2bf2b92801a717be7504ab79d55e425b09a79c8a84af1cf94c66dada7789e6d67dc041b4ac0e57c4e658d11be13af2fc3c200086e147a2223296a4253297155210440f0f17c3aa21ab7e15fe2e12bb9e9356d1018cc68313034b469152b650adab57f73350a6c0f76a36580a7dd8af218d656fa4bdd57b9d584e5acd1fa95e14120d7f9ed1fc3a83aa24135ca45472844d115f0a1bdebe2f6bc37cabdd0d7f9aab4fdc6a2c58aa0beb0ce431620d5ede6ef98e2b77e8d0558d250aa20c54c62d4b61d9bdd63286c6887ee3a556677e0673c94e46b9f834c6e4996b1c91141cd0d39b712f93e5195a7f7838f3af8325f649938d8c319ceebfa8154d23197bcbcf616be6f1f5d6fc070ed76abe89d6b94bf8a8d3f5b9bedce758b17d1e0be38bce845c8c3209d3fc30901494408c96956d050d14548d6edf55f4add18c91fb6da723a0c7c3c3f4c4b3a7056e611bdabdfd4edfb7a79a2b02c05ef4027c15db8bf2bcd015c66ae6d3203164615c56dba94606702caa577777e05e642ce3df5573ba3ae268f4ce4b38cc9013faf21d7dd7174ce7ea498c9451a1626f02398e49a33def46d228edb6de6fe8dec11f553634fb923849e3cdfbe645cff327b8251afc107b7fb8cf3cd735ed9bb1275ecc804a4f126bfeb853e13e636a74a4efc9faf01118aa82d00ac20ce0c0af140c756ab90e5dfa238707318c353c7bc9342c36ddcb6e74400933c8fa99448f3a169b95cd6d2558d755e1dd53f3fcfc46b057c550de64829e556c8cae40e796ef76fcb953086168fb2eae89349f29d3dd26ac6282292355be3b123b0c02e553bfb8948afe8d7e8ae5d63184b20795481a9385be05e9eff807b94eb1e977d50a7dd7da582695aa496a9a7587d01f970c3ed8d63db217164824d8b8bf4c5e493f801e1ed241afda4b695a4c606d6b5344493d9922dff76b4be7021d26b60d1f785d205c39d83694b0585eff60c9e1bb2f7023c5b5d3d043897baa9a9ef3507c280d9580d43c7985db146694b8649e2bf67e37081a945c4c81fad0a48e64d8877dd149443c8f4d2267b4aeaec8f168b44d5af109f505644e2a545fefb13d673210bd2b418b054cb4fc9fb7f2041e87be5f31466b51b308deff16bd9878a3ec72d0a1ad27c5cbd497b2c9585d914392da52b3708b198a3693d2988f03c7d3a41762c78cb9c268dbbcb0d1efc800fab4183286d924604a5fe9657cebad2d8bb0ef0006a46a4ef9fe92c3fdc1682b993239421879cb5626bae2368b646e61c870342b5cbb7f7baab7142a9ca2378805310c1abc12098c796550a20f3d5f01141470c1b5550857202ec712e3813d1ff7150111f4730bd83c8516aa86b345c280fb461c7bc6ff6f0bea507033d312027f51b4a90becfb048e676bfecfe2b1cd7504a226e89bb4df31d13436db7765062fc74789b75f82e77a6e83f49092558d38da47755ca0373ee0979c880e224bd5f70d6a69d8e2463d9b70bc7dbbdc9f27e1ba38d5adfdd6a5a0c564cda76a9ed6dc0e5117b06b9817d6d47f2a82d41a5a821431fe5f38eb3417d820c769afc09ffd001fd0a6f3c3879dc74ffcba15b8b29a4f435249226ee1cd7fb8c0bb6ec9012178bd25c05e69cb1d6e7121295a4e166c80d918b915232e6e8823ed6529eda300f2541142092df194de0cc255beed438afa94cbd350acf809e7f0467830b20108b95c9b653b030e311026cecc32332697cc2f8ef9cecb227de6de7144fc4b25e2180784f55204b17612228548fc825e60c88144c72abf3cb468a2d5491c431f38d858fb5471ce84c69d1d2b38e8ae2b134f4f94aa03996b2e0f1edc538ff32f7ee409b79922660b0f3421083298b14f26733577ff59b672b7214bd0e4508503c61da0b70cb6186b01ed575f9e5bf8f3bf538c2260f4a82755094c33c931ad0bb346518cff593de0985602852749610e073f20dd0be87ec8c452c3dfb4ac19d73a489e74a8a48411faac7ecf7e53d76ced94495ec2e814259fb5114a7986fb81a936d38c99443ebd55026acc6c78e1b14728551bae0bdb86cd518eeeb22dbfd7f7a32d2b94f7b0f757f34d6d22156e4dc1e7b9533fcf7a0d0cc3e41480345ddc68c11e47f8c514f1ed601d69e5b36e03962643544064ddbf689a3cbf378074879f6cd33d56c0a728a2050ab202981d6723b99a0e505cd8fea39da000bc7608a53024614407a5ebd5e034b9a59fa952841ab4f0758e988161e56fb454db449b3090eb1c4154ea6e34ea13101bb3a62dfa1878448952b1955a3c462432d7035228caf6ed4381e3ec1295e90decc62ebed5e60acbae3d26982e7834ee00a7632f581b6198f9bf42161a4980d08fac53d40b81731e4c727f5a24e75f6a262a1d2ab37b3ebc09ca6b0ffb0a1edf942e93d17d95eb3532b57488469575d9d47c2d08eec166f8fc1f6183795e1d5e48f46ae05a173af5765e03e98e6710b408cbeb169fb67f1d79a1999a977b7df51d7ede5aca5d31e9d75d2be3838a014d8283c3566ef5ea37955d6e66628d755c927e14d40f723428a69e03c8b100924b72e2c49926208044ff49536b0a1eca6c7c42ff9c90716fa35b02d2d869bcceb60e91dacf34ac1249f5d7934a078417e4fd416da2fbf9122fd37c042712ad9ce8592806b556d26163990b11466bf759615d2b852e75681a8b87571b5f0a21a4b5617cb94e2dc9efb264c0a331a752994d10a958b245cb40d9985365c4dd3b9551c4d03157aa29222a2af29ada6c123eaf08722310da16f7611cfe729255044642a8c5cb9f94c3f778248bf35520ac980af12ddd3b001df23404e49e3a57cc11fd12e51e422a92b5bf9e2ad225d42ad5d0325ca35804340fdde061c5bf2a4c8cc86e946a60040130ce831b9be93885f4ddb9fb7584ad875b05d59128f533c40c541ec03dfccba2af6fbdae4efb10a45e0f7d9851126b1dd9d374cec36067cdf2eefcb0a0cbf5619fa7ac2027d4b5c9da389bc1ffee655aef769a5aa542b291c0d71c8dc5e54268dc5f86a4133cc917a84efaf1456de9106c6fb3f5d41ff9f9a76a1dd3243a5e99c95e933d32e13f3eeb5a550", 0x2000, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x0, 0xffffffffffffff80, {0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r3 = dup2(r2, r0)
r4 = epoll_create(0x80)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, 0x0)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000240), 0x0)

5.297983325s ago: executing program 2 (id=1709):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000340))
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x4, 0x0, 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, 0x0, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000380)=ANY=[@ANYRES32], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000000540)=""/102400, 0x19000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r3, &(0x7f0000000740), 0x8)
listen(r3, 0x0)
accept4(r3, 0x0, 0x0, 0x80800)

5.185447374s ago: executing program 4 (id=1710):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x24, r1, 0x917, 0x70bd28, 0x25dfdbff, {}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8}]}, 0x24}, 0x1, 0x620b}, 0x0) (fail_nth: 5)

5.099611103s ago: executing program 5 (id=1711):
r0 = socket(0x10, 0x3, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40)
socket$packet(0x11, 0x2, 0x300)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
semctl$GETALL(0x0, 0x0, 0xd, &(0x7f0000000040)=""/119)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000002240)=@gcm_256={{0x303}, "d0baa78683365c21", "90f2142e57f2f9752576d07d748df62221e924e7b42ecaea34669533a35ab169", "7aebc923", "14b6429e3a851d78"}, 0x38)
r3 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r3, 0x8004510b, 0x0)
write$binfmt_aout(r2, 0x0, 0xfdef)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001740)={0x18, 0x52, 0x1, 0xfffffffd, 0x0, {0x1c}, [@generic='v']}, 0x18}, 0x1, 0x0, 0x0, 0x91}, 0x0)
syz_usb_connect(0x0, 0x7a, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2e, 0x36, 0x1d, 0x8, 0x711, 0x200, 0x6934, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x98, 0x12, 0x73}}]}}]}}, 0x0)

4.903179453s ago: executing program 0 (id=1712):
unshare(0x42000600)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@newqdisc={0x24, 0x24, 0xd0f, 0x470bd2d, 0xfffffffd, {0x60, 0x0, 0x0, r2, {0x0, 0xfff2}, {0xfff1, 0xffff}, {0x0, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000040}, 0x44080)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x24, 0x2a, 0xd27, 0xec0, 0x0, {0x0, 0x0, 0x0, r2, {0xfff3, 0x1}, {0xffff}, {0x4, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x24}, 0x4000000)
openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000573b5d0001"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000180)={{r3}, &(0x7f0000000080), &(0x7f0000000140)='%pI4   \x00'}, 0x20)

4.461487544s ago: executing program 4 (id=1713):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@local})
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
r3 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x23, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r4}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$nfc_raw(r3, &(0x7f00000000c0)={0x27, 0x0, 0x1, 0x4}, 0x10)
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r2, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000340)={r8, 0x0, 0x0, 0x0, 0x1, [], [0x0, 0x7], [0x0, 0x80000002, 0x2], [0x0, 0x0, 0x1, 0x1]})
r9 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000010c0)='g', 0x1, 0xffffffffffffffff)
keyctl$read(0x1e, r9, 0x0, 0x0)
r10 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r10, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r2, <r11=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r10, 0xc06864ce, &(0x7f0000000340)={r11, 0x0, 0x0, 0x0, 0x0, [<r12=>0x0], [0x0, 0x3, 0x0, 0x4], [0x5, 0xb, 0x2], [0x10001, 0x0, 0x2, 0x5]})
ioctl$DRM_IOCTL_GEM_CLOSE(r10, 0x40086409, &(0x7f0000000100)={r12})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper})

4.181307913s ago: executing program 2 (id=1714):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(0x0, 0x0, 0x14)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f00000004c0)={0x0, 0x3, 0x6, @broadcast}, 0x10)
write$qrtrtun(r0, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@map=<r3=>r0, 0x39, 0x1, 0xb, &(0x7f0000000180)=[0x0], 0x1, 0x0, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400), &(0x7f0000000340)}, 0x40)
bpf$TOKEN_CREATE(0x24, &(0x7f00000003c0), 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r0, 0x0, 0x30, 0x0, @void}, 0x10)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="020300022a00000000000000000000002000080090070000d7884a389e967b9e894705b077c135fd1c4a37d5988b14f336aefd5769361ced9d4ae3916383fc275e11f5bed4ec3469dd878bea99114e2f6bc329d7acd8a89b2b2917fdeb71d607edd3d677414d4e22f99e072d04ea919734bc15cbfbbf5004f18378a4cc482d747ef47e91ccbd3d62000000000000000000000000000000ac605279cabdaac266f6a0aeb579663eb4c1c684efb40a0c4f82cf20212dc60c0f2a5dcf772c3410ed0e471117a32a768588707e8eeff6dee2225bd0d76bbb70a0a9d19926da4b671f5bd0283b2deef60c2ca39b72c2f195fea7087b6697cf918a875cd6da45c02236cb85a028091124f1846f000000000000030006000000000002004e20ac141400000000000000000002000100000100000000000000000000030005000000000002"], 0x150}, 0x1, 0x7}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
io_uring_register$IORING_REGISTER_SYNC_CANCEL(0xffffffffffffffff, 0x18, &(0x7f0000000480)={0x5, r3, 0x11, {0x200, 0x2a37}, 0x8a}, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
utimensat(r1, &(0x7f0000000500)='./file0\x00', &(0x7f0000000540)={{0x77359400}}, 0x0)
r6 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r6, &(0x7f00000000c0)={{0x6, @default, 0x1}, [@null, @default, @netrom, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}, 0x48)

2.512009225s ago: executing program 4 (id=1715):
ioprio_set$uid(0x3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x4, 0x200000005c831, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
connect$caif(0xffffffffffffffff, 0x0, 0x0)

2.169033327s ago: executing program 3 (id=1716):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000280)=""/56, 0x0})
r1 = socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x76, &(0x7f0000000040)={@random="b931b2d41475", @dev, @val={@val={0x88a8, 0x5, 0x1, 0x1}, {0x8100, 0x7, 0x0, 0x3}}, {@ipv6={0x86dd, @udp={0x0, 0x6, "2e5cea", 0x38, 0x3c, 0x0, @mcast2, @mcast2, {[@hopopts={0x28, 0x2, '\x00', [@hao={0xc9, 0x10, @mcast1}]}], {0x0, 0x0, 0x18, 0x0, @wg=@data={0x4, 0xffff, 0x2}}}}}}}, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
lsm_get_self_attr(0x64, &(0x7f0000000000)={0x0, 0x0, 0x20}, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
sysinfo(&(0x7f0000000000)=""/196)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000340))
r4 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x1, r4})

1.786396732s ago: executing program 2 (id=1717):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
rmdir(&(0x7f0000000040)='./cgroup/../file0\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
llistxattr(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={@cgroup=r0, 0x14, 0x1, 0x402, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r1, 0x7a8, 0x0)

1.784658848s ago: executing program 4 (id=1718):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x20d00, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
exit(0x9)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

1.625119998s ago: executing program 0 (id=1719):
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000100000000000100000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
keyctl$set_reqkey_keyring(0xe, 0x5)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
write$FUSE_NOTIFY_DELETE(0xffffffffffffffff, &(0x7f0000000180)={0x2b, 0x6, 0x0, {0x2, 0x0, 0x2, 0x0, '\xff\xff'}}, 0x2b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
syz_usb_connect(0x2, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xcb, 0x6f, 0xcf, 0x20, 0x13d8, 0x20, 0xf731, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x24, 0xe4, 0xd5}}]}}]}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, &(0x7f0000000340)=0x1)
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={0xffffffffffffffff, 0xe0, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, &(0x7f0000000280)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[0x0, 0x0, 0x0, 0x0], <r3=>0x0, 0xdb, &(0x7f0000000540)=[{}, {}, {}, {}, {}, {}], 0x30, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0x42, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f00000007c0)=ANY=[@ANYRESHEX], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timerfd_settime(0xffffffffffffffff, 0x3, &(0x7f00000001c0)={{0x77359400}, {0x77359400}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x8)
r4 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, 0x0, 0x0)
sendmmsg(r4, &(0x7f0000001500)=[{{&(0x7f0000000040)=@l2tp6={0xa, 0x0, 0x7080000, @ipv4={'\x00', '\xff\xff', @loopback}, 0x7, 0x1}, 0x80, 0x0, 0x0, &(0x7f00000019c0)=[{0x10, 0x29, 0x3e}], 0x10}}], 0x1, 0x4000000)
r5 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8}, 0x78)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000040)={r6, r5}, 0xc)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00'}, 0x18)
close(0xffffffffffffffff)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xfffd, 0x0)
dup2(0xffffffffffffffff, r7)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)

1.47890428s ago: executing program 5 (id=1720):
syz_open_dev$ttys(0xc, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x20, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000041c0)="6930d8697c97a65b36159a023034632628cd4474514a1368f1e71dd9b7c48436c2ea07f3bd58a6bbc0f065ddba346122dff6ad81d21cea72e7d951c5c5b21a9f0ba768cd18ddcc7de78e2ba9ac88654a1d99806fb236617ff138f15994a6259de4f933ae62cdc98b2e33514066dd1b9ae1546df8db973d467507b2ecb6a4ece57b2ba7b9df20a0d6817b9fc2ee34e709a8bdef99624ab97472db298354edf3c072c710b9ba9d9a0ae44928172ce6a0d2695a17057255ec6e0b09c684a7f808e38302eb375390ae65d665da7f176a45ed0144a762fc666931f1a4c0ed03fb42e8f7ed4439add1a96b90904330d8e3c91527b405f36e89e44599c5ba4e742f1a281f0dab5fc2dc8855a78e1812ba99ce71fbabef429e87295d941c555c0fdacfa1f3256b70c1fc84b2d0df2c589dac34698d8d108474f84dce58efcbe580b8f348c550c6ca9abe230330d05dffea89475391015c707ddc45a3958a68ea44b5f7d81a84b9064111954da3b5c832df657efd5f0849b32834a053f4a052d7fd7d4db17be80879bf6859bc9605664557eceeb74753416e41b92fb84b572b3c78b6aab6f0bdfcfd7d3a830f12d1b3046e615889ae554db34d35775c6272243d7132426dfc9027ea50d62b91f356c58093933ad75013f9470ec90bfe1d9376002dbbcba9b7e7a1e023f878bfa4d88a9421c035951fd3169c5508ecf28c3a8691605242cc858fb56af44956bb5e677d1d90f0a3b97ad30c74adfc2f22232f7f1fa022c1f0492619cf98381039f26c784ca4d4706f67013bf457fe927aad53c1aa0da90d2730155664d84e41792f3f461840e41135c5b82c87834156b9d6403b7001e5ebb1846a6ad80723387bb92f8d991fa8db1fa65ef90a5054798635c18e7ff7649c41e867fb070bcfef61445a7d0c0c5fa02da82969db96aada4095e8cb2bf7728bf95eb020594c0d3617467701d8c4dd01c750712dae33dfba7548032b48ab93ff3c82e104b08116c1a68fb3b28a1b8ccc23c2698803828d1da099a5437b248078b502f7ccd867af9f8c79bc55643414c57466a781032bdd6dea9acd5cde821480a85c308dd03af012d03cb552b3770124ac279c9427c0e1b761c525eb251598d326bc650b5f055b610688fdaf9789e60fc234f1881536016901ddb2597b47e7bc675cac3ae8c50169230af084998dd6be35dc3609c5edbc93da3fe98ebb475a0d30437017ef640b96fd48ef52f509cf57e65c73ac09603081cd980e8b9d73ef4acf4511cfbb07d5074a6561192c2b2bce29cef8ec70ff599d4751103ffec500a8657d6ef30499b9ad0b10f3e7b6b53fc61dfbbb209e3691b1cba1af62468ebcb61c4c0a776fbfc92c5d2a10350bad29915e44cc952de4226ab646e28ab008683e470ccae3486bdb4ab4a6ffea9a671237bf0943660d929667ebe4a5f9cd1bdecbb53262a4fe3eaeed7fbb4ed1ca40da9e2efdaae4da05b14c754360f3c3e5b96f203c4f87e5feeb73abb88aa57fb850702339b5ac192810597e99fefedd52558fc6aad5d2ac0eaec00dda68467a3c7c7cdc3b724990f1b2f4f65e9181e5ebd0a343c491a1fe0e4378f241bd071fabeb1487044fe5c5eb942eb92dc80ff317cabfa10c75434441716a7339115a3071e45eb2d0800627b99a4fb59e260b26d53953ff3f255dc4bf40d3cc8797287fe3d6356d1eaaf67745ef73844b4c64e89ca0f04a87659427c26f0d6bfa2f4881ef69dc5c7b4515c7c4394f621fb98f2c6f496b7ac640d3a1fcd483ae10c4ee9710a896e67175a679f2461be09c722be20df30c9670299db21bc8aeae63e57ebeab1ca61c265f10d8def8243583e6967c5e40162110025a65f0c658db29f5eb0e50b2dd318ac55209721c8c0d51fb05c9ff3106731b058e14c8c89dd33bef6333f218c9f66e2bd9fd897b985bda3747c88fbd24d90cc8428380048330abb044f9e7107ccae059b961e0c6a53d182de21cb77e12d1ed0faeeb214c9ab6b7dd5f99d9278df393958a7a46aa734726938ca2172e4cba5f0a68cc2823bd5aa622c099fd936e303549ea4a80521b12b616526fdaf00779de369a5a83dcedbb739d426eb7f3864cbe346ff458433ca67a86ccbc703939216e4a001d9ccc84b4c438e5bb583e733973b3b0d2fa9a1bd4be4fc2b497b80e1455657a3f339f512cd38428e022d311075190c8d443cd94505dc52b0c7b6138f2279dcfd0a20a564e45b8f144a6f09e5beda5303f885a7d9fbdb4a6f3778ff9e9fc6e0dbee5bdd0330c3c956ddc36f10fb6811320ab30b4817934bd7e11bdcefb58132a17ac76fb54aaab0188a32eec2284f1a24835cc79c6909f742ab35631b919673eb84d53715dc8bdac9b6d28a24b869929d7fb7bcb34b5b5bab1ee69ee38c86541982806b84db06d0dc81e940a872ca89a5a7e1c191bec2808ac6aa0d733c1d647f88df8455ccfbd35fd5bef780bc8c4fb86efb1951b8382915939779493c20279b165c2b775b7d5b63ea0ceec09a17472bab7ec8122dbcf5ebaf4ac3db25fd0776f13cd67a36ce6cfa58acd262cbf4bdcbf2fa7239c79386dc580121e986de5b78a4351388e7fa6461a7657bdb4383c659409f16c7508d5e5618d116a659bc0462c130b088d63ac4bb69c0d756b5fa2e80004019d6ca5371ea361e8cc613954332ee959de1766f8f3689ab8daf45b69ec0810d0ab7e3b402860c8b94ffc25de57920f8da7a3bc7badc4dc9088bc7f6c71b1d4d960c258cd87abcd739bbd5115aef29f994f062318e8accab85f5c64a263ca14c1629284f7369d86436d174f6f2b1a5e014dc5cc3021efbce66bb88d7b3827be33365d8ab2daed7c6dc0651b77af1dd289684df8e21b6a81c66a27294c7cbf5cd90add094477cd6dec894b140a409add754727459c695c4e63dc73fb491af8c22edf1dbabe56a9969146056259a65f9c1c62973abba625b8065fdcccddda10cd7ff7b2144c63b754af792cfe395902608da630aeed913e9f014bdd184c9341c62fe0c7dd2660e26eab22cbd0d9e21ba0552e71f1ce17407672f01ef1012877fb7da93cdc92056ecad3ab01922b3a8e13661ef1372d84ce5167153ca2551edfed8c2c6557626f2554d67a852a8d2b566fa40c6dfeee3b63e2be83523f64365922531ac93ae196fa6a98b3b8708eb90f410f150c3e8680d9cb7265f108f2b860e7d8c7dd64405bd545eea08520cb33857b3090fe1b364e47151eb847ff444fab989dbe1e03b29409d46fff338d6ae5a4c61426ba4b170d96617774b6f3ae64beb7f791334f4d48d3fd26969d4a4342a8f1088bafdbefbcb1990e9d0fc95edf96113137e619cb15df9c4d9a21de468e40d284f5af88cb8b038540b91ba070f311efe1b081000da886eaddb3aaad90bca70e2ed34dadacccebb095d8e116ac9911c2c4f2a7a95e939853950b5e04a98b6bc9340b28e323ad7cc58888e33ef8bf438080dc26c71c8e12e0bbccb1fde98231ebf61a9011a2190b33c941d927128d30570c11b2a51d919d4caf1fbca673931fb2016b81c12e4a31b3458d0f215c97c9dfec8d514d66e748931b6e8bd06085c7ee8e7b845912053766ceaa20f1917d075fdcf2e9cca3e21bbbb1dc0a5cad36ee44e7a4e136ec5e5fc233cb63d5f035f96628a7abb281b493d9cf8fc4251fc9c3c004bd5d64713c05ba68de2318826b01db27661561b6dd381e5973b887797bb21f7a7f30c9343696a60775c36e5b05eb19dc62fef3ff99f8f00e8ccd25e00bd1863609f51e6a69f7e9c650aff3c8897ed6ee4c8d0b0356627cf69a3a3abd0c352e255b2c6250834c9fb272d83bdeb959ebc1e7207546da012b3eb4861c98fa1fd126b18a14585a2e142b98e5fe902a4961ccbdf7b7728588b7559511b30a2d2e86857d0281bd5e08103dcd11becfeb8e9c5b3e4813c79c14055e46203a5cebaa30fedec57ed23538afa85711e0ef3f72541af4d3e6c938590ee053d4ad1de8ecac6c49f1d70707c4d93e031b6f930658425fb0dfc3cde7c9f775eb3cf28fff76097c35e532335a80053fc198b6de7fb09b87e2219ec04782f35bedffef4c08e6316b25824caffef257d7a072fcd6251450dd9882e25e3e0a05a63b022e53ffcbff4097ad150095fb7065c47f7b8a9fc2c8186a5942663e661d80649af235707a87619d277dc8b5ef70190663991a531d67660c74f778301f9939d4511eca1f8bdee0706fec004a6042e45954f710a9e90081a8b297bcde440bc8d54676ba38397734196aa3835d361d8f36acbe4c1bf0f2782d27611555b19d1b9bd1ba493ab4c3a884216bc143629d8d418518f9a06b2b0d25a5e10ce515f47c5a54fa63212a686eab067600d56b234fba7be63b4d40f8be1fef0e69a55373f8faaa8f02b2b85aaee0720d0dff9a0e84850d998959df6397cd824c1a7bed9b73ca92f83ba66e3f170c3b34a3f7ad509d7bdf916d5367c22454f2252ecbb9a334e2fd2032c569fbf4bfcf6f41bd003ed10911f2644d66f4a6ec4a2eca936fcaff29ea9f454d5fc68575cfcb7e6cf8cffca37d1c5d374ca1ed77ffde5a01d349e4d18ddd15cc7397e696d6a92e0ed7260efd42ac23b5396840df636f85f83b6fcfb27f3503e130200a77c61c01b3c80a5b77c90eff390e27c3c1256efae5da2cb7ca7169cb824a164da49078e461f4640ff4d7b074a32676aac9f96746c36fa151145e1d13187191dc9739fe3c3af9418d6258e525ac82f626666278fc888cc0b8616d851469d3c676c1a0ac6c71b5914009b9797a914f1498f6f439a92205f855a4bf69843489dd425c4b5482522b96f385ab8138aefa8833eaf2056cfd068da37229fc7a5900d30c152cf92cf2a4f7a7505190268b08c9acd3839d560ab5762a0dfca0f2db56e2298c1f7d894b98ae8c98dfc81ef6e8e7a8a7138f12005f54bcfb93c9244468b7c76fc3afdc4c59abea57ce6302291c5130697834e838147d62112c96acefb57900eef463048068a0344f2e09d4c5a9488b63b92c5a67d1486ef56aff7f79c06fc5eb3eed23ea56f4331a638bbde8e9b022c29c08a803fb2e386012a1cf008106e619b5fab2a60653fba60c6ec7fd19f33a8e2ff6dc8046c117d3d8131d5f23b70f900ae5d632a51bf76420b9a1055c4bf49e22b5011e0fd12c12c403b42f54f799ba61b57c0bc0933adabdb909f0609602e73e583a9747a8f0477f0ea3621669343960f2dad82056471f596449ba52bef2fb24959f80659df251df5443dfe6b6a91fe0919cf0193afb37a786f9d13eeeafacd839f876e70c791e911b6e8c35fff3e4dbb787bf50fdcf9c8d001d8c078c0cb994f17a95f08d8de87700286c251011ffd8baf2e976e587730390e412e35b664a1dbff7744b68c91eee7356348c2fbe5a2e38985337cdeceb12c836cb1bade7c4c999eff6333bc5c0f779573080d046f96cca17802a0a2b7b0d36560868c2e54a883bf3ed16d5067adb0f4ff81d246b00ab30aaa58ba139e0e2d84c2b86e77934ff04cbb05f5ce568ceeb3ceb1baaf084160617f6821fc503c238a6daa5ffc19321a878ebad11a898f8d0d27b823c2e3ce57a9333d9d40a492da5ba26593ccf97b25c7b6698d9b8b4a46dce1c81c98093a790075411a6a7abca59e592f37eac9d588ab3a2e86edfbba12bbb83af804afb015a8c240dda9124a0c9c9691569eae6e948b48d4cf470f898075a1d5f13a239b3c1e31e8d98ddde799d8c3035d1e3949c2ec5a760a0f38314f66b3bf40de785c7a60a8f22d701a9e70d6a3f1b35d6d1e94038f8a7f4c97fb5370c9f83e31daa73a6e648a21e929324faa27482b039bf2d55032bfd8d1b5712b9250c8269b0daae8dbb5c8d4a243484b0d5f941a987242d06987bedfa97a3e062510c9b4cd3b82222ef22a4927749f38bd4259c3e6c8d8cbf0a1224bb80d8a5923827e18b18778dd44e7e3fa8b8b407c0cdec6fbccb5e33c2fbd9f5f0a7e35c4a04dedd69cdda7d888f2082903dd86e45732a687568a248a9af16253db86bae7e893a8a8c380e53d596733523499c74ab1c1b1ab26888533bf2d3ccfe221033442ce0d34aa34bd9c420d4e39413c95de2c2acdc520fc6ce524149bc80e9bd32bc7d72e7def1c425391fdee15cd89a090ec7aa29a4b9c0bfc01df19b9bf692c4569a9f3e0e19b288710089f677905780d2c3132c909cb29bee3bd6d62f060a944d66c78493b01279203e7a1185001ee8f6cb0967e8b3ce9aa50106c5576912a7dae46229ff03b65cc659cf49dae6aa6b162d6dba82119c511119225d6a536fc24bbc55f6e237d957a43f351c50378d0efc9ba1eac7d6a1b280c16454452294c457b8eb10dabc768edd67877b2ed08abba8768bc6579eccde4839ee7d68f80cc4aa318fd458f97ea9609f3135ea417aa455592e394b1f5ab6ccc14385ddbb416d47279e5748ee4e02e76ecba7d7474fb6ed6a851da3e156a7542bb9ad9b48b8362bff43755ce5b657d5a752ef632bb416184e70f1937c494ed9db084cc1177ac6c491772b739fba1b4be52acc2cc0975c8dc0b00929f503fb3cfe4c7e6670295edaef2327cec950737f0cc96eb30e7fa8217d9b9968274c413ec79e1b050814145432bf164f6e7b75a43424dec600502011190097ffd1edf795be01c4135a9be178b6b050d82d8542375abb40f0fe776965bf3f0630a2652e5bcf3dc237a84a4634081d0a9ba1842e6ddd4faf787aa6449a50fa9498ffe97c2759558112d1b0ec0db512d7990fc0efce6bde80f4b1ec9799d0cdcd41e6863eb473c3edb5c2e70ddc7d3aba52c2ad2e054b01eb3d92c2023b33975b23a72211fec063bb4fbaa49abacc47efea7d5ede3675ad49eb74b7fdaa5667b9ddff2e6007eccc90a7cfda32a053d9fd2aa1d01fe54c112b955d8c26e3e0ac2994fcf3f50d1fb129ee3df3db886d93faad74cec81c11e2e0922fcd0b2187cb75369598a3b5c8c8495870403b2593647a8a2d4d86601da9fbf49f1222dcfe5b64d0102d3c9296d0c0d459c5a7bab1580fb0b25a5ef71eb579546bda6ea58be241ec8ac9737e0e30ea47fa93c4cf2d44d2b6421c856dd5e1c2c3569040113d7006be693b293074a2a6188b228129fc79f9984f5bafd6f7a32f68bd3dc7197a7094e93561d208f0c948d364743854efc6af051a3e2a7eea8f132442d1e3a87e670190f3752ef0699f470ed15719ba274371179935ff79853b928cda754d1045929f8db75ca71825f21642f738622e392bc0b35ca98eff3821b7d122732f8ccf8d251d84589ce028d2efe7d7cbd34e8137f518e2feda64d9c788713df3e1450e8a36dc031c22f3d5bf7d294a66f90b64fd285aeded6e4a07b82c740c87598a9684f8f6d47b266169696b126e66d7b4532ace038a2b7921bd62fc806bb552676abb8204b4ad975d449d1be97ec9b55dc8b2b10a3dfe4880487de3f8c6a3b4426ac6adfa03845b4d0cf1e6cbd86be473d154bf7439dee05d555268a769ab339b299379cb8546f16ed8bbb789049eb57dcaca48c26e78982cc331ba474bcdd9f893f5f6526b4999fabcadc7bc6e8805ecc68902a31522e20b3f1817c1b516f16ab5bcdc7101165d59ce074e633dc68202221d2bae4ea62a13f6a5e7c82e8fd232fc076ca7399b5d01c325d67ab82f50acc789dfe8cab35de7e2131081a9d90606e5dc5a9c3af3fc9bc895174215d8aeae8dfe75b33be25298a11eabf2e0481050731edb27894df45a17985ffb4f3f27ad6393af9ac6f461737394ffc89f9549b7607dbecbf7803899d2e6513a74473ec0fb6569f6d27cc9a83f242f4ab78aea3c293ee846a2e0b3114991d5543902c848a7e451da4789e478f707e585defb47e3ce3525cfa17571772e1526c16c1065e5f438442c25e43e1023511022647244415f0bb7d28be2f7a75dae78b5da0f9d063c66ac396ef0b66fdb7e701e4caf9a435ccc476cdf3e5356ade531a3e33640ede4af542bcdb1ec54fcfe6f0ba105e0fd72b707611020ae1adc3f794b3c66e3c1f9ab0c87e5641a4891d74a194b9cd8ce14c81ad35df9a3c7862921e2d8c3942d4a57f4f4d13a6d82d75a21f1b862e8f4402c8b2c0fe2fb788ab761a22a4377497b34d137d0184d2d7bce69826e7ecbf63a89b133f263d58945627bd79472e3cbef5595a0c9d2e512605b578f2e558d4c4b31416c12f5709f68bd4e7ab1b0954f395299d634102bbbc97506e2dc938c5ecd9fdb26566eeb4de1621954ecb5af9b0d9d39b0fb1b972fd92b959277bf78d0a1763df9d9bc4182ad3f3b8eeb19d00cf41016f4d0d4623f2541a73f588f5108cde960b0bdc93ec260c14a498931226c981b41804bc09ca8a9168d9a4e17d269815e7ada71be1fc410b38874aa5782abc7ba7976daa94d724c9687c419165e77b7effe77d07e5fd6f55993b8a151889e57166c2ff63f04e3e09eead6f8c92e49e926c8f60a2f933c8926be5fb83b650b126cdbd9d239f6f11d717f8f32fd757350e7db0bd32e191052524922b2bf2b92801a717be7504ab79d55e425b09a79c8a84af1cf94c66dada7789e6d67dc041b4ac0e57c4e658d11be13af2fc3c200086e147a2223296a4253297155210440f0f17c3aa21ab7e15fe2e12bb9e9356d1018cc68313034b469152b650adab57f73350a6c0f76a36580a7dd8af218d656fa4bdd57b9d584e5acd1fa95e14120d7f9ed1fc3a83aa24135ca45472844d115f0a1bdebe2f6bc37cabdd0d7f9aab4fdc6a2c58aa0beb0ce431620d5ede6ef98e2b77e8d0558d250aa20c54c62d4b61d9bdd63286c6887ee3a556677e0673c94e46b9f834c6e4996b1c91141cd0d39b712f93e5195a7f7838f3af8325f649938d8c319ceebfa8154d23197bcbcf616be6f1f5d6fc070ed76abe89d6b94bf8a8d3f5b9bedce758b17d1e0be38bce845c8c3209d3fc30901494408c96956d050d14548d6edf55f4add18c91fb6da723a0c7c3c3f4c4b3a7056e611bdabdfd4edfb7a79a2b02c05ef4027c15db8bf2bcd015c66ae6d3203164615c56dba94606702caa577777e05e642ce3df5573ba3ae268f4ce4b38cc9013faf21d7dd7174ce7ea498c9451a1626f02398e49a33def46d228edb6de6fe8dec11f553634fb923849e3cdfbe645cff327b8251afc107b7fb8cf3cd735ed9bb1275ecc804a4f126bfeb853e13e636a74a4efc9faf01118aa82d00ac20ce0c0af140c756ab90e5dfa238707318c353c7bc9342c36ddcb6e74400933c8fa99448f3a169b95cd6d2558d755e1dd53f3fcfc46b057c550de64829e556c8cae40e796ef76fcb953086168fb2eae89349f29d3dd26ac6282292355be3b123b0c02e553bfb8948afe8d7e8ae5d63184b20795481a9385be05e9eff807b94eb1e977d50a7dd7da582695aa496a9a7587d01f970c3ed8d63db217164824d8b8bf4c5e493f801e1ed241afda4b695a4c606d6b5344493d9922dff76b4be7021d26b60d1f785d205c39d83694b0585eff60c9e1bb2f7023c5b5d3d043897baa9a9ef3507c280d9580d43c7985db146694b8649e2bf67e37081a945c4c81fad0a48e64d8877dd149443c8f4d2267b4aeaec8f168b44d5af109f505644e2a545fefb13d673210bd2b418b054cb4fc9fb7f2041e87be5f31466b51b308deff16bd9878a3ec72d0a1ad27c5cbd497b2c9585d914392da52b3708b198a3693d2988f03c7d3a41762c78cb9c268dbbcb0d1efc800fab4183286d924604a5fe9657cebad2d8bb0ef0006a46a4ef9fe92c3fdc1682b993239421879cb5626bae2368b646e61c870342b5cbb7f7baab7142a9ca2378805310c1abc12098c796550a20f3d5f01141470c1b5550857202ec712e3813d1ff7150111f4730bd83c8516aa86b345c280fb461c7bc6ff6f0bea507033d312027f51b4a90becfb048e676bfecfe2b1cd7504a226e89bb4df31d13436db7765062fc74789b75f82e77a6e83f49092558d38da47755ca0373ee0979c880e224bd5f70d6a69d8e2463d9b70bc7dbbdc9f27e1ba38d5adfdd6a5a0c564cda76a9ed6dc0e5117b06b9817d6d47f2a82d41a5a821431fe5f38eb3417d820c769afc09ffd001fd0a6f3c3879dc74ffcba15b8b29a4f435249226ee1cd7fb8c0bb6ec9012178bd25c05e69cb1d6e7121295a4e166c80d918b915232e6e8823ed6529eda300f2541142092df194de0cc255beed438afa94cbd350acf809e7f0467830b20108b95c9b653b030e311026cecc32332697cc2f8ef9cecb227de6de7144fc4b25e2180784f55204b17612228548fc825e60c88144c72abf3cb468a2d5491c431f38d858fb5471ce84c69d1d2b38e8ae2b134f4f94aa03996b2e0f1edc538ff32f7ee409b79922660b0f3421083298b14f26733577ff59b672b7214bd0e4508503c61da0b70cb6186b01ed575f9e5bf8f3bf538c2260f4a82755094c33c931ad0bb346518cff593de0985602852749610e073f20dd0be87ec8c452c3dfb4ac19d73a489e74a8a48411faac7ecf7e53d76ced94495ec2e814259fb5114a7986fb81a936d38c99443ebd55026acc6c78e1b14728551bae0bdb86cd518eeeb22dbfd7f7a32d2b94f7b0f757f34d6d22156e4dc1e7b9533fcf7a0d0cc3e41480345ddc68c11e47f8c514f1ed601d69e5b36e03962643544064ddbf689a3cbf378074879f6cd33d56c0a728a2050ab202981d6723b99a0e505cd8fea39da000bc7608a53024614407a5ebd5e034b9a59fa952841ab4f0758e988161e56fb454db449b3090eb1c4154ea6e34ea13101bb3a62dfa1878448952b1955a3c462432d7035228caf6ed4381e3ec1295e90decc62ebed5e60acbae3d26982e7834ee00a7632f581b6198f9bf42161a4980d08fac53d40b81731e4c727f5a24e75f6a262a1d2ab37b3ebc09ca6b0ffb0a1edf942e93d17d95eb3532b57488469575d9d47c2d08eec166f8fc1f6183795e1d5e48f46ae05a173af5765e03e98e6710b408cbeb169fb67f1d79a1999a977b7df51d7ede5aca5d31e9d75d2be3838a014d8283c3566ef5ea37955d6e66628d755c927e14d40f723428a69e03c8b100924b72e2c49926208044ff49536b0a1eca6c7c42ff9c90716fa35b02d2d869bcceb60e91dacf34ac1249f5d7934a078417e4fd416da2fbf9122fd37c042712ad9ce8592806b556d26163990b11466bf759615d2b852e75681a8b87571b5f0a21a4b5617cb94e2dc9efb264c0a331a752994d10a958b245cb40d9985365c4dd3b9551c4d03157aa29222a2af29ada6c123eaf08722310da16f7611cfe729255044642a8c5cb9f94c3f778248bf35520ac980af12ddd3b001df23404e49e3a57cc11fd12e51e422a92b5bf9e2ad225d42ad5d0325ca35804340fdde061c5bf2a4c8cc86e946a60040130ce831b9be93885f4ddb9fb7584ad875b05d59128f533c40c541ec03dfccba2af6fbdae4efb10a45e0f7d9851126b1dd9d374cec36067cdf2eefcb0a0cbf5619fa7ac2027d4b5c9da389bc1ffee655aef769a5aa542b291c0d71c8dc5e54268dc5f86a4133cc917a84efaf1456de9106c6fb3f5d41ff9f9a76a1dd3243a5e99c95e933d32e13f3eeb5a550", 0x2000, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x0, 0xffffffffffffff80, {0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r3 = dup2(r2, r0)
r4 = epoll_create(0x80)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, 0x0)
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000240), 0x0)

1.381668816s ago: executing program 3 (id=1721):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xaece, 0x0)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={<r3=>r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000240)={r3, 0x2}, &(0x7f00000002c0)=0x8)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
socket$pppoe(0x18, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fcntl$setlease(r7, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x1000000)
r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$inet6_mreq(r8, 0x3a, 0x1, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

1.351994178s ago: executing program 5 (id=1722):
socket$inet6(0xa, 0x805, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_emit_ethernet(0x1de, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a601a80000fc020000000000000000000000000000fe8000000000000000000000000000aa223405d5c9a46b9fa14172170a013589317d2af31ba55431762f462a5abc3f46494ee91bfca594d52f8c3785143e92da5d2d81edc09f68f122fbf741257bf1319408347a17c89212dfe27a0fc65362487e5afe673f0954f60d9d08b61276ce0b3aa520b5f30a9f52c4aa53fc003f8570383ca63530d93b78a7875338b3d7645ef2c24a"], 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x8, 0x40})
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r3=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r1, 0xc01c64a3, &(0x7f0000000280)={0x3, r3, 0x1, 0xfffd, 0xa, 0x1ff, 0x1})

555.540476ms ago: executing program 3 (id=1723):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x6, 0x8, 0x8}, 0x48)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, &(0x7f0000000040)=0x54)
socket$l2tp6(0xa, 0x2, 0x73)
clock_adjtime(0x0, &(0x7f0000000100)={0x362, 0x6a, 0x55cd, 0x8000000000000001, 0x48c, 0x5, 0xd, 0x424, 0x2, 0xffffffffffffffff, 0xf423f, 0xfffffffffffffff9, 0x7, 0x2, 0x1000000081, 0x5, 0x0, 0x5, 0x2, 0x9220000000000000, 0x3, 0x0, 0x80000001, 0x0, 0x5, 0x7})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$smc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SMC_PNETID_FLUSH(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x14, r3, 0x23, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000800}, 0x40000c0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
process_mrelease(0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
r4 = syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
fsopen(&(0x7f0000000240)='jfs\x00', 0x1)
ioctl$VIDIOC_S_SELECTION(r4, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x1, {0x6, 0x1000, 0x6, 0x86c}})
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

517.365694ms ago: executing program 5 (id=1724):
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xaece, 0x0)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={<r3=>r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000240)={r3, 0x2}, &(0x7f00000002c0)=0x8)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
socket$pppoe(0x18, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
ioperm(0x7, 0x81, 0x2)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fcntl$setlease(r6, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x1000000)
close_range(r4, 0xffffffffffffffff, 0x0)

249.039443ms ago: executing program 5 (id=1725):
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func={0x1, 0x20, 0x0, 0x12}]}}, 0x0, 0x26}, 0x28)
openat$uhid(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r3, &(0x7f0000000180)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)

186.066352ms ago: executing program 2 (id=1726):
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x12, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000025c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xffffffff)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000080)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0xfffffeac, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x39383ddd, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

0s ago: executing program 2 (id=1727):
socket$kcm(0x10, 0x2, 0x0)
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010028bd7000f8dbdf250700000008000300", @ANYRES32, @ANYBLOB="0c009900ff070000700000001400040073797a6b616c6c6572300000000000000800050006"], 0x44}, 0x1, 0x0, 0x0, 0x81}, 0x4000)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r6=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="2000000010000100760100000475000000000000", @ANYRES32=r6, @ANYBLOB="9a"], 0x20}}, 0x0)
close(0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b06, &(0x7f0000000000)={'wlan1\x00', @random="060000000010"})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="300000001000010000003a194618d96d6d2e8553", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
write$rfkill(0xffffffffffffffff, &(0x7f0000000080)={0xff, 0x1, 0x3, 0x1, 0x4}, 0x8)
lseek(r0, 0x4, 0x4)

kernel console output (not intermixed with test programs):

 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  408.226668][T10542] RSP: 002b:00007f24b46e1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  408.226683][T10542] RAX: ffffffffffffffda RBX: 00007f24b39b5fa0 RCX: 00007f24b378e929
[  408.226694][T10542] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000003
[  408.226704][T10542] RBP: 00007f24b46e1090 R08: 0000000000000000 R09: 0000000000000000
[  408.226713][T10542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  408.226723][T10542] R13: 0000000000000000 R14: 00007f24b39b5fa0 R15: 00007ffce8837d48
[  408.226746][T10542]  </TASK>
[  408.235276][   T59] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.389444][    C0] vkms_vblank_simulate: vblank timer overrun
[  408.497558][T10544] netem: change failed
[  408.588987][   T59] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.604105][ T5923] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  408.627006][  T973] hid-generic 0006:0000:0005.000E: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  408.701313][   T30] audit: type=1400 audit(1751263562.219:814): avc:  denied  { ioctl } for  pid=10548 comm="syz-executor" path="socket:[26751]" dev="sockfs" ino=26751 ioctlcmd=0x48c9 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  408.701776][ T5817] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  408.726681][    C0] vkms_vblank_simulate: vblank timer overrun
[  408.742569][   T59] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.753263][ T5896] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  408.762526][ T5817] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  408.772287][ T5817] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  408.779992][ T5817] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  408.787435][ T5817] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  408.815267][ T5923] usb 5-1: config 0 has an invalid interface number: 128 but max is 0
[  408.822348][   T30] audit: type=1400 audit(1751263562.329:815): avc:  denied  { mounton } for  pid=10548 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  408.857147][T10548] vxcan1 speed is unknown, defaulting to 1000
[  408.896878][ T5923] usb 5-1: config 0 has no interface number 0
[  408.923196][ T5923] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  408.926633][ T5896] usb 1-1: Using ep0 maxpacket: 8
[  408.940451][ T5896] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  408.950440][ T5896] usb 1-1: config 179 has no interface number 0
[  408.965854][ T5896] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  408.967736][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  409.001962][ T5923] usb 5-1: Product: syz
[  409.024023][ T5923] usb 5-1: Manufacturer: syz
[  409.029077][ T5923] usb 5-1: SerialNumber: syz
[  409.053051][ T5896] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  409.065231][ T5896] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  409.076633][ T5896] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  409.088287][ T5896] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  409.101759][ T5896] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  409.110945][ T5896] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.133160][T10544] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  409.186882][ T5923] usb 5-1: config 0 descriptor??
[  409.446799][ T5923] usb 5-1: Firmware: major: 219, minor: 252, hardware type: HULUSB (4)
[  409.648852][ T5923] usb 5-1: failed to fetch extended address, random address set
[  409.707522][   T30] audit: type=1400 audit(1751263563.239:816): avc:  denied  { execute_no_trans } for  pid=10543 comm="syz.0.1181" path="/244/file0" dev="tmpfs" ino=1314 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  409.776944][    T9] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input18
[  409.935745][   T59] bond0 (unregistering): Released all slaves
[  410.003313][    T9] hid-generic 0006:0000:0005.000F: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  410.019090][ T5923] usb 5-1: USB disconnect, device number 12
[  410.050711][ T5812] usb 1-1: USB disconnect, device number 17
[  410.050727][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  410.065616][    C0] dummy_hcd dummy_hcd.0: timer fired with no URBs pending?
[  410.085943][ T5812] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  410.453670][T10548] chnl_net:caif_netlink_parms(): no params data found
[  410.573936][ T5923] usb 5-1: new low-speed USB device number 13 using dummy_hcd
[  410.833950][ T5817] Bluetooth: hci0: command tx timeout
[  410.867318][ T5923] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  410.875143][ T5923] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  411.156537][ T5923] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  411.168566][ T5923] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  411.182472][ T5923] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  411.240396][T10579] netlink: 'syz.0.1188': attribute type 10 has an invalid length.
[  411.316029][ T5923] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  411.337343][ T5923] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  411.350795][   T59] hsr_slave_0: left promiscuous mode
[  411.358724][   T59] hsr_slave_1: left promiscuous mode
[  411.374448][ T5923] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  411.396376][ T5923] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  411.407699][ T5923] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  411.449505][ T5923] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  411.460999][   T59] veth1_macvtap: left promiscuous mode
[  411.468789][   T59] veth0_macvtap: left promiscuous mode
[  411.482178][   T59] veth1_vlan: left promiscuous mode
[  411.482402][ T5923] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  411.488123][   T59] veth0_vlan: left promiscuous mode
[  411.537572][ T5923] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  411.552488][ T5923] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  411.567396][ T5923] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  411.582427][ T5923] usb 5-1: string descriptor 0 read error: -22
[  411.593562][ T5923] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  411.603271][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.641493][ T5923] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  411.700487][   T59] pim6reg (unregistering): left allmulticast mode
[  412.075154][  T973] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  412.189502][ T5875] usb 5-1: USB disconnect, device number 13
[  412.228314][  T973] usb 4-1: Using ep0 maxpacket: 16
[  412.243148][  T973] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  412.263980][  T973] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  412.283295][  T973] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.306428][  T973] usb 4-1: Product: syz
[  412.310707][  T973] usb 4-1: Manufacturer: syz
[  412.316550][  T973] usb 4-1: SerialNumber: syz
[  412.338973][  T973] usb 4-1: config 0 descriptor??
[  412.351764][  T973] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  412.370694][  T973] em28xx 4-1:0.0: DVB interface 0 found: bulk
[  412.458307][   T49] smc: removing ib device syz2
[  412.915374][ T5817] Bluetooth: hci0: command tx timeout
[  413.043290][  T973] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  413.218030][T10579] bond0: (slave wlan1): Opening slave failed
[  413.243000][T10548] bridge0: port 1(bridge_slave_0) entered blocking state
[  413.254497][T10548] bridge0: port 1(bridge_slave_0) entered disabled state
[  413.264064][T10548] bridge_slave_0: entered allmulticast mode
[  413.313025][T10548] bridge_slave_0: entered promiscuous mode
[  413.329494][ T5896] vxcan1 speed is unknown, defaulting to 1000
[  413.353299][T10548] bridge0: port 2(bridge_slave_1) entered blocking state
[  413.369523][ T5896] syz2: Port: 1 Link DOWN
[  413.390167][T10548] bridge0: port 2(bridge_slave_1) entered disabled state
[  413.402625][ T5923] hid-generic 0006:0000:0005.0010: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  413.426642][T10548] bridge_slave_1: entered allmulticast mode
[  413.467416][T10548] bridge_slave_1: entered promiscuous mode
[  413.838207][  T973] em28xx 4-1:0.0: read from i2c device at 0xa0 failed with unknown error (status=65)
[  414.096914][   T30] audit: type=1400 audit(1751263567.229:817): avc:  denied  { create } for  pid=10600 comm="syz.2.1196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  414.124018][  T973] em28xx 4-1:0.0: board has no eeprom
[  414.155361][   T30] audit: type=1400 audit(1751263567.239:818): avc:  denied  { write } for  pid=10600 comm="syz.2.1196" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  414.297280][   T30] audit: type=1400 audit(1751263567.779:819): avc:  denied  { write } for  pid=10583 comm="syz.3.1191" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  414.399712][T10598] syz_tun: entered allmulticast mode
[  414.458870][T10548] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  414.502813][T10548] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  415.017102][ T5817] Bluetooth: hci0: command tx timeout
[  415.049454][T10548] team0: Port device team_slave_0 added
[  415.068022][T10548] team0: Port device team_slave_1 added
[  415.123097][T10548] batman_adv: batadv0: Adding interface: batadv_slave_0
[  415.168063][T10548] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  415.204109][T10548] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  415.216954][T10548] batman_adv: batadv0: Adding interface: batadv_slave_1
[  415.224000][T10548] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  415.254033][T10548] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  415.322684][  T973] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  415.332309][  T973] em28xx 4-1:0.0: dvb set to bulk mode.
[  415.340859][ T5875] em28xx 4-1:0.0: Binding DVB extension
[  415.440327][T10548] hsr_slave_0: entered promiscuous mode
[  415.455962][ T5875] em28xx 4-1:0.0: Registering input extension
[  415.460845][T10548] hsr_slave_1: entered promiscuous mode
[  415.479657][T10548] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  415.492906][ T5923] usb 4-1: USB disconnect, device number 24
[  415.501139][ T5923] em28xx 4-1:0.0: Disconnecting em28xx
[  415.509108][T10548] Cannot create hsr debugfs directory
[  415.566519][ T5923] em28xx 4-1:0.0: Closing input extension
[  415.637668][ T5923] em28xx 4-1:0.0: Freeing device
[  415.700768][ T5929] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  415.723229][T10610] syz_tun: left allmulticast mode
[  415.875823][ T5929] usb 1-1: Using ep0 maxpacket: 16
[  415.888424][ T5929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  416.012162][T10548] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  416.031438][ T5929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  416.043418][T10548] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  416.073695][T10548] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  416.099016][ T5929] usb 1-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[  416.100541][T10548] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  416.139364][ T5929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.163572][ T5929] usb 1-1: config 0 descriptor??
[  416.186822][ T5929] usbhid 1-1:0.0: can't add hid device: -22
[  416.216427][ T5929] usbhid 1-1:0.0: probe with driver usbhid failed with error -22
[  416.534542][T10548] 8021q: adding VLAN 0 to HW filter on device bond0
[  416.661077][T10548] 8021q: adding VLAN 0 to HW filter on device team0
[  416.711647][T10656] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1207'.
[  416.715434][T10653] netlink: 'syz.2.1206': attribute type 10 has an invalid length.
[  416.739293][T10634] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1203'.
[  416.750300][T10653] bond0: (slave wlan1): Opening slave failed
[  416.763662][T10656] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1545 sclass=netlink_route_socket pid=10656 comm=syz.4.1207
[  416.857138][ T5812] usb 1-1: USB disconnect, device number 18
[  416.885262][T10548] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  416.941310][T10548] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  416.973356][   T30] audit: type=1400 audit(1751263570.496:820): avc:  denied  { kexec_image_load } for  pid=10633 comm="syz.3.1203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  417.018460][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  417.025588][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  417.074473][ T5817] Bluetooth: hci0: command tx timeout
[  417.106066][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  417.113854][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  417.170616][ T5812] hid-generic 0006:0000:0005.0011: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  417.579711][T10670] netlink: 'syz.0.1210': attribute type 1 has an invalid length.
[  417.754982][T10670] 8021q: adding VLAN 0 to HW filter on device bond1
[  417.816735][T10674] bond1: (slave geneve2): making interface the new active one
[  417.826038][T10674] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  417.950715][T10670] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1210'.
[  417.987667][   T30] audit: type=1400 audit(1751263571.496:821): avc:  denied  { write } for  pid=10678 comm="syz.2.1211" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  418.052664][   T30] audit: type=1400 audit(1751263571.556:822): avc:  denied  { getopt } for  pid=10668 comm="syz.0.1210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  418.073505][   T30] audit: type=1400 audit(1751263571.566:823): avc:  denied  { write } for  pid=10668 comm="syz.0.1210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  418.115931][T10675] veth3: entered promiscuous mode
[  418.164544][T10670] vlan2: entered allmulticast mode
[  418.169821][T10670] bond1: entered allmulticast mode
[  418.177525][T10670] geneve2: entered allmulticast mode
[  418.192389][T10548] 8021q: adding VLAN 0 to HW filter on device batadv0
[  418.700182][T10717] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1215'.
[  418.709695][   T30] audit: type=1400 audit(1751263572.226:824): avc:  denied  { ioctl } for  pid=10691 comm="syz.4.1215" path="socket:[27947]" dev="sockfs" ino=27947 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  419.207772][   T30] audit: type=1400 audit(1751263572.286:825): avc:  denied  { setopt } for  pid=10691 comm="syz.4.1215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  419.915280][T10746] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1216'.
[  420.040102][T10757] FAT-fs (nullb0): bogus number of reserved sectors
[  420.108861][  T973] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  420.185503][T10757] FAT-fs (nullb0): Can't find a valid FAT filesystem
[  420.229168][T10751] bridge_slave_0: left allmulticast mode
[  420.255085][T10751] bridge_slave_0: left promiscuous mode
[  420.277237][T10755] netlink: 'syz.4.1217': attribute type 10 has an invalid length.
[  420.298500][T10751] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.320234][T10751] bridge_slave_1: left allmulticast mode
[  420.328674][T10751] bridge_slave_1: left promiscuous mode
[  420.336508][T10751] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.348964][T10751] bond0: (slave bond_slave_0): Releasing backup interface
[  420.514195][T10765] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  420.915716][T10751] bond_slave_0: left promiscuous mode
[  420.918155][  T973] usb 1-1: Using ep0 maxpacket: 8
[  422.072919][   T30] audit: type=1400 audit(1751263574.836:826): avc:  denied  { map } for  pid=10756 comm="syz.2.1218" path="/dev/ptmx" dev="devtmpfs" ino=615 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ptmx_t tclass=chr_file permissive=1
[  422.110808][  T973] usb 1-1: New USB device found, idVendor=0711, idProduct=0200, bcdDevice=69.34
[  422.126355][   T30] audit: type=1400 audit(1751263574.836:827): avc:  denied  { execute } for  pid=10756 comm="syz.2.1218" path="/dev/ptmx" dev="devtmpfs" ino=615 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ptmx_t tclass=chr_file permissive=1
[  422.126907][T10751] bond0: (slave bond_slave_1): Releasing backup interface
[  422.154102][  T973] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.159402][T10771] FAULT_INJECTION: forcing a failure.
[  422.159402][T10771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  422.185698][  T973] usb 1-1: Product: syz
[  422.191740][T10771] CPU: 1 UID: 0 PID: 10771 Comm: syz.2.1221 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  422.191765][T10771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  422.191776][T10771] Call Trace:
[  422.191782][T10771]  <TASK>
[  422.191789][T10771]  dump_stack_lvl+0x16c/0x1f0
[  422.191819][T10771]  should_fail_ex+0x512/0x640
[  422.191846][T10771]  _copy_to_user+0x32/0xd0
[  422.191872][T10771]  simple_read_from_buffer+0xcb/0x170
[  422.191897][T10771]  proc_fail_nth_read+0x197/0x270
[  422.191920][T10771]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  422.191943][T10771]  ? rw_verify_area+0xcf/0x680
[  422.191962][T10771]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  422.191979][T10771]  vfs_read+0x1e4/0xc60
[  422.191998][T10771]  ? __pfx___mutex_lock+0x10/0x10
[  422.192018][T10771]  ? __pfx_vfs_read+0x10/0x10
[  422.192039][T10771]  ? __fget_files+0x20e/0x3c0
[  422.192062][T10771]  ksys_read+0x12a/0x250
[  422.192078][T10771]  ? __pfx_ksys_read+0x10/0x10
[  422.192094][T10771]  ? fput+0x70/0xf0
[  422.192117][T10771]  do_syscall_64+0xcd/0x4c0
[  422.192138][T10771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.192152][T10771] RIP: 0033:0x7f7c1f78d33c
[  422.192163][T10771] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  422.192177][T10771] RSP: 002b:00007f7c1d5f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  422.192190][T10771] RAX: ffffffffffffffda RBX: 00007f7c1f9b5fa0 RCX: 00007f7c1f78d33c
[  422.192199][T10771] RDX: 000000000000000f RSI: 00007f7c1d5f60a0 RDI: 0000000000000004
[  422.192206][T10771] RBP: 00007f7c1d5f6090 R08: 0000000000000000 R09: 0000000000000000
[  422.192214][T10771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  422.192222][T10771] R13: 0000000000000000 R14: 00007f7c1f9b5fa0 R15: 00007ffe222cca48
[  422.192240][T10771]  </TASK>
[  422.192559][  T973] usb 1-1: Manufacturer: syz
[  422.384275][  T973] usb 1-1: SerialNumber: syz
[  422.386488][T10751] bond_slave_1: left promiscuous mode
[  422.395534][  T973] usb 1-1: config 0 descriptor??
[  422.401933][  T973] mct_u232 1-1:0.0: MCT U232 converter detected
[  422.416655][  T973] mct_u232 ttyUSB0: expected endpoint missing
[  422.426367][T10751] team0: Port device team_slave_0 removed
[  422.440343][T10751] team0: Port device team_slave_1 removed
[  422.449294][T10751] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  422.450287][   T30] audit: type=1400 audit(1751263575.976:828): avc:  denied  { read } for  pid=10774 comm="syz.2.1223" name="sg0" dev="devtmpfs" ino=746 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  422.458017][T10751] batman_adv: batadv0: Removing interface: batadv_slave_0
[  422.480281][    C1] vkms_vblank_simulate: vblank timer overrun
[  422.495581][T10751] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  422.503471][  T973] hid-generic 0006:0000:0005.0012: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  422.528808][ T5812] usb 1-1: USB disconnect, device number 19
[  422.537856][ T5812] mct_u232 1-1:0.0: device disconnected
[  422.544458][T10751] batman_adv: batadv0: Removing interface: batadv_slave_1
[  422.598344][T10755] bond0: (slave wlan1): Opening slave failed
[  422.705628][T10548] veth0_vlan: entered promiscuous mode
[  422.804997][T10548] veth1_vlan: entered promiscuous mode
[  422.963617][T10548] veth0_macvtap: entered promiscuous mode
[  423.037251][T10788] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  423.064560][ T5868] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[  423.508020][T10548] veth1_macvtap: entered promiscuous mode
[  423.580432][T10548] batman_adv: batadv0: Interface activated: batadv_slave_0
[  423.605755][T10548] batman_adv: batadv0: Interface activated: batadv_slave_1
[  423.616854][T10548] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  423.640233][T10548] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  423.655215][ T5868] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  423.672887][T10548] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  423.681873][ T5868] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  423.699438][ T5868] usb 1-1: config 0 descriptor??
[  423.724638][T10548] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  423.920059][ T5868] udl 1-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  423.940187][ T5868] [drm:udl_init] *ERROR* Selecting channel failed
[  423.978601][ T5868] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2
[  423.991576][ T5868] [drm] Initialized udl on minor 2
[  424.056021][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  424.066064][ T5868] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  424.087108][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  424.103508][ T5868] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  424.113538][ T5812] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  424.124921][ T5868] usb 1-1: USB disconnect, device number 20
[  424.132588][ T5812] udl 1-1:0.0: [drm] Cannot find any crtc or sizes
[  424.267651][T10728] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  424.317369][T10728] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  424.605062][T10797] net_ratelimit: 3 callbacks suppressed
[  424.605074][T10797] netlink: zone id is out of range
[  424.618990][   T30] audit: type=1400 audit(1751263577.950:829): avc:  denied  { mounton } for  pid=10548 comm="syz-executor" path="/root/syzkaller.pjXCeI/syz-tmp" dev="sda1" ino=2047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  424.665038][T10801] FAULT_INJECTION: forcing a failure.
[  424.665038][T10801] name failslab, interval 1, probability 0, space 0, times 0
[  424.678301][T10797] netlink: zone id is out of range
[  424.683678][T10801] CPU: 1 UID: 0 PID: 10801 Comm: syz.0.1231 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  424.683702][T10801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  424.683712][T10801] Call Trace:
[  424.683718][T10801]  <TASK>
[  424.683724][T10801]  dump_stack_lvl+0x16c/0x1f0
[  424.683751][T10801]  should_fail_ex+0x512/0x640
[  424.683772][T10801]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  424.683798][T10801]  should_failslab+0xc2/0x120
[  424.683823][T10801]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  424.683843][T10801]  ? __alloc_skb+0x2b2/0x380
[  424.683866][T10801]  __alloc_skb+0x2b2/0x380
[  424.683886][T10801]  ? __pfx___alloc_skb+0x10/0x10
[  424.683903][T10801]  ? ip6_dst_lookup_tail.constprop.0+0x852/0x2140
[  424.683927][T10801]  ? xfrm_lookup_with_ifid+0x8b4/0x1e40
[  424.683952][T10801]  alloc_skb_with_frags+0xe0/0x860
[  424.683975][T10801]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  424.684002][T10801]  sock_alloc_send_pskb+0x7fb/0x990
[  424.684030][T10801]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  424.684052][T10801]  ? find_held_lock+0x2b/0x80
[  424.684073][T10801]  ? ip6_dst_hoplimit+0x1a7/0x430
[  424.684102][T10801]  rawv6_sendmsg+0x1b5c/0x47a0
[  424.684127][T10801]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  424.684163][T10801]  ? avc_has_perm+0x11a/0x1c0
[  424.684179][T10801]  ? __pfx_avc_has_perm+0x10/0x10
[  424.684214][T10801]  ? __import_iovec+0x1dd/0x650
[  424.684237][T10801]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  424.684253][T10801]  ? inet_sendmsg+0x11c/0x140
[  424.684272][T10801]  inet_sendmsg+0x11c/0x140
[  424.684294][T10801]  ____sys_sendmsg+0x973/0xc70
[  424.684311][T10801]  ? copy_msghdr_from_user+0x10a/0x160
[  424.684334][T10801]  ? __pfx_____sys_sendmsg+0x10/0x10
[  424.684354][T10801]  ? __pfx__kstrtoull+0x10/0x10
[  424.684378][T10801]  ___sys_sendmsg+0x134/0x1d0
[  424.684403][T10801]  ? __pfx____sys_sendmsg+0x10/0x10
[  424.684438][T10801]  ? find_held_lock+0x2b/0x80
[  424.684474][T10801]  __sys_sendmmsg+0x200/0x420
[  424.684500][T10801]  ? __pfx___sys_sendmmsg+0x10/0x10
[  424.684538][T10801]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  424.684575][T10801]  ? fput+0x70/0xf0
[  424.684601][T10801]  ? ksys_write+0x1ac/0x250
[  424.684622][T10801]  ? __pfx_ksys_write+0x10/0x10
[  424.684648][T10801]  __x64_sys_sendmmsg+0x9c/0x100
[  424.684671][T10801]  ? lockdep_hardirqs_on+0x7c/0x110
[  424.684695][T10801]  do_syscall_64+0xcd/0x4c0
[  424.684722][T10801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  424.684741][T10801] RIP: 0033:0x7f24b378e929
[  424.684755][T10801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  424.684771][T10801] RSP: 002b:00007f24b46e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  424.684787][T10801] RAX: ffffffffffffffda RBX: 00007f24b39b5fa0 RCX: 00007f24b378e929
[  424.684798][T10801] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000003
[  424.684807][T10801] RBP: 00007f24b46e1090 R08: 0000000000000000 R09: 0000000000000000
[  424.684817][T10801] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[  424.684826][T10801] R13: 0000000000000000 R14: 00007f24b39b5fa0 R15: 00007ffce8837d48
[  424.684848][T10801]  </TASK>
[  424.690460][T10797] netlink: zone id is out of range
[  425.006781][   T30] audit: type=1400 audit(1751263578.180:830): avc:  denied  { mounton } for  pid=10548 comm="syz-executor" path="/root/syzkaller.pjXCeI/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  425.041679][   T30] audit: type=1400 audit(1751263578.180:831): avc:  denied  { mounton } for  pid=10548 comm="syz-executor" path="/root/syzkaller.pjXCeI/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=28834 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  425.079469][T10797] netlink: zone id is out of range
[  425.089608][T10797] netlink: zone id is out of range
[  425.130203][T10797] netlink: zone id is out of range
[  425.136006][T10797] netlink: del zone limit has 4 unknown bytes
[  425.154552][T10799] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=41 sclass=netlink_tcpdiag_socket pid=10799 comm=syz.4.1230
[  425.181272][   T30] audit: type=1400 audit(1751263578.190:832): avc:  denied  { mounton } for  pid=10548 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2774 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  425.325667][T10811] netlink: 'syz.5.1234': attribute type 1 has an invalid length.
[  425.386521][   T30] audit: type=1400 audit(1751263578.190:833): avc:  denied  { mount } for  pid=10548 comm="syz-executor" name="/" dev="gadgetfs" ino=6648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  425.444649][   T30] audit: type=1400 audit(1751263578.190:834): avc:  denied  { mount } for  pid=10548 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  426.495512][   T30] audit: type=1400 audit(1751263578.190:835): avc:  denied  { mounton } for  pid=10548 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  426.544287][   T30] audit: type=1400 audit(1751263579.040:836): avc:  denied  { write } for  pid=10813 comm="syz.4.1235" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  426.641478][T10822] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  426.771352][  T973] hid-generic 0006:0000:0005.0013: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  426.783574][T10823] bridge_slave_0: left allmulticast mode
[  426.850056][T10825] netlink: 'syz.5.1236': attribute type 10 has an invalid length.
[  426.859366][T10823] bridge_slave_0: left promiscuous mode
[  426.867575][T10823] bridge0: port 1(bridge_slave_0) entered disabled state
[  427.090526][T10830] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  427.500669][T10823] bridge_slave_1: left allmulticast mode
[  427.537310][T10823] bridge_slave_1: left promiscuous mode
[  427.586848][T10823] bridge0: port 2(bridge_slave_1) entered disabled state
[  427.647658][T10823] bond0: (slave bond_slave_0): Releasing backup interface
[  428.015539][T10823] bond0: (slave bond_slave_1): Releasing backup interface
[  428.393642][T10823] team0: Port device team_slave_0 removed
[  428.436624][T10823] team0: Port device team_slave_1 removed
[  428.453795][T10823] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  428.464405][T10823] batman_adv: batadv0: Removing interface: batadv_slave_0
[  428.479980][T10823] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  428.504462][T10823] batman_adv: batadv0: Removing interface: batadv_slave_1
[  428.506626][T10842] FAULT_INJECTION: forcing a failure.
[  428.506626][T10842] name failslab, interval 1, probability 0, space 0, times 0
[  428.531951][T10842] CPU: 1 UID: 0 PID: 10842 Comm: syz.4.1242 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  428.531977][T10842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  428.531986][T10842] Call Trace:
[  428.531994][T10842]  <TASK>
[  428.532001][T10842]  dump_stack_lvl+0x16c/0x1f0
[  428.532029][T10842]  should_fail_ex+0x512/0x640
[  428.532045][T10842]  ? __kmalloc_noprof+0xbf/0x510
[  428.532059][T10842]  ? drm_atomic_state_init+0xe4/0x320
[  428.532070][T10842]  should_failslab+0xc2/0x120
[  428.532085][T10842]  __kmalloc_noprof+0xd2/0x510
[  428.532100][T10842]  drm_atomic_state_init+0xe4/0x320
[  428.532110][T10842]  ? __kasan_kmalloc+0xaa/0xb0
[  428.532123][T10842]  drm_atomic_state_alloc+0xd3/0x120
[  428.532134][T10842]  drm_atomic_helper_disable_plane+0x39/0x270
[  428.532150][T10842]  __setplane_atomic+0x2ea/0x380
[  428.532168][T10842]  drm_mode_cursor_universal+0x4a6/0xcb0
[  428.532188][T10842]  ? __pfx_drm_mode_cursor_universal+0x10/0x10
[  428.532209][T10842]  ? __pfx_drm_lease_held+0x10/0x10
[  428.532223][T10842]  ? modeset_lock+0x114/0x6e0
[  428.532244][T10842]  drm_mode_cursor_common+0x308/0x960
[  428.532263][T10842]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  428.532287][T10842]  ? drm_is_current_master+0x2c/0x40
[  428.532298][T10842]  ? do_raw_spin_unlock+0x172/0x230
[  428.532312][T10842]  drm_ioctl_kernel+0x1f1/0x3e0
[  428.532325][T10842]  ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10
[  428.532342][T10842]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  428.532360][T10842]  drm_ioctl+0x5c9/0xc30
[  428.532376][T10842]  ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10
[  428.532392][T10842]  ? __pfx_drm_ioctl+0x10/0x10
[  428.532412][T10842]  ? selinux_file_ioctl+0x180/0x270
[  428.532426][T10842]  ? selinux_file_ioctl+0xb4/0x270
[  428.532440][T10842]  ? __pfx_drm_ioctl+0x10/0x10
[  428.532454][T10842]  __x64_sys_ioctl+0x18b/0x210
[  428.532467][T10842]  do_syscall_64+0xcd/0x4c0
[  428.532486][T10842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.532498][T10842] RIP: 0033:0x7fc272f8e929
[  428.532508][T10842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  428.532518][T10842] RSP: 002b:00007fc273e79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  428.532528][T10842] RAX: ffffffffffffffda RBX: 00007fc2731b5fa0 RCX: 00007fc272f8e929
[  428.532534][T10842] RDX: 0000200000000080 RSI: 00000000c02464bb RDI: 0000000000000003
[  428.532541][T10842] RBP: 00007fc273e79090 R08: 0000000000000000 R09: 0000000000000000
[  428.532546][T10842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  428.532552][T10842] R13: 0000000000000000 R14: 00007fc2731b5fa0 R15: 00007ffcb29f4b48
[  428.532566][T10842]  </TASK>
[  428.794815][    C1] vkms_vblank_simulate: vblank timer overrun
[  428.821466][T10825] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  429.029808][T10849] netlink: zone id is out of range
[  429.038834][T10849] netlink: zone id is out of range
[  429.044329][T10849] netlink: zone id is out of range
[  429.129295][T10855] syz.4.1247 (10855): drop_caches: 2
[  429.330762][T10862] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  429.747657][ T5923] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  430.090360][ T5923] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  430.091006][T10867] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  430.101539][ T5923] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  430.126791][ T5923] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  430.136141][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.151764][T10867] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  430.160779][ T5923] usb 1-1: config 0 descriptor??
[  430.317389][T10865] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  430.496068][ T5896] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  430.693899][ T5896] usb 3-1: device descriptor read/64, error -71
[  430.713687][   T30] audit: type=1400 audit(1751263584.240:837): avc:  denied  { read } for  pid=10839 comm="syz.0.1241" name="binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  430.721056][ T5923] cp2112 0003:10C4:EA90.0014: unknown main item tag 0x0
[  430.743899][   T30] audit: type=1400 audit(1751263584.240:838): avc:  denied  { open } for  pid=10839 comm="syz.0.1241" path="/dev/binderfs/binder0" dev="binder" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  430.811960][T10875] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  431.225222][   T30] audit: type=1400 audit(1751263584.240:839): avc:  denied  { ioctl } for  pid=10839 comm="syz.0.1241" path="/dev/binderfs/binder0" dev="binder" ino=13 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  431.252499][   T30] audit: type=1400 audit(1751263584.240:840): avc:  denied  { set_context_mgr } for  pid=10839 comm="syz.0.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  431.308793][ T5923] cp2112 0003:10C4:EA90.0014: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  431.343997][ T5896] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  431.390492][ T5923] cp2112 0003:10C4:EA90.0014: Part Number: 0x82 Device Version: 0xFE
[  431.647262][ T5923] cp2112 0003:10C4:EA90.0014: error requesting SMBus config
[  431.899828][T10885] overlayfs: failed to resolve './file1': -2
[  431.900513][ T5923] cp2112 0003:10C4:EA90.0014: probe with driver cp2112 failed with error -5
[  432.473803][T10899] netlink: 'syz.2.1257': attribute type 10 has an invalid length.
[  432.482732][T10899] bond0: (slave wlan1): Opening slave failed
[  432.873133][T10914] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  433.089226][T10903] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  433.096405][   T30] audit: type=1400 audit(1751263586.622:841): avc:  denied  { accept } for  pid=10902 comm="syz.5.1260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  433.253087][    T9] usb 1-1: USB disconnect, device number 21
[  433.287226][   T30] audit: type=1400 audit(1751263586.822:842): avc:  denied  { bind } for  pid=10918 comm="syz.3.1264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  433.307083][T10919] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1264'.
[  433.753906][T10928] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  435.079649][T10945] futex_wake_op: syz.0.1271 tries to shift op by -1; fix this program
[  435.223220][T10945] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1271'.
[  435.378130][T10962] netlink: 'syz.5.1272': attribute type 10 has an invalid length.
[  435.517375][T10954] bond0: (slave wlan1): Releasing backup interface
[  435.986248][   T30] audit: type=1400 audit(1751263589.142:843): avc:  denied  { shutdown } for  pid=10959 comm="syz.2.1275" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  436.051463][T10958] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1274'.
[  436.088426][T10962] bond0: (slave wlan1): Opening slave failed
[  436.364664][ T5868] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  436.474721][   T30] audit: type=1400 audit(1751263589.782:844): avc:  denied  { append } for  pid=10972 comm="syz.4.1277" name="video3" dev="devtmpfs" ino=934 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  436.669845][ T5868] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  436.684120][ T5868] usb 4-1: config 0 has no interface number 0
[  436.690595][ T5868] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  436.699823][ T5868] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  436.710099][ T5868] usb 4-1: config 0 descriptor??
[  436.716979][ T5868] cp210x 4-1:0.2: cp210x converter detected
[  436.982359][T10988] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  438.633955][ T5868] cp210x 4-1:0.2: failed to get vendor val 0x370b size 1: -71
[  438.771672][ T5868] cp210x 4-1:0.2: querying part number failed
[  438.778419][T10997] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  438.793652][ T5868] usb 4-1: cp210x converter now attached to ttyUSB0
[  438.802185][ T5868] usb 4-1: USB disconnect, device number 25
[  438.864741][T11001] syz.2.1283 (11001): drop_caches: 2
[  438.896361][ T5868] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  438.912611][ T5868] cp210x 4-1:0.2: device disconnected
[  439.025612][T11008] syz.3.1286 (11008): drop_caches: 2
[  439.605867][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  439.612208][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  441.250434][T11040] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  442.582425][T11067] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1300'.
[  442.592255][T11067] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1300'.
[  442.616212][   T30] audit: type=1326 audit(1751263596.112:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae278e929 code=0x7ffc0000
[  442.799174][   T30] audit: type=1326 audit(1751263596.112:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae278e929 code=0x7ffc0000
[  442.857043][T11080] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  443.288393][   T30] audit: type=1326 audit(1751263596.112:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f5ae278e929 code=0x7ffc0000
[  443.385310][   T30] audit: type=1326 audit(1751263596.112:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae278e929 code=0x7ffc0000
[  443.577091][   T30] audit: type=1326 audit(1751263596.112:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae278e929 code=0x7ffc0000
[  443.600502][    C0] vkms_vblank_simulate: vblank timer overrun
[  443.677528][T11084] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1305'.
[  444.062562][   T30] audit: type=1326 audit(1751263596.112:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5ae278e929 code=0x7ffc0000
[  444.085885][    C0] vkms_vblank_simulate: vblank timer overrun
[  444.211637][T11093] FAULT_INJECTION: forcing a failure.
[  444.211637][T11093] name failslab, interval 1, probability 0, space 0, times 0
[  444.232528][T11095] netlink: 'syz.0.1307': attribute type 1 has an invalid length.
[  444.241989][T11093] CPU: 1 UID: 0 PID: 11093 Comm: syz.4.1308 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  444.242013][T11093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  444.242024][T11093] Call Trace:
[  444.242031][T11093]  <TASK>
[  444.242037][T11093]  dump_stack_lvl+0x16c/0x1f0
[  444.242066][T11093]  should_fail_ex+0x512/0x640
[  444.242092][T11093]  should_failslab+0xc2/0x120
[  444.242117][T11093]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  444.242146][T11093]  ? skb_clone+0x190/0x3f0
[  444.242174][T11093]  skb_clone+0x190/0x3f0
[  444.242197][T11093]  netlink_deliver_tap+0xabd/0xd30
[  444.242228][T11093]  netlink_unicast+0x5df/0x7f0
[  444.242247][T11093]  ? __pfx_netlink_unicast+0x10/0x10
[  444.242268][T11093]  netlink_sendmsg+0x8d1/0xdd0
[  444.242287][T11093]  ? __pfx_netlink_sendmsg+0x10/0x10
[  444.242314][T11093]  ____sys_sendmsg+0xa95/0xc70
[  444.242332][T11093]  ? copy_msghdr_from_user+0x10a/0x160
[  444.242354][T11093]  ? __pfx_____sys_sendmsg+0x10/0x10
[  444.242384][T11093]  ___sys_sendmsg+0x134/0x1d0
[  444.242406][T11093]  ? __pfx____sys_sendmsg+0x10/0x10
[  444.242426][T11093]  ? __lock_acquire+0x622/0x1c90
[  444.242483][T11093]  __sys_sendmsg+0x16d/0x220
[  444.242505][T11093]  ? __pfx___sys_sendmsg+0x10/0x10
[  444.242543][T11093]  do_syscall_64+0xcd/0x4c0
[  444.242571][T11093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.242589][T11093] RIP: 0033:0x7fc272f8e929
[  444.242603][T11093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.242619][T11093] RSP: 002b:00007fc273e79038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  444.242637][T11093] RAX: ffffffffffffffda RBX: 00007fc2731b5fa0 RCX: 00007fc272f8e929
[  444.242648][T11093] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  444.242659][T11093] RBP: 00007fc273e79090 R08: 0000000000000000 R09: 0000000000000000
[  444.242669][T11093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  444.242679][T11093] R13: 0000000000000000 R14: 00007fc2731b5fa0 R15: 00007ffcb29f4b48
[  444.242703][T11093]  </TASK>
[  444.693296][   T30] audit: type=1326 audit(1751263596.112:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae278e929 code=0x7ffc0000
[  444.826137][   T30] audit: type=1326 audit(1751263596.112:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae278e929 code=0x7ffc0000
[  444.857200][T11090] lo speed is unknown, defaulting to 1000
[  445.027305][T11105] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1310'.
[  445.034084][T11090] lo speed is unknown, defaulting to 1000
[  445.107257][T11106] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  445.615806][   T30] audit: type=1326 audit(1751263596.112:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f5ae278e929 code=0x7ffc0000
[  445.650623][T11090] lo speed is unknown, defaulting to 1000
[  445.687788][T11090] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  445.715785][   T30] audit: type=1326 audit(1751263596.122:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11066 comm="syz.3.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae278e929 code=0x7ffc0000
[  445.780322][T11090] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  445.848990][T11109] lo speed is unknown, defaulting to 1000
[  445.971792][T11090] lo speed is unknown, defaulting to 1000
[  446.020619][T11090] lo speed is unknown, defaulting to 1000
[  446.040495][T11090] lo speed is unknown, defaulting to 1000
[  446.067823][T11090] lo speed is unknown, defaulting to 1000
[  446.082228][T11090] lo speed is unknown, defaulting to 1000
[  447.287311][T11135] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  447.843017][ T5868] usb 4-1: new full-speed USB device number 26 using dummy_hcd
[  448.126770][T11142] netlink: 'syz.2.1320': attribute type 1 has an invalid length.
[  448.137559][ T5868] usb 4-1: not running at top speed; connect to a high speed hub
[  448.148107][T11144] SELinux:  policydb magic number 0x37cff8c does not match expected magic number 0xf97cff8c
[  448.158252][T11144] SELinux: failed to load policy
[  448.170249][ T5868] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  448.186294][ T5868] usb 4-1: config 1 has no interface number 1
[  448.194346][ T5868] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  448.211746][ T5868] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  448.217460][   T30] kauditd_printk_skb: 23 callbacks suppressed
[  448.217474][   T30] audit: type=1400 audit(1751263601.754:878): avc:  denied  { map } for  pid=11145 comm="syz.2.1322" path="pipe:[30811]" dev="pipefs" ino=30811 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  448.244283][ T5868] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.257841][ T5868] usb 4-1: Product: syz
[  448.262049][ T5868] usb 4-1: Manufacturer: syz
[  448.266718][ T5868] usb 4-1: SerialNumber: syz
[  448.488787][ T5868] usb 4-1: failed to enable PITCH for EP 0x82
[  448.518877][ T5868] usb 4-1: USB disconnect, device number 26
[  448.538383][T11152] FAULT_INJECTION: forcing a failure.
[  448.538383][T11152] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  448.554497][T11152] CPU: 0 UID: 0 PID: 11152 Comm: syz.0.1324 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  448.554522][T11152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  448.554532][T11152] Call Trace:
[  448.554538][T11152]  <TASK>
[  448.554544][T11152]  dump_stack_lvl+0x16c/0x1f0
[  448.554575][T11152]  should_fail_ex+0x512/0x640
[  448.554601][T11152]  _copy_from_user+0x2e/0xd0
[  448.554621][T11152]  do_sys_poll+0x1d5/0xdf0
[  448.554639][T11152]  ? kernel_text_address+0x8d/0x100
[  448.554656][T11152]  ? arch_stack_walk+0xa6/0x100
[  448.554671][T11152]  ? __pfx_do_sys_poll+0x10/0x10
[  448.554707][T11152]  ? __lock_acquire+0x622/0x1c90
[  448.554764][T11152]  ? __pfx_timespec64_add_safe+0x10/0x10
[  448.554778][T11152]  ? ktime_get_ts64+0x2d2/0x400
[  448.554798][T11152]  ? read_tsc+0x9/0x20
[  448.554812][T11152]  ? ktime_get_ts64+0x256/0x400
[  448.554835][T11152]  __x64_sys_poll+0x1a6/0x450
[  448.554853][T11152]  ? __pfx___x64_sys_poll+0x10/0x10
[  448.554876][T11152]  do_syscall_64+0xcd/0x4c0
[  448.554897][T11152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  448.554911][T11152] RIP: 0033:0x7f24b378e929
[  448.554923][T11152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  448.554936][T11152] RSP: 002b:00007f24b46e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007
[  448.554950][T11152] RAX: ffffffffffffffda RBX: 00007f24b39b5fa0 RCX: 00007f24b378e929
[  448.554959][T11152] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000200000000000
[  448.554967][T11152] RBP: 00007f24b46e1090 R08: 0000000000000000 R09: 0000000000000000
[  448.554975][T11152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  448.554984][T11152] R13: 0000000000000000 R14: 00007f24b39b5fa0 R15: 00007ffce8837d48
[  448.555002][T11152]  </TASK>
[  448.980589][T11156] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  449.595464][T11163] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  449.847524][T11169] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  450.179269][T11171] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1330'.
[  450.339532][   T30] audit: type=1400 audit(1751263603.874:879): avc:  denied  { setopt } for  pid=11173 comm="syz.4.1331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  450.421410][T11175] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  450.830340][T11174] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1331'.
[  451.514131][ T5868] usb 1-1: new low-speed USB device number 22 using dummy_hcd
[  451.664320][ T5923] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  451.677779][ T5868] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  451.704436][ T5868] usb 1-1: config 0 has no interface number 0
[  451.711430][ T5868] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  451.771153][ T5868] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  451.811820][ T5868] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  451.822106][ T5923] usb 5-1: device descriptor read/64, error -71
[  451.833984][ T5868] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.845836][ T5868] usb 1-1: config 0 descriptor??
[  451.851345][T11175] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  451.866489][ T5868] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  452.093363][ T5923] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  452.214133][T11189] syz.5.1335 (11189): drop_caches: 2
[  452.224326][ T5923] usb 5-1: device descriptor read/64, error -71
[  452.229051][T11189] syz.5.1335 (11189): drop_caches: 2
[  452.334490][ T5923] usb usb5-port1: attempt power cycle
[  452.409843][T11199] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1337'.
[  452.614031][ T5896] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  452.653935][    T9] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  452.683932][ T5923] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  452.716463][ T5923] usb 5-1: device descriptor read/8, error -71
[  452.763923][ T5896] usb 6-1: Using ep0 maxpacket: 32
[  452.771318][ T5896] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  452.782607][ T5896] usb 6-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  452.795086][ T5896] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  452.804962][    T9] usb 4-1: Using ep0 maxpacket: 8
[  452.810297][ T5896] usb 6-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  452.882984][ T5896] usb 6-1: Product: syz
[  452.888568][ T5896] usb 6-1: Manufacturer: syz
[  452.897595][    T9] usb 4-1: New USB device found, idVendor=0711, idProduct=0200, bcdDevice=69.34
[  452.907998][ T5896] hub 6-1:4.0: USB hub found
[  452.913457][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.921974][    T9] usb 4-1: Product: syz
[  452.926264][    T9] usb 4-1: Manufacturer: syz
[  452.930928][    T9] usb 4-1: SerialNumber: syz
[  453.005249][ T5923] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  453.053159][ T5923] usb 5-1: device descriptor read/8, error -71
[  453.152190][ T5896] hub 6-1:4.0: config failed, can't read hub descriptor (err -22)
[  453.222909][ T5923] usb usb5-port1: unable to enumerate USB device
[  453.263478][ T5923] usb 1-1: USB disconnect, device number 22
[  453.510335][    T9] usb 4-1: config 0 descriptor??
[  453.517602][    T9] mct_u232 4-1:0.0: MCT U232 converter detected
[  453.524971][    T9] mct_u232 ttyUSB0: expected endpoint missing
[  453.539479][ T5896] usb 6-1: USB disconnect, device number 2
[  453.655364][T11212] netlink: 'syz.0.1340': attribute type 10 has an invalid length.
[  453.687193][T11207] bond1: (slave geneve2): Releasing active interface
[  453.707643][T11207] geneve2: left allmulticast mode
[  454.036311][T11212] bond0: (slave wlan1): Opening slave failed
[  454.741605][   T30] audit: type=1400 audit(1751263607.794:880): avc:  denied  { connect } for  pid=11220 comm="syz.5.1343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  454.829287][T11230] FAULT_INJECTION: forcing a failure.
[  454.829287][T11230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  454.852365][T11230] CPU: 1 UID: 0 PID: 11230 Comm: syz.2.1345 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  454.852391][T11230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  454.852401][T11230] Call Trace:
[  454.852407][T11230]  <TASK>
[  454.852415][T11230]  dump_stack_lvl+0x16c/0x1f0
[  454.852442][T11230]  should_fail_ex+0x512/0x640
[  454.852466][T11230]  _copy_from_iter+0x29f/0x16f0
[  454.852492][T11230]  ? __pfx__copy_from_iter+0x10/0x10
[  454.852514][T11230]  ? _copy_from_iter+0x15d/0x16f0
[  454.852543][T11230]  skb_copy_datagram_from_iter+0x124/0x740
[  454.852564][T11230]  ? __pfx__kstrtoull+0x10/0x10
[  454.852580][T11230]  ? iov_iter_advance+0x7d/0x6c0
[  454.852605][T11230]  tun_get_user+0x17ac/0x3b80
[  454.852642][T11230]  ? __pfx_tun_get_user+0x10/0x10
[  454.852662][T11230]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  454.852691][T11230]  ? find_held_lock+0x2b/0x80
[  454.852712][T11230]  ? tun_get+0x191/0x370
[  454.852739][T11230]  tun_chr_write_iter+0xdc/0x210
[  454.852764][T11230]  vfs_write+0x6c4/0x1150
[  454.852786][T11230]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  454.852811][T11230]  ? __pfx_vfs_write+0x10/0x10
[  454.852829][T11230]  ? find_held_lock+0x2b/0x80
[  454.852863][T11230]  ksys_write+0x12a/0x250
[  454.852883][T11230]  ? __pfx_ksys_write+0x10/0x10
[  454.852910][T11230]  do_syscall_64+0xcd/0x4c0
[  454.852936][T11230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  454.852953][T11230] RIP: 0033:0x7f7c1f78e929
[  454.852967][T11230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  454.852984][T11230] RSP: 002b:00007f7c1d5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  454.852999][T11230] RAX: ffffffffffffffda RBX: 00007f7c1f9b5fa0 RCX: 00007f7c1f78e929
[  454.853009][T11230] RDX: 000000000000004e RSI: 0000200000000280 RDI: 0000000000000003
[  454.853024][T11230] RBP: 00007f7c1d5f6090 R08: 0000000000000000 R09: 0000000000000000
[  454.853034][T11230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  454.853044][T11230] R13: 0000000000000000 R14: 00007f7c1f9b5fa0 R15: 00007ffe222cca48
[  454.853068][T11230]  </TASK>
[  455.062014][    C1] vkms_vblank_simulate: vblank timer overrun
[  455.321820][   T24] usb 4-1: USB disconnect, device number 27
[  455.328492][   T24] mct_u232 4-1:0.0: device disconnected
[  455.565774][T11241] lo speed is unknown, defaulting to 1000
[  455.861618][   T30] audit: type=1400 audit(1751263608.934:881): avc:  denied  { connect } for  pid=11232 comm="syz.5.1346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  456.030885][T11250] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1350'.
[  456.096097][T11244] loop2: detected capacity change from 0 to 7
[  456.119848][T11244] Dev loop2: unable to read RDB block 7
[  456.127162][T11244]  loop2: unable to read partition table
[  456.180980][T11244] loop2: partition table beyond EOD, truncated
[  456.217077][T11244] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  456.264867][T11255] FAULT_INJECTION: forcing a failure.
[  456.264867][T11255] name failslab, interval 1, probability 0, space 0, times 0
[  456.267378][T11258] vivid-004: disconnect
[  456.277635][   T30] audit: type=1400 audit(1751263609.804:882): avc:  denied  { ioctl } for  pid=11254 comm="syz.5.1351" path="socket:[31044]" dev="sockfs" ino=31044 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  456.313933][T11255] CPU: 0 UID: 0 PID: 11255 Comm: syz.5.1351 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  456.313964][T11255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  456.313973][T11255] Call Trace:
[  456.313979][T11255]  <TASK>
[  456.313985][T11255]  dump_stack_lvl+0x16c/0x1f0
[  456.314013][T11255]  should_fail_ex+0x512/0x640
[  456.314038][T11255]  should_failslab+0xc2/0x120
[  456.314063][T11255]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  456.314085][T11255]  ? skb_clone+0x190/0x3f0
[  456.314111][T11255]  skb_clone+0x190/0x3f0
[  456.314135][T11255]  netlink_deliver_tap+0xabd/0xd30
[  456.314166][T11255]  netlink_unicast+0x5df/0x7f0
[  456.314186][T11255]  ? __pfx_netlink_unicast+0x10/0x10
[  456.314210][T11255]  netlink_sendmsg+0x8d1/0xdd0
[  456.314231][T11255]  ? __pfx_netlink_sendmsg+0x10/0x10
[  456.314256][T11255]  ____sys_sendmsg+0xa95/0xc70
[  456.314275][T11255]  ? copy_msghdr_from_user+0x10a/0x160
[  456.314299][T11255]  ? __pfx_____sys_sendmsg+0x10/0x10
[  456.314327][T11255]  ___sys_sendmsg+0x134/0x1d0
[  456.314351][T11255]  ? __pfx____sys_sendmsg+0x10/0x10
[  456.314372][T11255]  ? __lock_acquire+0x622/0x1c90
[  456.314428][T11255]  __sys_sendmsg+0x16d/0x220
[  456.314451][T11255]  ? __pfx___sys_sendmsg+0x10/0x10
[  456.314491][T11255]  do_syscall_64+0xcd/0x4c0
[  456.314513][T11255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.314527][T11255] RIP: 0033:0x7fb087f8e929
[  456.314538][T11255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  456.314552][T11255] RSP: 002b:00007fb088dfc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  456.314565][T11255] RAX: ffffffffffffffda RBX: 00007fb0881b5fa0 RCX: 00007fb087f8e929
[  456.314574][T11255] RDX: 0000000000000000 RSI: 0000200000001180 RDI: 0000000000000003
[  456.314582][T11255] RBP: 00007fb088dfc090 R08: 0000000000000000 R09: 0000000000000000
[  456.314590][T11255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  456.314598][T11255] R13: 0000000000000000 R14: 00007fb0881b5fa0 R15: 00007fffa6ac7b98
[  456.314616][T11255]  </TASK>
[  456.529080][ T5923] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  456.540485][T11258] FAULT_INJECTION: forcing a failure.
[  456.540485][T11258] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  456.554122][T11258] CPU: 0 UID: 0 PID: 11258 Comm: syz.4.1352 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  456.554146][T11258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  456.554156][T11258] Call Trace:
[  456.554162][T11258]  <TASK>
[  456.554168][T11258]  dump_stack_lvl+0x16c/0x1f0
[  456.554197][T11258]  should_fail_ex+0x512/0x640
[  456.554224][T11258]  _copy_to_user+0x32/0xd0
[  456.554250][T11258]  simple_read_from_buffer+0xcb/0x170
[  456.554274][T11258]  proc_fail_nth_read+0x197/0x270
[  456.554297][T11258]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  456.554319][T11258]  ? rw_verify_area+0xcf/0x680
[  456.554338][T11258]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  456.554359][T11258]  vfs_read+0x1e4/0xc60
[  456.554383][T11258]  ? __pfx___mutex_lock+0x10/0x10
[  456.554408][T11258]  ? __pfx_vfs_read+0x10/0x10
[  456.554436][T11258]  ? __fget_files+0x20e/0x3c0
[  456.554466][T11258]  ksys_read+0x12a/0x250
[  456.554486][T11258]  ? __pfx_ksys_read+0x10/0x10
[  456.554514][T11258]  do_syscall_64+0xcd/0x4c0
[  456.554541][T11258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  456.554559][T11258] RIP: 0033:0x7fc272f8d33c
[  456.554573][T11258] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  456.554590][T11258] RSP: 002b:00007fc273e79030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  456.554607][T11258] RAX: ffffffffffffffda RBX: 00007fc2731b5fa0 RCX: 00007fc272f8d33c
[  456.554618][T11258] RDX: 000000000000000f RSI: 00007fc273e790a0 RDI: 0000000000000006
[  456.554628][T11258] RBP: 00007fc273e79090 R08: 0000000000000000 R09: 0000000000000000
[  456.554638][T11258] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  456.554648][T11258] R13: 0000000000000000 R14: 00007fc2731b5fa0 R15: 00007ffcb29f4b48
[  456.554671][T11258]  </TASK>
[  456.768018][ T5822] Bluetooth: hci4: command 0x0406 tx timeout
[  456.794806][T11256] vivid-004: reconnect
[  456.964548][ T5923] usb 1-1: config 0 has an invalid interface number: 2 but max is 0
[  456.973970][ T5923] usb 1-1: config 0 has no interface number 0
[  456.986668][ T5923] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  456.997597][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  457.011738][ T5923] usb 1-1: config 0 descriptor??
[  457.419804][ T5923] cp210x 1-1:0.2: cp210x converter detected
[  457.440784][   T30] audit: type=1400 audit(1751263610.974:883): avc:  denied  { ioctl } for  pid=11268 comm="syz.5.1354" path="/dev/ptyqf" dev="devtmpfs" ino=134 ioctlcmd=0x5418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  457.958019][   T30] audit: type=1400 audit(1751263611.324:884): avc:  denied  { map } for  pid=11268 comm="syz.5.1354" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  457.994188][   T30] audit: type=1400 audit(1751263611.324:885): avc:  denied  { execute } for  pid=11268 comm="syz.5.1354" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  458.408243][ T5923] cp210x 1-1:0.2: failed to get vendor val 0x370b size 1: -71
[  458.426718][ T5923] cp210x 1-1:0.2: querying part number failed
[  458.440741][   T30] audit: type=1400 audit(1751263611.974:886): avc:  denied  { accept } for  pid=11268 comm="syz.5.1354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  458.455020][ T5923] usb 1-1: cp210x converter now attached to ttyUSB0
[  458.592413][ T5923] usb 1-1: USB disconnect, device number 23
[  459.394350][ T5923] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  459.435530][ T5923] cp210x 1-1:0.2: device disconnected
[  461.118691][   T30] audit: type=1400 audit(1751263614.425:887): avc:  denied  { bind } for  pid=11299 comm="syz.0.1362" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  462.464947][T11337] lo speed is unknown, defaulting to 1000
[  462.498017][ T5923] hid-generic 0006:0000:0005.0015: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  463.168083][T11358] FAULT_INJECTION: forcing a failure.
[  463.168083][T11358] name failslab, interval 1, probability 0, space 0, times 0
[  463.180861][T11358] CPU: 1 UID: 0 PID: 11358 Comm: syz.2.1375 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  463.180884][T11358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  463.180895][T11358] Call Trace:
[  463.180900][T11358]  <TASK>
[  463.180907][T11358]  dump_stack_lvl+0x16c/0x1f0
[  463.180937][T11358]  should_fail_ex+0x512/0x640
[  463.180960][T11358]  ? __kmalloc_noprof+0xbf/0x510
[  463.180984][T11358]  ? alloc_pipe_info+0x1ec/0x590
[  463.181008][T11358]  should_failslab+0xc2/0x120
[  463.181032][T11358]  __kmalloc_noprof+0xd2/0x510
[  463.181054][T11358]  ? kasan_check_range+0x150/0x1b0
[  463.181074][T11358]  alloc_pipe_info+0x1ec/0x590
[  463.181101][T11358]  splice_direct_to_actor+0x77d/0xa30
[  463.181125][T11358]  ? __pfx_direct_splice_actor+0x10/0x10
[  463.181154][T11358]  ? find_held_lock+0x2b/0x80
[  463.181175][T11358]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  463.181205][T11358]  do_splice_direct+0x174/0x240
[  463.181227][T11358]  ? __pfx_do_splice_direct+0x10/0x10
[  463.181250][T11358]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  463.181273][T11358]  ? bpf_lsm_file_permission+0x9/0x10
[  463.181299][T11358]  ? security_file_permission+0x71/0x210
[  463.181325][T11358]  ? rw_verify_area+0xcf/0x680
[  463.181347][T11358]  do_sendfile+0xb06/0xe50
[  463.181372][T11358]  ? __pfx_do_sendfile+0x10/0x10
[  463.181393][T11358]  ? __fget_files+0x20e/0x3c0
[  463.181423][T11358]  __x64_sys_sendfile64+0x1d8/0x220
[  463.181447][T11358]  ? ksys_write+0x1ac/0x250
[  463.181468][T11358]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  463.181501][T11358]  do_syscall_64+0xcd/0x4c0
[  463.181528][T11358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.181547][T11358] RIP: 0033:0x7f7c1f78e929
[  463.181562][T11358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  463.181579][T11358] RSP: 002b:00007f7c1d5b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  463.181596][T11358] RAX: ffffffffffffffda RBX: 00007f7c1f9b6160 RCX: 00007f7c1f78e929
[  463.181606][T11358] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000003
[  463.181616][T11358] RBP: 00007f7c1d5b4090 R08: 0000000000000000 R09: 0000000000000000
[  463.181626][T11358] R10: 0000000000201f00 R11: 0000000000000246 R12: 0000000000000001
[  463.181637][T11358] R13: 0000000000000000 R14: 00007f7c1f9b6160 R15: 00007ffe222cca48
[  463.181660][T11358]  </TASK>
[  463.344066][   T30] audit: type=1400 audit(1751263616.695:888): avc:  denied  { append } for  pid=11345 comm="syz.2.1375" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  463.345938][    C1] vkms_vblank_simulate: vblank timer overrun
[  463.445402][    C1] vkms_vblank_simulate: vblank timer overrun
[  463.741777][T11362] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1379'.
[  465.570179][ T5868] hid-generic 0006:0000:0005.0016: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  469.478463][T11458] FAULT_INJECTION: forcing a failure.
[  469.478463][T11458] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  469.491840][T11458] CPU: 0 UID: 0 PID: 11458 Comm: syz.4.1402 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  469.491863][T11458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.491871][T11458] Call Trace:
[  469.491875][T11458]  <TASK>
[  469.491878][T11458]  dump_stack_lvl+0x16c/0x1f0
[  469.491898][T11458]  should_fail_ex+0x512/0x640
[  469.491914][T11458]  should_fail_alloc_page+0xe7/0x130
[  469.491931][T11458]  prepare_alloc_pages+0x3c2/0x610
[  469.491944][T11458]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[  469.491958][T11458]  ? copy_splice_read+0x1a8/0xba0
[  469.491971][T11458]  ? stack_trace_save+0x8e/0xc0
[  469.491984][T11458]  ? __pfx_stack_trace_save+0x10/0x10
[  469.491997][T11458]  ? stack_depot_save_flags+0x28/0xa40
[  469.492011][T11458]  ? bpf_ksym_find+0x127/0x1c0
[  469.492026][T11458]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  469.492039][T11458]  ? kasan_save_stack+0x33/0x60
[  469.492052][T11458]  ? __kasan_kmalloc+0xaa/0xb0
[  469.492064][T11458]  ? copy_splice_read+0x1a8/0xba0
[  469.492075][T11458]  ? do_splice_read+0x285/0x370
[  469.492090][T11458]  ? splice_direct_to_actor+0x2a1/0xa30
[  469.492102][T11458]  ? do_splice_direct+0x174/0x240
[  469.492114][T11458]  ? do_sendfile+0xb06/0xe50
[  469.492124][T11458]  ? __x64_sys_sendfile64+0x154/0x220
[  469.492139][T11458]  ? do_syscall_64+0xcd/0x4c0
[  469.492163][T11458]  alloc_pages_bulk_noprof+0x71c/0x1410
[  469.492181][T11458]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[  469.492197][T11458]  ? trace_kmalloc+0x2b/0xd0
[  469.492211][T11458]  ? __kmalloc_noprof+0x242/0x510
[  469.492228][T11458]  copy_splice_read+0x1e1/0xba0
[  469.492243][T11458]  ? __pfx_copy_splice_read+0x10/0x10
[  469.492257][T11458]  ? look_up_lock_class+0x6b/0x150
[  469.492273][T11458]  ? lockdep_init_map_type+0x5c/0x280
[  469.492290][T11458]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[  469.492305][T11458]  ? __pfx_copy_splice_read+0x10/0x10
[  469.492317][T11458]  do_splice_read+0x285/0x370
[  469.492331][T11458]  splice_direct_to_actor+0x2a1/0xa30
[  469.492344][T11458]  ? __pfx_direct_splice_actor+0x10/0x10
[  469.492360][T11458]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  469.492372][T11458]  ? get_pid_task+0xfc/0x250
[  469.492391][T11458]  do_splice_direct+0x174/0x240
[  469.492404][T11458]  ? __pfx_do_splice_direct+0x10/0x10
[  469.492417][T11458]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  469.492432][T11458]  ? rw_verify_area+0xcf/0x680
[  469.492444][T11458]  do_sendfile+0xb06/0xe50
[  469.492458][T11458]  ? __pfx_do_sendfile+0x10/0x10
[  469.492475][T11458]  __x64_sys_sendfile64+0x154/0x220
[  469.492490][T11458]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  469.492509][T11458]  do_syscall_64+0xcd/0x4c0
[  469.492525][T11458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.492535][T11458] RIP: 0033:0x7fc272f8e929
[  469.492544][T11458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.492554][T11458] RSP: 002b:00007fc273e79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  469.492564][T11458] RAX: ffffffffffffffda RBX: 00007fc2731b5fa0 RCX: 00007fc272f8e929
[  469.492570][T11458] RDX: 0000200000002080 RSI: 0000000000000004 RDI: 0000000000000006
[  469.492576][T11458] RBP: 00007fc273e79090 R08: 0000000000000000 R09: 0000000000000000
[  469.492582][T11458] R10: 000000000000023b R11: 0000000000000246 R12: 0000000000000001
[  469.492588][T11458] R13: 0000000000000000 R14: 00007fc2731b5fa0 R15: 00007ffcb29f4b48
[  469.492602][T11458]  </TASK>
[  470.308087][T11463] netlink: 'syz.2.1404': attribute type 1 has an invalid length.
[  472.005332][T11497] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  472.703268][T11507] netlink: 'syz.3.1416': attribute type 1 has an invalid length.
[  472.729160][T11509] syz.5.1417 (11509): drop_caches: 2
[  472.744438][T11509] syz.5.1417 (11509): drop_caches: 2
[  472.959430][T11521] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1421'.
[  473.148796][T11526] lo speed is unknown, defaulting to 1000
[  473.230600][T11529] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1424'.
[  474.134925][    T9] hid-generic 0006:0000:0005.0017: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  474.571058][T11542] syz.2.1429 (11542): drop_caches: 2
[  474.608505][T11542] syz.2.1429 (11542): drop_caches: 2
[  474.949309][   T30] audit: type=1400 audit(1751263628.475:889): avc:  denied  { watch } for  pid=11548 comm="syz.3.1430" path="/289/net_prio.prioidx" dev="tmpfs" ino=1532 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  474.993275][   T30] audit: type=1400 audit(1751263628.475:890): avc:  denied  { watch_sb watch_reads } for  pid=11548 comm="syz.3.1430" path="/289/net_prio.prioidx" dev="tmpfs" ino=1532 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  475.490802][T11562] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1433'.
[  476.223895][ T5923] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  476.373911][ T5923] usb 5-1: Using ep0 maxpacket: 8
[  476.437479][ T5923] usb 5-1: New USB device found, idVendor=0711, idProduct=0200, bcdDevice=69.34
[  476.475257][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  476.483489][ T5923] usb 5-1: Product: syz
[  476.488004][ T5923] usb 5-1: Manufacturer: syz
[  476.492694][ T5923] usb 5-1: SerialNumber: syz
[  476.508673][ T5923] usb 5-1: config 0 descriptor??
[  476.538174][ T5923] mct_u232 5-1:0.0: MCT U232 converter detected
[  476.582097][ T5923] mct_u232 ttyUSB0: expected endpoint missing
[  476.718148][    T9] usb 5-1: USB disconnect, device number 18
[  476.725574][    T9] mct_u232 5-1:0.0: device disconnected
[  477.161681][ T5923] usb 4-1: new full-speed USB device number 28 using dummy_hcd
[  477.619823][ T5923] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  477.643573][ T5923] usb 4-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  477.663055][ T5923] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  477.755710][ T5923] usb 4-1: Product: syz
[  477.771997][ T5923] usb 4-1: Manufacturer: syz
[  477.834022][ T5923] usb 4-1: SerialNumber: syz
[  477.872257][ T5923] usb 4-1: config 0 descriptor??
[  477.913330][T11594] syz.2.1442 (11594): drop_caches: 2
[  477.919101][T11594] syz.2.1442 (11594): drop_caches: 2
[  477.929535][T11595] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  478.284665][T11576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  478.293436][T11576] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  478.308527][T11576] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  478.621233][T11576] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  478.645085][ T5875] usb 4-1: USB disconnect, device number 28
[  478.893965][T11447] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  479.084034][T11447] usb 3-1: Using ep0 maxpacket: 32
[  479.095650][T11447] usb 3-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  479.113888][T11447] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.125967][T11447] usb 3-1: config 0 descriptor??
[  479.175584][T11447] gspca_main: sunplus-2.14.0 probing 041e:400b
[  479.319819][ T5929] hid-generic 0006:0000:0005.0018: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  479.465681][T11605] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  479.494029][T11605] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  479.549731][   T30] audit: type=1326 audit(1751263633.075:891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11604 comm="syz.2.1445" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7c1f78e929 code=0x0
[  479.627457][T11617] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1450'.
[  479.943970][ T5929] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  480.155874][ T5929] usb 6-1: config 0 has an invalid interface number: 2 but max is 0
[  480.185079][T11447] gspca_sunplus: reg_w_riv err -110
[  480.218554][T11447] sunplus 3-1:0.0: probe with driver sunplus failed with error -110
[  480.234263][ T5929] usb 6-1: config 0 has no interface number 0
[  480.307342][ T5929] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  480.370502][ T5929] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.477848][ T5929] usb 6-1: config 0 descriptor??
[  480.788890][ T5929] cp210x 6-1:0.2: cp210x converter detected
[  480.939267][   T30] audit: type=1400 audit(1751263634.465:892): avc:  denied  { read } for  pid=11629 comm="syz.4.1452" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  481.432966][ T5929] cp210x 6-1:0.2: failed to get vendor val 0x370b size 1: -71
[  481.448967][ T5929] cp210x 6-1:0.2: querying part number failed
[  481.472558][ T5929] usb 6-1: cp210x converter now attached to ttyUSB0
[  481.502346][ T5929] usb 6-1: USB disconnect, device number 3
[  481.517160][ T5929] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  481.527667][   T30] audit: type=1400 audit(1751263635.055:893): avc:  denied  { read } for  pid=11641 comm="syz.3.1456" name="file0" dev="fuse" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  481.854556][ T5812] usb 3-1: USB disconnect, device number 30
[  481.862588][ T5929] cp210x 6-1:0.2: device disconnected
[  481.938794][   T30] audit: type=1400 audit(1751263635.055:894): avc:  denied  { open } for  pid=11641 comm="syz.3.1456" path="/295/file0/file0" dev="fuse" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  481.992531][T11654] binder_alloc: 11653: binder_alloc_buf, no vma
[  482.002905][T11655] binder: BINDER_SET_CONTEXT_MGR already set
[  482.013388][T11655] binder: 11653:11655 ioctl 4018620d 2000000000c0 returned -16
[  482.014151][   T30] audit: type=1400 audit(1751263635.515:895): avc:  denied  { map } for  pid=11653 comm="syz.3.1459" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  482.025749][T11659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1458'.
[  482.126019][   T30] audit: type=1400 audit(1751263635.515:896): avc:  denied  { execute } for  pid=11653 comm="syz.3.1459" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  482.154986][   T30] audit: type=1400 audit(1751263635.515:897): avc:  denied  { call } for  pid=11653 comm="syz.3.1459" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  482.178955][   T30] audit: type=1400 audit(1751263635.625:898): avc:  denied  { write } for  pid=11661 comm="syz.3.1460" name="binder1" dev="binder" ino=17 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  482.997828][T11666] SELinux: failed to load policy
[  483.694154][ T5896] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  483.873933][ T5896] usb 3-1: Using ep0 maxpacket: 8
[  483.882058][ T5896] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  483.901255][ T5896] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  484.006103][ T5896] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  484.020976][ T5896] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  484.036873][ T5896] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  484.110007][T11689] FAULT_INJECTION: forcing a failure.
[  484.110007][T11689] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  484.123179][T11689] CPU: 1 UID: 0 PID: 11689 Comm: syz.5.1468 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  484.123203][T11689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  484.123214][T11689] Call Trace:
[  484.123222][T11689]  <TASK>
[  484.123228][T11689]  dump_stack_lvl+0x16c/0x1f0
[  484.123259][T11689]  should_fail_ex+0x512/0x640
[  484.123287][T11689]  _copy_to_user+0x32/0xd0
[  484.123313][T11689]  video_usercopy+0xf3e/0x1720
[  484.123338][T11689]  ? __pfx___video_do_ioctl+0x10/0x10
[  484.123359][T11689]  ? selinux_kernel_read_file+0x130/0x130
[  484.123384][T11689]  ? __pfx_video_usercopy+0x10/0x10
[  484.123422][T11689]  v4l2_ioctl+0x1ba/0x250
[  484.123443][T11689]  ? __pfx_v4l2_ioctl+0x10/0x10
[  484.123464][T11689]  __x64_sys_ioctl+0x18b/0x210
[  484.123487][T11689]  do_syscall_64+0xcd/0x4c0
[  484.123514][T11689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.123532][T11689] RIP: 0033:0x7fb087f8e929
[  484.123546][T11689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.123563][T11689] RSP: 002b:00007fb088dba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  484.123580][T11689] RAX: ffffffffffffffda RBX: 00007fb0881b6160 RCX: 00007fb087f8e929
[  484.123592][T11689] RDX: 0000200000000080 RSI: 00000000c0d05605 RDI: 0000000000000003
[  484.123603][T11689] RBP: 00007fb088dba090 R08: 0000000000000000 R09: 0000000000000000
[  484.123613][T11689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  484.123623][T11689] R13: 0000000000000000 R14: 00007fb0881b6160 R15: 00007fffa6ac7b98
[  484.123646][T11689]  </TASK>
[  484.284333][    C1] vkms_vblank_simulate: vblank timer overrun
[  484.466104][ T5896] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  484.510570][ T5896] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.871871][T11701] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  484.883638][T11701] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  484.928799][T11701] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[  484.929020][   T30] audit: type=1400 audit(1751263638.445:899): avc:  denied  { firmware_load } for  pid=11700 comm="syz.5.1470" scontext=system_u:system_r:kernel_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  484.941719][T11447] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  484.961153][ T5896] usb 3-1: usb_control_msg returned -32
[  485.209680][ T5896] usbtmc 3-1:16.0: can't read capabilities
[  485.225324][   T30] audit: type=1400 audit(1751263638.735:900): avc:  denied  { append } for  pid=11700 comm="syz.5.1470" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  485.455533][T11447] usb 4-1: config index 0 descriptor too short (expected 29287, got 36)
[  485.467005][T11447] usb 4-1: config 117 has too many interfaces: 111, using maximum allowed: 32
[  485.478200][T11447] usb 4-1: config 117 has an invalid descriptor of length 100, skipping remainder of the config
[  485.489679][T11447] usb 4-1: config 117 has 0 interfaces, different from the descriptor's value: 111
[  485.499464][T11447] usb 4-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[  485.553873][T11447] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  485.873450][T11447] usb 4-1: string descriptor 0 read error: -71
[  485.886773][T11447] usb 4-1: USB disconnect, device number 29
[  486.010827][T11717] FAULT_INJECTION: forcing a failure.
[  486.010827][T11717] name failslab, interval 1, probability 0, space 0, times 0
[  486.023563][T11717] CPU: 1 UID: 0 PID: 11717 Comm: syz.4.1475 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  486.023587][T11717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  486.023597][T11717] Call Trace:
[  486.023604][T11717]  <TASK>
[  486.023610][T11717]  dump_stack_lvl+0x16c/0x1f0
[  486.023641][T11717]  should_fail_ex+0x512/0x640
[  486.023661][T11717]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  486.023675][T11717]  should_failslab+0xc2/0x120
[  486.023690][T11717]  __kmalloc_cache_noprof+0x6a/0x3e0
[  486.023701][T11717]  ? binder_transaction+0xad0/0x9af0
[  486.023712][T11717]  ? binder_transaction+0xb85/0x9af0
[  486.023729][T11717]  binder_transaction+0xb85/0x9af0
[  486.023751][T11717]  ? __lock_acquire+0x622/0x1c90
[  486.023768][T11717]  ? __pfx_binder_transaction+0x10/0x10
[  486.023789][T11717]  ? find_held_lock+0x2b/0x80
[  486.023812][T11717]  ? __lock_acquire+0xb8a/0x1c90
[  486.023846][T11717]  ? find_held_lock+0x2b/0x80
[  486.023863][T11717]  ? __might_fault+0xe3/0x190
[  486.023880][T11717]  ? __might_fault+0xe3/0x190
[  486.023891][T11717]  ? __might_fault+0x13b/0x190
[  486.023909][T11717]  binder_thread_write+0x1417/0x4e70
[  486.023925][T11717]  ? __pfx_binder_thread_write+0x10/0x10
[  486.023936][T11717]  ? binder_debug+0xde/0x1a0
[  486.023955][T11717]  ? find_held_lock+0x2b/0x80
[  486.023967][T11717]  ? __might_fault+0xe3/0x190
[  486.023980][T11717]  ? __might_fault+0x13b/0x190
[  486.023997][T11717]  binder_ioctl+0x26a7/0x72c0
[  486.024013][T11717]  ? tomoyo_path_number_perm+0x18d/0x580
[  486.024028][T11717]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  486.024041][T11717]  ? __pfx_binder_ioctl+0x10/0x10
[  486.024051][T11717]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  486.024065][T11717]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[  486.024080][T11717]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[  486.024095][T11717]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  486.024114][T11717]  ? hook_file_ioctl_common+0x145/0x410
[  486.024134][T11717]  ? selinux_file_ioctl+0x180/0x270
[  486.024147][T11717]  ? selinux_file_ioctl+0xb4/0x270
[  486.024161][T11717]  ? __pfx_binder_ioctl+0x10/0x10
[  486.024171][T11717]  __x64_sys_ioctl+0x18b/0x210
[  486.024184][T11717]  do_syscall_64+0xcd/0x4c0
[  486.024200][T11717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.024212][T11717] RIP: 0033:0x7fc272f8e929
[  486.024220][T11717] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.024231][T11717] RSP: 002b:00007fc273e79038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  486.024241][T11717] RAX: ffffffffffffffda RBX: 00007fc2731b5fa0 RCX: 00007fc272f8e929
[  486.024247][T11717] RDX: 0000200000000780 RSI: 00000000c0306201 RDI: 0000000000000003
[  486.024254][T11717] RBP: 00007fc273e79090 R08: 0000000000000000 R09: 0000000000000000
[  486.024260][T11717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.024266][T11717] R13: 0000000000000000 R14: 00007fc2731b5fa0 R15: 00007ffcb29f4b48
[  486.024278][T11717]  </TASK>
[  486.315797][    C1] vkms_vblank_simulate: vblank timer overrun
[  486.666294][   T30] audit: type=1400 audit(1751263640.165:901): avc:  denied  { connect } for  pid=11720 comm="syz.5.1476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  486.960820][T11727] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  487.429219][ T5875] usb 3-1: USB disconnect, device number 31
[  488.901957][T11760] lo speed is unknown, defaulting to 1000
[  489.989077][T11776] syz.5.1490 (11776): drop_caches: 2
[  493.338385][T11838] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  494.885258][T11862] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1511'.
[  495.113747][T11867] syz.3.1513 (11867): drop_caches: 2
[  495.119703][T11867] syz.3.1513 (11867): drop_caches: 2
[  495.183875][ T5929] usb 5-1: new low-speed USB device number 19 using dummy_hcd
[  495.390654][ T5929] usb 5-1: config 0 has an invalid descriptor of length 221, skipping remainder of the config
[  495.423753][ T5929] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  496.255339][T11884] netlink: 'syz.5.1518': attribute type 1 has an invalid length.
[  496.363689][T11884] bond1: (slave bridge1): Enslaving as a backup interface with an up link
[  496.830239][T11888] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1519'.
[  496.960868][T11893] loop3: detected capacity change from 0 to 1
[  497.339771][T11893] Dev loop3: unable to read RDB block 1
[  497.349823][T11893]  loop3: unable to read partition table
[  497.380299][T11893] loop3: partition table beyond EOD, truncated
[  497.387452][T11447] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  497.400093][T11893] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[  497.600877][ T5875] usb 3-1: new low-speed USB device number 32 using dummy_hcd
[  497.901470][T11447] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[  497.951214][T11447] usb 4-1: config 0 has no interface number 0
[  497.957723][T11447] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  497.967855][T11447] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.041142][T11447] usb 4-1: config 0 descriptor??
[  498.057830][T11447] cp210x 4-1:0.2: cp210x converter detected
[  498.094173][ T5875] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  498.102279][ T5875] usb 3-1: config 0 has no interface number 0
[  498.115352][ T5875] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  498.126470][ T5875] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  498.137406][ T5875] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  498.146516][ T5875] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  498.166398][ T5929] usb 5-1: New USB device found, idVendor=05ac, idProduct=0264, bcdDevice= 0.00
[  498.166770][ T5875] usb 3-1: config 0 descriptor??
[  498.191359][T11895] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  498.213921][ T5929] usb 5-1: New USB device strings: Mfr=0, Product=7, SerialNumber=0
[  498.286949][ T5929] usb 5-1: config 0 descriptor??
[  498.297223][ T5929] usb 5-1: can't set config #0, error -71
[  498.308015][ T5929] usb 5-1: USB disconnect, device number 19
[  498.320359][ T5875] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  498.519929][T11910] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1526'.
[  498.703903][ T5929] usb 5-1: new low-speed USB device number 20 using dummy_hcd
[  498.781593][ T5923] usb 3-1: USB disconnect, device number 32
[  499.064791][ T5929] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  499.085754][ T5929] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  499.236262][ T5929] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  499.269224][ T5929] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  499.314667][ T5929] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  499.352243][ T5929] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  499.363149][ T5929] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  499.473938][ T5929] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  499.511183][T11447] cp210x 4-1:0.2: failed to get vendor val 0x370b size 1: -71
[  499.523877][T11447] cp210x 4-1:0.2: querying part number failed
[  499.540718][ T5929] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  499.632295][T11447] usb 4-1: cp210x converter now attached to ttyUSB0
[  499.654995][T11447] usb 4-1: USB disconnect, device number 30
[  499.663085][ T5929] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  499.734558][T11933] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  500.131255][T11447] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  500.170608][ T5929] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  500.186559][T11447] cp210x 4-1:0.2: device disconnected
[  500.194925][ T5929] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  500.218347][ T5929] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  500.248755][ T5929] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  500.271259][ T5929] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  500.321634][ T5929] usb 5-1: string descriptor 0 read error: -22
[  500.328000][ T5929] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  500.337143][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.371843][ T5929] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  501.004558][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  501.011091][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  501.623573][T11951] FAULT_INJECTION: forcing a failure.
[  501.623573][T11951] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  501.699391][T11951] CPU: 1 UID: 0 PID: 11951 Comm: syz.5.1537 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  501.699417][T11951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  501.699428][T11951] Call Trace:
[  501.699435][T11951]  <TASK>
[  501.699442][T11951]  dump_stack_lvl+0x16c/0x1f0
[  501.699472][T11951]  should_fail_ex+0x512/0x640
[  501.699498][T11951]  strncpy_from_user+0x3b/0x2e0
[  501.699520][T11951]  getname_flags.part.0+0x8f/0x550
[  501.699541][T11951]  getname_flags+0x93/0xf0
[  501.699571][T11951]  user_path_at+0x24/0x60
[  501.699592][T11951]  __x64_sys_umount+0x10a/0x1a0
[  501.699616][T11951]  ? __pfx___x64_sys_umount+0x10/0x10
[  501.699641][T11951]  ? rcu_is_watching+0x12/0xc0
[  501.699664][T11951]  do_syscall_64+0xcd/0x4c0
[  501.699690][T11951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  501.699707][T11951] RIP: 0033:0x7fb087f8e929
[  501.699721][T11951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  501.699737][T11951] RSP: 002b:00007fb088dfc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  501.699752][T11951] RAX: ffffffffffffffda RBX: 00007fb0881b5fa0 RCX: 00007fb087f8e929
[  501.699763][T11951] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000
[  501.699773][T11951] RBP: 00007fb088dfc090 R08: 0000000000000000 R09: 0000000000000000
[  501.699782][T11951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.699791][T11951] R13: 0000000000000000 R14: 00007fb0881b5fa0 R15: 00007fffa6ac7b98
[  501.699813][T11951]  </TASK>
[  501.724308][T11954] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1538'.
[  501.866620][T11955] lo speed is unknown, defaulting to 1000
[  502.165107][ T5868] usb 5-1: USB disconnect, device number 20
[  502.204388][T11963] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  503.380557][T11977] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  504.951057][T12001] netlink: 'syz.2.1550': attribute type 10 has an invalid length.
[  504.964276][T12001] bond0: (slave wlan1): Opening slave failed
[  505.664234][    T9] usb 3-1: new low-speed USB device number 33 using dummy_hcd
[  506.189524][ T5929] hid-generic 0006:0000:0005.0019: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  506.226096][    T9] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  506.269461][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  506.316955][    T9] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  506.658342][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  506.722447][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  506.867761][    T9] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  506.875428][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  506.899027][    T9] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  507.056334][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  507.092829][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  507.127993][    T9] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  507.147226][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  507.170565][    T9] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  507.458075][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  507.501422][    T9] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  507.566699][    T9] usb 3-1: string descriptor 0 read error: -22
[  507.573031][    T9] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  507.586095][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.876280][    T9] adutux 3-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  508.749693][   T30] audit: type=1400 audit(1751263662.014:902): avc:  denied  { write } for  pid=12041 comm="syz.3.1563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  509.093642][ T5812] usb 3-1: USB disconnect, device number 33
[  509.123900][ T5929] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  509.521280][ T5929] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  509.550194][ T5929] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  509.573887][ T5929] usb 6-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  509.596841][ T5929] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  509.632840][ T5929] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  509.648252][ T5929] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  509.677385][ T5929] usb 6-1: SerialNumber: syz
[  510.072839][   T30] audit: type=1400 audit(1751263663.594:903): avc:  denied  { ioctl } for  pid=12050 comm="syz.5.1564" path="socket:[33430]" dev="sockfs" ino=33430 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  510.284687][   T30] audit: type=1400 audit(1751263663.714:904): avc:  denied  { write } for  pid=12050 comm="syz.5.1564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  510.363938][   T30] audit: type=1400 audit(1751263663.714:905): avc:  denied  { write } for  pid=12050 comm="syz.5.1564" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netrom_socket permissive=1
[  511.412520][    T9] hid-generic 0006:0000:0005.001A: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  512.180309][ T5929] usb 6-1: 0:2 : does not exist
[  512.186407][ T5929] usb 6-1: unit 5 not found!
[  512.203676][ T5929] usb 6-1: USB disconnect, device number 4
[  513.675710][ T5875] hid-generic 0006:0000:0005.001B: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  513.865598][T12117] syz.4.1580 (12117): drop_caches: 2
[  513.877311][T12117] syz.4.1580 (12117): drop_caches: 2
[  514.822257][T12128] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  516.329804][T12143] FAULT_INJECTION: forcing a failure.
[  516.329804][T12143] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  516.343631][T12143] CPU: 1 UID: 0 PID: 12143 Comm: syz.3.1586 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  516.343656][T12143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  516.343667][T12143] Call Trace:
[  516.343674][T12143]  <TASK>
[  516.343681][T12143]  dump_stack_lvl+0x16c/0x1f0
[  516.343716][T12143]  should_fail_ex+0x512/0x640
[  516.343743][T12143]  _copy_from_user+0x2e/0xd0
[  516.343770][T12143]  kstrtouint_from_user+0xd6/0x1d0
[  516.343788][T12143]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  516.343803][T12143]  ? __lock_acquire+0xb8a/0x1c90
[  516.343831][T12143]  ? lock_acquire+0x179/0x350
[  516.343862][T12143]  proc_fail_nth_write+0x83/0x250
[  516.343884][T12143]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  516.343912][T12143]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  516.343932][T12143]  vfs_write+0x29d/0x1150
[  516.343958][T12143]  ? __pfx___mutex_lock+0x10/0x10
[  516.343984][T12143]  ? __pfx_vfs_write+0x10/0x10
[  516.344013][T12143]  ? __fget_files+0x20e/0x3c0
[  516.344044][T12143]  ksys_write+0x12a/0x250
[  516.344064][T12143]  ? __pfx_ksys_write+0x10/0x10
[  516.344094][T12143]  do_syscall_64+0xcd/0x4c0
[  516.344121][T12143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  516.344138][T12143] RIP: 0033:0x7f5ae278d3df
[  516.344154][T12143] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  516.344171][T12143] RSP: 002b:00007f5ae35e6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  516.344187][T12143] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f5ae278d3df
[  516.344199][T12143] RDX: 0000000000000001 RSI: 00007f5ae35e60a0 RDI: 0000000000000006
[  516.344209][T12143] RBP: 00007f5ae35e6090 R08: 0000000000000000 R09: 0000000000000000
[  516.344219][T12143] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  516.344229][T12143] R13: 0000000000000000 R14: 00007f5ae29b6160 R15: 00007fff93d47268
[  516.344253][T12143]  </TASK>
[  516.534531][    C1] vkms_vblank_simulate: vblank timer overrun
[  517.941289][T12180] lo speed is unknown, defaulting to 1000
[  519.143854][    T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  519.180099][T12204] FAULT_INJECTION: forcing a failure.
[  519.180099][T12204] name failslab, interval 1, probability 0, space 0, times 0
[  519.195597][T12204] CPU: 1 UID: 0 PID: 12204 Comm: syz.2.1603 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  519.195622][T12204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  519.195631][T12204] Call Trace:
[  519.195643][T12204]  <TASK>
[  519.195650][T12204]  dump_stack_lvl+0x16c/0x1f0
[  519.195681][T12204]  should_fail_ex+0x512/0x640
[  519.195704][T12204]  ? fs_reclaim_acquire+0xae/0x150
[  519.195724][T12204]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  519.195747][T12204]  should_failslab+0xc2/0x120
[  519.195772][T12204]  __kmalloc_noprof+0xd2/0x510
[  519.195795][T12204]  tomoyo_realpath_from_path+0xc2/0x6e0
[  519.195818][T12204]  ? tomoyo_profile+0x47/0x60
[  519.195846][T12204]  tomoyo_path_number_perm+0x245/0x580
[  519.195863][T12204]  ? tomoyo_path_number_perm+0x237/0x580
[  519.195884][T12204]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  519.195905][T12204]  ? find_held_lock+0x2b/0x80
[  519.195946][T12204]  ? find_held_lock+0x2b/0x80
[  519.195965][T12204]  ? hook_file_ioctl_common+0x145/0x410
[  519.195996][T12204]  ? __fget_files+0x20e/0x3c0
[  519.196020][T12204]  security_file_ioctl+0x9b/0x240
[  519.196044][T12204]  __x64_sys_ioctl+0xb7/0x210
[  519.196065][T12204]  do_syscall_64+0xcd/0x4c0
[  519.196091][T12204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  519.196107][T12204] RIP: 0033:0x7f7c1f78e929
[  519.196122][T12204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  519.196138][T12204] RSP: 002b:00007f7c1d5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  519.196156][T12204] RAX: ffffffffffffffda RBX: 00007f7c1f9b5fa0 RCX: 00007f7c1f78e929
[  519.196167][T12204] RDX: 0000000000000000 RSI: 000000008010aebc RDI: 0000000000000004
[  519.196177][T12204] RBP: 00007f7c1d5f6090 R08: 0000000000000000 R09: 0000000000000000
[  519.196187][T12204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  519.196197][T12204] R13: 0000000000000000 R14: 00007f7c1f9b5fa0 R15: 00007ffe222cca48
[  519.196220][T12204]  </TASK>
[  519.196227][T12204] ERROR: Out of memory at tomoyo_realpath_from_path.
[  519.305118][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  519.305151][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  519.305173][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  519.305210][    T9] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  519.458979][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.485280][    T9] usb 6-1: config 0 descriptor??
[  519.900100][    T9] plantronics 0003:047F:FFFF.001C: reserved main item tag 0xe
[  519.908953][    T9] plantronics 0003:047F:FFFF.001C: unknown main item tag 0x0
[  519.941610][    T9] plantronics 0003:047F:FFFF.001C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  520.671554][    T9] usb 6-1: USB disconnect, device number 5
[  520.729310][T12240] syz.2.1612 (12240): drop_caches: 2
[  520.746799][T12240] syz.2.1612 (12240): drop_caches: 2
[  520.847269][ T5875] hid-generic 0006:0000:0005.001D: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  520.898313][T12247] lo speed is unknown, defaulting to 1000
[  521.014906][ T5896] usb 4-1: new low-speed USB device number 31 using dummy_hcd
[  521.489856][ T5896] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  521.502488][ T5896] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  521.611543][ T5896] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  521.674153][ T5896] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  521.824566][ T5896] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  521.894069][ T5896] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  521.901501][ T5896] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  521.946114][ T5896] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  522.066571][ T5896] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  522.079511][ T5896] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  522.093190][ T5896] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  522.102643][ T5896] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  522.121744][ T5896] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  522.187401][T12258] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  522.550758][ T5896] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  522.561994][ T5896] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  522.575853][ T5896] usb 4-1: string descriptor 0 read error: -22
[  522.586557][ T5896] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  522.717152][ T5896] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.733127][ T5896] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  523.385817][T12275] lo speed is unknown, defaulting to 1000
[  523.843157][ T5896] usb 4-1: USB disconnect, device number 31
[  524.103998][ T5923] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  524.137667][T12295] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1627'.
[  524.181139][ T5868] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  524.302290][   T30] audit: type=1800 audit(1751263677.706:906): pid=12295 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.1627" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  524.375128][ T5923] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 12336, setting to 64
[  524.386463][ T5923] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  524.395838][ T5923] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.405742][ T5923] usb 6-1: config 0 descriptor??
[  524.483855][ T5868] usb 3-1: Using ep0 maxpacket: 32
[  524.490259][ T5868] usb 3-1: config 0 has an invalid interface number: 140 but max is 1
[  524.503811][ T5868] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  524.520179][ T5868] usb 3-1: config 0 has no interface number 1
[  524.530108][ T5868] usb 3-1: config 0 interface 0 altsetting 245 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  524.543379][ T5868] usb 3-1: too many endpoints for config 0 interface 140 altsetting 68: 34, using maximum allowed: 30
[  524.554650][ T5868] usb 3-1: config 0 interface 140 altsetting 68 has 0 endpoint descriptors, different from the interface descriptor's value: 34
[  524.571104][ T5868] usb 3-1: config 0 interface 0 has no altsetting 0
[  524.577772][ T5868] usb 3-1: config 0 interface 140 has no altsetting 0
[  524.599431][ T5868] usb 3-1: New USB device found, idVendor=0582, idProduct=0033, bcdDevice=8e.57
[  524.613862][ T5923] ath6kl: Failed to submit usb control message: -71
[  524.627539][ T5868] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  524.639355][ T5923] ath6kl: unable to send the bmi data to the device: -71
[  524.647787][ T5868] usb 3-1: Product: syz
[  524.652037][ T5923] ath6kl: Unable to send get target info: -71
[  524.658613][ T5868] usb 3-1: Manufacturer: syz
[  524.668172][ T5868] usb 3-1: SerialNumber: syz
[  524.675887][ T5923] ath6kl: Failed to init ath6kl core: -71
[  524.723405][ T5923] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71
[  524.732820][ T5868] usb 3-1: config 0 descriptor??
[  524.744828][ T5923] usb 6-1: USB disconnect, device number 6
[  524.759060][ T5868] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  525.027294][ T5868] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  525.035971][ T5868] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -2
[  525.769914][T12324] lo speed is unknown, defaulting to 1000
[  526.014040][ T5868] usb 1-1: new low-speed USB device number 24 using dummy_hcd
[  526.175674][ T5868] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  526.183163][ T5868] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  526.241325][ T5868] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  526.268605][ T5868] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  526.287948][ T5868] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  526.303019][ T5868] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  526.431292][ T5868] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  526.473268][ T5868] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  526.492078][ T5868] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  526.508602][ T5868] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  526.538244][ T5868] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  526.558397][ T5868] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  526.902504][    T9] usb 3-1: USB disconnect, device number 34
[  526.988319][ T5868] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  527.053815][ T5868] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  527.099764][ T5868] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  527.146539][ T5868] usb 1-1: string descriptor 0 read error: -22
[  527.155593][ T5868] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  527.177726][ T5868] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  527.197975][ T5868] adutux 1-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  527.922493][ T5896] usb 1-1: USB disconnect, device number 24
[  528.716027][T12369] lo speed is unknown, defaulting to 1000
[  528.854512][   T30] audit: type=1400 audit(1751263682.353:907): avc:  denied  { read } for  pid=12371 comm="syz.0.1650" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  528.963998][   T30] audit: type=1400 audit(1751263682.353:908): avc:  denied  { open } for  pid=12371 comm="syz.0.1650" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  529.008293][T12377] netlink: 'syz.3.1651': attribute type 2 has an invalid length.
[  529.016084][T12377] netlink: 'syz.3.1651': attribute type 1 has an invalid length.
[  529.023910][T12377] netlink: 'syz.3.1651': attribute type 1 has an invalid length.
[  529.114168][   T30] audit: type=1400 audit(1751263682.403:909): avc:  denied  { ioctl } for  pid=12371 comm="syz.0.1650" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0xaf22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  529.561767][ T5868] hid-generic 0006:0000:0005.001E: hidraw0: VIRTUAL HID v0.09 Device [syz0] on syz1
[  530.006122][T12393] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  531.483947][ T5868] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  531.649197][ T5868] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  531.688020][ T5868] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  531.704313][T12419] lo speed is unknown, defaulting to 1000
[  531.732858][ T5868] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  531.777871][ T5868] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  531.820832][ T5868] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  531.911051][ T5868] usb 6-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  531.947497][ T5868] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  531.973568][ T5868] usb 6-1: Product: syz
[  531.992329][ T5868] usb 6-1: Manufacturer: syz
[  532.010344][ T5868] usb 6-1: SerialNumber: syz
[  532.033327][ T5868] usb 6-1: config 0 descriptor??
[  532.358554][ T5868] radio-si470x 6-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  532.372582][ T5868] radio-si470x 6-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  532.614101][ T5868] radio-si470x 6-1:0.0: software version 0, hardware version 0
[  532.621727][ T5868] radio-si470x 6-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  532.645220][ T5868] radio-si470x 6-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  533.529978][ T5868] radio-si470x 6-1:0.0: submitting int urb failed (-90)
[  534.168325][ T5868] radio-si470x 6-1:0.0: si470x_get_report: usb_control_msg returned -32
[  534.193633][ T5868] radio-si470x 6-1:0.0: probe with driver radio-si470x failed with error -22
[  534.539527][ T5896] usb 6-1: USB disconnect, device number 7
[  535.069146][T12475] lo speed is unknown, defaulting to 1000
[  537.533556][T12520] FAULT_INJECTION: forcing a failure.
[  537.533556][T12520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  537.554070][T12520] CPU: 1 UID: 0 PID: 12520 Comm: syz.2.1689 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  537.554099][T12520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  537.554110][T12520] Call Trace:
[  537.554116][T12520]  <TASK>
[  537.554122][T12520]  dump_stack_lvl+0x16c/0x1f0
[  537.554153][T12520]  should_fail_ex+0x512/0x640
[  537.554178][T12520]  _copy_from_user+0x2e/0xd0
[  537.554203][T12520]  copy_msghdr_from_user+0x98/0x160
[  537.554236][T12520]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  537.554264][T12520]  ? __pfx__kstrtoull+0x10/0x10
[  537.554286][T12520]  ___sys_sendmsg+0xfe/0x1d0
[  537.554311][T12520]  ? __pfx____sys_sendmsg+0x10/0x10
[  537.554346][T12520]  ? find_held_lock+0x2b/0x80
[  537.554382][T12520]  __sys_sendmmsg+0x200/0x420
[  537.554408][T12520]  ? __pfx___sys_sendmmsg+0x10/0x10
[  537.554440][T12520]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  537.554476][T12520]  ? fput+0x70/0xf0
[  537.554502][T12520]  ? ksys_write+0x1ac/0x250
[  537.554522][T12520]  ? __pfx_ksys_write+0x10/0x10
[  537.554547][T12520]  __x64_sys_sendmmsg+0x9c/0x100
[  537.554570][T12520]  ? lockdep_hardirqs_on+0x7c/0x110
[  537.554593][T12520]  do_syscall_64+0xcd/0x4c0
[  537.554619][T12520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.554636][T12520] RIP: 0033:0x7f7c1f78e929
[  537.554650][T12520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  537.554666][T12520] RSP: 002b:00007f7c1d5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  537.554683][T12520] RAX: ffffffffffffffda RBX: 00007f7c1f9b5fa0 RCX: 00007f7c1f78e929
[  537.554693][T12520] RDX: 0000000000000001 RSI: 0000200000000780 RDI: 0000000000000003
[  537.554703][T12520] RBP: 00007f7c1d5f6090 R08: 0000000000000000 R09: 0000000000000000
[  537.554713][T12520] R10: 0000000020008040 R11: 0000000000000246 R12: 0000000000000001
[  537.554722][T12520] R13: 0000000000000000 R14: 00007f7c1f9b5fa0 R15: 00007ffe222cca48
[  537.554744][T12520]  </TASK>
[  537.770305][   T30] audit: type=1326 audit(1751263691.304:910): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12521 comm="syz.3.1690" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ae278e929 code=0x0
[  538.399908][T12536] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  538.407176][T12536] IPv6: NLM_F_CREATE should be set when creating new route
[  538.937690][T12539] lo speed is unknown, defaulting to 1000
[  541.153785][T12581] lo speed is unknown, defaulting to 1000
[  541.899534][T12596] FAULT_INJECTION: forcing a failure.
[  541.899534][T12596] name failslab, interval 1, probability 0, space 0, times 0
[  541.926133][T12596] CPU: 1 UID: 0 PID: 12596 Comm: syz.4.1710 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  541.926159][T12596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  541.926169][T12596] Call Trace:
[  541.926175][T12596]  <TASK>
[  541.926182][T12596]  dump_stack_lvl+0x16c/0x1f0
[  541.926212][T12596]  should_fail_ex+0x512/0x640
[  541.926239][T12596]  should_failslab+0xc2/0x120
[  541.926264][T12596]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  541.926287][T12596]  ? skb_clone+0x190/0x3f0
[  541.926314][T12596]  skb_clone+0x190/0x3f0
[  541.926339][T12596]  netlink_deliver_tap+0xabd/0xd30
[  541.926372][T12596]  netlink_unicast+0x5df/0x7f0
[  541.926392][T12596]  ? __pfx_netlink_unicast+0x10/0x10
[  541.926418][T12596]  netlink_sendmsg+0x8d1/0xdd0
[  541.926440][T12596]  ? __pfx_netlink_sendmsg+0x10/0x10
[  541.926472][T12596]  ____sys_sendmsg+0xa95/0xc70
[  541.926490][T12596]  ? copy_msghdr_from_user+0x10a/0x160
[  541.926514][T12596]  ? __pfx_____sys_sendmsg+0x10/0x10
[  541.926544][T12596]  ___sys_sendmsg+0x134/0x1d0
[  541.926570][T12596]  ? __pfx____sys_sendmsg+0x10/0x10
[  541.926591][T12596]  ? __lock_acquire+0x622/0x1c90
[  541.926650][T12596]  __sys_sendmsg+0x16d/0x220
[  541.926671][T12596]  ? __pfx___sys_sendmsg+0x10/0x10
[  541.926710][T12596]  do_syscall_64+0xcd/0x4c0
[  541.926736][T12596]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.926750][T12596] RIP: 0033:0x7fc272f8e929
[  541.926762][T12596] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  541.926776][T12596] RSP: 002b:00007fc273e79038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  541.926789][T12596] RAX: ffffffffffffffda RBX: 00007fc2731b5fa0 RCX: 00007fc272f8e929
[  541.926798][T12596] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  541.926806][T12596] RBP: 00007fc273e79090 R08: 0000000000000000 R09: 0000000000000000
[  541.926814][T12596] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  541.926821][T12596] R13: 0000000000000000 R14: 00007fc2731b5fa0 R15: 00007ffcb29f4b48
[  541.926839][T12596]  </TASK>
[  542.158975][T12600] lo speed is unknown, defaulting to 1000
[  542.180698][T12601] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1711'.
[  542.483923][ T5896] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  542.633835][ T5896] usb 6-1: Using ep0 maxpacket: 8
[  542.759660][ T5896] usb 6-1: New USB device found, idVendor=0711, idProduct=0200, bcdDevice=69.34
[  543.233938][ T5896] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  543.242127][ T5896] usb 6-1: Product: syz
[  543.246833][ T5896] usb 6-1: Manufacturer: syz
[  543.251485][ T5896] usb 6-1: SerialNumber: syz
[  543.258929][ T5896] usb 6-1: config 0 descriptor??
[  543.272317][ T5896] mct_u232 6-1:0.0: MCT U232 converter detected
[  543.284294][ T5896] mct_u232 ttyUSB0: expected endpoint missing
[  543.358162][   T30] audit: type=1400 audit(1751263696.844:911): avc:  denied  { bind } for  pid=12608 comm="syz.2.1714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  544.591045][ T5923] usb 6-1: USB disconnect, device number 8
[  544.598481][ T5923] mct_u232 6-1:0.0: device disconnected
[  545.699814][ T5923] usb 1-1: new full-speed USB device number 25 using dummy_hcd
[  545.877986][ T5923] usb 1-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31
[  545.963925][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  546.360700][ T5923] usb 1-1: config 0 descriptor??
[  546.407450][ T5923] usb 1-1: selecting invalid altsetting 3
[  546.413218][ T5923] comedi comedi0: could not set alternate setting 3 in high speed
[  546.428878][   T30] audit: type=1326 audit(1751263699.954:912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12620 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c1f78e929 code=0x7ffc0000
[  546.479382][ T5923] usbduxsigma 1-1:0.0: driver 'usbduxsigma' failed to auto-configure device.
[  546.506633][   T30] audit: type=1326 audit(1751263699.954:913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12620 comm="syz.2.1717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7c1f78e929 code=0x7ffc0000
[  546.511846][ T5923] usbduxsigma 1-1:0.0: probe with driver usbduxsigma failed with error -22
[  546.530000][    C0] vkms_vblank_simulate: vblank timer overrun
[  546.962888][ T5822]  non-paged memory
[  546.968969][ T5822] list_del corruption, ffff8880213dfd00->next is LIST_POISON1 (dead000000000100)
[  547.007072][ T5822] ------------[ cut here ]------------
[  547.012602][ T5822] kernel BUG at lib/list_debug.c:56!
[  547.018057][ T5822] Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI
[  547.024471][ T5822] CPU: 0 UID: 0 PID: 5822 Comm: kworker/u9:4 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(full) 
[  547.034877][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  547.044929][ T5822] Workqueue: hci4 hci_conn_timeout
[  547.050045][ T5822] RIP: 0010:__list_del_entry_valid_or_report+0x121/0x200
[  547.057077][ T5822] Code: 48 c7 c7 60 7f 15 8c e8 0d ee b8 fc 90 0f 0b 4c 89 e7 e8 22 a4 1d fd 4c 89 e2 48 89 de 48 c7 c7 c0 7f 15 8c e8 f0 ed b8 fc 90 <0f> 0b 48 89 ef e8 05 a4 1d fd 48 89 ea 48 89 de 48 c7 c7 20 80 15
[  547.076690][ T5822] RSP: 0018:ffffc90003197b78 EFLAGS: 00010282
[  547.082756][ T5822] RAX: 000000000000004e RBX: ffff8880213dfd00 RCX: ffffffff819b00e9
[  547.090720][ T5822] RDX: 0000000000000000 RSI: ffffffff819b7f76 RDI: 0000000000000005
[  547.098684][ T5822] RBP: dead000000000122 R08: 0000000000000005 R09: 0000000000000000
[  547.106647][ T5822] R10: 0000000080000000 R11: 0000000000000001 R12: dead000000000100
[  547.114612][ T5822] R13: dffffc0000000000 R14: ffff88804e628658 R15: ffff8880213dfd00
[  547.122579][ T5822] FS:  0000000000000000(0000) GS:ffff888124752000(0000) knlGS:0000000000000000
[  547.131507][ T5822] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  547.135892][T12659] netlink: 'syz.2.1727': attribute type 10 has an invalid length.
[  547.138085][ T5822] CR2: 000000110c3f07d1 CR3: 0000000053bf1000 CR4: 00000000003526f0
[  547.138099][ T5822] Call Trace:
[  547.138106][ T5822]  <TASK>
[  547.153332][T12659] bond0: (slave wlan1): Opening slave failed
[  547.153826][ T5822]  _hci_cmd_sync_cancel_entry.constprop.0+0x80/0x1d0
[  547.153856][ T5822]  hci_cancel_connect_sync+0xfa/0x2b0
[  547.177983][ T5822]  hci_abort_conn+0x15a/0x340
[  547.182640][ T5822]  hci_conn_timeout+0x1a2/0x210
[  547.187466][ T5822]  process_one_work+0x9cf/0x1b70
[  547.192380][ T5822]  ? __pfx_process_one_work+0x10/0x10
[  547.197726][ T5822]  ? assign_work+0x1a0/0x250
[  547.202304][ T5822]  worker_thread+0x6c8/0xf10
[  547.206879][ T5822]  ? __pfx_worker_thread+0x10/0x10
[  547.211965][ T5822]  kthread+0x3c2/0x780
[  547.216020][ T5822]  ? __pfx_kthread+0x10/0x10
[  547.220589][ T5822]  ? rcu_is_watching+0x12/0xc0
[  547.225345][ T5822]  ? __pfx_kthread+0x10/0x10
[  547.229925][ T5822]  ret_from_fork+0x5d4/0x6f0
[  547.234492][ T5822]  ? __pfx_kthread+0x10/0x10
[  547.239055][ T5822]  ret_from_fork_asm+0x1a/0x30
[  547.243795][ T5822]  </TASK>
[  547.246788][ T5822] Modules linked in:
[  547.250697][    C0] vkms_vblank_simulate: vblank timer overrun
[  547.258465][ T5822] ---[ end trace 0000000000000000 ]---
[  547.265061][ T5822] RIP: 0010:__list_del_entry_valid_or_report+0x121/0x200
[  547.272131][ T5822] Code: 48 c7 c7 60 7f 15 8c e8 0d ee b8 fc 90 0f 0b 4c 89 e7 e8 22 a4 1d fd 4c 89 e2 48 89 de 48 c7 c7 c0 7f 15 8c e8 f0 ed b8 fc 90 <0f> 0b 48 89 ef e8 05 a4 1d fd 48 89 ea 48 89 de 48 c7 c7 20 80 15
[  547.292025][ T5822] RSP: 0018:ffffc90003197b78 EFLAGS: 00010282
[  547.298260][ T5822] RAX: 000000000000004e RBX: ffff8880213dfd00 RCX: ffffffff819b00e9
[  547.306384][ T5822] RDX: 0000000000000000 RSI: ffffffff819b7f76 RDI: 0000000000000005
[  547.315105][ T5822] RBP: dead000000000122 R08: 0000000000000005 R09: 0000000000000000
[  547.323099][ T5822] R10: 0000000080000000 R11: 0000000000000001 R12: dead000000000100
[  547.331409][ T5822] R13: dffffc0000000000 R14: ffff88804e628658 R15: ffff8880213dfd00
[  547.339495][ T5822] FS:  0000000000000000(0000) GS:ffff888124752000(0000) knlGS:0000000000000000
[  547.348474][ T5822] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  547.355156][ T5822] CR2: 000000110c3f07d1 CR3: 0000000052546000 CR4: 00000000003526f0
[  547.363160][ T5822] Kernel panic - not syncing: Fatal exception
[  547.369426][ T5822] Kernel Offset: disabled
[  547.373725][ T5822] Rebooting in 86400 seconds..