last executing test programs:

2m49.19818203s ago: executing program 4 (id=1330):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000070000000000000000e300850000002300000095"], &(0x7f00000001c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000380)='io_uring_queue_async_work\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
getrlimit(0xe, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sysfs$1(0x1, &(0x7f0000000300)='\x00')
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semctl$SEM_INFO(0x0, 0x4, 0x13, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00'})
r6 = semget(0x1, 0x2, 0x8d30a0a8790dd845)
semctl$GETPID(r6, 0x0, 0xb, &(0x7f00000000c0)=""/40)
semctl$GETNCNT(r6, 0x2, 0xe, &(0x7f0000000140)=""/73)
r7 = syz_open_dev$video4linux(&(0x7f0000000080), 0x5d7, 0x0)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r8, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x7})
ioctl$sock_netdev_private(r8, 0x8943, &(0x7f0000000000))
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r7, 0x84, 0x13, &(0x7f0000000000)=0x7fff, 0x4)
syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f0000000dc0), &(0x7f00000001c0))
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)

2m48.020334009s ago: executing program 4 (id=1335):
r0 = fcntl$getown(0xffffffffffffffff, 0x9)
prlimit64(r0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x5, 0xf1, &(0x7f0000000000)=""/241, 0x0, 0x8}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000980)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000040)={'macvlan0\x00', @random="0100"})
keyctl$KEYCTL_PKEY_SIGN(0x1b, &(0x7f0000000300)={0x0, 0x0, 0x73}, 0x0, 0x0, &(0x7f0000000480)=""/115)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0), 0x18)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, &(0x7f0000000bc0))
socket$kcm(0x10, 0x2, 0x0)
socket$unix(0x1, 0x1, 0x0)

2m45.081031445s ago: executing program 4 (id=1340):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_SET_DEST(r0, 0x0, 0x8005)
socket$inet_mptcp(0x2, 0x1, 0x106)
fsopen(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r1, &(0x7f0000048040)=""/102392, 0x18ff8)
futex(0x0, 0xd, 0x1, &(0x7f0000000880)={0x77359400}, 0x0, 0x2)
openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
gettid()
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = userfaultfd(0x801)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x0, &(0x7f0000000180), 0xc06620, 0x4)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000240), 0x400200, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r3, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r4=>0x0], 0x40000012})
ioctl$DRM_IOCTL_MODE_SETPLANE(r3, 0xc03064b7, &(0x7f00000003c0)={r4, 0x0, 0x0, 0x7e3c, 0x3, 0x9, 0xfffffff9, 0x4bb, 0xfffffffe, 0x7, 0x1, 0xfefffffd})
r5 = syz_open_procfs(0x0, &(0x7f0000000640)='net/packet\x00')
read$nci(r5, &(0x7f0000000280)=""/134, 0x86)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)

2m43.141355615s ago: executing program 4 (id=1345):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/11], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x100)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@delchain={0x24, 0x66, 0x221, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff2}, {}, {0xb, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004800)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000140)={@mcast1, 0x7, r4})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2002, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x1})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="50000000270001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000bb00000007fffd00000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e4ffffffdd000000"], 0x50}}, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x29)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_sys(r5, 0xc008aec1, &(0x7f0000000440)={0xa, 0x0, [{0x0, 0xa860, 0x5, 0x7ff, 0x4, 0x5, 0x4}, {0x2, 0x9, 0x2, 0xffff, 0x9, 0x4, 0x6}, {0xa, 0x4, 0x1, 0x0, 0xffffffc0, 0x8, 0xa}, {0x80000007, 0x9, 0x0, 0x101, 0x8a, 0xfffffbc6}, {0xd, 0xb, 0xcbe8910aed5d1522, 0x37, 0x2, 0xa, 0x1}, {0xa763ce223dfb436, 0x2, 0x2, 0x0, 0x2, 0x0, 0x5}, {0x2, 0x100, 0x1, 0x9, 0xffffffff, 0x7, 0x6}, {0x40000000, 0x3, 0x1, 0x7, 0xd, 0x8, 0x7}, {0x3, 0x3, 0x2, 0x7c, 0x653c, 0x66e5, 0x5d93}, {0xb, 0x203, 0x4, 0x80000000, 0x82db8cd7, 0x5, 0x3fec156c}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x4f, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1f, 0x0, &(0x7f0000000240))

2m39.289144376s ago: executing program 4 (id=1355):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00"/11], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
recvmsg$can_raw(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x100)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@delchain={0x24, 0x66, 0x221, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff2}, {}, {0xb, 0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004800)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000140)={@mcast1, 0x7, r4})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x2002, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x1})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="50000000270001000000000000000000e0000001000000000000000000000000fe8000000000000000000000000000bb00000007fffd00000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="e4ffffffdd000000"], 0x50}}, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x29)
ioctl$KVM_GET_SUPPORTED_HV_CPUID_sys(r5, 0xc008aec1, &(0x7f0000000440)={0xa, 0x0, [{0x0, 0xa860, 0x5, 0x7ff, 0x4, 0x5, 0x4}, {0x2, 0x9, 0x2, 0xffff, 0x9, 0x4, 0x6}, {0xa, 0x4, 0x1, 0x0, 0xffffffc0, 0x8, 0xa}, {0x80000007, 0x9, 0x0, 0x101, 0x8a, 0xfffffbc6}, {0xd, 0xb, 0xcbe8910aed5d1522, 0x37, 0x2, 0xa, 0x1}, {0xa763ce223dfb436, 0x2, 0x2, 0x0, 0x2, 0x0, 0x5}, {0x2, 0x100, 0x1, 0x9, 0xffffffff, 0x7, 0x6}, {0x40000000, 0x3, 0x1, 0x7, 0xd, 0x8, 0x7}, {0x3, 0x3, 0x2, 0x7c, 0x653c, 0x66e5, 0x5d93}, {0xb, 0x203, 0x4, 0x80000000, 0x82db8cd7, 0x5, 0x3fec156c}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, &(0x7f0000000640)="430fc73f0f2390b9800000c00f3235010000000f300f20d835080000000f22d8c4e18173f53866baf80cb83879e487ef66bafc0cec66b88e008ec02d1aa80000460f1c460041ae", 0x47}], 0x1, 0x4f, 0x0, 0x0)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1f, 0x0, &(0x7f0000000240))

2m34.709415575s ago: executing program 4 (id=1370):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
syz_emit_ethernet(0x66, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ifreq(r0, 0x8948, &(0x7f00000000c0)={'vlan1\x00', @ifru_mtu=0x6})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(&(0x7f0000000900)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='squashfs\x00', 0x1408009, 0x0)
capset(&(0x7f0000000040)={0x19980330, 0xffffffffffffffff}, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00'})
fanotify_mark(0xffffffffffffffff, 0x1, 0x4800003e, 0xffffffffffffffff, 0x0)
r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_fuse_handle_req(r3, &(0x7f0000001440)="be70bf88b3f1c736f78e8c30d17c394aaf135da8601ae19d5134c916ddc6aca5ff685ec8712af0efd797390259edf880a7d86ed9a57540ef42c934709a12d111a02f299dc8703cf12882bb0b03165e1a5e3ecc62959f22b42c67faa3d9ad49b3ee7015cdb363cffc083d840d2102c930db6d0b8f700bc6ab301bd331bb9f24d5d994e64202a398a821d9326b88270022ae6fefa4c8ee76c3c371a98999e8dd6b1193c1428eba7522f034f9ed929eefd0adea334cd14d3b2ed13553b1a3af696448c1a327ff4d16cf87b0d0468a48dfb62fe7aabe5ff786448f1420e0c701bf6318072ada994ad8602f134c0bfb3dc5b3aa02b1254289c4445d3c20679a3748abc34cececc54e614b0806268d126d603355daefba3eebc7bb143d3e0a5c0740c6fc51455ea909d7650524bcd56bedf98095017eb5a8e41cedaa690418965ece3b1960fbbb87b160fbd69c6eaa38afd95285a9b00df3dc99da5f0a7ecdf863147c2bdea59247b48b7b02e8ff0ab7917c05c72325a75656e7c16110c47359aef71dce733a498b01d0247ef231a6902b817aa4b838726eafa4375ffc60c655533fd8890cc8eac4e465bb78d4bc5f32223f9062c179e7f99219281d28be1b0ef972d012f5df5956c6d0ea01c1edde5104b682b724737bef2a80e08d6e86640ee85b0678910849e687db0aa1e5876fc745171d883dc4766a30e0200d23e8d9a92b1e2897603e0409a9774f29f8445dc7d1e21d16ecaacbfa8f12670e61de9541dd39b4325c03d008ac0e76268cc94a92cbb06349cb9b663ac0275280382935e64e1b4b412a8c10e4ac8e30a4d524db40f5f00a7f2745a8fda96c907b63aeffd2206098c2443164febb139169ec3b504a32adc38f888606ac2852ddb0ccfeddd064367b6e25eb96d14645be589a131d60522e9ef63c4de0beccf013edb363cbb8623c22aace5600e3aba1cdb91b0863ddb36e9d16556e5d8ae79892227277960c7cd62d00788f2c4bc98e2165a135e01ed8294e3e1e8550651d710105d5f3a97d76da90169e67751e88d3a2bac0da0e8c0f0b0a766735d0375d4a9e7c4b6f2157a5b129b04a7f5331e052d05507117b7799fccb12caad105145d849857da9e80d30352bdeb913aa18115f9a18dea769de2093699bdd1b62c78ef09d8b466d904b522fc86a74a635b012215765cd442572ab02c54df350ce9aa8f1ec6dc53cbe1388a1b4576c130af75ff47496a2f1c16c3253b572b1fe6f4fc67727cea8f698588af9aa15d4e6300f848d57026ca16acacae4cc7decda947bed34f0275db3a97c2e8d47fff1f8d5921ec8c7af5c5e9c7b92b4c2cb5bdb49dc7d8600d838e801c6f230997bbce8b61216629b7b227c2f2789829d51251fe583338af03229148f8e15f5f8c2786710513641eff4367b83d4fff17f484e11d624c3c0339f1a862f62cce794163e52fab59d18c27338aaa144973514ea293279e54a086ff913222074ea6a0ec1f22403d6222fda0b735bfbedc3b2ed4f513503d499f2ec089e43b6523a270bfaa42601eaa399928213b634d6626fb7052feb106590332e7b4da6ed5090d499268cf7597812f81ae5b122048ff5a5b7a002370e9a09c602d57538329ea6e785127582071c5d3c9db397f2896308ee4276b13a21f037d60e902ca188b9e51626f709fdbf40091ed8c54c39f39f6c390d6f449af57efeaf432b5e5b30bcdb2a7706fcbfda04ef0eefec1388323374b6bf2202c295de64f3126779ff4d935d04f0c33cbcf02cc9f2e38b454775e1bcb3eb34105926dd424a2fa3570234e611219c4d9e4ef481c590794ea77d64e3d169fde9859cdde24e303b35eaceb71e1ac5358c79567d42746b6d102ff441f89e39a82d46428a20472435affe1cd972c853c88cb7c7538ba83bacace3add0c55d449d7330755e5f354215ddf1340eda888b1f0285821cf1b76089358dc91e864c5ce764d39c499f505c7e988f9a3035c5218471b4ac5020f9a3dfe17ddf1752310f82622dd84a950dfbc8e421283ddb92d158b61ce7eb33128f3bdcd4511434bbab631947d8976731f68b9d020a4c7b4021907a834e9154737345e61d1fc8630f919d29056c0fa07c17dd98e3ace0bd2c1fcb940932d2196cbcf57f09e3c918772a81dc9dd037de60b91a403eefc3a36f04b2dd2de5eb44a50af98b01f37ec69ad3ecf728e82b7207c669b237a94457136ae5bad23baef344e9ab5db219f540a0b8165bac5fd9b0cd649e9725be8257ee96fc21955794c06237186b2b82f0d863479c169d8deb164bdbdac733120f9cacf15bdcc62a2afb78f7b54d889378a50f9c764934ff6766f9275a9c58ae3d09f05b1dda88d6736bce2a67f1f38a88f3e7b371d6a6b781e912e6ac7e253332517a3d0927892ec3ee2e9f7edb9a55ffa04b4ad788a12d4c7b67400b8982c1a2a40955d1f010a150a9604cdb3dc0069a4221f8c192b292e89a1b7649bb1f4fbd6e4a94a312ab0c886ddd19cb748a6c0fe9ab6f957dcf2a230af07b4c2220929dae2e9e218bd95c1141fd387f6679318f30dc7c73f7772264eaf4e83257e731af59f112d9e9b702ed1b80f7b37d3a6adcb90dd38de77d671a13e75651255dffad5345907b52179d8ba2a2b0efe3df9a9f3f0bdaca0c7abb34d70a91da6f6e606802f9ff943b65910eb1a7c52a824598f6e006aadbe178a30c782bb42da01c3fb2936a4428ef9fb142dcd2673889919aa7dc429989641c12f7bb8f03da660eccfc5047b03f289df9432925bf93902bf5f88f9617b13a9ce78ef830447d7010a82f872c6b4c5d0abe1e04dcf0769853a148ef01f0b9a48d5940a105dee46ad7f03b6063a569753f02b2e23efa58c69b36a2ef7ecdf7d0ebf6a19568a5feec9dc848a2ba0426b264ba5e359a2b57217335c6585992b7696371c4423788d68170c6adcf516df7f7450877d85e3acf5376b094bfeb8e3bdf55c7a369325e8f96291a2809d8d967961a4f8187d0ddd65b082618257ec66d19234f7beb5bbdf12dd3a33e0e43bdb7f8f26600d9e2041ddc63ec2703d5e6f7bd23900416771177612b8af00a4beb65ae1d27975162d712dfba1280524b80a0d44f78620f4070ff5d4814f195723eba1fbbb1d359f2a86f06e8ffa56097e4c7dcb589108f04ff87c6a33b91a581f1f37865c7e306f0e6910503894e3f24a2b4815c7225182c368dcf4790aa394a1fca427b00c50fcb6dcfd8f560e42314d47b102cc0ebc5c8eb787df9cd871c2d88f480ffaee4d034e68098429c6893ec918dc8e0b136c576a5b5dae315dacfae2b82c70ab31a248f13c597880b08cec71200a9892ea3934fa7f5eea3341ede548ea1e7ebde348083fed31a023904d4796e5736c03e5a71021dfff6eda6d547c39f52467634907824da236a5f62d31b8bb7b52e1a5751f4c2185b040d13461815afcfafc010ab840e2b8eb2cc0843feddd8d3e215373a7ea8b4fc6fdf6765c5e3c6d3b771da1b05c02f54def8e853fc6f3d4b35daef89deeacd18dd6651019e5f2c1f2c6ec43bb8542e82cc5f991c98505cd26b1c71400eba1d86ae45b51cb8844c9253339f4ef88064c01e69ee6dedd2d483e75573bb5513a6d3dea4f2b02cd353fc190970ea11855b7ba472f25d1d34dfc291688da61514b2569141722494fe39ee9886ffb612b5ec3e087c2b04dbc067cf0f214a552002747e9d87c46b6b73318840ab3c11e28ea76d912445239dab4b5e8ddd8c739d2581eb70e34bdbbed99f21bcf11e74f49d5a3e722bb4fe2fd97a08b5b73a77c801fa5c93310c32258882aefb37922faf2e916bd2b5a1d231a7518e2476637adee39ec1b7cdf4121cd7446eee3297bf0a5b7e0f0595f78ce48c50dff707edc576c2b15c288236f797ba26353d9bdbc96be208a97bc98e55d68557ea42bc72dbb3c9cc90ad564fa36783b60aef92b3c3a2e6ccfc40c0c50867392421e1cc96af8e687fc209325b83df2c8cf33e9828ccaefd82adbcdd495248109b30b2a21affee110c221edf0498de0e285727584b9497fca6b75a1a8fb14837b3bb4b0aab17e24943bb859926644ffa8aaa4b10e75a218dd24c74fe6ce87f3fef41b5009701d9ce0725675eab625025a0cc5e3bc25da883a6192d0d4bdec8506667016d27e3ea9a533421870684ad5a5c421369d25f07dbc791e49f39dafa38892b3729db257f5624800e06d38026bf48387902aae4fdddb6b9c4f1d1c88b8b2f7b2f2c8c08c1285a75fdab6b3e5083de97562c9766e951e51cbc8b5551824e6f555095ecd08b843e0cb78e10a66a865406aa5368f7e9de577e5cb59a4d804057982027cd326b57e23cdba8268aeb2e0ddb93bbe79b70bebd5ebaf18657f31d78c1ce2e2206b77c1560140ddee8b27430c79e76ddd2531d93d881b8fb9ce83ae193749998594eb48255fc1036483595c907eeeb59a397470a612574061436237d72ffbecb3c6dc761b0f166ae98bcd33c084b25eaa8863449ab975abbc9972fe73134ebe2d8725ada375ba032e0dd013ffeed00243999d7d95bb04d8ce14515296c645ebef2627c5a6519a90ba44e2cc0c9d7733abeb426c4b6a4542a712c721ed5160676470a7ec8269c0fcc8fa12aadeb6c4da181a61c66cca1b2aa9a17ca8c934e90a46068e4ad794dc8bd7bda05fd6a8de3c49cff1def11c15961414dbb14797c0ecd47da889f0f4b51c7b625c5af45cab7e6d88dea66e7d2d2350a173b0e05e381805e5e211be6e0f0e81d121a53b55daaf78de9bf25912aa262b56d095e73841151919c20ae412fd15b63209e45d026285c3b401bb0c315c2199e8259b7aad3849be80c1709139480f8e640c317bc0b278b7a3af0751d8d3bb9f6a95703eeab6624d9ba9257688b9cf299d8bf870e897f7f7ad419123552eb517a1791bc8b0999180683dc935ff5d7b1dbdbd0bf757c4bb8df8035c9ce6386918be43d6d75c96e75148cbb4c2b1450b77b96cd3e7c11d9641fcbb198f534e7ee94df0891ae5893318b1cf9518854a73657f4740ca0fd21f0ab3c2f75921986a3b8b363313594680844f2249efe1895d9870196f48e7c26f3ca24904164001c1953425441de7257c0a800e75f64923d11858ef5d264317ae76aaf443dd77136426b6c816fa34b4a7a831127ccdc203a48cd3bc20f09c6ed093b6ff49e0bf7c91fdca4783766f8f35ac89222578c6c3c4d04cc8f354a65bb200ba6ca76c3041bd8eb04b984e6eb2d2e42f65051892b6c246b6bd91ea265893978f74d6bd9208739dbd4b953fca722d9ce2e576e0e4688338710e198ab76623db04d8d3eb9d3fcebe8ff5942be33488826a7e1e6ba35111e4d5e2146b99bb417fc49d666e385d01a4eab7dfe7268f4b2d679a6e8f39566c8cc961e067faf7ccdcb63f55501d5e1887b6c1ee071febb14522796948f3b242bf1e4742c08a9cf27bd6bb7da4353420706f91f6c0a94f26efd49ecb7dd74cdacbb7def40ad2c13d966c466b400163dd7294f1b8921f5d5da4f4e5dbd8aa02eb11c706aecfd860fe679a101388e36817b96894f3b8c189434e3c30f03ea5cbf8044a253be021edecce7b2f90a295fa1466440db9518cbe61a7e2cc2b057b4ed38ea05576ee190e3ba17021ce17b2b8e219275ca4da3b4b71ad599a58e9aaa7cea5a7a1a8a7924045d19eadf1b83d15f27b6e1c78b6c2f114b49c857a0d339cbe32cab17154de5bec2c2171cff74f6ee08c8a46210f21fc08ed18ea03ff280786af20d338c88f2e86e87ef8cdb3adee7e1e05d53a90f19c88350a8f7544ad986bd644b2b935cbcb79b9488f065f715cdaf0f2f52eaf6771ee3b378b7e2ee930abe9dd3389c7ee4f81139aee1e2ecc563628cc30f9e99405e9ff56015ef09a84c94cc9d5cbb8643e581167fc4f0d71143e6657fa19f80668f54d99d3fff50240f097c2d7eddb7b20b5e5974047304077612c299e3323059de86cccf115d9d667026d559133fc693b350c9c26a99218df758a56c75fab92b0a66cc3fcef801b6745b5c5484d41390bdf289c937b08563ca598ed2b180826d7fccf03c426b87bf1e64f4451712f128501df2133e1aa5ee12b7e7e52ffd007a1401b91268a62ae01b5a74a2c305757b5839851ffa796079b9533fab612f33abcbb79ddf5d9b22c3126ff1c1f6fe20725679d1dde6b02847c56ebcbd8de9c7a545de42766eab9a09341a0e30760b85ab8f1a2c89df9b68bfae59691ad2aa047396ce8bdf97d578528d2ff9abca8f4e150d2903eab517c4ea30c800ea7dcdba425738a9ad13532cfb3c35cbd9aca948508d4cbf90778253932b16039c998872aa2108a8462ce1e8d2b3328fb2da905e4433454b33841273da3e9a76f0e235349c6e039f2780f53a503f13c80f587381c9128308cd785d2f83320be5ac8f11eca7c5a1b598cd220d45e40ffbe290b39f6039677ee9466bcb290682a5cfdb30ddd842ce49b4c495cf9326fdbc3e54118de3352c03d5f4e4d1b801adcf3fef67ba2c952ed22bae9423dc6413cd5a35da543708e4a17cfae16c82ebc850b94d622e32bd9f41287eb9eaf32af21ad3d3dbcf866807f55f75e2a28912fdbf7140682a453961a9cdc9d11be029a0679ca65b9cede11dbe17bbd2b460346e8d4c55daa817995ed2fa3ffff14ba795142c7eda8a72ddebc09a120b69f9ab4b651dc3a321673440c5767366165d51c8ea3c39186d6bbb5bb78a2918a74b3540f69f5173d1bce428a561228dbac06e0a37d2ac69781a1d8583631757067e37a4936aaed9d9101deb2148cdc9813e8daf38638a47c4f7061e15ba0cd2298357a6a8df14c10d7de706369047e3d23c4fdbdbb80ea1c391290c91b44ee523c6ebcc6932380e3d974a026bd2cdf69b46145e01541303f7771f1ff709dc34f8ee36f2e67fdab748d303f920e3e882a18ae6df0e67cb3f8b7e4fb0b3804323a8fcaa11d849d1d456e487211a5e059fc2bde4869f8376b6e3837fbf80a446294bd534694bc8ccda0668a47efc1cb2de96c7cf2630834b754cfe906a3bb8aa6747b6ba6452a216457fcf5020612e45ad159e14b97cdb28494eb08260caa411dc26c4b7bbe3bce63e8b033a473a4e60a26b347a2eebc02e9f89dfe6e8135a78e778eb896ff5b5a067abcf52c63396b7445343b4027d4014f72a665ddc7c99cb215cad55914cd2ecfcf1e500af65419cf4a4ddb6e6598370730540c33239bba2bbbe11d6c5ccbeed433d3295c83312a9883562dab4dbc2a5bad84f1b53d0e32ffc79cd52f90a9165ffaabd19d5b8c52ce979dcfd32d576337918813a82e2674fb3aba70c8caee997a917cd4d9964771612b7cff967502d5a5eb88c108af60e43d757c46bb3c58fea31e379b151ea2e386a05afe901c381a320120f4d46fbf7fd1e60818f20df7de67aa70a9ed293b972945b71a9d438267de6cbe7d74580d611e837279bd42bbd44538f88112c2e93762cbc50651e578a18832b6c21f85ff62114029fa3077b409ad6b6223db8e2535a693220809d9c738f2ad989bb136045a2213dfe8f191f41e3355f5ea72253ef00e17eae763fcd85ea5967ad40b7398e5a433fd91dac85aaf6412fea6969945b495d7c2c1c0e987827655d5ab7182c4b6ab0076c066e1e8a9c7ecaf63b3d9b9eadb03b077c8b5d94d929f6b1db2e90c597556dd083a611e93741f7008771122a4a22f0fa83e844bd8b5b3a40d9df4db35d39d9a29b6399893c98f6038e7b5cc404de1e6c226d08d992e1a80299a95bc76331583ca2cf819e39ebf315086e2ae4799ea947609e87aabc71f9f7ba5252d6dd1b910683811e09fad4ca5308f2a48676d4a51bae3b57a17328d60e4792d074bdc101f1b9b0e723651eebcfeb1d1411d5b7dbd2c5d38bc6b5e7d5478d79718dbba120ed84d33fb2b90efa29aa1c42a6f3b7bf52b80bf5488a32e6e1bf72c764cb26a6366959fcb4c3765da1f47b069930c578ba07086cb44a7f2116d27dc30c42c148059c11c338dfd335b021eaafe38fbdf3bb6f84ae3282c6e527d3b7d666bf0a5e9198c85d4a91ca0ff66041702cba3b3323b7dd29815c3d81bb33c12cb5e50834c6c04fa73200c88ed0090df2f73c929bb45677253f4314e811565f5f8cc17eab70652dfe6dd83d9fc1d8526e87b0dc0e556e7745b418516c2e98ebd579972446b5d30f871f53d43f47911fca68e894ea8a6dd3ae7967b360daddfe00e75dcd9811ce74cb41d256a2875f32c109dec271eaf37d328a44772e3916e714123035386bf2a45072415df273192033e4221613c9c1bcf9bd9885f6d26e2af3538e2bdf5b26e3c83a9b1abaf70eed063e9088760b55c1e41437eee27e9a537227ae33641bc28349078a01a15fcfb5d01e7675e1c9a339855263b85df0c381305105cdbc83d58ec69268e1248c4a26a7d6483eb8d4d0664e48a4f9774fad9acfcb6ff91550cf3d871fc38c27eb24c71c7512613550d458c7ce985d2345e835585da843ffa2227501c2be0d0b234ef1fd0d3cfd8628fbc3c1d797cfee7bf0681705dc1ead91fb80617df50f52f49faa15209c881fc99e18cc127b8e141826dfd327a2c23785ed075cea115db6ef563ac305c57c39bb7ed74d5d237b593b30baf9243b37ff13b9741b6b75378d37a740cb8eb0d97c99097a4e0de43a55adc56bf611ffb31c964be0c6f49163d8ffc413b1692734468d967e853c6272280289df61c300927930bc3ce5493323bece9bae6547de8a052aee4e4affef5f482fd941428bc09762659ce3ec3f615ee1070c06282409c420748fcad751c44ec3e4ff118b72fcee74222dcd1a11be019b6ccbb4330090e8b41d593cf1d29ee5a3fa68e8d45f375a67d2629791a7a2cd0d44309719e81a9cfe6e27d1a88388a335dfdb2558bc179a8e1ef1590e53a2a6c54fbc6194d1411042646e2402beba77ca85b6cc5ffb29d04ee018454acddb095e1e2619d60fba3e768efd13469ffff96f0c4eb6c6848471ec9fe87c45259bc23d328e9f41aa01498c6d8bff2933bde26625237cb963b3f78f50a8919aa2e12381e6cd8fd4dfa6ea3d8a6af9592ea7f23db6fec5fa0e37c045150161c0589304fa87344ae84086717d6dadeec629c0625dd4b6b0c1967c17f5f8ce3fc08b5ce1d3614f0c2664a1d360242296a084c4573050320059b64fe82046575704736b7f46d1d105501cfb73fac9e312e15200a18035bf3ddbe233f50376a0a2447bd3404472af39064ad518230a0ce8eaf560ffbdd1c561e91eb6d71fd3fdee641065ad30800582fca0fad06f5f853fa2b24c1af673e98b2c04cb576012a2f643c54be162ef4cd342715c5f212338e014e32afe4f46537f767f52b9e19903fed505ad0b1dbefe4cc303810a9ae863aa54dcf48a3d2e9aa6a41ec9aeda88eeec7c1e430fd705cf389d56ebd2c02e6975a41630f63ca8c5a0b776a1dd702b91c6e46a8b5de294f0c1cabf8a717bc3ec4ebfe3d3ed402b422e6f2477858537e1c8593b604d990415813e716ff9b1ff721d4da4c5b28f98cd451d2517be6aab04e98a32e89d57f564e36a81eb9575b7c5dd9467e59381cfb033c850ae75a3b705c85b1576bf701ce42584ba6c391ff2c5eaa133db1c6f1db4f1c4c7e1387ec0edf8274b534207cad7ee86f2e3d64bae9ed43f295f28912f9291f5f88f6ff29c2c9f5161b3e786c1271d8bbdec7f74b94f93c8e2abeedbcbd7203279ccc33283bbca87b6b0384280de6d67911b5128086bac825ea8e3eaf8e35609da9e0f298c4271fdf783bad9f9902f77e62e0c1349acf0ab36960e958dd22f33c6273ab2d973b3427f1f8e1462c19caf71b5186b6d3fd866e464fb6a314ab7454f317711634031745aa6111fceca83d8706d04f310370afb171ec772bc81cfe5f169ff4a59900dc02ec846995c28a225c3105548d4a55d173225255355ba5ef2a14131ab77198535276be01bb51a99734ec12ce250a5ccf21c77d39326cca5bb01d16131ee328575fe15ae7dbe2ada55669a425ca1568d7deca3849239cb31a4d5db041da306a348aaa8a5f96335e2adf16c8a38d6af0ef15103341d46ff03ffbfb2f0f6155c930f9c22f0618b04de6b0892f0cd3e6ba5bfe7b66e0a08e2c78c1e683b2525f6d0bde70cd963f07bdff604aa0d6eaecce5234a117a2ec285bd33433d8f1eb540f0b5f618f9fde16014a19025485eebb988976d7d6fd568e2381c022b96b26f6b14dd14ef81b9687d0dbac659cb60740d950e69e4e440b9746fa2a11e488ce1fcb3293f27f5cc42f51e25d0c4292eb3cf3423f02404ef5ffce019c7a18081da9a8ac8a39007b94416851e7d13bdf497c6d8680914ac0b5de389bdebd44663c319ff08536911d7a9a80b172bfb8260a40c7f2a3bb0a4474b0448006d2505ee618ae1c06589fa79f71d35b2906b50bbe2809b0a2e3e2975aa96fd325b6610413e9f0a2368107350016b84bd6bf8d2e2bb00fdc6ebb8910d157cc9a54d4010b1ba3693f11229bd39e1f668ba6ff4b4e9c4fa36f91c109e09f58170d885739daa9a4e1d46d731973c55e0117a20c3b1496d4808d260e4f4c4d502938d6d5357cb19b6413e47a6c0efb3d549c93854539f1e1bee7386f7da799dbe86e758d68357a3e60b8c9223beded0e9ec55d1ad329239d1a7eabf4dbc829e7129e44c0b7703a16712b3437f3967b1fcac51cee00dedc0b3016f2c9efa3803fb5bd44ff5242035c93a330f1a347bd6e1bcfa2befc7579ace1516261adccd58788dfd802b45dcf1b1ccadf2824a0170ed2a0b10c36dd994bfa114e58add4f33550fd7f4c117c8d467b6c2750e59de8f44094cf4884960e60a91269a3ba49a1ca726858ecd2ac1144176fbdb99365038efd22f408f9db20848b3809496bcf704139b3e95731158f06742e0a1c20a013ed82e614510ac7359a83f6f490b4fdd3b59dfd12d10b9c7a50158a5f551467fc9b36d9b205e219637bf7529f5b6b0c9d27b616732737a7896eed9d6805f5bcaf47db58a9266443123880a559d0c5281638d1c2f9260cce7d229879e03b84a9ee3b312b90a946963bc2afe7f31b254a149e918af7c64927c59d591155fad5763b611b5222e1b55992ecad7a418f35bedf045845e19737ca8534ef7543d1ce61ec3769d5ec2aa59f9ac25d5bdd2f771a9fe5006f1ad904548741f8744a4ed442165b9738ceab2b6ae8eadcfbfd7221ab7c21902f5203bec0c7ae612e490ab134d4328be5181112ecece946bb1ac80e1815580ef4054467efe3ce909180a8f10b31439c62baae62ff3d98b71711fca37b4983b0a8ac85551ea1364cca87fbc5b5048bf164aca00f375c7a3c8435d875e5cfc9259bbdc300fdccccbb18853b2ef92bf3a35d15ce75d3e73cce8f6e61e69514c65553bfe2f10df7f41cee1873448a76175083df344a93a30dbfce883f87d20a07641800d62608319fe694626f2a2077693b25003cf03b1984749170d3927f5223df90ef8b172f97f395669c8d7d12bd6dc9b550b4b06b579fb38b7a1fa9f8590ec5bea6939adfb60bed9183c0b5f22a5aaa2d5d1ba7e05fb758eb4e39f25481cc18ec2820fd2eb78c9e1dfda0b9df0997e132de4e79287db8ffd39fe6c796b", 0x2000, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x2b8180, 0x0)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x1c)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x6, &(0x7f00000001c0)={0x2})

2m19.346764499s ago: executing program 32 (id=1370):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
syz_emit_ethernet(0x66, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ifreq(r0, 0x8948, &(0x7f00000000c0)={'vlan1\x00', @ifru_mtu=0x6})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(&(0x7f0000000900)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='squashfs\x00', 0x1408009, 0x0)
capset(&(0x7f0000000040)={0x19980330, 0xffffffffffffffff}, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00'})
fanotify_mark(0xffffffffffffffff, 0x1, 0x4800003e, 0xffffffffffffffff, 0x0)
r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
syz_fuse_handle_req(r3, &(0x7f0000001440)="be70bf88b3f1c736f78e8c30d17c394aaf135da8601ae19d5134c916ddc6aca5ff685ec8712af0efd797390259edf880a7d86ed9a57540ef42c934709a12d111a02f299dc8703cf12882bb0b03165e1a5e3ecc62959f22b42c67faa3d9ad49b3ee7015cdb363cffc083d840d2102c930db6d0b8f700bc6ab301bd331bb9f24d5d994e64202a398a821d9326b88270022ae6fefa4c8ee76c3c371a98999e8dd6b1193c1428eba7522f034f9ed929eefd0adea334cd14d3b2ed13553b1a3af696448c1a327ff4d16cf87b0d0468a48dfb62fe7aabe5ff786448f1420e0c701bf6318072ada994ad8602f134c0bfb3dc5b3aa02b1254289c4445d3c20679a3748abc34cececc54e614b0806268d126d603355daefba3eebc7bb143d3e0a5c0740c6fc51455ea909d7650524bcd56bedf98095017eb5a8e41cedaa690418965ece3b1960fbbb87b160fbd69c6eaa38afd95285a9b00df3dc99da5f0a7ecdf863147c2bdea59247b48b7b02e8ff0ab7917c05c72325a75656e7c16110c47359aef71dce733a498b01d0247ef231a6902b817aa4b838726eafa4375ffc60c655533fd8890cc8eac4e465bb78d4bc5f32223f9062c179e7f99219281d28be1b0ef972d012f5df5956c6d0ea01c1edde5104b682b724737bef2a80e08d6e86640ee85b0678910849e687db0aa1e5876fc745171d883dc4766a30e0200d23e8d9a92b1e2897603e0409a9774f29f8445dc7d1e21d16ecaacbfa8f12670e61de9541dd39b4325c03d008ac0e76268cc94a92cbb06349cb9b663ac0275280382935e64e1b4b412a8c10e4ac8e30a4d524db40f5f00a7f2745a8fda96c907b63aeffd2206098c2443164febb139169ec3b504a32adc38f888606ac2852ddb0ccfeddd064367b6e25eb96d14645be589a131d60522e9ef63c4de0beccf013edb363cbb8623c22aace5600e3aba1cdb91b0863ddb36e9d16556e5d8ae79892227277960c7cd62d00788f2c4bc98e2165a135e01ed8294e3e1e8550651d710105d5f3a97d76da90169e67751e88d3a2bac0da0e8c0f0b0a766735d0375d4a9e7c4b6f2157a5b129b04a7f5331e052d05507117b7799fccb12caad105145d849857da9e80d30352bdeb913aa18115f9a18dea769de2093699bdd1b62c78ef09d8b466d904b522fc86a74a635b012215765cd442572ab02c54df350ce9aa8f1ec6dc53cbe1388a1b4576c130af75ff47496a2f1c16c3253b572b1fe6f4fc67727cea8f698588af9aa15d4e6300f848d57026ca16acacae4cc7decda947bed34f0275db3a97c2e8d47fff1f8d5921ec8c7af5c5e9c7b92b4c2cb5bdb49dc7d8600d838e801c6f230997bbce8b61216629b7b227c2f2789829d51251fe583338af03229148f8e15f5f8c2786710513641eff4367b83d4fff17f484e11d624c3c0339f1a862f62cce794163e52fab59d18c27338aaa144973514ea293279e54a086ff913222074ea6a0ec1f22403d6222fda0b735bfbedc3b2ed4f513503d499f2ec089e43b6523a270bfaa42601eaa399928213b634d6626fb7052feb106590332e7b4da6ed5090d499268cf7597812f81ae5b122048ff5a5b7a002370e9a09c602d57538329ea6e785127582071c5d3c9db397f2896308ee4276b13a21f037d60e902ca188b9e51626f709fdbf40091ed8c54c39f39f6c390d6f449af57efeaf432b5e5b30bcdb2a7706fcbfda04ef0eefec1388323374b6bf2202c295de64f3126779ff4d935d04f0c33cbcf02cc9f2e38b454775e1bcb3eb34105926dd424a2fa3570234e611219c4d9e4ef481c590794ea77d64e3d169fde9859cdde24e303b35eaceb71e1ac5358c79567d42746b6d102ff441f89e39a82d46428a20472435affe1cd972c853c88cb7c7538ba83bacace3add0c55d449d7330755e5f354215ddf1340eda888b1f0285821cf1b76089358dc91e864c5ce764d39c499f505c7e988f9a3035c5218471b4ac5020f9a3dfe17ddf1752310f82622dd84a950dfbc8e421283ddb92d158b61ce7eb33128f3bdcd4511434bbab631947d8976731f68b9d020a4c7b4021907a834e9154737345e61d1fc8630f919d29056c0fa07c17dd98e3ace0bd2c1fcb940932d2196cbcf57f09e3c918772a81dc9dd037de60b91a403eefc3a36f04b2dd2de5eb44a50af98b01f37ec69ad3ecf728e82b7207c669b237a94457136ae5bad23baef344e9ab5db219f540a0b8165bac5fd9b0cd649e9725be8257ee96fc21955794c06237186b2b82f0d863479c169d8deb164bdbdac733120f9cacf15bdcc62a2afb78f7b54d889378a50f9c764934ff6766f9275a9c58ae3d09f05b1dda88d6736bce2a67f1f38a88f3e7b371d6a6b781e912e6ac7e253332517a3d0927892ec3ee2e9f7edb9a55ffa04b4ad788a12d4c7b67400b8982c1a2a40955d1f010a150a9604cdb3dc0069a4221f8c192b292e89a1b7649bb1f4fbd6e4a94a312ab0c886ddd19cb748a6c0fe9ab6f957dcf2a230af07b4c2220929dae2e9e218bd95c1141fd387f6679318f30dc7c73f7772264eaf4e83257e731af59f112d9e9b702ed1b80f7b37d3a6adcb90dd38de77d671a13e75651255dffad5345907b52179d8ba2a2b0efe3df9a9f3f0bdaca0c7abb34d70a91da6f6e606802f9ff943b65910eb1a7c52a824598f6e006aadbe178a30c782bb42da01c3fb2936a4428ef9fb142dcd2673889919aa7dc429989641c12f7bb8f03da660eccfc5047b03f289df9432925bf93902bf5f88f9617b13a9ce78ef830447d7010a82f872c6b4c5d0abe1e04dcf0769853a148ef01f0b9a48d5940a105dee46ad7f03b6063a569753f02b2e23efa58c69b36a2ef7ecdf7d0ebf6a19568a5feec9dc848a2ba0426b264ba5e359a2b57217335c6585992b7696371c4423788d68170c6adcf516df7f7450877d85e3acf5376b094bfeb8e3bdf55c7a369325e8f96291a2809d8d967961a4f8187d0ddd65b082618257ec66d19234f7beb5bbdf12dd3a33e0e43bdb7f8f26600d9e2041ddc63ec2703d5e6f7bd23900416771177612b8af00a4beb65ae1d27975162d712dfba1280524b80a0d44f78620f4070ff5d4814f195723eba1fbbb1d359f2a86f06e8ffa56097e4c7dcb589108f04ff87c6a33b91a581f1f37865c7e306f0e6910503894e3f24a2b4815c7225182c368dcf4790aa394a1fca427b00c50fcb6dcfd8f560e42314d47b102cc0ebc5c8eb787df9cd871c2d88f480ffaee4d034e68098429c6893ec918dc8e0b136c576a5b5dae315dacfae2b82c70ab31a248f13c597880b08cec71200a9892ea3934fa7f5eea3341ede548ea1e7ebde348083fed31a023904d4796e5736c03e5a71021dfff6eda6d547c39f52467634907824da236a5f62d31b8bb7b52e1a5751f4c2185b040d13461815afcfafc010ab840e2b8eb2cc0843feddd8d3e215373a7ea8b4fc6fdf6765c5e3c6d3b771da1b05c02f54def8e853fc6f3d4b35daef89deeacd18dd6651019e5f2c1f2c6ec43bb8542e82cc5f991c98505cd26b1c71400eba1d86ae45b51cb8844c9253339f4ef88064c01e69ee6dedd2d483e75573bb5513a6d3dea4f2b02cd353fc190970ea11855b7ba472f25d1d34dfc291688da61514b2569141722494fe39ee9886ffb612b5ec3e087c2b04dbc067cf0f214a552002747e9d87c46b6b73318840ab3c11e28ea76d912445239dab4b5e8ddd8c739d2581eb70e34bdbbed99f21bcf11e74f49d5a3e722bb4fe2fd97a08b5b73a77c801fa5c93310c32258882aefb37922faf2e916bd2b5a1d231a7518e2476637adee39ec1b7cdf4121cd7446eee3297bf0a5b7e0f0595f78ce48c50dff707edc576c2b15c288236f797ba26353d9bdbc96be208a97bc98e55d68557ea42bc72dbb3c9cc90ad564fa36783b60aef92b3c3a2e6ccfc40c0c50867392421e1cc96af8e687fc209325b83df2c8cf33e9828ccaefd82adbcdd495248109b30b2a21affee110c221edf0498de0e285727584b9497fca6b75a1a8fb14837b3bb4b0aab17e24943bb859926644ffa8aaa4b10e75a218dd24c74fe6ce87f3fef41b5009701d9ce0725675eab625025a0cc5e3bc25da883a6192d0d4bdec8506667016d27e3ea9a533421870684ad5a5c421369d25f07dbc791e49f39dafa38892b3729db257f5624800e06d38026bf48387902aae4fdddb6b9c4f1d1c88b8b2f7b2f2c8c08c1285a75fdab6b3e5083de97562c9766e951e51cbc8b5551824e6f555095ecd08b843e0cb78e10a66a865406aa5368f7e9de577e5cb59a4d804057982027cd326b57e23cdba8268aeb2e0ddb93bbe79b70bebd5ebaf18657f31d78c1ce2e2206b77c1560140ddee8b27430c79e76ddd2531d93d881b8fb9ce83ae193749998594eb48255fc1036483595c907eeeb59a397470a612574061436237d72ffbecb3c6dc761b0f166ae98bcd33c084b25eaa8863449ab975abbc9972fe73134ebe2d8725ada375ba032e0dd013ffeed00243999d7d95bb04d8ce14515296c645ebef2627c5a6519a90ba44e2cc0c9d7733abeb426c4b6a4542a712c721ed5160676470a7ec8269c0fcc8fa12aadeb6c4da181a61c66cca1b2aa9a17ca8c934e90a46068e4ad794dc8bd7bda05fd6a8de3c49cff1def11c15961414dbb14797c0ecd47da889f0f4b51c7b625c5af45cab7e6d88dea66e7d2d2350a173b0e05e381805e5e211be6e0f0e81d121a53b55daaf78de9bf25912aa262b56d095e73841151919c20ae412fd15b63209e45d026285c3b401bb0c315c2199e8259b7aad3849be80c1709139480f8e640c317bc0b278b7a3af0751d8d3bb9f6a95703eeab6624d9ba9257688b9cf299d8bf870e897f7f7ad419123552eb517a1791bc8b0999180683dc935ff5d7b1dbdbd0bf757c4bb8df8035c9ce6386918be43d6d75c96e75148cbb4c2b1450b77b96cd3e7c11d9641fcbb198f534e7ee94df0891ae5893318b1cf9518854a73657f4740ca0fd21f0ab3c2f75921986a3b8b363313594680844f2249efe1895d9870196f48e7c26f3ca24904164001c1953425441de7257c0a800e75f64923d11858ef5d264317ae76aaf443dd77136426b6c816fa34b4a7a831127ccdc203a48cd3bc20f09c6ed093b6ff49e0bf7c91fdca4783766f8f35ac89222578c6c3c4d04cc8f354a65bb200ba6ca76c3041bd8eb04b984e6eb2d2e42f65051892b6c246b6bd91ea265893978f74d6bd9208739dbd4b953fca722d9ce2e576e0e4688338710e198ab76623db04d8d3eb9d3fcebe8ff5942be33488826a7e1e6ba35111e4d5e2146b99bb417fc49d666e385d01a4eab7dfe7268f4b2d679a6e8f39566c8cc961e067faf7ccdcb63f55501d5e1887b6c1ee071febb14522796948f3b242bf1e4742c08a9cf27bd6bb7da4353420706f91f6c0a94f26efd49ecb7dd74cdacbb7def40ad2c13d966c466b400163dd7294f1b8921f5d5da4f4e5dbd8aa02eb11c706aecfd860fe679a101388e36817b96894f3b8c189434e3c30f03ea5cbf8044a253be021edecce7b2f90a295fa1466440db9518cbe61a7e2cc2b057b4ed38ea05576ee190e3ba17021ce17b2b8e219275ca4da3b4b71ad599a58e9aaa7cea5a7a1a8a7924045d19eadf1b83d15f27b6e1c78b6c2f114b49c857a0d339cbe32cab17154de5bec2c2171cff74f6ee08c8a46210f21fc08ed18ea03ff280786af20d338c88f2e86e87ef8cdb3adee7e1e05d53a90f19c88350a8f7544ad986bd644b2b935cbcb79b9488f065f715cdaf0f2f52eaf6771ee3b378b7e2ee930abe9dd3389c7ee4f81139aee1e2ecc563628cc30f9e99405e9ff56015ef09a84c94cc9d5cbb8643e581167fc4f0d71143e6657fa19f80668f54d99d3fff50240f097c2d7eddb7b20b5e5974047304077612c299e3323059de86cccf115d9d667026d559133fc693b350c9c26a99218df758a56c75fab92b0a66cc3fcef801b6745b5c5484d41390bdf289c937b08563ca598ed2b180826d7fccf03c426b87bf1e64f4451712f128501df2133e1aa5ee12b7e7e52ffd007a1401b91268a62ae01b5a74a2c305757b5839851ffa796079b9533fab612f33abcbb79ddf5d9b22c3126ff1c1f6fe20725679d1dde6b02847c56ebcbd8de9c7a545de42766eab9a09341a0e30760b85ab8f1a2c89df9b68bfae59691ad2aa047396ce8bdf97d578528d2ff9abca8f4e150d2903eab517c4ea30c800ea7dcdba425738a9ad13532cfb3c35cbd9aca948508d4cbf90778253932b16039c998872aa2108a8462ce1e8d2b3328fb2da905e4433454b33841273da3e9a76f0e235349c6e039f2780f53a503f13c80f587381c9128308cd785d2f83320be5ac8f11eca7c5a1b598cd220d45e40ffbe290b39f6039677ee9466bcb290682a5cfdb30ddd842ce49b4c495cf9326fdbc3e54118de3352c03d5f4e4d1b801adcf3fef67ba2c952ed22bae9423dc6413cd5a35da543708e4a17cfae16c82ebc850b94d622e32bd9f41287eb9eaf32af21ad3d3dbcf866807f55f75e2a28912fdbf7140682a453961a9cdc9d11be029a0679ca65b9cede11dbe17bbd2b460346e8d4c55daa817995ed2fa3ffff14ba795142c7eda8a72ddebc09a120b69f9ab4b651dc3a321673440c5767366165d51c8ea3c39186d6bbb5bb78a2918a74b3540f69f5173d1bce428a561228dbac06e0a37d2ac69781a1d8583631757067e37a4936aaed9d9101deb2148cdc9813e8daf38638a47c4f7061e15ba0cd2298357a6a8df14c10d7de706369047e3d23c4fdbdbb80ea1c391290c91b44ee523c6ebcc6932380e3d974a026bd2cdf69b46145e01541303f7771f1ff709dc34f8ee36f2e67fdab748d303f920e3e882a18ae6df0e67cb3f8b7e4fb0b3804323a8fcaa11d849d1d456e487211a5e059fc2bde4869f8376b6e3837fbf80a446294bd534694bc8ccda0668a47efc1cb2de96c7cf2630834b754cfe906a3bb8aa6747b6ba6452a216457fcf5020612e45ad159e14b97cdb28494eb08260caa411dc26c4b7bbe3bce63e8b033a473a4e60a26b347a2eebc02e9f89dfe6e8135a78e778eb896ff5b5a067abcf52c63396b7445343b4027d4014f72a665ddc7c99cb215cad55914cd2ecfcf1e500af65419cf4a4ddb6e6598370730540c33239bba2bbbe11d6c5ccbeed433d3295c83312a9883562dab4dbc2a5bad84f1b53d0e32ffc79cd52f90a9165ffaabd19d5b8c52ce979dcfd32d576337918813a82e2674fb3aba70c8caee997a917cd4d9964771612b7cff967502d5a5eb88c108af60e43d757c46bb3c58fea31e379b151ea2e386a05afe901c381a320120f4d46fbf7fd1e60818f20df7de67aa70a9ed293b972945b71a9d438267de6cbe7d74580d611e837279bd42bbd44538f88112c2e93762cbc50651e578a18832b6c21f85ff62114029fa3077b409ad6b6223db8e2535a693220809d9c738f2ad989bb136045a2213dfe8f191f41e3355f5ea72253ef00e17eae763fcd85ea5967ad40b7398e5a433fd91dac85aaf6412fea6969945b495d7c2c1c0e987827655d5ab7182c4b6ab0076c066e1e8a9c7ecaf63b3d9b9eadb03b077c8b5d94d929f6b1db2e90c597556dd083a611e93741f7008771122a4a22f0fa83e844bd8b5b3a40d9df4db35d39d9a29b6399893c98f6038e7b5cc404de1e6c226d08d992e1a80299a95bc76331583ca2cf819e39ebf315086e2ae4799ea947609e87aabc71f9f7ba5252d6dd1b910683811e09fad4ca5308f2a48676d4a51bae3b57a17328d60e4792d074bdc101f1b9b0e723651eebcfeb1d1411d5b7dbd2c5d38bc6b5e7d5478d79718dbba120ed84d33fb2b90efa29aa1c42a6f3b7bf52b80bf5488a32e6e1bf72c764cb26a6366959fcb4c3765da1f47b069930c578ba07086cb44a7f2116d27dc30c42c148059c11c338dfd335b021eaafe38fbdf3bb6f84ae3282c6e527d3b7d666bf0a5e9198c85d4a91ca0ff66041702cba3b3323b7dd29815c3d81bb33c12cb5e50834c6c04fa73200c88ed0090df2f73c929bb45677253f4314e811565f5f8cc17eab70652dfe6dd83d9fc1d8526e87b0dc0e556e7745b418516c2e98ebd579972446b5d30f871f53d43f47911fca68e894ea8a6dd3ae7967b360daddfe00e75dcd9811ce74cb41d256a2875f32c109dec271eaf37d328a44772e3916e714123035386bf2a45072415df273192033e4221613c9c1bcf9bd9885f6d26e2af3538e2bdf5b26e3c83a9b1abaf70eed063e9088760b55c1e41437eee27e9a537227ae33641bc28349078a01a15fcfb5d01e7675e1c9a339855263b85df0c381305105cdbc83d58ec69268e1248c4a26a7d6483eb8d4d0664e48a4f9774fad9acfcb6ff91550cf3d871fc38c27eb24c71c7512613550d458c7ce985d2345e835585da843ffa2227501c2be0d0b234ef1fd0d3cfd8628fbc3c1d797cfee7bf0681705dc1ead91fb80617df50f52f49faa15209c881fc99e18cc127b8e141826dfd327a2c23785ed075cea115db6ef563ac305c57c39bb7ed74d5d237b593b30baf9243b37ff13b9741b6b75378d37a740cb8eb0d97c99097a4e0de43a55adc56bf611ffb31c964be0c6f49163d8ffc413b1692734468d967e853c6272280289df61c300927930bc3ce5493323bece9bae6547de8a052aee4e4affef5f482fd941428bc09762659ce3ec3f615ee1070c06282409c420748fcad751c44ec3e4ff118b72fcee74222dcd1a11be019b6ccbb4330090e8b41d593cf1d29ee5a3fa68e8d45f375a67d2629791a7a2cd0d44309719e81a9cfe6e27d1a88388a335dfdb2558bc179a8e1ef1590e53a2a6c54fbc6194d1411042646e2402beba77ca85b6cc5ffb29d04ee018454acddb095e1e2619d60fba3e768efd13469ffff96f0c4eb6c6848471ec9fe87c45259bc23d328e9f41aa01498c6d8bff2933bde26625237cb963b3f78f50a8919aa2e12381e6cd8fd4dfa6ea3d8a6af9592ea7f23db6fec5fa0e37c045150161c0589304fa87344ae84086717d6dadeec629c0625dd4b6b0c1967c17f5f8ce3fc08b5ce1d3614f0c2664a1d360242296a084c4573050320059b64fe82046575704736b7f46d1d105501cfb73fac9e312e15200a18035bf3ddbe233f50376a0a2447bd3404472af39064ad518230a0ce8eaf560ffbdd1c561e91eb6d71fd3fdee641065ad30800582fca0fad06f5f853fa2b24c1af673e98b2c04cb576012a2f643c54be162ef4cd342715c5f212338e014e32afe4f46537f767f52b9e19903fed505ad0b1dbefe4cc303810a9ae863aa54dcf48a3d2e9aa6a41ec9aeda88eeec7c1e430fd705cf389d56ebd2c02e6975a41630f63ca8c5a0b776a1dd702b91c6e46a8b5de294f0c1cabf8a717bc3ec4ebfe3d3ed402b422e6f2477858537e1c8593b604d990415813e716ff9b1ff721d4da4c5b28f98cd451d2517be6aab04e98a32e89d57f564e36a81eb9575b7c5dd9467e59381cfb033c850ae75a3b705c85b1576bf701ce42584ba6c391ff2c5eaa133db1c6f1db4f1c4c7e1387ec0edf8274b534207cad7ee86f2e3d64bae9ed43f295f28912f9291f5f88f6ff29c2c9f5161b3e786c1271d8bbdec7f74b94f93c8e2abeedbcbd7203279ccc33283bbca87b6b0384280de6d67911b5128086bac825ea8e3eaf8e35609da9e0f298c4271fdf783bad9f9902f77e62e0c1349acf0ab36960e958dd22f33c6273ab2d973b3427f1f8e1462c19caf71b5186b6d3fd866e464fb6a314ab7454f317711634031745aa6111fceca83d8706d04f310370afb171ec772bc81cfe5f169ff4a59900dc02ec846995c28a225c3105548d4a55d173225255355ba5ef2a14131ab77198535276be01bb51a99734ec12ce250a5ccf21c77d39326cca5bb01d16131ee328575fe15ae7dbe2ada55669a425ca1568d7deca3849239cb31a4d5db041da306a348aaa8a5f96335e2adf16c8a38d6af0ef15103341d46ff03ffbfb2f0f6155c930f9c22f0618b04de6b0892f0cd3e6ba5bfe7b66e0a08e2c78c1e683b2525f6d0bde70cd963f07bdff604aa0d6eaecce5234a117a2ec285bd33433d8f1eb540f0b5f618f9fde16014a19025485eebb988976d7d6fd568e2381c022b96b26f6b14dd14ef81b9687d0dbac659cb60740d950e69e4e440b9746fa2a11e488ce1fcb3293f27f5cc42f51e25d0c4292eb3cf3423f02404ef5ffce019c7a18081da9a8ac8a39007b94416851e7d13bdf497c6d8680914ac0b5de389bdebd44663c319ff08536911d7a9a80b172bfb8260a40c7f2a3bb0a4474b0448006d2505ee618ae1c06589fa79f71d35b2906b50bbe2809b0a2e3e2975aa96fd325b6610413e9f0a2368107350016b84bd6bf8d2e2bb00fdc6ebb8910d157cc9a54d4010b1ba3693f11229bd39e1f668ba6ff4b4e9c4fa36f91c109e09f58170d885739daa9a4e1d46d731973c55e0117a20c3b1496d4808d260e4f4c4d502938d6d5357cb19b6413e47a6c0efb3d549c93854539f1e1bee7386f7da799dbe86e758d68357a3e60b8c9223beded0e9ec55d1ad329239d1a7eabf4dbc829e7129e44c0b7703a16712b3437f3967b1fcac51cee00dedc0b3016f2c9efa3803fb5bd44ff5242035c93a330f1a347bd6e1bcfa2befc7579ace1516261adccd58788dfd802b45dcf1b1ccadf2824a0170ed2a0b10c36dd994bfa114e58add4f33550fd7f4c117c8d467b6c2750e59de8f44094cf4884960e60a91269a3ba49a1ca726858ecd2ac1144176fbdb99365038efd22f408f9db20848b3809496bcf704139b3e95731158f06742e0a1c20a013ed82e614510ac7359a83f6f490b4fdd3b59dfd12d10b9c7a50158a5f551467fc9b36d9b205e219637bf7529f5b6b0c9d27b616732737a7896eed9d6805f5bcaf47db58a9266443123880a559d0c5281638d1c2f9260cce7d229879e03b84a9ee3b312b90a946963bc2afe7f31b254a149e918af7c64927c59d591155fad5763b611b5222e1b55992ecad7a418f35bedf045845e19737ca8534ef7543d1ce61ec3769d5ec2aa59f9ac25d5bdd2f771a9fe5006f1ad904548741f8744a4ed442165b9738ceab2b6ae8eadcfbfd7221ab7c21902f5203bec0c7ae612e490ab134d4328be5181112ecece946bb1ac80e1815580ef4054467efe3ce909180a8f10b31439c62baae62ff3d98b71711fca37b4983b0a8ac85551ea1364cca87fbc5b5048bf164aca00f375c7a3c8435d875e5cfc9259bbdc300fdccccbb18853b2ef92bf3a35d15ce75d3e73cce8f6e61e69514c65553bfe2f10df7f41cee1873448a76175083df344a93a30dbfce883f87d20a07641800d62608319fe694626f2a2077693b25003cf03b1984749170d3927f5223df90ef8b172f97f395669c8d7d12bd6dc9b550b4b06b579fb38b7a1fa9f8590ec5bea6939adfb60bed9183c0b5f22a5aaa2d5d1ba7e05fb758eb4e39f25481cc18ec2820fd2eb78c9e1dfda0b9df0997e132de4e79287db8ffd39fe6c796b", 0x2000, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x2b8180, 0x0)
ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x1c)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, 0x0)
ioctl$BLKTRACESETUP(r4, 0xc0481273, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x6, &(0x7f00000001c0)={0x2})

13.023261282s ago: executing program 5 (id=1843):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f00000003c0)={0x385200080, 0x0, 0x0, 0x0, {0xfffffffc}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)

12.886923523s ago: executing program 5 (id=1846):
mkdir(&(0x7f0000000180)='./file0\x00', 0xe0)
io_setup(0x8, &(0x7f0000004200)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='mounts\x00')
io_submit(r0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r2, &(0x7f0000000040))
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x10, 0x0)

11.82642091s ago: executing program 5 (id=1850):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2000, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x10c, 0x30, 0x401, 0x0, 0x0, {}, [{0xf8, 0x1, [@m_ct={0xac, 0x5, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0xe}]}, {0x79, 0x6, "d616e6f602d0872fca708e3646d9758c6fdfe82ba03f81ee61da37d2bf1c423709e5e86d4108da44ecd88728e9865491f1cd1dbafaaabb7882b6869b2c6c0cf6a2ebc9cebb3941698af445958782bd66098627e4d9986a9718f69cf4ad22ffd84fd03c99b04bf4163054b093c0c29eb288a9bd938e"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x10c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
userfaultfd(0x80001)
socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r4, 0xc0585605, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
pipe(&(0x7f0000000140))
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x80482, 0x0)
write$vga_arbiter(r5, &(0x7f0000000680)=ANY=[@ANYBLOB='lock io'], 0xc)

10.457079932s ago: executing program 5 (id=1852):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000300"/14], &(0x7f0000000bc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = shmget$private(0x0, 0x2000, 0x1, &(0x7f0000ffb000/0x2000)=nil)
shmat(r2, &(0x7f0000ffc000/0x1000)=nil, 0x6000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="100000000400000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r3, &(0x7f0000000300), &(0x7f0000000000)=""/10, 0x2}, 0x20)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000100000000000000000004008500000087000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000040)="2b1c52ac82e71ea05b0c5e43ede4", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x103182, 0x0)
socket(0x1, 0xa, 0x0)
ioctl$SIOCGETSGCNT(0xffffffffffffffff, 0x89a0, &(0x7f0000000200)={@rand_addr=0x64010100, @empty})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x121403, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40081271, &(0x7f0000000980)=0x4000)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='cramfs\x00', 0x800, 0x0)
r6 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000f0200006706000020000000620a00fe0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5275c00"/420], &(0x7f0000000100)='GPL\x00'}, 0x48)
setpgid(0x0, r6)
mount(0x0, 0x0, 0x0, 0x2000, 0x0)
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)

9.751320125s ago: executing program 1 (id=1854):
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/kexec_crash_loaded', 0x101100, 0x8)
ioctl$IOMMU_HWPT_SET_DIRTY_TRACKING(r2, 0x3b8b, &(0x7f0000000280)={0x10})
fsetxattr$security_ima(r1, &(0x7f0000000000), &(0x7f0000000040)=ANY=[@ANYBLOB="0302d7"], 0xc, 0x0) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'lo\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x20, 0x14, 0x503, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, r5}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0) (async)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r6, 0x8916, &(0x7f0000000180)={'lo\x00', {0x2, 0x4e21, @empty=0x7f000000}})
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0xe4, 0x10, 0x401, 0x4000, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x49108}, [@IFLA_LINKINFO={0xb0, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xa0, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_EGRESS_QOS={0x40, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0x48, 0x1, {0xa2d, 0x3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x9, 0x8}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x5735, 0x3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x9, 0x8}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x6}}]}, @IFLA_VLAN_INGRESS_QOS={0x58, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xfffffff9, 0xe265}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x48, 0xef8}}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xf03b, 0x15}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x2, 0x8}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x3}}, @IFLA_VLAN_QOS_MAPPING={0x54, 0x1, {0x48, 0x81}}]}]}}}, @IFLA_IFNAME={0x14, 0x3, 'vlan0\x00'}]}, 0xe4}}, 0x0)

9.074615425s ago: executing program 3 (id=1858):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2$9p(&(0x7f0000000300)={<r6=>0xffffffffffffffff}, 0x80)
getresuid(0x0, 0x0, &(0x7f00000005c0)=<r7=>0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x40810, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [{@fowner_eq={'fowner', 0x3d, r7}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@subj_user={'subj_user', 0x3d, '@'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '$.$\xb0$[\xfa[{'}}, {@fowner_gt={'fowner>', 0xee01}}]}})
r8 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r8, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r9=>0x0})
sendmsg$can_raw(r8, &(0x7f0000000140)={&(0x7f0000000000)={0x1d, r9}, 0x10, &(0x7f00000005c0)={&(0x7f0000000100)=@can={{}, 0x80, 0x3, 0x4, 0x2, "07000000008000"}, 0x210}}, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, 0x0, 0x0, &(0x7f0000000500)="b9b9c86368a0c3e2ab51d5853e5f", &(0x7f00000000c0)=""/48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x28, r10, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x4}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x6f}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40040}, 0x20000000)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)

7.384618582s ago: executing program 3 (id=1860):
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
ioctl$VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
io_uring_enter(0xffffffffffffffff, 0x58e2, 0xfde4, 0x20, &(0x7f0000000340)={[0x6]}, 0x8)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x1000, 0x1)
faccessat2(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x6, 0x1000)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, 0x0, 0x0, 0x0, <r3=>0x0, <r4=>0x0})
r5 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x22902, 0x0)
ioctl$FBIOBLANK(r5, 0x4611, 0x3)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, 0x0)
ioctl$IOMMU_HWPT_SET_DIRTY_TRACKING(r2, 0x3b8b, &(0x7f0000000100)={0x10, 0x1, r3})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x10b8}, 0xff00)
r6 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES8=r4, @ANYRES32, @ANYRES16=r5, @ANYRES32=0x0, @ANYBLOB="2fb59ffb44602ae36bd341bece505b6fd49c14a96a0fd598971c54ce159707157696533fcdef0281ad064d431c09f162f8bf2bae4ebe2e6f5e7d20a2883ed44c8111957fe17a882e6a4b37aa5440cc7370dd9e67d73cad19a8aac251dc65d8c9ad4cb2ea69eb0c602f51375f12fd8cba4557d35c0000000000", @ANYBLOB="040000000000000000000000fdffffffffffffff000000d200"], 0x50)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000000)={0x9, 0x3}, 0x10)
write(r7, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000000100000000000000080009000b000000", 0x24)
ioctl$sock_kcm_SIOCKCMCLONE(r6, 0x890b, &(0x7f0000000000))
r8 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$inet(r8, &(0x7f0000000380)={&(0x7f0000000040)={0xa, 0xa, @local}, 0x1b, &(0x7f0000000180)=[{&(0x7f0000000080)="a2", 0xff0e}], 0x4, 0x0, 0x0, 0xa6820000}, 0x0)
ioctl$IOMMU_DESTROY$hwpt(0xffffffffffffffff, 0x3b80, &(0x7f00000001c0)={0x8})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)

7.363509712s ago: executing program 1 (id=1861):
r0 = fsopen(&(0x7f0000000100)='fusectl\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x82)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0)
lseek(r2, 0x0, 0x1)
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="1201000000000008701700ff00000000000109022400010000b000090400faff030001000921f6f400012205000905810308"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f0000000300)={0x2c, &(0x7f0000000140)=ANY=[@ANYBLOB="2010180000"], 0x0, 0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_udp_SIOCOUTQ(r7, 0x5411, &(0x7f00000000c0))
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r8, &(0x7f0000002c00)={0x0, 0x0, &(0x7f0000002bc0)={&(0x7f0000002b40)={0x28, 0x3, 0x8, 0x401, 0x0, 0x0, {0x0, 0x0, 0x2}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x3a}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x3}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000001}, 0x50)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r9, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r9, 0x0, 0x30, 0x0, 0x310)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'lo\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=@newqdisc={0x24, 0x29, 0xa19702d202eff97b, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r11, {}, {0xffff, 0xffff}, {0x0, 0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000080)

7.362202087s ago: executing program 2 (id=1862):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2000, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x10c, 0x30, 0x401, 0x0, 0x0, {}, [{0xf8, 0x1, [@m_ct={0xac, 0x5, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0xe}]}, {0x79, 0x6, "d616e6f602d0872fca708e3646d9758c6fdfe82ba03f81ee61da37d2bf1c423709e5e86d4108da44ecd88728e9865491f1cd1dbafaaabb7882b6869b2c6c0cf6a2ebc9cebb3941698af445958782bd66098627e4d9986a9718f69cf4ad22ffd84fd03c99b04bf4163054b093c0c29eb288a9bd938e"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x10c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
userfaultfd(0x80001)
socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r4, 0xc0585605, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
pipe(&(0x7f0000000140))
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x80482, 0x0)
write$vga_arbiter(r5, &(0x7f0000000680)=ANY=[@ANYBLOB='lock io'], 0xc)

6.414151866s ago: executing program 2 (id=1863):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYBLOB="01000000010000001c0012000c00010062726964"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{0x1ff, 0x4, 0x800, 0x0, 0xfffffffd, 0x8}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0xfffffff9, 0xfffffffa, 0x18, 0xffff}}]}]}}}]}, 0x6c}}, 0x0)
sendto$packet(r0, &(0x7f0000000540)="44080000000000000000c0c288a8f9867423", 0x12, 0x0, &(0x7f0000000440)={0x11, 0x8100, r3, 0x1, 0x2, 0x6, @remote}, 0x14)

6.073283302s ago: executing program 5 (id=1864):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r2, 0x0, 0x0, 0x0, <r3=>0x0})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_emit_vhci(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$alg(0x26, 0x5, 0x0)
setsockopt(r5, 0x9, 0x9, &(0x7f0000000200)="700db3a551b2b6c73ebf1bbc4e6296feb59de64b9763fe31f390c40d764ba1ef7b6304c1978a678e72f1cafb0825597a43f76cf76114aeb288a606c431f4089feb1277037fd01f7326f6c5", 0x4b)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x84)
ioctl$IOMMU_HWPT_ALLOC$NONE(r1, 0x3b89, &(0x7f0000000180)={0x2b, 0x2, r3, r2, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80042, 0x50)
setsockopt$nfc_llcp_NFC_LLCP_RW(r6, 0x118, 0x0, &(0x7f0000000080)=0x3, 0x4)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x800, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat2$dir(0xffffff9c, &(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000140)={0x40, 0x100, 0x2}, 0x18)
close_range(r0, 0xffffffffffffffff, 0x0)

5.951474044s ago: executing program 0 (id=1865):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x9c000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x9, 0x5, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b66, 0x12, r6, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x8a05f664f2838eb, 0x4})
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x840)
r7 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r7, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})
ioctl$MON_IOCX_GETX(r7, 0x4018920a, &(0x7f00000000c0)={&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @iso}, &(0x7f0000000380)=""/102, 0x66})
ioctl$MON_IOCX_GETX(r7, 0x80089203, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)

5.950916713s ago: executing program 2 (id=1866):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0) (async)
socket$rds(0x15, 0x5, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000400)={'sit0\x00', &(0x7f0000000640)=@ethtool_regs={0x4, 0x8010}})
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000000100)={{0x14004, 0xdddd0000, 0x8, 0x1, 0xfe}, {0x0, 0x2000, 0xf, 0x0, 0x0, 0x0, 0x0, 0xff, 0x8, 0x0, 0x6}, {0xd000, 0xf000, 0x0, 0x0, 0xf9, 0x0, 0x0, 0x0, 0x23, 0x0, 0x4}, {0x5000, 0xffff1000, 0xf, 0x41, 0x0, 0x2, 0x1, 0xfc, 0x1, 0x6}, {0x1, 0xffff1000, 0xc, 0x1, 0x3, 0x10, 0x2, 0x0, 0x1, 0x0, 0xb6, 0x90}, {0x2, 0x100000, 0x0, 0x6, 0xf, 0x0, 0x80}, {0x8000000, 0xeeee8000, 0xa, 0x0, 0x2, 0x0, 0x9, 0x7, 0x3a, 0x2, 0xff}, {0x0, 0x2, 0xb, 0x3, 0x0, 0x6, 0x7, 0x0, 0xfa, 0x0, 0x0, 0x5}, {0x1, 0x402}, {0xdddd0000}, 0xddf8fffb, 0x0, 0xeeee0000, 0x200100, 0x8, 0x8000, 0xffff1000, [0x0, 0x10000000000, 0x2]})
ioctl$KVM_TRANSLATE(r4, 0xc018ae85, &(0x7f0000001280)={0x0, 0xdddd0000, 0x2, 0x5, 0x50})
socket(0x400000000010, 0x3, 0x0) (async)
r5 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0) (async)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=@deltaction={0x60, 0x31, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@TCA_ACT_TAB={0x4c, 0x1, [{0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0x10, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}]}]}, 0x60}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a80)=@newtfilter={0x5c, 0x2c, 0xd2b, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0xffe0}, {}, {0xe, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_IPV6_SRC={0x14, 0xe, @mcast2}, @TCA_FLOWER_KEY_IPV6_SRC_MASK={0x14, 0xf, [0xffffffff, 0xffffff00, 0x0, 0xffffff00]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x893}, 0x24040084) (async)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a80)=@newtfilter={0x5c, 0x2c, 0xd2b, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0xffe0}, {}, {0xe, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0x2c, 0x2, [@TCA_FLOWER_KEY_IPV6_SRC={0x14, 0xe, @mcast2}, @TCA_FLOWER_KEY_IPV6_SRC_MASK={0x14, 0xf, [0xffffffff, 0xffffff00, 0x0, 0xffffff00]}]}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x893}, 0x24040084)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000005c0)=0xffffffffffffffff, 0x4)
r9 = syz_open_procfs(0x0, &(0x7f0000000000)='clear_refs\x00')
writev(r9, &(0x7f0000000400)=[{&(0x7f0000000280)='3', 0x1}, {0x0}], 0x2)
ioctl$BLKROGET(r9, 0x125e, &(0x7f0000000040))
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x1ff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x5}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000600)={{0x1, 0x1, 0x18, <r11=>r1}, './file0\x00'})
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000700)={0xffffffffffffffff, 0xa}, 0xc) (async)
r12 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000700)={0xffffffffffffffff, 0xa}, 0xc)
r13 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
read$FUSE(r13, &(0x7f0000004180)={0x2020}, 0x2020) (async)
read$FUSE(r13, &(0x7f0000004180)={0x2020}, 0x2020)
r14 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x80b00)
bind$can_j1939(r14, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) (async)
r15 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r15, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r15, 0x0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r15, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x12, &(0x7f0000000440)=@raw=[@ldst={0x0, 0x1, 0x1, 0x5, 0x4, 0x0, 0xfffffffffffffffb}, @generic={0x81, 0x6, 0x4, 0x30, 0x4}, @call={0x85, 0x0, 0x0, 0x29}, @ringbuf_query, @tail_call, @map_fd={0x18, 0xb}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0x5}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0xb, 0x0, 0x0, 0x0, 0x2}], &(0x7f00000003c0)='GPL\x00', 0x6, 0xb0, &(0x7f0000000500)=""/176, 0x40f00, 0x0, '\x00', r7, 0x0, r8, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000740)=[r3, r9, r10, r11, r0, r12, r13, r14, r15], &(0x7f0000000780)=[{0x2, 0x2, 0x7, 0x9}], 0x10, 0x668}, 0x94)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x7, 0x1, 0x801, 0x0, 0x0, {0x1, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x20008040}, 0x40)

4.949900772s ago: executing program 0 (id=1867):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x9c000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x9, 0x5, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b66, 0x12, 0xffffffffffffffff, 0x0)
r4 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_GETX(r4, 0x80089203, 0x0)

4.848733801s ago: executing program 5 (id=1868):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_MCE_KILL(0x21, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x14, 0x0, &(0x7f0000000380)="f6f4e9a1d78ad62ceef1884386dd78bb3fb7dbfc", 0x0, 0xa1b, 0x0, 0x2, 0x0, &(0x7f0000000700)="010a", 0x0}, 0x50)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x378, 0x0, 0x700001b, 0x148, 0x0, 0x148, 0x2e0, 0x206, 0x240, 0x2e0, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @rand_addr, 0x0, 0x0, 'tunl0\x00', 'bond_slave_1\x00', {0xff}, {}, 0x0, 0x1}, 0x1ea, 0x1e8, 0x208, 0x0, {0x390, 0x8f00}, [@common=@inet=@hashlimit2={{0x150}, {'pim6reg1\x00', {0x5, 0x1ff, 0x1, 0x5, 0x1, 0x100, 0x1, 0x8, 0x20}, {0x8}}}, @common=@inet=@socket2={{0x28}}]}, @unspec=@NOTRACK={0x20}}, {{@uncond, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@set={{0x40}, {{0x0, [0x1, 0x6275dd3c01ecbf44, 0x2, 0x5, 0x2], 0x4, 0x2}}}]}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3d8)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000280)=[{&(0x7f0000000400)="580000001400192340834b80040d8c560a06ffffff7f000000000000000058000b480400945f64009400050038925a01000000800000008004000000ff0109000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)
recvfrom(r0, 0x0, 0x0, 0x61, 0x0, 0x0)

4.65738453s ago: executing program 2 (id=1869):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2$9p(&(0x7f0000000300)={<r6=>0xffffffffffffffff}, 0x80)
getresuid(0x0, 0x0, &(0x7f00000005c0)=<r7=>0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x40810, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [{@fowner_eq={'fowner', 0x3d, r7}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@subj_user={'subj_user', 0x3d, '@'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '$.$\xb0$[\xfa[{'}}, {@fowner_gt={'fowner>', 0xee01}}]}})
r8 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r8, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r9=>0x0})
sendmsg$can_raw(r8, &(0x7f0000000140)={&(0x7f0000000000)={0x1d, r9}, 0x10, &(0x7f00000005c0)={&(0x7f0000000100)=@can={{}, 0x80, 0x3, 0x4, 0x2, "07000000008000"}, 0x210}}, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, 0x0, 0x0, &(0x7f0000000500)="b9b9c86368a0c3e2ab51d5853e5f", &(0x7f00000000c0)=""/48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x28, r10, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x4}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x6f}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40040}, 0x20000000)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)

3.899124196s ago: executing program 0 (id=1870):
syz_io_uring_setup(0x4f6, &(0x7f0000000380)={0x0, 0x80fd, 0x10, 0x1, 0x179}, &(0x7f0000000180)=<r0=>0x0, &(0x7f0000000140)=<r1=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r0, r1, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, 0xffffffffffffffff, 0x80, &(0x7f00000000c0)=@x25, 0x0, 0x0, 0x1})
socket$inet6(0xa, 0x8000e, 0x5)
r2 = eventfd2(0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
r4 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
write$sndseq(r4, &(0x7f00000002c0)=[{0x5, 0x4, 0x24, 0x8, @tick=0x8f, {0x72, 0xf7}, {0xd, 0xe}, @connect={{0x1, 0x1}, {0x23, 0x80}}}, {0x3, 0x6e, 0x6, 0x6, @tick=0x8, {0x3, 0x6}, {0x2, 0x8}, @raw32={[0x2, 0xd, 0x2]}}, {0x6, 0x0, 0x1, 0x6, @tick=0x101, {0x1, 0x2}, {0x6, 0x7c}, @time=@time={0x40, 0x19f900}}, {0x0, 0x0, 0xf2, 0xd, @time={0x40007, 0x1}, {0x5d, 0x5}, {0x6, 0x8}, @queue={0x0, {0x683, 0x1}}}], 0x70)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r7, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r7, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet6_MCAST_MSFILTER(r7, 0x29, 0x30, &(0x7f0000000400)={0x8, {{0xa, 0x4e21, 0x4, @private1={0xfc, 0x1, '\x00', 0x1}, 0x4}}, 0x0, 0x5, [{{0xa, 0x4e20, 0x1, @dev={0xfe, 0x80, '\x00', 0x14}, 0x9}}, {{0xa, 0x4e24, 0x1, @mcast1, 0x9}}, {{0xa, 0x4e24, 0xfffffc00, @mcast1, 0x3191}}, {{0xa, 0x4e20, 0x40, @private1, 0x7}}, {{0xa, 0x4e24, 0x7fffffff, @mcast2, 0xffff2f24}}]}, 0x310)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r7, 0x84, 0x17, &(0x7f00000002c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="004401004d"], 0x9)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bind$bt_l2cap(r8, &(0x7f00000005c0)={0x1f, 0x0, @none, 0x4}, 0xe)
connect$bt_l2cap(r8, &(0x7f0000000240)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x5, 0x1}, 0xe)
close_range(r2, 0xffffffffffffffff, 0x0)

3.857800749s ago: executing program 3 (id=1871):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x5c, r3, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x3d, 0x33, @beacon={{{0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x9}, @broadcast, @device_a, @initial, {0xf, 0x85}}, 0xffffffffffffffff, @default, 0x1000, @void, @val={0x1, 0x1, [{0x6c}]}, @val={0x3, 0x1, 0x40}, @void, @val={0x6, 0x2, 0x1fc}, @void, @val={0x25, 0x3, {0x0, 0x8c, 0x6}}, @void, @val={0x3c, 0x4, {0x1, 0xab, 0x70, 0x2}}, @void, @void, @void, @void}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x80c8}, 0x0)

3.784591518s ago: executing program 2 (id=1872):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x61, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2$9p(&(0x7f0000000300)={<r6=>0xffffffffffffffff}, 0x80)
getresuid(0x0, 0x0, &(0x7f00000005c0)=<r7=>0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x40810, &(0x7f00000006c0)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [{@fowner_eq={'fowner', 0x3d, r7}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@subj_user={'subj_user', 0x3d, '@'}}, {@smackfstransmute={'smackfstransmute', 0x3d, '$.$\xb0$[\xfa[{'}}, {@fowner_gt={'fowner>', 0xee01}}]}})
r8 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r8, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r9=>0x0})
sendmsg$can_raw(r8, &(0x7f0000000140)={&(0x7f0000000000)={0x1d, r9}, 0x10, &(0x7f00000005c0)={&(0x7f0000000100)=@can={{}, 0x80, 0x3, 0x4, 0x2, "07000000008000"}, 0x210}}, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, 0x0, 0x0, &(0x7f0000000500)="b9b9c86368a0c3e2ab51d5853e5f", &(0x7f00000000c0)=""/48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)={0x28, r10, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_RULES={0x4}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x6f}, @NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40040}, 0x20000000)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)

2.263212843s ago: executing program 0 (id=1873):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2000, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x10c, 0x30, 0x401, 0x0, 0x0, {}, [{0xf8, 0x1, [@m_ct={0xac, 0x5, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0xe}]}, {0x79, 0x6, "d616e6f602d0872fca708e3646d9758c6fdfe82ba03f81ee61da37d2bf1c423709e5e86d4108da44ecd88728e9865491f1cd1dbafaaabb7882b6869b2c6c0cf6a2ebc9cebb3941698af445958782bd66098627e4d9986a9718f69cf4ad22ffd84fd03c99b04bf4163054b093c0c29eb288a9bd938e"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x10c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
userfaultfd(0x80001)
socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r4 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r4, 0xc0585605, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
pipe(&(0x7f0000000140))
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x80482, 0x0)
write$vga_arbiter(r5, &(0x7f0000000680)=ANY=[@ANYBLOB='lock io'], 0xc)

2.181188958s ago: executing program 3 (id=1874):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
keyctl$read(0x2, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r2, @ANYRES32=r0], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

2.115062268s ago: executing program 1 (id=1875):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x40, 0x7, 0x6, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FLAGS={0x8, 0x6, 0x1, 0x0, 0xfffffff8}, @IPSET_ATTR_FLAGS={0x8}]}, 0x40}}, 0xc1)
getsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000280), &(0x7f00000002c0)=0x4)
ioctl$DRM_IOCTL_GET_MAP(r1, 0xc0286404, &(0x7f0000000240)={&(0x7f0000fff000/0x1000)=nil})
write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad084fc752f91b29090942f70e0dd038e7ff7fc6e5539b3272078b089b34393b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d356d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3527138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aad66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140), r1)
sendmsg$TIPC_CMD_SET_NETID(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x1, 0x70bd26, 0x25dfdbfc, {{}, {}, {0x8, 0x2, 0x7}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x880}, 0x4000004)

1.286607545s ago: executing program 1 (id=1876):
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYBLOB="01000000010000001c0012000c00010062726964"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newqdisc={0x6c, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{0x1ff, 0x4, 0x800, 0x0, 0xfffffffd, 0x8}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_LOSS={0x18, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x14, 0x2, {0xfffffff9, 0xfffffffa, 0x18, 0xffff}}]}]}}}]}, 0x6c}}, 0x0)
sendto$packet(r0, &(0x7f0000000540)="44080000000000000000c0c288a8f9867423", 0x12, 0x0, &(0x7f0000000440)={0x11, 0x8100, r3, 0x1, 0x2, 0x6, @remote}, 0x14)

1.270462028s ago: executing program 0 (id=1877):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_emit_vhci(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$alg(0x26, 0x5, 0x0)
setsockopt(r4, 0x9, 0x9, &(0x7f0000000200)="700db3a551b2b6c73ebf1bbc4e6296feb59de64b9763fe31f390c40d764ba1ef7b6304c1978a678e72f1cafb0825597a43f76cf76114aeb288a606c431f4089feb1277037fd01f7326f6c5", 0x4b)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x84)
ioctl$IOMMU_HWPT_ALLOC$NONE(r1, 0x3b89, &(0x7f0000000180)={0x2b, 0x2, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80042, 0x50)
setsockopt$nfc_llcp_NFC_LLCP_RW(r5, 0x118, 0x0, &(0x7f0000000080)=0x3, 0x4)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x800, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat2$dir(0xffffff9c, &(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000140)={0x40, 0x100, 0x2}, 0x18)
close_range(r0, 0xffffffffffffffff, 0x0)

1.260633988s ago: executing program 3 (id=1878):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r1, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_emit_vhci(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$alg(0x26, 0x5, 0x0)
setsockopt(r4, 0x9, 0x9, &(0x7f0000000200)="700db3a551b2b6c73ebf1bbc4e6296feb59de64b9763fe31f390c40d764ba1ef7b6304c1978a678e72f1cafb0825597a43f76cf76114aeb288a606c431f4089feb1277037fd01f7326f6c5", 0x4b)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x84)
ioctl$IOMMU_HWPT_ALLOC$NONE(r1, 0x3b89, &(0x7f0000000180)={0x2b, 0x2, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x80042, 0x50)
setsockopt$nfc_llcp_NFC_LLCP_RW(r5, 0x118, 0x0, &(0x7f0000000080)=0x3, 0x4)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x800, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat2$dir(0xffffff9c, &(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000140)={0x40, 0x100, 0x2}, 0x18)
close_range(r0, 0xffffffffffffffff, 0x0)

511.744733ms ago: executing program 1 (id=1879):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0xff}, 0x50)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r1, 0x0, 0x4000000000000004}, 0x18)
mq_open(&(0x7f0000000000)='batadv_slave_1\xbb', 0x8c2, 0x30, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
socket$inet6_sctp(0xa, 0x5, 0x84)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
signalfd(r0, &(0x7f0000000040)={[0x8001]}, 0x8)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x14c409, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f000001aa40)=""/102400, 0x19000)
r3 = gettid()
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0), 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x6, 0x10, &(0x7f0000000100)=@framed={{0x18, 0x2}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8000}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_create(0x1, &(0x7f00000002c0)={0x0, 0x38, 0x4, @thr={&(0x7f0000000180)="1d", &(0x7f0000000240)="43c000085441ea4d865f885db6d0066dc67f3078c7a7f488e479438e73cda2a8da"}}, &(0x7f0000000300)=<r6=>0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r7, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
setsockopt$inet6_IPV6_ADDRFORM(r7, 0x29, 0x1, &(0x7f0000000080), 0x4)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
timer_settime(r6, 0x0, &(0x7f00000000c0)={{0x0, 0x989680}, {0x77359400}}, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

147.445955ms ago: executing program 3 (id=1880):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x97, 0xff, 0x82, 0x8, 0x2058, 0x1005, 0xc19b, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x8f, 0x0, 0x0, 0xbf, 0x57, 0x5a}}]}}]}}, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r2, 0x4018480c, &(0x7f0000000080)={0x2, 0xffffffff, 0x10000})
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
socket(0x2000000000000021, 0x2, 0x10000000000002)
ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f00000000c0)=0x1)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000080)={@my=0x1, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000000)={{@host}, @host, 0x0, 0x0, 0x2449, 0xfffffffffffffffd})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000040)={{@my=0x1}, @any, 0x0, 0x1, 0x9, 0xfffffffffffffffd, 0x0, 0x8, 0x1})
close_range(r3, 0xffffffffffffffff, 0x0)
fsopen(&(0x7f0000000200)='afs\x00', 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
syz_io_uring_setup(0x10d4, &(0x7f0000000000)={0x0, 0x7f36, 0x0, 0x0, 0x34f}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000200)=[{0x32, 0x0, 0x0, 0x4}]}, 0x10)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})

120.935324ms ago: executing program 0 (id=1881):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x9c000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x9, 0x5, &(0x7f0000000100)=ANY=[@ANYRES64=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b66, 0x12, 0xffffffffffffffff, 0x0)
r5 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_GETX(r5, 0x80089203, 0x0)

46.39598ms ago: executing program 1 (id=1882):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x97, 0xff, 0x82, 0x8, 0x2058, 0x1005, 0xc19b, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x8f, 0x0, 0x0, 0xbf, 0x57, 0x5a}}]}}]}}, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r2, 0x4018480c, &(0x7f0000000080)={0x2, 0xffffffff, 0x10000})
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
socket(0x2000000000000021, 0x2, 0x10000000000002)
ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f00000000c0)=0x1)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000080)={@my=0x1, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000000)={{@host}, @host, 0x0, 0x0, 0x2449, 0xfffffffffffffffd})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000040)={{@my=0x1}, @any, 0x0, 0x1, 0x9, 0xfffffffffffffffd, 0x0, 0x8, 0x1})
close_range(r3, 0xffffffffffffffff, 0x0)
fsopen(&(0x7f0000000200)='afs\x00', 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
syz_io_uring_setup(0x10d4, &(0x7f0000000000)={0x0, 0x7f36, 0x0, 0x0, 0x34f}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000200)=[{0x32, 0x0, 0x0, 0x4}]}, 0x10)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})

0s ago: executing program 2 (id=1883):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000610000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb70200"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @sched_cls=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NLBL_UNLABEL_C_STATICREMOVE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000080)={&(0x7f0000002600)=ANY=[], 0xb0}, 0x1, 0x0, 0x0, 0x4000}, 0x8000)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket$igmp6(0xa, 0x3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
syz_emit_ethernet(0x82, &(0x7f00000039c0)={@local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x14}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x4c, 0x3a, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, @mcast2, {[], @ndisc_rs={0x85, 0x0, 0x0, '\x00', [{0x4, 0x6, "aaec6abdff6416cba74b557103b4927a9e49165dfec922450543fb23d9d61c30b64c09c4b3625b9b1e657a5e2a03f9"}, {0x1f, 0x1, "1ea1632e7462658b10ee8c2f81"}, {0x18}, {0x1f}]}}}}}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000540)={'batadv_slave_0\x00'})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000180), 0x4080, &(0x7f0000000200)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYBLOB="2c7753646e6fad", @ANYRESHEX, @ANYBLOB=',\x00'])
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_procfs(0x0, &(0x7f0000000580)='syscall\x00')
read$FUSE(r3, &(0x7f00000005c0)={0x2020}, 0x2020)
syz_emit_ethernet(0x82, &(0x7f0000000480)={@link_local, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @remote, @local, {[@lsrr={0x83, 0x7, 0x1, [@multicast1]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@private=0xa010100}, {@remote}, {@broadcast, 0x9}, {@dev}, {@private}, {@dev}, {@private}]}]}}}}}}}, 0x0)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
bpf$MAP_CREATE(0x300000000000000, &(0x7f00000009c0)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5}, 0x50)
r4 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r4, &(0x7f0000000000)={0x27}, 0x74)

kernel console output (not intermixed with test programs):

87.691192][    T9] usb 4-1: USB disconnect, device number 36
[  487.990397][ T5881] usb 6-1: config 0 descriptor??
[  488.385758][ T5881] RobotFuzz Open Source InterFace, OSIF 6-1:0.0: failure sending bit rate
[  488.405839][   T30] audit: type=1400 audit(488.364:1042): avc:  denied  { getopt } for  pid=11270 comm="syz.5.1460" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  488.430969][ T5881] RobotFuzz Open Source InterFace, OSIF 6-1:0.0: probe with driver RobotFuzz Open Source InterFace, OSIF failed with error -71
[  488.496132][   T95] block nbd4: Possible stuck request ffff888026455080: control (read@0,1024B). Runtime 60 seconds
[  488.507139][   T95] block nbd4: Possible stuck request ffff888026455240: control (read@1024,1024B). Runtime 60 seconds
[  488.518818][   T95] block nbd4: Possible stuck request ffff888026455400: control (read@2048,1024B). Runtime 60 seconds
[  488.529721][   T95] block nbd4: Possible stuck request ffff8880264555c0: control (read@3072,1024B). Runtime 60 seconds
[  488.559297][ T5881] usb 6-1: USB disconnect, device number 2
[  488.678028][   T30] audit: type=1400 audit(488.654:1043): avc:  denied  { create } for  pid=11295 comm="syz.3.1467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  488.731424][   T30] audit: type=1400 audit(488.654:1044): avc:  denied  { bind } for  pid=11295 comm="syz.3.1467" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_connector_socket permissive=1
[  488.820973][ T5887] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  488.931271][T11277] bridge0: port 3(team0) entered disabled state
[  488.937940][T11277] bridge0: port 2(bridge_slave_1) entered disabled state
[  488.945177][T11277] bridge0: port 1(bridge_slave_0) entered disabled state
[  488.980997][ T5887] usb 2-1: Using ep0 maxpacket: 32
[  488.987680][ T5887] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  489.013404][ T5887] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  489.052081][ T5887] usb 2-1: config 0 descriptor??
[  489.093608][T11301] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1469'.
[  489.296282][ T5887] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  489.317440][ T5887] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  489.333310][ T5887] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  489.351065][ T5887] usb 2-1: media controller created
[  489.394373][ T5887] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  489.496936][T11277] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  489.505354][T11294] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  489.520076][T11294] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  489.529233][ T5887] DVB: Unable to find symbol dib7000p_attach()
[  489.541472][ T5887] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  489.568038][T11277] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  489.654951][ T5887] rc_core: IR keymap rc-dib0700-rc5 not found
[  489.675005][ T5887] Registered IR keymap rc-empty
[  489.694882][ T5887] dvb-usb: could not initialize remote control.
[  489.719642][ T5887] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  489.737590][ T5887] usb 2-1: USB disconnect, device number 37
[  489.772278][ T5887] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  489.960969][ T5881] usb 4-1: new full-speed USB device number 37 using dummy_hcd
[  490.077332][T11278] 8021q: adding VLAN 0 to HW filter on device bond0
[  490.089218][T11278] bridge0: port 3(team0) entered blocking state
[  490.095630][T11278] bridge0: port 3(team0) entered forwarding state
[  490.103625][T11278] 8021q: adding VLAN 0 to HW filter on device team0
[  490.113233][T11278] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  490.121132][ T5881] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  490.140116][ T9279] bridge0: port 3(team0) entered disabled state
[  490.148492][ T5881] usb 4-1: config 0 has no interface number 0
[  490.148636][ T9280] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  490.165872][ T5881] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  490.182575][ T5881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  490.195023][ T9280] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  490.205151][ T5881] usb 4-1: config 0 descriptor??
[  490.210686][ T9280] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  490.222307][ T5881] usb 4-1: selecting invalid altsetting 1
[  490.230068][ T5881] dvb_ttusb_budget: ttusb_init_controller: error
[  490.236615][ T9280] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  490.246319][ T5881] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  490.294931][ T9280] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  490.306081][ T9280] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  490.339103][ T9280] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  490.375809][ T9280] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  490.705758][ T5881] DVB: Unable to find symbol cx22700_attach()
[  490.840075][T11319] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  491.217584][T11326] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  491.225795][   T30] audit: type=1400 audit(491.194:1045): avc:  denied  { read } for  pid=11323 comm="syz.0.1474" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  491.332201][   T30] audit: type=1400 audit(491.194:1046): avc:  denied  { open } for  pid=11323 comm="syz.0.1474" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  492.101253][ T5881] DVB: Unable to find symbol tda10046_attach()
[  492.107869][ T5881] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  492.437028][   T30] audit: type=1400 audit(492.254:1047): avc:  denied  { create } for  pid=11335 comm="syz.0.1476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  492.461858][ T5881] usb 4-1: USB disconnect, device number 37
[  492.859301][ T6264] block nbd3: Possible stuck request ffff888026410000: control (read@0,1024B). Runtime 90 seconds
[  492.874272][ T6264] block nbd3: Possible stuck request ffff8880264101c0: control (read@1024,1024B). Runtime 90 seconds
[  492.887681][ T6264] block nbd3: Possible stuck request ffff888026410380: control (read@2048,1024B). Runtime 90 seconds
[  492.899317][ T6264] block nbd3: Possible stuck request ffff888026410540: control (read@3072,1024B). Runtime 90 seconds
[  492.985355][   T95] block nbd1: Possible stuck request ffff88802638e000: control (read@0,1024B). Runtime 120 seconds
[  492.996527][   T95] block nbd1: Possible stuck request ffff88802638e1c0: control (read@1024,1024B). Runtime 120 seconds
[  493.007610][   T95] block nbd1: Possible stuck request ffff88802638e380: control (read@2048,1024B). Runtime 120 seconds
[  493.018606][   T95] block nbd1: Possible stuck request ffff88802638e540: control (read@3072,1024B). Runtime 120 seconds
[  493.029606][   T30] audit: type=1400 audit(492.264:1048): avc:  denied  { read } for  pid=11335 comm="syz.0.1476" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  493.051984][    C1] vkms_vblank_simulate: vblank timer overrun
[  493.058207][ T5852] IPVS: starting estimator thread 0...
[  493.064430][   T30] audit: type=1400 audit(492.264:1049): avc:  denied  { open } for  pid=11335 comm="syz.0.1476" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  493.087666][   T30] audit: type=1400 audit(492.334:1050): avc:  denied  { bind } for  pid=11335 comm="syz.0.1476" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  493.106880][   T30] audit: type=1400 audit(492.694:1051): avc:  denied  { read append } for  pid=11340 comm="syz.5.1478" name="event3" dev="devtmpfs" ino=997 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  493.152976][T11338] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  493.193519][T11343] IPVS: using max 75 ests per chain, 180000 per kthread
[  493.207970][T11338] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  493.214073][   T30] audit: type=1400 audit(492.694:1052): avc:  denied  { open } for  pid=11340 comm="syz.5.1478" path="/dev/input/event3" dev="devtmpfs" ino=997 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  493.214118][   T30] audit: type=1400 audit(493.114:1053): avc:  denied  { ioctl } for  pid=11340 comm="syz.5.1478" path="/dev/input/event3" dev="devtmpfs" ino=997 ioctlcmd=0x4532 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  493.314892][T11338] Bluetooth: hci5: Opcode 0x0406 failed: -4
[  494.142456][ T5872] usb 1-1: new full-speed USB device number 30 using dummy_hcd
[  494.691114][ T5881] usb 2-1: new full-speed USB device number 38 using dummy_hcd
[  494.722499][ T5872] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  494.755951][ T5872] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  494.790313][ T5872] usb 1-1: config 0 descriptor??
[  494.816025][ T5872] cp210x 1-1:0.0: cp210x converter detected
[  494.847732][T11373] FAULT_INJECTION: forcing a failure.
[  494.847732][T11373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  494.864272][T11373] CPU: 0 UID: 0 PID: 11373 Comm: syz.2.1488 Not tainted syzkaller #0 PREEMPT(full) 
[  494.864295][T11373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  494.864309][T11373] Call Trace:
[  494.864315][T11373]  <TASK>
[  494.864322][T11373]  dump_stack_lvl+0x16c/0x1f0
[  494.864357][T11373]  should_fail_ex+0x512/0x640
[  494.864380][T11373]  _copy_from_user+0x2e/0xd0
[  494.864402][T11373]  __sys_bpf+0x248/0x4980
[  494.864433][T11373]  ? __pfx___sys_bpf+0x10/0x10
[  494.864457][T11373]  ? find_held_lock+0x2b/0x80
[  494.864482][T11373]  ? find_held_lock+0x2b/0x80
[  494.864510][T11373]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  494.864540][T11373]  ? fput+0x9b/0xd0
[  494.864560][T11373]  ? ksys_write+0x1ac/0x250
[  494.864575][T11373]  ? __pfx_ksys_write+0x10/0x10
[  494.864595][T11373]  __x64_sys_bpf+0x78/0xc0
[  494.864620][T11373]  ? lockdep_hardirqs_on+0x7c/0x110
[  494.864646][T11373]  do_syscall_64+0xcd/0xfa0
[  494.864663][T11373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.864680][T11373] RIP: 0033:0x7f2c2418f6c9
[  494.864693][T11373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  494.864709][T11373] RSP: 002b:00007f2c24fcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  494.864725][T11373] RAX: ffffffffffffffda RBX: 00007f2c243e5fa0 RCX: 00007f2c2418f6c9
[  494.864736][T11373] RDX: 0000000000000094 RSI: 0000200000000680 RDI: 0000000000000005
[  494.864746][T11373] RBP: 00007f2c24fcc090 R08: 0000000000000000 R09: 0000000000000000
[  494.864755][T11373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  494.864765][T11373] R13: 00007f2c243e6038 R14: 00007f2c243e5fa0 R15: 00007ffe4e721738
[  494.864789][T11373]  </TASK>
[  494.869052][ T5881] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25353, setting to 64
[  495.059327][T11371] lo speed is unknown, defaulting to 1000
[  495.087515][ T5881] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  495.090923][ T5872] cp210x 1-1:0.0: failed to get vendor val 0x370b size 1: -121
[  495.100715][ T5881] usb 2-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  495.117403][ T5881] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.126562][ T5881] usb 2-1: config 0 descriptor??
[  495.145079][T11364] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  495.154354][ T5872] cp210x 1-1:0.0: querying part number failed
[  495.175470][ T5872] usb 1-1: cp210x converter now attached to ttyUSB0
[  495.202607][ T5811] Bluetooth: hci5: command 0x0c1a tx timeout
[  495.262866][    T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  495.412653][T11379] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1490'.
[  495.423761][    T9] usb 6-1: Using ep0 maxpacket: 8
[  495.434697][    T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  495.471655][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  495.482004][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  495.504991][    T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  495.518338][    T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  495.539304][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.625288][ T5881] hid-multitouch 0003:0457:07DA.0019: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.1-1/input0
[  495.727801][T11386] fuse: Bad value for 'fd'
[  495.744323][T11386] fuseblk: Bad value for 'fd'
[  495.882028][   T95] block nbd2: Possible stuck request ffff8880263e7000: control (read@0,1024B). Runtime 120 seconds
[  495.895680][   T95] block nbd2: Possible stuck request ffff8880263e71c0: control (read@1024,1024B). Runtime 120 seconds
[  495.906762][   T95] block nbd2: Possible stuck request ffff8880263e7380: control (read@2048,1024B). Runtime 120 seconds
[  495.918076][   T95] block nbd2: Possible stuck request ffff8880263e7540: control (read@3072,1024B). Runtime 120 seconds
[  495.929529][T11388] Invalid source name
[  496.360057][    T9] usb 6-1: GET_CAPABILITIES returned 0
[  496.368547][    T9] usbtmc 6-1:16.0: can't read capabilities
[  496.381424][T11390] overlayfs: overlapping lowerdir path
[  496.439229][T11381] comedi comedi3: comedi_test: 20263 microvolt, 5 microsecond waveform attached
[  496.615163][   T30] audit: type=1400 audit(496.594:1054): avc:  denied  { write } for  pid=11369 comm="syz.5.1486" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  496.646991][   T30] audit: type=1400 audit(496.624:1055): avc:  denied  { ioctl } for  pid=11369 comm="syz.5.1486" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  496.671053][    C1] vkms_vblank_simulate: vblank timer overrun
[  496.743581][ T5872] usb 6-1: USB disconnect, device number 3
[  496.750905][T11308] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  496.844903][   T24] usb 1-1: USB disconnect, device number 30
[  497.004830][   T24] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  497.021014][T11308] usb 4-1: Using ep0 maxpacket: 16
[  497.038985][T11308] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  497.080148][   T24] cp210x 1-1:0.0: device disconnected
[  497.194690][T11308] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  497.208250][T11308] usb 4-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  497.220525][T11308] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.225015][   T30] audit: type=1400 audit(497.204:1056): avc:  denied  { write } for  pid=11399 comm="syz.0.1495" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  497.256633][T11308] usb 4-1: Product: syz
[  497.265801][T11308] usb 4-1: Manufacturer: syz
[  497.280946][ T5811] Bluetooth: hci5: command 0x0c1a tx timeout
[  497.281931][T11308] usb 4-1: SerialNumber: syz
[  497.303104][T11308] usb 4-1: config 0 descriptor??
[  497.683662][T11308] usb 2-1: USB disconnect, device number 38
[  497.743805][    T9] usb 4-1: USB disconnect, device number 38
[  497.876863][   T30] audit: type=1400 audit(497.854:1057): avc:  denied  { create } for  pid=11413 comm="syz.1.1499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  497.966484][T11417] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  497.993838][T11417] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  498.364063][   T30] audit: type=1400 audit(498.344:1058): avc:  denied  { write } for  pid=11420 comm="syz.0.1504" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  498.467637][ T6264] block nbd0: Possible stuck request ffff88802631e000: control (read@0,1024B). Runtime 150 seconds
[  498.478703][ T6264] block nbd0: Possible stuck request ffff88802631e1c0: control (read@1024,1024B). Runtime 150 seconds
[  498.490149][ T6264] block nbd0: Possible stuck request ffff88802631e380: control (read@2048,1024B). Runtime 150 seconds
[  498.501440][ T6264] block nbd0: Possible stuck request ffff88802631e540: control (read@3072,1024B). Runtime 150 seconds
[  498.521711][   T30] audit: type=1400 audit(498.344:1059): avc:  denied  { create } for  pid=11419 comm="syz.2.1502" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  498.541794][   T30] audit: type=1400 audit(498.364:1060): avc:  denied  { ioctl } for  pid=11420 comm="syz.0.1504" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  498.567027][   T30] audit: type=1400 audit(498.424:1061): avc:  denied  { write } for  pid=11420 comm="syz.0.1504" path="socket:[34492]" dev="sockfs" ino=34492 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  499.309170][T11308] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  499.362083][ T5811] Bluetooth: hci5: command 0x0c1a tx timeout
[  499.511342][T11308] usb 6-1: Using ep0 maxpacket: 8
[  499.530774][T11308] usb 6-1: config 0 has no interfaces?
[  499.537296][T11308] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  499.606959][T11308] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.824973][T11308] usb 6-1: config 0 descriptor??
[  500.512306][   T30] audit: type=1400 audit(500.374:1062): avc:  denied  { create } for  pid=11449 comm="syz.1.1510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  500.531987][   T30] audit: type=1400 audit(500.384:1063): avc:  denied  { sys_admin } for  pid=11449 comm="syz.1.1510" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  500.610172][T11459] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1515'.
[  500.741338][   T30] audit: type=1400 audit(500.654:1064): avc:  denied  { read } for  pid=11421 comm="syz.5.1503" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  501.004163][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  501.040958][   T30] audit: type=1400 audit(500.654:1065): avc:  denied  { open } for  pid=11421 comm="syz.5.1503" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  501.077265][   T30] audit: type=1400 audit(500.664:1066): avc:  denied  { setopt } for  pid=11421 comm="syz.5.1503" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  501.100439][T11459] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1515'.
[  502.110913][T11308] usb 6-1: USB disconnect, device number 4
[  502.127510][T11468] fuse: Bad value for 'fd'
[  502.175451][T11468] fuseblk: Bad value for 'fd'
[  502.329608][T11471] Invalid source name
[  503.501142][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  503.545237][T11480] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1519'.
[  503.586318][   T30] audit: type=1400 audit(503.474:1082): avc:  denied  { ioctl } for  pid=11474 comm="syz.5.1519" path="/dev/binderfs/binder0" dev="binder" ino=19 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  503.793434][   T30] audit: type=1400 audit(503.474:1083): avc:  denied  { set_context_mgr } for  pid=11474 comm="syz.5.1519" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  503.869674][   T30] audit: type=1326 audit(503.844:1084): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11482 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2418f6c9 code=0x7ffc0000
[  503.944274][   T30] audit: type=1326 audit(503.844:1085): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11482 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2418f6c9 code=0x7ffc0000
[  504.171171][   T30] audit: type=1326 audit(503.914:1086): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11482 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f2c2418f6c9 code=0x7ffc0000
[  504.196779][   T30] audit: type=1326 audit(503.914:1087): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11482 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2418f6c9 code=0x7ffc0000
[  504.237240][   T30] audit: type=1326 audit(503.914:1088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11482 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2418f6c9 code=0x7ffc0000
[  504.965436][   T30] audit: type=1326 audit(503.914:1089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11482 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2c2418f6c9 code=0x7ffc0000
[  504.996720][   T30] audit: type=1326 audit(503.914:1090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11482 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c2418f6c9 code=0x7ffc0000
[  505.022139][   T30] audit: type=1326 audit(503.914:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11482 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f2c2418f6c9 code=0x7ffc0000
[  505.397003][T11497] program syz.5.1523 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  508.225631][T11515] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1527'.
[  508.574829][T11515] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1527'.
[  508.611508][T11528] FAULT_INJECTION: forcing a failure.
[  508.611508][T11528] name failslab, interval 1, probability 0, space 0, times 0
[  508.690880][ T5872] usb 3-1: new full-speed USB device number 32 using dummy_hcd
[  508.698795][T11528] CPU: 0 UID: 0 PID: 11528 Comm: syz.5.1532 Not tainted syzkaller #0 PREEMPT(full) 
[  508.698810][T11528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  508.698816][T11528] Call Trace:
[  508.698820][T11528]  <TASK>
[  508.698824][T11528]  dump_stack_lvl+0x16c/0x1f0
[  508.698860][T11528]  should_fail_ex+0x512/0x640
[  508.698879][T11528]  ? fs_reclaim_acquire+0xae/0x150
[  508.698906][T11528]  should_failslab+0xc2/0x120
[  508.698926][T11528]  __kmalloc_noprof+0xdd/0x880
[  508.698950][T11528]  ? security_inode_init_security+0x13f/0x390
[  508.698978][T11528]  ? security_inode_init_security+0x13f/0x390
[  508.699001][T11528]  security_inode_init_security+0x13f/0x390
[  508.699026][T11528]  ? __pfx_shmem_initxattrs+0x10/0x10
[  508.699045][T11528]  ? __pfx_security_inode_init_security+0x10/0x10
[  508.699079][T11528]  shmem_mknod+0x22e/0x450
[  508.699103][T11528]  shmem_mkdir+0x31/0x80
[  508.699124][T11528]  vfs_mkdir+0x593/0x8c0
[  508.699151][T11528]  do_mkdirat+0x304/0x3e0
[  508.699164][T11528]  ? __pfx_do_mkdirat+0x10/0x10
[  508.699175][T11528]  ? getname_flags.part.0+0x1c5/0x550
[  508.699192][T11528]  __x64_sys_mkdirat+0x83/0xb0
[  508.699203][T11528]  do_syscall_64+0xcd/0xfa0
[  508.699214][T11528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  508.699225][T11528] RIP: 0033:0x7f0ab4b8f6c9
[  508.699233][T11528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  508.699244][T11528] RSP: 002b:00007f0ab5a29038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  508.699253][T11528] RAX: ffffffffffffffda RBX: 00007f0ab4de5fa0 RCX: 00007f0ab4b8f6c9
[  508.699260][T11528] RDX: 0000000000000000 RSI: 0000200000002040 RDI: ffffffffffffff9c
[  508.699266][T11528] RBP: 00007f0ab5a29090 R08: 0000000000000000 R09: 0000000000000000
[  508.699272][T11528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  508.699277][T11528] R13: 00007f0ab4de6038 R14: 00007f0ab4de5fa0 R15: 00007fff231167d8
[  508.699292][T11528]  </TASK>
[  509.203829][ T5872] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 25353, setting to 64
[  509.215166][ T5872] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  509.231636][ T9314] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  509.241056][ T9314] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  509.250735][ T9314] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  509.269399][ T9314] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  509.278991][ T5872] usb 3-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  509.565830][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.645101][ T5872] usb 3-1: config 0 descriptor??
[  509.666132][T11522] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  510.228374][ T5872] hid-multitouch 0003:0457:07DA.001A: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.2-1/input0
[  510.970303][T11555] FAULT_INJECTION: forcing a failure.
[  510.970303][T11555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  511.022259][T11555] CPU: 1 UID: 0 PID: 11555 Comm: syz.1.1540 Not tainted syzkaller #0 PREEMPT(full) 
[  511.022282][T11555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  511.022292][T11555] Call Trace:
[  511.022298][T11555]  <TASK>
[  511.022305][T11555]  dump_stack_lvl+0x16c/0x1f0
[  511.022336][T11555]  should_fail_ex+0x512/0x640
[  511.022361][T11555]  _copy_to_user+0x32/0xd0
[  511.022384][T11555]  bpf_test_finish.isra.0+0x53c/0x6e0
[  511.022410][T11555]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  511.022438][T11555]  ? __asan_memset+0x23/0x50
[  511.022467][T11555]  bpf_prog_test_run_skb+0x1384/0x2290
[  511.022502][T11555]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  511.022528][T11555]  ? fput+0x9b/0xd0
[  511.022551][T11555]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  511.022575][T11555]  __sys_bpf+0x1035/0x4980
[  511.022606][T11555]  ? __pfx___sys_bpf+0x10/0x10
[  511.022630][T11555]  ? find_held_lock+0x2b/0x80
[  511.022658][T11555]  ? find_held_lock+0x2b/0x80
[  511.022686][T11555]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  511.022719][T11555]  ? fput+0x9b/0xd0
[  511.022740][T11555]  ? ksys_write+0x1ac/0x250
[  511.022756][T11555]  ? __pfx_ksys_write+0x10/0x10
[  511.022777][T11555]  __x64_sys_bpf+0x78/0xc0
[  511.022801][T11555]  ? lockdep_hardirqs_on+0x7c/0x110
[  511.022828][T11555]  do_syscall_64+0xcd/0xfa0
[  511.022846][T11555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  511.022863][T11555] RIP: 0033:0x7fb09d78f6c9
[  511.022877][T11555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  511.022892][T11555] RSP: 002b:00007fb09e599038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  511.022909][T11555] RAX: ffffffffffffffda RBX: 00007fb09d9e5fa0 RCX: 00007fb09d78f6c9
[  511.022920][T11555] RDX: 0000000000000050 RSI: 0000200000000540 RDI: 000000000000000a
[  511.022929][T11555] RBP: 00007fb09e599090 R08: 0000000000000000 R09: 0000000000000000
[  511.022939][T11555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  511.022948][T11555] R13: 00007fb09d9e6038 R14: 00007fb09d9e5fa0 R15: 00007ffffd7c9848
[  511.022971][T11555]  </TASK>
[  511.405915][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  511.405928][   T30] audit: type=1400 audit(511.364:1112): avc:  denied  { create } for  pid=11556 comm="syz.0.1541" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  511.449920][T11568] overlayfs: missing 'lowerdir'
[  511.789147][ T5872] usb 3-1: USB disconnect, device number 32
[  512.931483][T11580] lo speed is unknown, defaulting to 1000
[  512.990940][   T30] audit: type=1400 audit(512.604:1113): avc:  denied  { create } for  pid=11572 comm="syz.0.1546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  513.072751][   T30] audit: type=1400 audit(512.774:1114): avc:  denied  { setopt } for  pid=11572 comm="syz.0.1546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  513.349037][T11591] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1547'.
[  514.547409][   T30] audit: type=1400 audit(514.514:1115): avc:  denied  { read } for  pid=11596 comm="syz.5.1552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  515.172763][   T30] audit: type=1400 audit(515.144:1116): avc:  denied  { create } for  pid=11610 comm="syz.0.1554" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  515.231363][T11611] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1554'.
[  515.259859][   T30] audit: type=1400 audit(515.234:1117): avc:  denied  { ioctl } for  pid=11610 comm="syz.0.1554" path="socket:[34804]" dev="sockfs" ino=34804 ioctlcmd=0x89ee scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  515.304785][T11617] netlink: 'syz.5.1556': attribute type 2 has an invalid length.
[  515.354790][T11617] netlink: 'syz.5.1556': attribute type 8 has an invalid length.
[  515.370980][T11617] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1556'.
[  515.437344][   T30] audit: type=1400 audit(515.264:1118): avc:  denied  { read } for  pid=11610 comm="syz.0.1554" path="socket:[35857]" dev="sockfs" ino=35857 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  515.474941][T11621] overlayfs: missing 'lowerdir'
[  515.496002][   T30] audit: type=1400 audit(515.354:1119): avc:  denied  { ioctl } for  pid=11616 comm="syz.5.1556" path="socket:[35859]" dev="sockfs" ino=35859 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  515.496052][   T30] audit: type=1400 audit(515.354:1120): avc:  denied  { create } for  pid=11616 comm="syz.5.1556" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  516.573035][T11627] netlink: 100 bytes leftover after parsing attributes in process `syz.0.1559'.
[  516.582347][   T30] audit: type=1400 audit(516.554:1121): avc:  denied  { nlmsg_read } for  pid=11626 comm="syz.0.1559" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  516.939073][   T30] audit: type=1400 audit(516.914:1122): avc:  denied  { map } for  pid=11637 comm="syz.0.1563" path="/dev/binderfs/binder0" dev="binder" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  517.238560][   T30] audit: type=1400 audit(516.964:1123): avc:  denied  { call } for  pid=11637 comm="syz.0.1563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  517.257703][   T30] audit: type=1400 audit(517.124:1124): avc:  denied  { bind } for  pid=11640 comm="syz.5.1564" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  517.956975][   T30] audit: type=1400 audit(517.934:1125): avc:  denied  { setopt } for  pid=11646 comm="syz.0.1566" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  518.000254][T11649] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1567'.
[  518.040560][T11655] overlayfs: missing 'lowerdir'
[  518.443904][T11664] exFAT-fs (loop3): unable to read boot sector
[  518.450141][T11664] exFAT-fs (loop3): failed to read boot sector
[  518.456433][T11664] exFAT-fs (loop3): failed to recognize exfat type
[  518.985052][   T95] block nbd4: Possible stuck request ffff888026455080: control (read@0,1024B). Runtime 90 seconds
[  518.996283][   T95] block nbd4: Possible stuck request ffff888026455240: control (read@1024,1024B). Runtime 90 seconds
[  519.050100][   T95] block nbd4: Possible stuck request ffff888026455400: control (read@2048,1024B). Runtime 90 seconds
[  519.061562][   T95] block nbd4: Possible stuck request ffff8880264555c0: control (read@3072,1024B). Runtime 90 seconds
[  519.116169][   T30] audit: type=1400 audit(519.084:1126): avc:  denied  { write } for  pid=11667 comm="syz.2.1573" name="binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  519.548515][T11672] tmpfs: Unknown parameter ''
[  519.981944][   T30] audit: type=1400 audit(519.094:1127): avc:  denied  { mount } for  pid=11669 comm="syz.3.1574" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  520.317716][   T30] audit: type=1400 audit(519.554:1128): avc:  denied  { read write } for  pid=11667 comm="syz.2.1573" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  520.400750][   T30] audit: type=1400 audit(519.554:1129): avc:  denied  { open } for  pid=11667 comm="syz.2.1573" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  520.641133][T11308] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  520.789032][   T30] audit: type=1400 audit(520.764:1130): avc:  denied  { getopt } for  pid=11693 comm="syz.1.1580" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  520.892832][T11308] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  521.046993][T11710] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  521.070930][T11308] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  521.211621][T11713] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1584'.
[  521.242422][T11308] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  521.268784][T11713] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1584'.
[  521.305298][T11308] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  521.440538][T11308] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  521.457977][T11308] usb 4-1: config 0 descriptor??
[  521.515619][T11717] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1585'.
[  521.905232][T11722] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  521.915430][T11722] block device autoloading is deprecated and will be removed.
[  522.000975][T11308] usbhid 4-1:0.0: can't add hid device: -71
[  522.006975][T11308] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  522.050851][T11308] usb 4-1: USB disconnect, device number 39
[  522.089884][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  522.089894][   T30] audit: type=1326 audit(522.064:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.3.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  522.140348][   T30] audit: type=1326 audit(522.104:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.3.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  522.165106][   T30] audit: type=1326 audit(522.104:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.3.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  522.299664][   T30] audit: type=1326 audit(522.104:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.3.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  522.339808][T11734] tipc: Started in network mode
[  522.350981][T11734] tipc: Node identity ac1414aa, cluster identity 4711
[  522.358539][T11734] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  522.390942][   T10] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  522.414862][   T30] audit: type=1326 audit(522.104:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.3.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  522.560079][   T30] audit: type=1326 audit(522.104:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.3.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  522.608110][   T30] audit: type=1326 audit(522.104:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.3.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  522.689178][   T30] audit: type=1326 audit(522.104:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.3.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  522.858216][   T30] audit: type=1326 audit(522.104:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.3.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  523.471047][ T6264] block nbd3: Possible stuck request ffff888026410000: control (read@0,1024B). Runtime 120 seconds
[  523.482210][ T6264] block nbd3: Possible stuck request ffff8880264101c0: control (read@1024,1024B). Runtime 120 seconds
[  523.496853][ T6264] block nbd3: Possible stuck request ffff888026410380: control (read@2048,1024B). Runtime 120 seconds
[  523.502935][   T95] block nbd1: Possible stuck request ffff88802638e000: control (read@0,1024B). Runtime 150 seconds
[  523.508514][ T6264] block nbd3: Possible stuck request ffff888026410540: control (read@3072,1024B). Runtime 120 seconds
[  523.519313][   T95] block nbd1: Possible stuck request ffff88802638e1c0: control (read@1024,1024B). Runtime 150 seconds
[  523.529803][   T10] usb 6-1: unable to get BOS descriptor or descriptor too short
[  523.548547][   T95] block nbd1: Possible stuck request ffff88802638e380: control (read@2048,1024B). Runtime 150 seconds
[  523.559616][   T95] block nbd1: Possible stuck request ffff88802638e540: control (read@3072,1024B). Runtime 150 seconds
[  523.572606][   T10] usb 6-1: not running at top speed; connect to a high speed hub
[  523.596892][   T30] audit: type=1326 audit(522.104:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11730 comm="syz.3.1588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  523.603466][   T10] usb 6-1: config 129 has an invalid interface number: 135 but max is 0
[  523.761431][T11753] overlayfs: missing 'lowerdir'
[  523.777741][T11745] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1592'.
[  523.849409][   T10] usb 6-1: config 129 has an invalid interface number: 5 but max is 0
[  523.878346][   T10] usb 6-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  523.921797][   T10] usb 6-1: config 129 has no interface number 0
[  523.950667][   T10] usb 6-1: config 129 has no interface number 1
[  523.957244][   T10] usb 6-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  523.970548][   T10] usb 6-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[  524.001352][   T10] usb 6-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  524.002840][T11759] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1597'.
[  524.040890][   T10] usb 6-1: config 129 interface 135 has no altsetting 0
[  524.053718][   T10] usb 6-1: config 129 interface 5 has no altsetting 0
[  524.102342][   T10] usb 6-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00
[  524.115584][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  524.125063][   T10] usb 6-1: Product: syz
[  524.182245][T11765] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  524.261354][   T10] usb 6-1: Manufacturer: syz
[  524.391720][   T10] usb 6-1: SerialNumber: syz
[  524.435734][T11763] Failed to initialize the IGMP autojoin socket (err -2)
[  524.490889][ T5872] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  524.637539][T11774] FAULT_INJECTION: forcing a failure.
[  524.637539][T11774] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  524.637686][   T10] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  524.650935][T11774] CPU: 1 UID: 0 PID: 11774 Comm: syz.5.1604 Not tainted syzkaller #0 PREEMPT(full) 
[  524.650961][T11774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  524.650971][T11774] Call Trace:
[  524.650976][T11774]  <TASK>
[  524.650982][T11774]  dump_stack_lvl+0x16c/0x1f0
[  524.651010][T11774]  should_fail_ex+0x512/0x640
[  524.651035][T11774]  _copy_to_user+0x32/0xd0
[  524.651056][T11774]  simple_read_from_buffer+0xcb/0x170
[  524.651081][T11774]  proc_fail_nth_read+0x197/0x240
[  524.651100][T11774]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  524.651119][T11774]  ? rw_verify_area+0xcf/0x6c0
[  524.651140][T11774]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  524.651157][T11774]  vfs_read+0x1e4/0xcf0
[  524.651175][T11774]  ? __pfx___mutex_lock+0x10/0x10
[  524.651190][T11774]  ? __pfx_vfs_read+0x10/0x10
[  524.651211][T11774]  ? __fget_files+0x20e/0x3c0
[  524.651233][T11774]  ksys_read+0x12a/0x250
[  524.651246][T11774]  ? __pfx_ksys_read+0x10/0x10
[  524.651260][T11774]  ? fput+0x9b/0xd0
[  524.651282][T11774]  do_syscall_64+0xcd/0xfa0
[  524.651297][T11774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  524.651313][T11774] RIP: 0033:0x7f0ab4b8e0dc
[  524.651326][T11774] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  524.651340][T11774] RSP: 002b:00007f0ab5a29030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  524.651354][T11774] RAX: ffffffffffffffda RBX: 00007f0ab4de5fa0 RCX: 00007f0ab4b8e0dc
[  524.651364][T11774] RDX: 000000000000000f RSI: 00007f0ab5a290a0 RDI: 0000000000000004
[  524.651373][T11774] RBP: 00007f0ab5a29090 R08: 0000000000000000 R09: 0000000000000000
[  524.651382][T11774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  524.651390][T11774] R13: 00007f0ab4de6038 R14: 00007f0ab4de5fa0 R15: 00007fff231167d8
[  524.651413][T11774]  </TASK>
[  524.652687][ T5872] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  524.669608][   T10] usb 6-1: MIDIStreaming interface descriptor not found
[  524.696986][ T5872] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  524.760899][    T9] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  524.769924][ T5852] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  524.787304][   T10] usb 6-1: USB disconnect, device number 5
[  524.805581][ T5872] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  524.924209][ T5872] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  524.947289][    T9] usb 3-1: config 0 has no interfaces?
[  524.956948][    T9] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  524.985156][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.023453][    T9] usb 3-1: Product: syz
[  525.036625][    T9] usb 3-1: Manufacturer: syz
[  525.047690][T11783] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  525.058452][    T9] usb 3-1: SerialNumber: syz
[  525.195714][ T5872] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  525.215105][    T9] usb 3-1: config 0 descriptor??
[  525.224376][T11783] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  525.414854][ T5872] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  525.428391][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  525.440657][ T5872] usb 2-1: Product: syz
[  525.445384][ T5872] usb 2-1: Manufacturer: syz
[  525.451521][ T5852] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  525.461042][ T5852] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.469703][ T5852] usb 4-1: Product: syz
[  525.475817][ T5852] usb 4-1: Manufacturer: syz
[  525.480826][ T5852] usb 4-1: SerialNumber: syz
[  525.487809][ T5872] cdc_wdm 2-1:1.0: skipping garbage
[  525.493187][ T5872] cdc_wdm 2-1:1.0: skipping garbage
[  525.505103][ T5852] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  525.514309][T11786] tipc: Started in network mode
[  525.519934][T11786] tipc: Node identity 82aa86c4bd95, cluster identity 4711
[  525.520162][ T5872] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  525.532312][T11786] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  525.542548][ T5872] cdc_wdm 2-1:1.0: Unknown control protocol
[  525.553891][T11786] syzkaller0: entered promiscuous mode
[  525.560450][T11786] syzkaller0: entered allmulticast mode
[  525.560617][   T24] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  525.596511][T11786] tipc: Resetting bearer <eth:syzkaller0>
[  525.615365][T11786] Invalid option length (938168) for dns_resolver key
[  525.624766][T11785] tipc: Resetting bearer <eth:syzkaller0>
[  525.642950][T11785] tipc: Disabling bearer <eth:syzkaller0>
[  525.658025][T11763] veth0_vlan: left promiscuous mode
[  525.664080][T11763] veth0_vlan: entered promiscuous mode
[  525.673105][ T5872] usb 3-1: USB disconnect, device number 33
[  525.706500][ T5852] usb 2-1: USB disconnect, device number 39
[  525.858447][T11791] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  525.921488][   T95] block nbd2: Possible stuck request ffff8880263e7000: control (read@0,1024B). Runtime 150 seconds
[  525.932319][   T95] block nbd2: Possible stuck request ffff8880263e71c0: control (read@1024,1024B). Runtime 150 seconds
[  525.944650][   T95] block nbd2: Possible stuck request ffff8880263e7380: control (read@2048,1024B). Runtime 150 seconds
[  525.956079][   T95] block nbd2: Possible stuck request ffff8880263e7540: control (read@3072,1024B). Runtime 150 seconds
[  526.021875][T11793] FAULT_INJECTION: forcing a failure.
[  526.021875][T11793] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  526.035060][T11793] CPU: 0 UID: 0 PID: 11793 Comm: syz.0.1608 Not tainted syzkaller #0 PREEMPT(full) 
[  526.035082][T11793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  526.035093][T11793] Call Trace:
[  526.035099][T11793]  <TASK>
[  526.035106][T11793]  dump_stack_lvl+0x16c/0x1f0
[  526.035137][T11793]  should_fail_ex+0x512/0x640
[  526.035162][T11793]  _copy_from_user+0x2e/0xd0
[  526.035185][T11793]  copy_msghdr_from_user+0x98/0x160
[  526.035208][T11793]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  526.035242][T11793]  ___sys_sendmsg+0xfe/0x1d0
[  526.035266][T11793]  ? __pfx____sys_sendmsg+0x10/0x10
[  526.035286][T11793]  ? __lock_acquire+0x622/0x1c90
[  526.035345][T11793]  __sys_sendmsg+0x16d/0x220
[  526.035366][T11793]  ? __pfx___sys_sendmsg+0x10/0x10
[  526.035405][T11793]  do_syscall_64+0xcd/0xfa0
[  526.035424][T11793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  526.035441][T11793] RIP: 0033:0x7f5c2738f6c9
[  526.035455][T11793] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  526.035472][T11793] RSP: 002b:00007f5c255d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  526.035489][T11793] RAX: ffffffffffffffda RBX: 00007f5c275e6180 RCX: 00007f5c2738f6c9
[  526.035500][T11793] RDX: 0000000000000000 RSI: 0000200000006280 RDI: 0000000000000000
[  526.035509][T11793] RBP: 00007f5c255d5090 R08: 0000000000000000 R09: 0000000000000000
[  526.035519][T11793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  526.035529][T11793] R13: 00007f5c275e6218 R14: 00007f5c275e6180 R15: 00007ffd8778e5b8
[  526.035554][T11793]  </TASK>
[  526.210418][T11308] usb 4-1: USB disconnect, device number 40
[  526.344218][T11798] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1612'.
[  526.640931][   T24] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  526.650112][T11813] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1615'.
[  526.872429][   T24] ath9k_htc: Failed to initialize the device
[  526.890998][T11308] usb 4-1: ath9k_htc: USB layer deinitialized
[  526.943865][T11815] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  526.958024][T11815] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  528.089159][   T30] kauditd_printk_skb: 57 callbacks suppressed
[  528.089174][   T30] audit: type=1400 audit(528.064:1199): avc:  denied  { write } for  pid=11804 comm="syz.2.1614" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  528.282382][   T30] audit: type=1400 audit(528.254:1200): avc:  denied  { accept } for  pid=11828 comm="syz.0.1620" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  528.320230][   T30] audit: type=1400 audit(528.254:1201): avc:  denied  { ioctl } for  pid=11828 comm="syz.0.1620" path="/dev/sg0" dev="devtmpfs" ino=758 ioctlcmd=0x2283 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  528.481616][ T6264] block nbd0: Possible stuck request ffff88802631e000: control (read@0,1024B). Runtime 180 seconds
[  528.496317][ T6264] block nbd0: Possible stuck request ffff88802631e1c0: control (read@1024,1024B). Runtime 180 seconds
[  528.525390][ T6264] block nbd0: Possible stuck request ffff88802631e380: control (read@2048,1024B). Runtime 180 seconds
[  528.536838][ T6264] block nbd0: Possible stuck request ffff88802631e540: control (read@3072,1024B). Runtime 180 seconds
[  528.709429][   T30] audit: type=1400 audit(528.644:1202): avc:  denied  { mount } for  pid=11834 comm="syz.1.1622" name="/" dev="configfs" ino=209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  528.743457][   T30] audit: type=1400 audit(528.654:1203): avc:  denied  { search } for  pid=11834 comm="syz.1.1622" name="/" dev="configfs" ino=209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  528.827206][   T30] audit: type=1400 audit(528.654:1204): avc:  denied  { search } for  pid=11834 comm="syz.1.1622" name="/" dev="configfs" ino=209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  528.906304][   T30] audit: type=1400 audit(528.654:1205): avc:  denied  { read open } for  pid=11834 comm="syz.1.1622" path="/" dev="configfs" ino=209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  528.930858][   T30] audit: type=1400 audit(528.664:1206): avc:  denied  { setattr } for  pid=11834 comm="syz.1.1622" name="/" dev="configfs" ino=209 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  529.330974][T11308] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  529.760712][T11308] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  529.821447][T11308] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  530.018931][T11308] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  530.028272][T11308] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  530.040263][T11308] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  530.053408][T11308] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  530.071865][T11308] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  530.079852][T11308] usb 6-1: Product: syz
[  530.098820][T11308] usb 6-1: Manufacturer: syz
[  530.223981][T11308] cdc_wdm 6-1:1.0: skipping garbage
[  530.229205][T11308] cdc_wdm 6-1:1.0: skipping garbage
[  530.266765][T11308] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  530.280875][T11308] cdc_wdm 6-1:1.0: Unknown control protocol
[  530.281909][T11864] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  530.380515][T11864] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  530.661586][ T5872] usb 6-1: USB disconnect, device number 6
[  530.949737][   T30] audit: type=1400 audit(530.924:1207): avc:  denied  { connect } for  pid=11869 comm="syz.1.1631" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  531.955913][T11885] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1632'.
[  532.317224][T11891] FAULT_INJECTION: forcing a failure.
[  532.317224][T11891] name failslab, interval 1, probability 0, space 0, times 0
[  532.366396][   T30] audit: type=1400 audit(532.334:1208): avc:  denied  { kexec_image_load } for  pid=11892 comm="syz.1.1637" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  532.385965][T11891] CPU: 1 UID: 0 PID: 11891 Comm: syz.0.1635 Not tainted syzkaller #0 PREEMPT(full) 
[  532.385988][T11891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  532.385997][T11891] Call Trace:
[  532.386003][T11891]  <TASK>
[  532.386010][T11891]  dump_stack_lvl+0x16c/0x1f0
[  532.386042][T11891]  should_fail_ex+0x512/0x640
[  532.386063][T11891]  ? __kmalloc_cache_noprof+0x5f/0x780
[  532.386089][T11891]  should_failslab+0xc2/0x120
[  532.386106][T11891]  __kmalloc_cache_noprof+0x72/0x780
[  532.386127][T11891]  ? assoc_array_insert+0x2fa/0x3970
[  532.386153][T11891]  ? assoc_array_insert+0x2fa/0x3970
[  532.386172][T11891]  assoc_array_insert+0x2fa/0x3970
[  532.386206][T11891]  ? __pfx_assoc_array_insert+0x10/0x10
[  532.386230][T11891]  ? down_write+0x14d/0x200
[  532.386247][T11891]  ? __pfx_down_write+0x10/0x10
[  532.386261][T11891]  ? __pfx_key_set_index_key+0x10/0x10
[  532.386285][T11891]  __key_link_begin+0xf5/0x260
[  532.386307][T11891]  __key_create_or_update+0x4e3/0xe10
[  532.386328][T11891]  ? __pfx___key_create_or_update+0x10/0x10
[  532.386347][T11891]  ? lookup_user_key+0x2ce/0x1300
[  532.386369][T11891]  ? rcu_is_watching+0x12/0xc0
[  532.386393][T11891]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  532.386410][T11891]  ? __pfx_keyring_search_iterator+0x10/0x10
[  532.386433][T11891]  key_create_or_update+0x42/0x60
[  532.386454][T11891]  __do_sys_add_key+0x29d/0x470
[  532.386476][T11891]  ? __pfx___do_sys_add_key+0x10/0x10
[  532.386495][T11891]  ? ksys_write+0x1ac/0x250
[  532.386519][T11891]  do_syscall_64+0xcd/0xfa0
[  532.386536][T11891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.386557][T11891] RIP: 0033:0x7f5c2738f6c9
[  532.386569][T11891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  532.386583][T11891] RSP: 002b:00007f5c28142038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  532.386598][T11891] RAX: ffffffffffffffda RBX: 00007f5c275e5fa0 RCX: 00007f5c2738f6c9
[  532.386608][T11891] RDX: 0000200000000100 RSI: 0000200000000180 RDI: 0000200000000000
[  532.386617][T11891] RBP: 00007f5c28142090 R08: 000000001d7a6461 R09: 0000000000000000
[  532.386625][T11891] R10: 0000000000003c0a R11: 0000000000000246 R12: 0000000000000001
[  532.386634][T11891] R13: 00007f5c275e6038 R14: 00007f5c275e5fa0 R15: 00007ffd8778e5b8
[  532.386657][T11891]  </TASK>
[  532.881019][T11903] FAULT_INJECTION: forcing a failure.
[  532.881019][T11903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  532.894137][T11903] CPU: 1 UID: 0 PID: 11903 Comm: syz.3.1640 Not tainted syzkaller #0 PREEMPT(full) 
[  532.894159][T11903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  532.894169][T11903] Call Trace:
[  532.894175][T11903]  <TASK>
[  532.894182][T11903]  dump_stack_lvl+0x16c/0x1f0
[  532.894214][T11903]  should_fail_ex+0x512/0x640
[  532.894239][T11903]  copy_fpstate_to_sigframe+0x854/0xaf0
[  532.894269][T11903]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  532.894294][T11903]  ? __pfx___schedule+0x10/0x10
[  532.894325][T11903]  ? x86_task_fpu+0x5f/0x90
[  532.894349][T11903]  get_sigframe+0x4a8/0x9c0
[  532.894374][T11903]  ? __pfx_get_sigframe+0x10/0x10
[  532.894397][T11903]  ? siginfo_layout+0x177/0x290
[  532.894422][T11903]  x64_setup_rt_frame+0x12e/0xcf0
[  532.894450][T11903]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  532.894470][T11903]  ? __pfx_vfs_read+0x10/0x10
[  532.894494][T11903]  arch_do_signal_or_restart+0x5e4/0x7c0
[  532.894517][T11903]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  532.894547][T11903]  ? __pfx___x64_sys_pread64+0x10/0x10
[  532.894572][T11903]  exit_to_user_mode_loop+0x85/0x130
[  532.894598][T11903]  do_syscall_64+0x426/0xfa0
[  532.894618][T11903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  532.894636][T11903] RIP: 0033:0x7fe06b38f6c7
[  532.894651][T11903] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  532.894668][T11903] RSP: 002b:00007fe06c191038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  532.894686][T11903] RAX: 0000000000000011 RBX: 00007fe06b5e6180 RCX: 00007fe06b38f6c9
[  532.894697][T11903] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  532.894708][T11903] RBP: 00007fe06c191090 R08: 0000000000000000 R09: 0000000000000000
[  532.894718][T11903] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  532.894728][T11903] R13: 00007fe06b5e6218 R14: 00007fe06b5e6180 R15: 00007ffdb5bb4228
[  532.894753][T11903]  </TASK>
[  533.093842][    C1] vkms_vblank_simulate: vblank timer overrun
[  533.602226][ T5872] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  533.843341][ T5872] usb 2-1: Using ep0 maxpacket: 16
[  533.891482][ T5872] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  533.944534][ T5872] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  533.964490][T11908] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1642'.
[  534.024617][ T5872] usb 2-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  534.118199][ T5872] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  534.234323][ T5872] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  534.301443][ T5872] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  534.546126][ T5872] usb 2-1: Product: syz
[  534.583566][ T5872] usb 2-1: Manufacturer: syz
[  534.620225][ T5872] usb 2-1: SerialNumber: syz
[  534.851336][ T5852] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  535.250969][   T30] audit: type=1400 audit(532.334:1209): avc:  denied  { create } for  pid=11892 comm="syz.1.1637" name="file5" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  535.271693][   T30] audit: type=1400 audit(532.344:1210): avc:  denied  { unlink } for  pid=5809 comm="syz-executor" name="file5" dev="tmpfs" ino=1862 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  535.369204][T11917] ALSA: mixer_oss: invalid index 40000
[  535.377216][   T30] audit: type=1400 audit(535.354:1211): avc:  denied  { create } for  pid=11915 comm="syz.0.1646" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  535.472613][   T30] audit: type=1400 audit(535.354:1212): avc:  denied  { ioctl } for  pid=11915 comm="syz.0.1646" path="socket:[37644]" dev="sockfs" ino=37644 ioctlcmd=0x5411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  535.525318][ T5852] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  535.538015][ T5852] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  535.600483][ T5852] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  536.110715][ T5852] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  536.122137][ T5852] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  536.142695][ T5852] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  536.152357][ T5852] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  536.167091][ T5852] usb 3-1: Product: syz
[  536.255101][ T5852] usb 3-1: Manufacturer: syz
[  536.372724][ T5852] cdc_wdm 3-1:1.0: skipping garbage
[  536.372772][ T5852] cdc_wdm 3-1:1.0: skipping garbage
[  536.470332][ T5852] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  536.470347][ T5852] cdc_wdm 3-1:1.0: Unknown control protocol
[  536.555160][   T30] audit: type=1400 audit(536.504:1213): avc:  denied  { mount } for  pid=11925 comm="syz.5.1648" name="/" dev="autofs" ino=37667 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  536.580237][  T979] usb 3-1: USB disconnect, device number 34
[  536.938158][T11935] fuse: Bad value for 'fd'
[  536.943428][T11935] fuseblk: Bad value for 'fd'
[  537.003022][T11936] Invalid source name
[  537.119987][   T30] audit: type=1400 audit(537.094:1214): avc:  denied  { unmount } for  pid=11073 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  538.795401][ T5872] usb 2-1: 0:2 : does not exist
[  538.808924][T11952] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  538.815445][T11952] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  538.852438][T11952] vhci_hcd vhci_hcd.0: Device attached
[  538.995538][ T5872] usb 2-1: USB disconnect, device number 40
[  539.034829][T10401] udevd[10401]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  539.482330][T11965] input: syz0 as /devices/virtual/input/input30
[  539.869462][   T30] audit: type=1400 audit(539.544:1215): avc:  denied  { shutdown } for  pid=11959 comm="syz.1.1658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  539.926574][T11968] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1659'.
[  540.345498][   T10] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  540.353160][T11308] usb 37-1: new low-speed USB device number 3 using vhci_hcd
[  540.500696][   T30] audit: type=1400 audit(540.474:1216): avc:  denied  { watch_mount } for  pid=11948 comm="syz.3.1655" path="/328" dev="tmpfs" ino=1834 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  540.550853][   T10] usb 3-1: Using ep0 maxpacket: 16
[  540.724215][   T30] audit: type=1326 audit(540.684:1217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11948 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  540.867277][T11977] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1661'.
[  541.064645][   T30] audit: type=1326 audit(540.684:1218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11948 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  541.089213][T11979] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1662'.
[  541.110908][   T10] usb 3-1: config 0 has no interfaces?
[  541.116425][   T10] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  541.141328][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.164934][T11979] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1662'.
[  541.188078][   T30] audit: type=1326 audit(540.684:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11948 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  541.281484][   T10] usb 3-1: config 0 descriptor??
[  541.318283][T11985] FAULT_INJECTION: forcing a failure.
[  541.318283][T11985] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  541.351739][   T30] audit: type=1326 audit(540.684:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11948 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  541.375423][   T30] audit: type=1326 audit(540.684:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11948 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  541.398583][T11985] CPU: 0 UID: 0 PID: 11985 Comm: syz.1.1664 Not tainted syzkaller #0 PREEMPT(full) 
[  541.398607][T11985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  541.398617][T11985] Call Trace:
[  541.398623][T11985]  <TASK>
[  541.398630][T11985]  dump_stack_lvl+0x16c/0x1f0
[  541.398664][T11985]  should_fail_ex+0x512/0x640
[  541.398688][T11985]  _copy_to_user+0x32/0xd0
[  541.398712][T11985]  bpf_test_finish.isra.0+0x4b4/0x6e0
[  541.398740][T11985]  ? __pfx_bpf_test_finish.isra.0+0x10/0x10
[  541.398764][T11985]  ? skb_checksum+0x81f/0x980
[  541.398790][T11985]  bpf_prog_test_run_skb+0x1384/0x2290
[  541.398822][T11985]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  541.398850][T11985]  ? fput+0x9b/0xd0
[  541.398875][T11985]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  541.398901][T11985]  __sys_bpf+0x1035/0x4980
[  541.398933][T11985]  ? __pfx___sys_bpf+0x10/0x10
[  541.398958][T11985]  ? find_held_lock+0x2b/0x80
[  541.398987][T11985]  ? find_held_lock+0x2b/0x80
[  541.399016][T11985]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  541.399050][T11985]  ? fput+0x9b/0xd0
[  541.399071][T11985]  ? ksys_write+0x1ac/0x250
[  541.399088][T11985]  ? __pfx_ksys_write+0x10/0x10
[  541.399109][T11985]  __x64_sys_bpf+0x78/0xc0
[  541.399135][T11985]  ? lockdep_hardirqs_on+0x7c/0x110
[  541.399162][T11985]  do_syscall_64+0xcd/0xfa0
[  541.399181][T11985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.399199][T11985] RIP: 0033:0x7fb09d78f6c9
[  541.399213][T11985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  541.399230][T11985] RSP: 002b:00007fb09e599038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  541.399248][T11985] RAX: ffffffffffffffda RBX: 00007fb09d9e5fa0 RCX: 00007fb09d78f6c9
[  541.399259][T11985] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 000000000000000a
[  541.399270][T11985] RBP: 00007fb09e599090 R08: 0000000000000000 R09: 0000000000000000
[  541.399281][T11985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  541.399292][T11985] R13: 00007fb09d9e6038 R14: 00007fb09d9e5fa0 R15: 00007ffffd7c9848
[  541.399318][T11985]  </TASK>
[  541.833793][   T30] audit: type=1326 audit(540.684:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11948 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  541.866883][   T30] audit: type=1326 audit(540.684:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11948 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  541.964361][ T5872] usb 3-1: USB disconnect, device number 35
[  541.995510][T11953] vhci_hcd: connection reset by peer
[  542.331037][ T9264] vhci_hcd: stop threads
[  542.740619][ T9264] vhci_hcd: release socket
[  542.748597][ T9264] vhci_hcd: disconnect device
[  542.756734][   T30] audit: type=1326 audit(540.684:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11948 comm="syz.3.1655" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe06b38f6c9 code=0x7ffc0000
[  542.952211][T11997] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  542.961037][T11997] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  543.400618][T12001] fuse: Bad value for 'fd'
[  543.678588][   T30] audit: type=1400 audit(543.654:1225): avc:  denied  { bind } for  pid=12002 comm="syz.1.1669" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  543.737601][T12007] usb usb7: usbfs: process 12007 (syz.1.1669) did not claim interface 0 before use
[  544.140845][ T5881] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  544.298711][ T5881] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  544.307929][ T5881] usb 3-1: config 0 has no interface number 0
[  544.316298][ T5881] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  544.329722][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.339637][ T5881] usb 3-1: Product: syz
[  544.344085][ T5881] usb 3-1: Manufacturer: syz
[  544.348923][ T5881] usb 3-1: SerialNumber: syz
[  544.356738][ T5881] usb 3-1: config 0 descriptor??
[  544.654490][ T5881] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  544.677435][ T5881] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  544.696161][ T5881] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  544.713398][ T5881] usb 3-1: media controller created
[  545.385605][T12024] netlink: 'syz.1.1675': attribute type 10 has an invalid length.
[  545.463685][T12033] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  545.496824][ T5881] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  545.509334][T12033] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  545.520983][T11308] vhci_hcd: vhci_device speed not set
[  545.531819][T12016] bond0: entered promiscuous mode
[  545.549687][T12016] bond_slave_0: entered promiscuous mode
[  545.561774][T12016] bond_slave_1: entered promiscuous mode
[  545.569029][T12016] dummy0: entered promiscuous mode
[  545.578662][T12016] hsr1: entered promiscuous mode
[  545.587460][T12016] hsr1: entered allmulticast mode
[  545.704582][T12016] bond0: entered allmulticast mode
[  545.710058][T12016] bond_slave_0: entered allmulticast mode
[  545.719982][T12016] bond_slave_1: entered allmulticast mode
[  545.865167][T12016] dummy0: entered allmulticast mode
[  546.183602][T12024] team0: left promiscuous mode
[  546.190635][ T5881] i2c i2c-2: ec100: i2c rd failed=-71 reg=33
[  546.197966][T12024] team_slave_0: left promiscuous mode
[  546.217091][T12024] team_slave_1: left promiscuous mode
[  546.238771][ T5881] usb 3-1: USB disconnect, device number 36
[  546.251646][T12024] team0: left allmulticast mode
[  546.280495][T12024] team_slave_0: left allmulticast mode
[  546.294004][T12024] team_slave_1: left allmulticast mode
[  546.331338][T12024] batman_adv: batadv0: Adding interface: team0
[  546.407860][T12043] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1680'.
[  546.654282][T12024] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  546.681807][T12024] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  546.831596][T12047] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  547.278795][T12056] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1684'.
[  547.451061][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  547.451076][   T30] audit: type=1400 audit(547.424:1227): avc:  denied  { connect } for  pid=12062 comm="syz.0.1685" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  547.513641][   T30] audit: type=1400 audit(547.424:1228): avc:  denied  { write } for  pid=12062 comm="syz.0.1685" path="socket:[38049]" dev="sockfs" ino=38049 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  547.618681][   T30] audit: type=1400 audit(547.484:1229): avc:  denied  { create } for  pid=12066 comm="syz.3.1687" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  547.718110][   T30] audit: type=1400 audit(547.484:1230): avc:  denied  { ioctl } for  pid=12066 comm="syz.3.1687" path="socket:[38056]" dev="sockfs" ino=38056 ioctlcmd=0x48f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  547.801736][   T10] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  547.931140][   T10] usb 2-1: device descriptor read/64, error -71
[  548.630864][   T10] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  548.850892][   T10] usb 2-1: device descriptor read/64, error -71
[  549.452677][   T10] usb usb2-port1: attempt power cycle
[  549.581170][ T5881] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  549.627556][   T95] block nbd4: Possible stuck request ffff888026455080: control (read@0,1024B). Runtime 120 seconds
[  549.638466][   T95] block nbd4: Possible stuck request ffff888026455240: control (read@1024,1024B). Runtime 120 seconds
[  549.649675][   T95] block nbd4: Possible stuck request ffff888026455400: control (read@2048,1024B). Runtime 120 seconds
[  549.661779][   T95] block nbd4: Possible stuck request ffff8880264555c0: control (read@3072,1024B). Runtime 120 seconds
[  549.752570][ T5881] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  549.784642][ T5881] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  549.794348][   T10] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  550.012766][ T5881] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.030030][ T5881] usb 4-1: Product: syz
[  550.041457][   T10] usb 2-1: device descriptor read/8, error -71
[  550.048851][ T5881] usb 4-1: Manufacturer: syz
[  550.058114][ T5881] usb 4-1: SerialNumber: syz
[  550.078744][ T5881] usb 4-1: config 0 descriptor??
[  550.210999][T12096] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1696'.
[  550.241254][ T5872] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  550.361276][   T10] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  550.563138][   T10] usb 2-1: device descriptor read/8, error -71
[  550.590908][ T5872] usb 6-1: Using ep0 maxpacket: 8
[  550.671121][   T10] usb usb2-port1: unable to enumerate USB device
[  550.680598][ T5872] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  550.692381][ T5872] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  550.704425][ T5872] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  550.802708][ T5872] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  550.813285][ T5872] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  550.826542][ T5872] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  550.838312][ T5872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.904340][T12085] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  551.005162][T12085] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  551.515539][T12106] FAULT_INJECTION: forcing a failure.
[  551.515539][T12106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  551.530688][T12106] CPU: 0 UID: 0 PID: 12106 Comm: syz.2.1697 Not tainted syzkaller #0 PREEMPT(full) 
[  551.530712][T12106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  551.530723][T12106] Call Trace:
[  551.530729][T12106]  <TASK>
[  551.530736][T12106]  dump_stack_lvl+0x16c/0x1f0
[  551.530772][T12106]  should_fail_ex+0x512/0x640
[  551.530796][T12106]  _copy_to_user+0x32/0xd0
[  551.530820][T12106]  simple_read_from_buffer+0xcb/0x170
[  551.530848][T12106]  proc_fail_nth_read+0x197/0x240
[  551.530868][T12106]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  551.530890][T12106]  ? rw_verify_area+0xcf/0x6c0
[  551.530914][T12106]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  551.530934][T12106]  vfs_read+0x1e4/0xcf0
[  551.530951][T12106]  ? __pfx___mutex_lock+0x10/0x10
[  551.530968][T12106]  ? __pfx_vfs_read+0x10/0x10
[  551.530991][T12106]  ? __fget_files+0x20e/0x3c0
[  551.531017][T12106]  ksys_read+0x12a/0x250
[  551.531032][T12106]  ? __pfx_ksys_read+0x10/0x10
[  551.531055][T12106]  do_syscall_64+0xcd/0xfa0
[  551.531074][T12106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  551.531091][T12106] RIP: 0033:0x7f2c2418e0dc
[  551.531105][T12106] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  551.531122][T12106] RSP: 002b:00007f2c24fab030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  551.531139][T12106] RAX: ffffffffffffffda RBX: 00007f2c243e6090 RCX: 00007f2c2418e0dc
[  551.531151][T12106] RDX: 000000000000000f RSI: 00007f2c24fab0a0 RDI: 0000000000000006
[  551.531161][T12106] RBP: 00007f2c24fab090 R08: 0000000000000000 R09: 0000000000000000
[  551.531172][T12106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  551.531182][T12106] R13: 00007f2c243e6128 R14: 00007f2c243e6090 R15: 00007ffe4e721738
[  551.531208][T12106]  </TASK>
[  551.738998][ T5872] usb 6-1: GET_CAPABILITIES returned 0
[  551.744791][ T5872] usbtmc 6-1:16.0: can't read capabilities
[  551.906060][   T10] usb 4-1: USB disconnect, device number 41
[  552.168371][T12117] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  552.348712][T12120] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  552.464147][T12120] overlayfs: overlapping lowerdir path
[  552.625703][   T30] audit: type=1400 audit(552.604:1231): avc:  denied  { read } for  pid=12121 comm="syz.3.1703" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  552.648366][    C0] vkms_vblank_simulate: vblank timer overrun
[  552.731575][   T30] audit: type=1400 audit(552.604:1232): avc:  denied  { open } for  pid=12121 comm="syz.3.1703" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  552.950541][   T30] audit: type=1400 audit(552.924:1233): avc:  denied  { watch } for  pid=12127 comm="syz.0.1704" path="/362" dev="tmpfs" ino=2014 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  553.078939][   T10] usb 6-1: USB disconnect, device number 7
[  553.125654][   T30] audit: type=1400 audit(552.924:1234): avc:  denied  { watch_sb } for  pid=12127 comm="syz.0.1704" path="/362" dev="tmpfs" ino=2014 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  553.147305][    C0] vkms_vblank_simulate: vblank timer overrun
[  553.171215][T12130] FAULT_INJECTION: forcing a failure.
[  553.171215][T12130] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  553.234322][T12130] CPU: 1 UID: 0 PID: 12130 Comm: syz.3.1705 Not tainted syzkaller #0 PREEMPT(full) 
[  553.234347][T12130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  553.234357][T12130] Call Trace:
[  553.234363][T12130]  <TASK>
[  553.234370][T12130]  dump_stack_lvl+0x16c/0x1f0
[  553.234400][T12130]  should_fail_ex+0x512/0x640
[  553.234424][T12130]  _copy_from_iter+0x29f/0x1720
[  553.234450][T12130]  ? __alloc_skb+0x200/0x380
[  553.234471][T12130]  ? __pfx__copy_from_iter+0x10/0x10
[  553.234492][T12130]  ? netlink_autobind.isra.0+0x158/0x370
[  553.234523][T12130]  netlink_sendmsg+0x820/0xdd0
[  553.234550][T12130]  ? __pfx_netlink_sendmsg+0x10/0x10
[  553.234584][T12130]  ____sys_sendmsg+0xa98/0xc70
[  553.234602][T12130]  ? copy_msghdr_from_user+0x10a/0x160
[  553.234623][T12130]  ? __pfx_____sys_sendmsg+0x10/0x10
[  553.234650][T12130]  ___sys_sendmsg+0x134/0x1d0
[  553.234672][T12130]  ? __pfx____sys_sendmsg+0x10/0x10
[  553.234689][T12130]  ? __lock_acquire+0x622/0x1c90
[  553.234736][T12130]  __sys_sendmsg+0x16d/0x220
[  553.234754][T12130]  ? __pfx___sys_sendmsg+0x10/0x10
[  553.234784][T12130]  do_syscall_64+0xcd/0xfa0
[  553.234798][T12130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.234813][T12130] RIP: 0033:0x7fe06b38f6c9
[  553.234824][T12130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.234837][T12130] RSP: 002b:00007fe06c1d3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  553.234851][T12130] RAX: ffffffffffffffda RBX: 00007fe06b5e5fa0 RCX: 00007fe06b38f6c9
[  553.234860][T12130] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[  553.234868][T12130] RBP: 00007fe06c1d3090 R08: 0000000000000000 R09: 0000000000000000
[  553.234876][T12130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.234884][T12130] R13: 00007fe06b5e6038 R14: 00007fe06b5e5fa0 R15: 00007ffdb5bb4228
[  553.234904][T12130]  </TASK>
[  553.800879][   T10] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  553.810165][T12141] fuse: Bad value for 'fd'
[  553.840439][T12141] fuseblk: Bad value for 'fd'
[  553.998056][   T10] usb 6-1: device descriptor read/64, error -71
[  554.011174][T12147] Invalid source name
[  554.593285][   T95] block nbd1: Possible stuck request ffff88802638e000: control (read@0,1024B). Runtime 180 seconds
[  554.593319][ T6264] block nbd3: Possible stuck request ffff888026410000: control (read@0,1024B). Runtime 150 seconds
[  554.604142][   T95] block nbd1: Possible stuck request ffff88802638e1c0: control (read@1024,1024B). Runtime 180 seconds
[  554.615188][ T6264] block nbd3: Possible stuck request ffff8880264101c0: control (read@1024,1024B). Runtime 150 seconds
[  554.626453][   T95] block nbd1: Possible stuck request ffff88802638e380: control (read@2048,1024B). Runtime 180 seconds
[  554.637321][ T6264] block nbd3: Possible stuck request ffff888026410380: control (read@2048,1024B). Runtime 150 seconds
[  554.648402][   T95] block nbd1: Possible stuck request ffff88802638e540: control (read@3072,1024B). Runtime 180 seconds
[  554.658941][ T6264] block nbd3: Possible stuck request ffff888026410540: control (read@3072,1024B). Runtime 150 seconds
[  554.729885][   T10] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  554.990884][   T10] usb 6-1: device descriptor read/64, error -71
[  555.029711][T12152] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  555.081206][T11308] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  555.101312][   T10] usb usb6-port1: attempt power cycle
[  555.164032][T12153] overlayfs: overlapping lowerdir path
[  555.423199][T12155] syzkaller0: entered promiscuous mode
[  555.426022][T11308] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  555.448465][T12155] syzkaller0: entered allmulticast mode
[  555.448481][T11308] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.448520][T11308] usb 2-1: Product: syz
[  555.510859][T11308] usb 2-1: Manufacturer: syz
[  555.520965][T11308] usb 2-1: SerialNumber: syz
[  555.559798][T11308] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  555.587818][    T9] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  555.617182][T12155] overlayfs: failed to resolve './file2': -2
[  555.670931][   T10] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  555.691596][   T10] usb 6-1: device descriptor read/8, error -71
[  555.810908][   T24] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  555.931012][   T10] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  555.961486][   T10] usb 6-1: device descriptor read/8, error -71
[  555.972267][   T24] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  555.981080][   T24] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  555.997267][   T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  556.008528][   T24] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  556.022857][   T95] block nbd2: Possible stuck request ffff8880263e7000: control (read@0,1024B). Runtime 180 seconds
[  556.027795][ T5881] usb 2-1: USB disconnect, device number 45
[  556.033751][   T95] block nbd2: Possible stuck request ffff8880263e71c0: control (read@1024,1024B). Runtime 180 seconds
[  556.033779][   T95] block nbd2: Possible stuck request ffff8880263e7380: control (read@2048,1024B). Runtime 180 seconds
[  556.037400][   T24] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  556.093397][   T24] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  556.093623][   T10] usb usb6-port1: unable to enumerate USB device
[  556.109378][   T24] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  556.119522][   T24] usb 4-1: Product: syz
[  556.124699][   T24] usb 4-1: Manufacturer: syz
[  556.146616][   T24] cdc_wdm 4-1:1.0: skipping garbage
[  556.152894][   T24] cdc_wdm 4-1:1.0: skipping garbage
[  556.174036][   T24] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  556.179952][   T24] cdc_wdm 4-1:1.0: Unknown control protocol
[  556.374113][   T95] block nbd2: Possible stuck request ffff8880263e7540: control (read@3072,1024B). Runtime 180 seconds
[  556.757750][T12172] FAULT_INJECTION: forcing a failure.
[  556.757750][T12172] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  556.772365][T12172] CPU: 0 UID: 0 PID: 12172 Comm: syz.5.1719 Not tainted syzkaller #0 PREEMPT(full) 
[  556.772393][T12172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  556.772403][T12172] Call Trace:
[  556.772409][T12172]  <TASK>
[  556.772415][T12172]  dump_stack_lvl+0x16c/0x1f0
[  556.772449][T12172]  should_fail_ex+0x512/0x640
[  556.772465][T12172]  _copy_to_user+0x32/0xd0
[  556.772480][T12172]  simple_read_from_buffer+0xcb/0x170
[  556.772498][T12172]  proc_fail_nth_read+0x197/0x240
[  556.772511][T12172]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  556.772524][T12172]  ? rw_verify_area+0xcf/0x6c0
[  556.772540][T12172]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  556.772552][T12172]  vfs_read+0x1e4/0xcf0
[  556.772563][T12172]  ? __pfx___mutex_lock+0x10/0x10
[  556.772575][T12172]  ? __pfx_vfs_read+0x10/0x10
[  556.772589][T12172]  ? __fget_files+0x20e/0x3c0
[  556.772603][T12172]  ksys_read+0x12a/0x250
[  556.772612][T12172]  ? __pfx_ksys_read+0x10/0x10
[  556.772626][T12172]  do_syscall_64+0xcd/0xfa0
[  556.772638][T12172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.772649][T12172] RIP: 0033:0x7f0ab4b8e0dc
[  556.772657][T12172] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  556.772668][T12172] RSP: 002b:00007f0ab59e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  556.772679][T12172] RAX: ffffffffffffffda RBX: 00007f0ab4de6180 RCX: 00007f0ab4b8e0dc
[  556.772685][T12172] RDX: 000000000000000f RSI: 00007f0ab59e70a0 RDI: 0000000000000004
[  556.772691][T12172] RBP: 00007f0ab59e7090 R08: 0000000000000000 R09: 0000000000000000
[  556.772697][T12172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  556.772703][T12172] R13: 00007f0ab4de6218 R14: 00007f0ab4de6180 R15: 00007fff231167d8
[  556.772718][T12172]  </TASK>
[  556.958574][    C0] vkms_vblank_simulate: vblank timer overrun
[  557.131546][    T9] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  557.138489][    T9] ath9k_htc: Failed to initialize the device
[  557.144800][ T5881] usb 2-1: ath9k_htc: USB layer deinitialized
[  557.545554][   T30] audit: type=1400 audit(557.524:1235): avc:  denied  { create } for  pid=12174 comm="syz.5.1721" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  558.561789][ T6264] block nbd0: Possible stuck request ffff88802631e000: control (read@0,1024B). Runtime 210 seconds
[  558.573978][ T6264] block nbd0: Possible stuck request ffff88802631e1c0: control (read@1024,1024B). Runtime 210 seconds
[  558.585116][ T6264] block nbd0: Possible stuck request ffff88802631e380: control (read@2048,1024B). Runtime 210 seconds
[  558.596206][ T6264] block nbd0: Possible stuck request ffff88802631e540: control (read@3072,1024B). Runtime 210 seconds
[  558.618500][   T30] audit: type=1400 audit(558.594:1236): avc:  denied  { block_suspend } for  pid=12187 comm="syz.1.1725" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  558.681288][   T24] usb 4-1: USB disconnect, device number 42
[  558.858163][T12195] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  559.174452][T12201] program syz.2.1728 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  560.079879][   T30] audit: type=1400 audit(560.054:1237): avc:  denied  { setopt } for  pid=12208 comm="syz.5.1732" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  560.082893][   T24] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  560.280855][   T24] usb 4-1: Using ep0 maxpacket: 8
[  560.287448][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  560.298895][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  560.309859][   T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  560.320010][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  560.334701][   T24] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  560.340846][    T9] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  560.345254][   T24] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  560.360969][ T5881] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  560.370232][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.390999][ T5852] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[  560.400058][   T24] usb 4-1: config 0 descriptor??
[  560.408444][T12206] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  560.511030][    T9] usb 1-1: Using ep0 maxpacket: 8
[  560.516234][ T5881] usb 3-1: Using ep0 maxpacket: 16
[  560.527952][ T5881] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  560.538064][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  560.546686][ T5881] usb 3-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  560.552189][ T5852] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  560.557422][ T5881] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  560.577621][    T9] usb 1-1: config 246 has an invalid interface number: 144 but max is 0
[  560.581681][ T5852] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 20490, setting to 64
[  560.597253][    T9] usb 1-1: config 246 has no interface number 0
[  560.600587][ T5852] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  560.603823][    T9] usb 1-1: config 246 interface 144 has no altsetting 0
[  560.606454][    T9] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=c6.3d
[  560.613109][ T5852] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  560.620161][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  560.651527][ T5881] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  560.651642][ T5852] usb 6-1: SerialNumber: syz
[  560.665342][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  560.665364][ T5881] usb 3-1: Product: syz
[  560.665379][ T5881] usb 3-1: Manufacturer: syz
[  560.665399][ T5881] usb 3-1: SerialNumber: syz
[  560.674618][    T9] usb 1-1: Product: syz
[  560.699649][T12214] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[  560.719110][ T5852] cdc_acm 6-1:1.0: skipping garbage
[  560.725893][ T5852] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -12
[  560.744668][T12218] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1731'.
[  560.760835][    T9] usb 1-1: Manufacturer: syz
[  560.765458][    T9] usb 1-1: SerialNumber: syz
[  560.788121][   T30] audit: type=1400 audit(560.764:1238): avc:  denied  { setopt } for  pid=12205 comm="syz.3.1731" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  560.818502][    T9] r8152-cfgselector 1-1: Unknown version 0x0000
[  560.846287][   T30] audit: type=1400 audit(560.764:1239): avc:  denied  { getopt } for  pid=12205 comm="syz.3.1731" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  560.871599][ T5811] Bluetooth: hci6: Opcode 0x0c03 failed: -71
[  560.872136][T11308] usb 4-1: USB disconnect, device number 43
[  560.947075][   T10] usb 6-1: USB disconnect, device number 12
[  561.090878][ T5881] usb 3-1: 0:2 : does not exist
[  561.106526][    T9] r8152-cfgselector 1-1: USB disconnect, device number 31
[  561.253284][ T5881] usb 3-1: USB disconnect, device number 37
[  562.626051][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  563.962823][   T30] audit: type=1400 audit(563.924:1240): avc:  denied  { create } for  pid=12252 comm="syz.0.1746" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  563.996023][T12254] bridge_slave_0: left allmulticast mode
[  564.003497][T12254] bridge_slave_0: left promiscuous mode
[  564.009143][T12254] bridge0: port 1(bridge_slave_0) entered disabled state
[  564.036506][T12254] bridge_slave_1: left allmulticast mode
[  564.055622][T12254] bridge_slave_1: left promiscuous mode
[  564.075949][T12254] bridge0: port 2(bridge_slave_1) entered disabled state
[  564.128480][T12260] netlink: 10260 bytes leftover after parsing attributes in process `syz.0.1746'.
[  564.324763][T12254] bond0: (slave bond_slave_0): Releasing backup interface
[  564.337770][T12254] bond0: (slave bond_slave_1): Releasing backup interface
[  564.387661][T12254] team0: Port device team_slave_0 removed
[  564.503589][T12254] team0: Port device team_slave_1 removed
[  564.514311][T12254] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  564.523289][T12253] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1745'.
[  564.578807][T12258] team0: Mode changed to "loadbalance"
[  564.854841][T12267] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1748'.
[  564.875383][T12267] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1748'.
[  564.888223][T12268] syzkaller0: entered promiscuous mode
[  564.905191][T12268] syzkaller0: entered allmulticast mode
[  564.932520][T12265] PF_CAN: dropped non conform CAN FD skbuff: dev type 280, len 65487
[  565.270928][ T5852] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  566.076365][T12279] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  566.085639][ T5852] usb 2-1: Using ep0 maxpacket: 8
[  566.206229][ T5852] usb 2-1: config 0 has an invalid interface number: 143 but max is 0
[  566.215018][ T5852] usb 2-1: config 0 has no interface number 0
[  566.221554][ T5852] usb 2-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b
[  566.231415][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  566.392775][   T10] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  566.578262][ T5852] usb 2-1: config 0 descriptor??
[  566.593454][   T10] usb 4-1: Using ep0 maxpacket: 8
[  566.603753][   T10] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  566.614176][   T10] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  566.636299][T12291] binder: 12286:12291 ioctl 4018620d 0 returned -22
[  566.637517][   T10] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  566.675644][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  566.692242][T12291] tc_dump_action: action bad kind
[  566.707778][ T5852] viperboard 2-1:0.143: version 0.00 found at bus 002 address 046
[  566.717947][   T10] usb 4-1: can't set config #16, error -71
[  566.730352][   T10] usb 4-1: USB disconnect, device number 44
[  566.790851][T12272] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  566.799540][T12272] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  567.224650][ T5852] viperboard-i2c viperboard-i2c.2.auto: error -EIO: failure setting i2c_bus_freq to 100
[  567.255251][ T5852] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[  567.324435][ T5852] usb 2-1: USB disconnect, device number 46
[  570.193066][   T30] audit: type=1400 audit(569.654:1241): avc:  denied  { associate } for  pid=12322 comm="syz.3.1763" name="core" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  570.438429][T12331] overlayfs: missing 'workdir'
[  570.860881][ T5881] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  570.911369][   T30] audit: type=1400 audit(570.894:1242): avc:  denied  { read write } for  pid=12338 comm="syz.1.1769" name="mouse0" dev="devtmpfs" ino=996 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  570.936016][   T30] audit: type=1400 audit(570.894:1243): avc:  denied  { open } for  pid=12338 comm="syz.1.1769" path="/dev/input/mouse0" dev="devtmpfs" ino=996 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  571.014067][ T5881] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  571.024936][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.045325][ T5881] usb 3-1: Product: syz
[  571.052883][ T5881] usb 3-1: Manufacturer: syz
[  571.122627][ T5881] usb 3-1: SerialNumber: syz
[  571.146394][ T5881] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  571.187776][   T10] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  572.860688][   T10] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  572.883437][   T10] ath9k_htc: Failed to initialize the device
[  573.002414][ T5852] usb 3-1: USB disconnect, device number 38
[  573.325448][T12350] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1773'.
[  573.354598][ T5852] usb 3-1: ath9k_htc: USB layer deinitialized
[  573.423406][T12350] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1773'.
[  573.468672][T12365] netlink: 21 bytes leftover after parsing attributes in process `syz.1.1775'.
[  573.634929][T12368] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  573.851834][   T30] audit: type=1400 audit(573.724:1244): avc:  denied  { bind } for  pid=12370 comm="syz.5.1779" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  574.186050][T12368] syzkaller0: entered promiscuous mode
[  574.206716][T12368] syzkaller0: entered allmulticast mode
[  574.236594][T12368] tipc: Resetting bearer <eth:syzkaller0>
[  574.581785][   T30] audit: type=1400 audit(573.824:1245): avc:  denied  { connect } for  pid=12370 comm="syz.5.1779" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  574.670878][  T979] tipc: Node number set to 1061127876
[  574.763473][ T9314] tipc: Resetting bearer <eth:syzkaller0>
[  574.846060][T12367] tipc: Resetting bearer <eth:syzkaller0>
[  575.080993][T12384] netlink: 60 bytes leftover after parsing attributes in process `syz.5.1782'.
[  576.175552][T12392] vivid-002: =================  START STATUS  =================
[  576.183526][T12392] vivid-002: Radio HW Seek Mode: Bounded
[  576.189271][T12392] vivid-002: Radio Programmable HW Seek: false
[  576.195685][T12392] vivid-002: RDS Rx I/O Mode: Block I/O
[  576.201403][T12392] vivid-002: Generate RBDS Instead of RDS: false
[  576.207856][T12392] vivid-002: RDS Reception: true
[  576.212824][T12392] vivid-002: RDS Program Type: 0 inactive
[  576.218658][T12392] vivid-002: RDS PS Name:  inactive
[  576.223856][T12392] vivid-002: RDS Radio Text:  inactive
[  576.229305][T12392] vivid-002: RDS Traffic Announcement: false inactive
[  576.236107][T12392] vivid-002: RDS Traffic Program: false inactive
[  576.242510][T12392] vivid-002: RDS Music: false inactive
[  576.248133][T12392] vivid-002: ==================  END STATUS  ==================
[  576.470384][T12404] FAULT_INJECTION: forcing a failure.
[  576.470384][T12404] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  576.484591][T12404] CPU: 0 UID: 0 PID: 12404 Comm: syz.2.1788 Not tainted syzkaller #0 PREEMPT(full) 
[  576.484614][T12404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  576.484623][T12404] Call Trace:
[  576.484630][T12404]  <TASK>
[  576.484636][T12404]  dump_stack_lvl+0x16c/0x1f0
[  576.484667][T12404]  should_fail_ex+0x512/0x640
[  576.484693][T12404]  _copy_to_user+0x32/0xd0
[  576.484717][T12404]  simple_read_from_buffer+0xcb/0x170
[  576.484748][T12404]  proc_fail_nth_read+0x197/0x240
[  576.484769][T12404]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  576.484791][T12404]  ? rw_verify_area+0xcf/0x6c0
[  576.484817][T12404]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  576.484837][T12404]  vfs_read+0x1e4/0xcf0
[  576.484858][T12404]  ? __pfx___mutex_lock+0x10/0x10
[  576.484876][T12404]  ? __pfx_vfs_read+0x10/0x10
[  576.484900][T12404]  ? __fget_files+0x20e/0x3c0
[  576.484925][T12404]  ksys_read+0x12a/0x250
[  576.484940][T12404]  ? __pfx_ksys_read+0x10/0x10
[  576.484964][T12404]  do_syscall_64+0xcd/0xfa0
[  576.484983][T12404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.485001][T12404] RIP: 0033:0x7f2c2418e0dc
[  576.485015][T12404] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  576.485031][T12404] RSP: 002b:00007f2c24fcc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  576.485048][T12404] RAX: ffffffffffffffda RBX: 00007f2c243e5fa0 RCX: 00007f2c2418e0dc
[  576.485059][T12404] RDX: 000000000000000f RSI: 00007f2c24fcc0a0 RDI: 0000000000000005
[  576.485070][T12404] RBP: 00007f2c24fcc090 R08: 0000000000000000 R09: 0000000000000000
[  576.485080][T12404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  576.485090][T12404] R13: 00007f2c243e6038 R14: 00007f2c243e5fa0 R15: 00007ffe4e721738
[  576.485117][T12404]  </TASK>
[  576.677655][T12403] overlayfs: workdir and upperdir must be separate subtrees
[  577.380871][  T979] usb 2-1: new full-speed USB device number 47 using dummy_hcd
[  577.532595][  T979] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  577.543627][  T979] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  577.555159][  T979] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.566543][  T979] usb 2-1: config 0 descriptor??
[  577.572192][T12410] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  577.786013][T12410] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  577.796424][T12410] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  577.874585][T12367] tipc: Disabling bearer <eth:syzkaller0>
[  577.895145][T12403] bridge0: port 2(bridge_slave_1) entered disabled state
[  577.902545][T12403] bridge0: port 1(bridge_slave_0) entered disabled state
[  577.911578][T12403] bridge0: entered allmulticast mode
[  578.015163][  T979] elan 0003:04F3:0755.001B: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[  578.031384][ T5881] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  578.575768][ T5881] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  578.587249][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.595906][ T5881] usb 3-1: Product: syz
[  578.600701][ T5881] usb 3-1: Manufacturer: syz
[  578.605487][ T5881] usb 3-1: SerialNumber: syz
[  578.630224][ T5881] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  578.719739][   T10] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  579.240933][ T5852] usb 2-1: reset full-speed USB device number 47 using dummy_hcd
[  579.758761][   T95] block nbd4: Possible stuck request ffff888026455080: control (read@0,1024B). Runtime 150 seconds
[  579.766028][    T9] usb 3-1: USB disconnect, device number 39
[  579.769546][   T95] block nbd4: Possible stuck request ffff888026455240: control (read@1024,1024B). Runtime 150 seconds
[  579.769575][   T95] block nbd4: Possible stuck request ffff888026455400: control (read@2048,1024B). Runtime 150 seconds
[  579.769600][   T95] block nbd4: Possible stuck request ffff8880264555c0: control (read@3072,1024B). Runtime 150 seconds
[  580.015736][   T10] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  580.172032][   T10] ath9k_htc: Failed to initialize the device
[  580.340352][    T9] usb 3-1: ath9k_htc: USB layer deinitialized
[  580.565290][   T30] audit: type=1400 audit(580.544:1246): avc:  denied  { setopt } for  pid=12438 comm="syz.3.1799" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  580.569415][T12440] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  580.585576][T12439] bond0: Caught tx_queue_len zero misconfig
[  581.032892][T12446] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1798'.
[  581.301998][  T979] usb 2-1: USB disconnect, device number 47
[  581.325535][T12448] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  581.848765][T12458] FAULT_INJECTION: forcing a failure.
[  581.848765][T12458] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  581.874000][T12458] CPU: 0 UID: 0 PID: 12458 Comm: syz.2.1804 Not tainted syzkaller #0 PREEMPT(full) 
[  581.874026][T12458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  581.874036][T12458] Call Trace:
[  581.874042][T12458]  <TASK>
[  581.874049][T12458]  dump_stack_lvl+0x16c/0x1f0
[  581.874078][T12458]  should_fail_ex+0x512/0x640
[  581.874095][T12458]  _copy_from_user+0x2e/0xd0
[  581.874109][T12458]  copy_msghdr_from_user+0x98/0x160
[  581.874126][T12458]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  581.874147][T12458]  ___sys_sendmsg+0xfe/0x1d0
[  581.874162][T12458]  ? __pfx____sys_sendmsg+0x10/0x10
[  581.874175][T12458]  ? __lock_acquire+0x622/0x1c90
[  581.874209][T12458]  __sys_sendmsg+0x16d/0x220
[  581.874224][T12458]  ? __pfx___sys_sendmsg+0x10/0x10
[  581.874247][T12458]  do_syscall_64+0xcd/0xfa0
[  581.874258][T12458]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  581.874269][T12458] RIP: 0033:0x7f2c2418f6c9
[  581.874277][T12458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  581.874288][T12458] RSP: 002b:00007f2c24fcc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  581.874299][T12458] RAX: ffffffffffffffda RBX: 00007f2c243e5fa0 RCX: 00007f2c2418f6c9
[  581.874306][T12458] RDX: 0000000000000800 RSI: 0000200000000180 RDI: 0000000000000003
[  581.874312][T12458] RBP: 00007f2c24fcc090 R08: 0000000000000000 R09: 0000000000000000
[  581.874318][T12458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  581.874324][T12458] R13: 00007f2c243e6038 R14: 00007f2c243e5fa0 R15: 00007ffe4e721738
[  581.874339][T12458]  </TASK>
[  582.195537][T12473] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  582.321919][T12476] netlink: 2384 bytes leftover after parsing attributes in process `syz.2.1806'.
[  582.561080][T12476] overlay: Unknown parameter 'obj_role'
[  582.907262][T12479] overlayfs: failed to resolve './file0': -2
[  583.310910][ T5881] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  583.468804][T12489] Bluetooth: MGMT ver 1.23
[  583.519066][ T5881] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  583.523734][T12491] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  583.539258][ T5881] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  583.555401][ T5881] usb 3-1: Product: syz
[  583.559564][ T5881] usb 3-1: Manufacturer: syz
[  583.580808][ T5881] usb 3-1: SerialNumber: syz
[  583.871026][ T5881] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  584.306822][    T9] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  584.734874][ T5881] usb 3-1: USB disconnect, device number 40
[  584.750713][   T30] audit: type=1400 audit(584.654:1247): avc:  denied  { ioctl } for  pid=12488 comm="syz.5.1812" path="socket:[41438]" dev="sockfs" ino=41438 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  584.809649][ T6264] block nbd3: Possible stuck request ffff888026410000: control (read@0,1024B). Runtime 180 seconds
[  584.820726][ T6264] block nbd3: Possible stuck request ffff8880264101c0: control (read@1024,1024B). Runtime 180 seconds
[  584.832762][ T6264] block nbd3: Possible stuck request ffff888026410380: control (read@2048,1024B). Runtime 180 seconds
[  584.832826][   T95] block nbd1: Possible stuck request ffff88802638e000: control (read@0,1024B). Runtime 210 seconds
[  584.843790][ T6264] block nbd3: Possible stuck request ffff888026410540: control (read@3072,1024B). Runtime 180 seconds
[  584.877893][   T95] block nbd1: Possible stuck request ffff88802638e1c0: control (read@1024,1024B). Runtime 210 seconds
[  584.889233][   T95] block nbd1: Possible stuck request ffff88802638e380: control (read@2048,1024B). Runtime 210 seconds
[  584.900329][   T95] block nbd1: Possible stuck request ffff88802638e540: control (read@3072,1024B). Runtime 210 seconds
[  584.974513][T12506] ip6erspan0: entered promiscuous mode
[  585.188251][T12506] ieee802154 phy1 wpan1: encryption failed: -22
[  585.377775][    T9] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  585.384906][   T30] audit: type=1400 audit(585.134:1248): avc:  denied  { create } for  pid=12501 comm="syz.3.1815" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  585.408904][    T9] ath9k_htc: Failed to initialize the device
[  585.425903][ T5881] usb 3-1: ath9k_htc: USB layer deinitialized
[  585.521009][   T30] audit: type=1400 audit(585.164:1249): avc:  denied  { write } for  pid=12501 comm="syz.3.1815" path="socket:[40166]" dev="sockfs" ino=40166 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  585.672940][T12509] FAULT_INJECTION: forcing a failure.
[  585.672940][T12509] name failslab, interval 1, probability 0, space 0, times 0
[  585.698017][T12509] CPU: 0 UID: 0 PID: 12509 Comm: syz.1.1814 Not tainted syzkaller #0 PREEMPT(full) 
[  585.698044][T12509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  585.698054][T12509] Call Trace:
[  585.698060][T12509]  <TASK>
[  585.698068][T12509]  dump_stack_lvl+0x16c/0x1f0
[  585.698101][T12509]  should_fail_ex+0x512/0x640
[  585.698121][T12509]  ? fs_reclaim_acquire+0xae/0x150
[  585.698144][T12509]  should_failslab+0xc2/0x120
[  585.698165][T12509]  __kmalloc_noprof+0xdd/0x880
[  585.698191][T12509]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  585.698218][T12509]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  585.698237][T12509]  tomoyo_realpath_from_path+0xc2/0x6e0
[  585.698256][T12509]  ? tomoyo_profile+0x47/0x60
[  585.698279][T12509]  tomoyo_path_number_perm+0x245/0x580
[  585.698306][T12509]  ? tomoyo_path_number_perm+0x237/0x580
[  585.698335][T12509]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  585.698364][T12509]  ? find_held_lock+0x2b/0x80
[  585.698410][T12509]  ? find_held_lock+0x2b/0x80
[  585.698431][T12509]  ? hook_file_ioctl_common+0x145/0x410
[  585.698461][T12509]  ? __fget_files+0x20e/0x3c0
[  585.698484][T12509]  security_file_ioctl+0x9b/0x240
[  585.698505][T12509]  __x64_sys_ioctl+0xb7/0x210
[  585.698533][T12509]  do_syscall_64+0xcd/0xfa0
[  585.698551][T12509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.698569][T12509] RIP: 0033:0x7fb09d78f6c9
[  585.698584][T12509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  585.698600][T12509] RSP: 002b:00007fb09e578038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  585.698618][T12509] RAX: ffffffffffffffda RBX: 00007fb09d9e6090 RCX: 00007fb09d78f6c9
[  585.698630][T12509] RDX: 0000000000000000 RSI: 00000000000089e2 RDI: 000000000000000a
[  585.698640][T12509] RBP: 00007fb09e578090 R08: 0000000000000000 R09: 0000000000000000
[  585.698650][T12509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  585.698660][T12509] R13: 00007fb09d9e6128 R14: 00007fb09d9e6090 R15: 00007ffffd7c9848
[  585.698686][T12509]  </TASK>
[  585.698694][T12509] ERROR: Out of memory at tomoyo_realpath_from_path.
[  586.151661][T12516] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1817'.
[  586.272465][   T30] audit: type=1400 audit(586.124:1250): avc:  denied  { bind } for  pid=12511 comm="syz.5.1817" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  586.590250][   T95] block nbd2: Possible stuck request ffff8880263e7000: control (read@0,1024B). Runtime 210 seconds
[  586.601265][   T95] block nbd2: Possible stuck request ffff8880263e71c0: control (read@1024,1024B). Runtime 210 seconds
[  586.612374][   T95] block nbd2: Possible stuck request ffff8880263e7380: control (read@2048,1024B). Runtime 210 seconds
[  586.730883][ T5811] Bluetooth: hci5: command 0x0405 tx timeout
[  586.738186][   T95] block nbd2: Possible stuck request ffff8880263e7540: control (read@3072,1024B). Runtime 210 seconds
[  586.844873][T12523] 9pnet_fd: Insufficient options for proto=fd
[  587.598146][T12530] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1821'.
[  588.656952][ T6264] block nbd0: Possible stuck request ffff88802631e000: control (read@0,1024B). Runtime 240 seconds
[  588.669171][ T6264] block nbd0: Possible stuck request ffff88802631e1c0: control (read@1024,1024B). Runtime 240 seconds
[  588.680622][ T6264] block nbd0: Possible stuck request ffff88802631e380: control (read@2048,1024B). Runtime 240 seconds
[  588.768839][ T6264] block nbd0: Possible stuck request ffff88802631e540: control (read@3072,1024B). Runtime 240 seconds
[  590.352386][T12553] overlayfs: failed to resolve './file1': -2
[  590.813557][T12561] fuse: Unknown parameter ''
[  590.839816][T12561] loop4: detected capacity change from 0 to 2559
[  590.856730][T12561] buffer_io_error: 138 callbacks suppressed
[  590.856741][T12561] Buffer I/O error on dev loop4, logical block 0, async page read
[  590.913990][T12561] Buffer I/O error on dev loop4, logical block 0, async page read
[  590.923723][T12561] Buffer I/O error on dev loop4, logical block 0, async page read
[  590.996313][T12561] Buffer I/O error on dev loop4, logical block 0, async page read
[  591.033967][T12561] Buffer I/O error on dev loop4, logical block 0, async page read
[  591.089857][T12561] Buffer I/O error on dev loop4, logical block 0, async page read
[  591.106141][T12561] Buffer I/O error on dev loop4, logical block 0, async page read
[  591.114477][T12561] Buffer I/O error on dev loop4, logical block 0, async page read
[  591.122560][T12561] ldm_validate_partition_table(): Disk read failed.
[  591.129353][T12561] Buffer I/O error on dev loop4, logical block 0, async page read
[  591.138037][T12561] Buffer I/O error on dev loop4, logical block 0, async page read
[  591.146441][T12561] Dev loop4: unable to read RDB block 0
[  591.153466][T12561]  loop4: unable to read partition table
[  591.195089][T12561] loop_reread_partitions: partition scan of loop4 (3Ÿ¾‚³˜) failed (rc=-5)
[  591.330911][  T976] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  591.480900][  T976] usb 3-1: Using ep0 maxpacket: 32
[  591.490159][  T976] usb 3-1: unable to get BOS descriptor or descriptor too short
[  591.502241][  T976] usb 3-1: config index 0 descriptor too short (expected 1042, got 18)
[  591.510729][  T976] usb 3-1: config 4 has an invalid descriptor of length 71, skipping remainder of the config
[  591.521441][  T976] usb 3-1: config 4 has 0 interfaces, different from the descriptor's value: 9
[  591.535243][  T976] usb 3-1: New USB device found, idVendor=0856, idProduct=ac30, bcdDevice=c4.0e
[  591.544709][  T976] usb 3-1: New USB device strings: Mfr=15, Product=2, SerialNumber=3
[  591.553002][  T976] usb 3-1: Product: syz
[  591.557445][  T976] usb 3-1: Manufacturer: syz
[  591.562290][  T976] usb 3-1: SerialNumber: syz
[  591.727389][T12577] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1834'.
[  591.840973][  T976] usb 3-1: USB disconnect, device number 41
[  591.864019][T12577] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1834'.
[  594.853925][T12603] overlayfs: failed to resolve './file1': -2
[  595.701919][T12623] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1847'.
[  595.767371][T12611] FAULT_INJECTION: forcing a failure.
[  595.767371][T12611] name failslab, interval 1, probability 0, space 0, times 0
[  595.845913][T12611] CPU: 0 UID: 0 PID: 12611 Comm: syz.2.1845 Not tainted syzkaller #0 PREEMPT(full) 
[  595.845939][T12611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  595.845950][T12611] Call Trace:
[  595.845955][T12611]  <TASK>
[  595.845963][T12611]  dump_stack_lvl+0x16c/0x1f0
[  595.845996][T12611]  should_fail_ex+0x512/0x640
[  595.846017][T12611]  ? kmem_cache_alloc_noprof+0x62/0x6e0
[  595.846046][T12611]  should_failslab+0xc2/0x120
[  595.846067][T12611]  kmem_cache_alloc_noprof+0x75/0x6e0
[  595.846093][T12611]  ? getname_flags.part.0+0x4c/0x550
[  595.846122][T12611]  ? getname_flags.part.0+0x4c/0x550
[  595.846145][T12611]  getname_flags.part.0+0x4c/0x550
[  595.846167][T12611]  ? __might_fault+0xe3/0x190
[  595.846195][T12611]  getname_flags+0x93/0xf0
[  595.846212][T12611]  user_path_at+0x24/0x60
[  595.846230][T12611]  __x64_sys_utime+0x1c0/0x2c0
[  595.846254][T12611]  ? __pfx___x64_sys_utime+0x10/0x10
[  595.846277][T12611]  ? ksys_write+0x1ac/0x250
[  595.846304][T12611]  do_syscall_64+0xcd/0xfa0
[  595.846323][T12611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.846340][T12611] RIP: 0033:0x7f2c2418f6c9
[  595.846355][T12611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  595.846373][T12611] RSP: 002b:00007f2c24fcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000084
[  595.846390][T12611] RAX: ffffffffffffffda RBX: 00007f2c243e5fa0 RCX: 00007f2c2418f6c9
[  595.846401][T12611] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000200000000000
[  595.846412][T12611] RBP: 00007f2c24fcc090 R08: 0000000000000000 R09: 0000000000000000
[  595.846422][T12611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  595.846432][T12611] R13: 00007f2c243e6038 R14: 00007f2c243e5fa0 R15: 00007ffe4e721738
[  595.846458][T12611]  </TASK>
[  598.348910][T12652] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  598.356175][   T30] audit: type=1400 audit(598.294:1251): avc:  denied  { ioctl } for  pid=12643 comm="syz.5.1852" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  598.398919][T12652] /dev/nullb0: Can't open blockdev
[  598.660739][T12660] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1854'.
[  598.731922][T12660] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1854'.
[  598.750745][T12660] veth0_vlan: left promiscuous mode
[  598.786728][T12660] vlan0: entered promiscuous mode
[  598.842468][T12660] veth0_vlan: entered promiscuous mode
[  600.631366][  T979] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  600.790808][  T979] usb 1-1: Using ep0 maxpacket: 32
[  600.900971][ T5872] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  601.222632][  T979] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  601.241645][  T979] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  601.441055][ T5872] usb 2-1: Using ep0 maxpacket: 8
[  601.481272][ T5872] usb 2-1: too many endpoints for config 0 interface 0 altsetting 250: 255, using maximum allowed: 30
[  601.505216][ T5872] usb 2-1: config 0 interface 0 altsetting 250 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  601.526387][  T979] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  601.534645][ T5872] usb 2-1: config 0 interface 0 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  601.549278][  T979] usb 1-1: Product: syz
[  601.551165][T12691] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1863'.
[  601.555933][  T979] usb 1-1: Manufacturer: syz
[  601.569932][T12686] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  601.595683][ T5872] usb 2-1: config 0 interface 0 has no altsetting 0
[  601.611399][  T979] usb 1-1: SerialNumber: syz
[  601.641287][   T30] audit: type=1400 audit(601.564:1252): avc:  denied  { ioctl } for  pid=12678 comm="syz.3.1860" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  601.666098][ T5872] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  601.750147][  T979] usb 1-1: config 0 descriptor??
[  601.755811][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  601.765176][T12673] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  601.766958][   T30] audit: type=1400 audit(601.744:1253): avc:  denied  { unmount } for  pid=11073 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  601.794333][  T979] hub 1-1:0.0: bad descriptor, ignoring hub
[  601.800875][ T5872] usb 2-1: config 0 descriptor??
[  601.855286][  T979] hub 1-1:0.0: probe with driver hub failed with error -5
[  601.954446][  T979] usb 1-1: USB disconnect, device number 32
[  601.972941][T12698] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  603.171779][ T5872] gt683r_led 0003:1770:FF00.001C: unknown main item tag 0x0
[  603.186944][ T5872] gt683r_led 0003:1770:FF00.001C: unknown main item tag 0x0
[  603.194498][ T5872] gt683r_led 0003:1770:FF00.001C: unknown main item tag 0x0
[  603.203055][ T5872] gt683r_led 0003:1770:FF00.001C: unknown main item tag 0x0
[  603.211089][ T5872] gt683r_led 0003:1770:FF00.001C: unknown main item tag 0x0
[  603.324410][ T5872] gt683r_led 0003:1770:FF00.001C: hidraw0: USB HID vf4.f6 Device [HID 1770:ff00] on usb-dummy_hcd.1-1/input0
[  605.675324][  T979] usb 2-1: USB disconnect, device number 48
[  605.704875][ T5872] gt683r_led 0003:1770:FF00.001C: failed to send set report request: -19
[  606.709505][T12745] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1876'.
[  606.720679][T12744] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  606.743954][    T9] lo speed is unknown, defaulting to 1000
[  606.752843][T12747] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  608.482413][   T31] INFO: task syz.4.1370:10925 blocked for more than 143 seconds.
[  608.490225][   T31]       Not tainted syzkaller #0
[  608.495822][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  608.505131][   T31] task:syz.4.1370      state:D stack:27912 pid:10925 tgid:10920 ppid:5820   task_flags:0x400140 flags:0x00080002
[  608.534344][   T31] Call Trace:
[  608.537688][   T31]  <TASK>
[  608.540725][   T31]  __schedule+0x1190/0x5de0
[  608.540929][  T979] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  608.545494][   T31]  ? check_path.constprop.0+0x24/0x50
[  608.553026][ T5872] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  608.558441][   T31]  ? __pfx___schedule+0x10/0x10
[  608.577466][   T31]  ? find_held_lock+0x2b/0x80
[  608.583937][   T31]  ? schedule+0x2d7/0x3a0
[  608.597772][   T31]  ? bdev_open+0xa2/0xe40
[  608.608256][   T31]  schedule+0xe7/0x3a0
[  608.613714][   T31]  schedule_preempt_disabled+0x13/0x30
[  608.619332][   T31]  __mutex_lock+0x818/0x1060
[  608.624051][   T31]  ? bdev_open+0xa2/0xe40
[  608.628413][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  608.633639][   T31]  ? __pfx_bd_prepare_to_claim+0x10/0x10
[  608.639336][   T31]  ? bdev_open+0xa2/0xe40
[  608.651855][   T31]  bdev_open+0xa2/0xe40
[  608.656032][   T31]  ? iput+0x35/0x40
[  608.659842][   T31]  bdev_file_open_by_dev+0x182/0x210
[  608.665234][   T31]  setup_bdev_super+0x78/0x730
[  608.670010][   T31]  get_tree_bdev_flags+0x363/0x620
[  608.675243][   T31]  ? __pfx_squashfs_fill_super+0x10/0x10
[  608.685878][   T31]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  608.691726][   T31]  ? bpf_lsm_capable+0x9/0x10
[  608.696477][   T31]  ? security_capable+0x7e/0x260
[  608.701457][   T31]  vfs_get_tree+0x8e/0x340
[  608.708306][   T31]  path_mount+0x7b9/0x23a0
[  608.712876][   T31]  ? __pfx_path_mount+0x10/0x10
[  608.717762][   T31]  ? putname+0x154/0x1a0
[  608.722143][   T31]  ? putname+0x154/0x1a0
[  608.726403][   T31]  ? putname+0x154/0x1a0
[  608.730691][   T31]  ? __x64_sys_mount+0x293/0x310
[  608.735896][   T31]  __x64_sys_mount+0x293/0x310
[  608.740682][   T31]  ? __pfx___x64_sys_mount+0x10/0x10
[  608.746144][   T31]  do_syscall_64+0xcd/0xfa0
[  608.750663][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  608.756699][   T31] RIP: 0033:0x7f1d19d8f6c9
[  608.761214][   T31] RSP: 002b:00007f1d17fd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  608.769647][   T31] RAX: ffffffffffffffda RBX: 00007f1d19fe6090 RCX: 00007f1d19d8f6c9
[  608.777718][   T31] RDX: 0000200000000080 RSI: 0000200000000040 RDI: 0000200000000900
[  608.786058][   T31] RBP: 00007f1d19e11f91 R08: 0000000000000000 R09: 0000000000000000
[  608.790810][  T979] usb 4-1: Using ep0 maxpacket: 8
[  608.794355][   T31] R10: 0000000001408009 R11: 0000000000000246 R12: 0000000000000000
[  608.799077][ T5872] usb 2-1: Using ep0 maxpacket: 8
[  608.810970][   T31] R13: 00007f1d19fe6128 R14: 00007f1d19fe6090 R15: 00007fffef4788d8
[  608.820330][   T31]  </TASK>
[  608.825255][   T31] 
[  608.825255][   T31] Showing all locks held in the system:
[  608.833381][   T31] 1 lock held by khungtaskd/31:
[  608.838425][   T31]  #0: ffffffff8e3c4760 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  608.848821][   T31] 3 locks held by kworker/1:2/979:
[  608.849349][  T979] usb 4-1: config 0 has an invalid interface number: 143 but max is 0
[  608.856140][   T31] 2 locks held by getty/5570:
[  608.867368][   T31]  #0: ffff888034fdd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  608.877458][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  608.877608][  T979] usb 4-1: config 0 has no interface number 0
[  608.888252][   T31] 1 lock held by udevd/5818:
[  608.894175][ T5872] usb 2-1: config 0 has an invalid interface number: 143 but max is 0
[  608.898683][   T31]  #0: 
[  608.907116][ T5872] usb 2-1: config 0 has no interface number 0
[  608.907129][   T31] ffff888143b64358
[  608.917033][ T5872] usb 2-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b
[  608.917046][   T31]  (&disk->open_mutex
[  608.929827][ T5872] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.943597][  T979] usb 4-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b
[  608.943606][   T31] ){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[  608.953528][ T5872] usb 2-1: config 0 descriptor??
[  608.958818][   T31] 9 locks held by kworker/1:5/5872:
[  608.969318][  T979] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  608.969332][   T31] 1 lock held by udevd/5997:
[  608.982719][   T31]  #0: ffff8880263c3358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[  608.986757][  T979] usb 4-1: config 0 descriptor??
[  608.993305][   T31] 1 lock held by udevd/6014:
[  609.002555][   T31]  #0: ffff888025cf5358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[  609.013709][   T31] 1 lock held by udevd/6093:
[  609.027586][   T31]  #0: ffff888026345358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[  609.041029][   T31] 1 lock held by udevd/9671:
[  609.045677][   T31]  #0: ffff888026343358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0x41a/0xe40
[  609.055133][   T31] 2 locks held by syz.4.1370/10925:
[  609.060891][   T31]  #0: ffff8880752d40e0 (&type->s_umount_key#93/1){+.+.}-{4:4}, at: alloc_super+0x1e3/0xb60
[  609.072212][   T31]  #1: ffff8880263c3358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xa2/0xe40
[  609.084066][   T31] 1 lock held by syz-executor/11073:
[  609.089726][   T31]  #0: ffff8880b843a398 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  609.099777][   T31] 2 locks held by dhcpcd/12767:
[  609.104813][   T31]  #0: ffff888079596260 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x2c/0xf60
[  609.115316][   T31]  #1: ffffffff8e3cfcf8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0
[  609.115531][ T5872] viperboard 2-1:0.143: version 0.00 found at bus 002 address 049
[  609.126910][   T31] 
[  609.138735][  T979] viperboard 4-1:0.143: version 0.00 found at bus 004 address 045
[  609.140477][   T31] =============================================
[  609.140477][   T31] 
[  609.154063][ T5872] viperboard-i2c viperboard-i2c.3.auto: error -EIO: failure setting i2c_bus_freq to 100
[  609.155945][   T31] NMI backtrace for cpu 0
[  609.155957][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  609.155975][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  609.155984][   T31] Call Trace:
[  609.155989][   T31]  <TASK>
[  609.155995][   T31]  dump_stack_lvl+0x116/0x1f0
[  609.156021][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  609.156039][   T31]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  609.156062][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  609.156084][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  609.156105][   T31]  watchdog+0xf3f/0x1170
[  609.156127][   T31]  ? rcu_is_watching+0x12/0xc0
[  609.156147][   T31]  ? __pfx_watchdog+0x10/0x10
[  609.156163][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  609.156187][   T31]  ? __kthread_parkme+0x19e/0x250
[  609.156209][   T31]  ? __pfx_watchdog+0x10/0x10
[  609.156227][   T31]  kthread+0x3c5/0x780
[  609.156242][   T31]  ? __pfx_kthread+0x10/0x10
[  609.156258][   T31]  ? rcu_is_watching+0x12/0xc0
[  609.156276][   T31]  ? __pfx_kthread+0x10/0x10
[  609.156292][   T31]  ret_from_fork+0x675/0x7d0
[  609.156305][   T31]  ? __pfx_kthread+0x10/0x10
[  609.156321][   T31]  ret_from_fork_asm+0x1a/0x30
[  609.156352][   T31]  </TASK>
[  609.156358][   T31] Sending NMI from CPU 0 to CPUs 1:
[  609.168233][  T979] viperboard-i2c viperboard-i2c.4.auto: error -EIO: failure setting i2c_bus_freq to 100
[  609.169377][    C1] NMI backtrace for cpu 1
[  609.169389][    C1] CPU: 1 UID: 0 PID: 979 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(full) 
[  609.169406][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  609.169415][    C1] Workqueue: usb_hub_wq hub_event
[  609.169434][    C1] RIP: 0010:io_serial_in+0x87/0xb0
[  609.169454][    C1] Code: a8 93 fc 48 8d 7d 40 44 89 e1 48 b8 00 00 00 00 00 fc ff df 48 89 fa d3 e3 48 c1 ea 03 80 3c 02 00 75 1a 66 03 5d 40 89 da ec <5b> 0f b6 c0 5d 41 5c e9 7d 32 3a 06 e8 a8 34 fc fc eb a2 e8 31 35
[  609.169468][    C1] RSP: 0018:ffffc90003ece1d8 EFLAGS: 00000002
[  609.169479][    C1] RAX: dffffc0000000060 RBX: 00000000000003fd RCX: 0000000000000000
[  609.169488][    C1] RDX: 00000000000003fd RSI: ffffffff852964f0 RDI: ffffffff9add8780
[  609.169497][    C1] RBP: ffffffff9add8740 R08: 0000000000000001 R09: 000000000000001f
[  609.169507][    C1] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000
[  609.169515][    C1] R13: 0000000000000020 R14: fffffbfff35bb142 R15: dffffc0000000000
[  609.169524][    C1] FS:  0000000000000000(0000) GS:ffff888124b08000(0000) knlGS:0000000000000000
[  609.169539][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  609.169548][    C1] CR2: 00007fff23115e40 CR3: 00000000325d6000 CR4: 00000000003526f0
[  609.169558][    C1] Call Trace:
[  609.169563][    C1]  <TASK>
[  609.169569][    C1]  wait_for_lsr+0x13a/0x210
[  609.169592][    C1]  serial8250_console_write+0xf81/0x1890
[  609.169610][    C1]  ? __pfx_serial8250_console_write+0x10/0x10
[  609.169625][    C1]  ? lock_acquire+0x179/0x350
[  609.169642][    C1]  console_flush_all+0x801/0xc60
[  609.169661][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  609.169678][    C1]  ? __lock_acquire+0x622/0x1c90
[  609.169700][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  609.169725][    C1]  console_unlock+0xd8/0x210
[  609.169740][    C1]  ? __pfx_console_unlock+0x10/0x10
[  609.169760][    C1]  vprintk_emit+0x3d7/0x680
[  609.169776][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  609.169796][    C1]  dev_printk_emit+0xfa/0x140
[  609.169816][    C1]  ? __pfx_dev_printk_emit+0x10/0x10
[  609.169835][    C1]  ? stack_depot_save_flags+0x29/0x9c0
[  609.169853][    C1]  ? kasan_save_stack+0x33/0x60
[  609.169866][    C1]  ? kasan_save_track+0x14/0x30
[  609.169879][    C1]  ? __kasan_save_free_info+0x3b/0x60
[  609.169897][    C1]  ? __kasan_slab_free+0x5f/0x80
[  609.169910][    C1]  ? kfree+0x2b8/0x6d0
[  609.169926][    C1]  ? usb_control_msg+0x39d/0x4a0
[  609.169940][    C1]  ? vprbrd_i2c_probe+0x2b6/0x470
[  609.169953][    C1]  ? really_probe+0x241/0xa90
[  609.169965][    C1]  ? __driver_probe_device+0x1de/0x440
[  609.169978][    C1]  ? driver_probe_device+0x4c/0x1b0
[  609.169995][    C1]  __dev_printk+0xf5/0x270
[  609.170014][    C1]  _dev_err+0xe4/0x120
[  609.170033][    C1]  ? __pfx__dev_err+0x10/0x10
[  609.170051][    C1]  ? usb_probe_device+0xef/0x3e0
[  609.170068][    C1]  ? driver_probe_device+0x4c/0x1b0
[  609.170080][    C1]  ? __device_attach_driver+0x1df/0x310
[  609.170094][    C1]  ? device_add+0x1148/0x1aa0
[  609.170109][    C1]  ? usb_new_device+0xd07/0x1a60
[  609.170124][    C1]  ? hub_event+0x2f34/0x4fe0
[  609.170139][    C1]  ? process_one_work+0x9cf/0x1b70
[  609.170153][    C1]  ? worker_thread+0x6c8/0xf10
[  609.170166][    C1]  ? kthread+0x3c5/0x780
[  609.170178][    C1]  ? ret_from_fork+0x675/0x7d0
[  609.170189][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  609.170210][    C1]  __dev_probe_failed+0x108/0x1c0
[  609.170222][    C1]  ? __pfx___dev_probe_failed+0x10/0x10
[  609.170235][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  609.170256][    C1]  ? kfree+0x2b8/0x6d0
[  609.170272][    C1]  ? usb_control_msg+0x39d/0x4a0
[  609.170287][    C1]  dev_err_probe+0xcc/0x110
[  609.170299][    C1]  ? __pfx_dev_err_probe+0x10/0x10
[  609.170312][    C1]  ? __pfx_usb_control_msg+0x10/0x10
[  609.170325][    C1]  ? mark_held_locks+0x49/0x80
[  609.170344][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  609.170363][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  609.170385][    C1]  vprbrd_i2c_probe+0x369/0x470
[  609.170398][    C1]  ? __pfx_vprbrd_i2c_probe+0x10/0x10
[  609.170410][    C1]  platform_probe+0x106/0x1d0
[  609.170428][    C1]  ? __pfx_platform_probe+0x10/0x10
[  609.170446][    C1]  really_probe+0x241/0xa90
[  609.170460][    C1]  __driver_probe_device+0x1de/0x440
[  609.170475][    C1]  driver_probe_device+0x4c/0x1b0
[  609.170488][    C1]  __device_attach_driver+0x1df/0x310
[  609.170502][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[  609.170516][    C1]  bus_for_each_drv+0x159/0x1e0
[  609.170534][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[  609.170552][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  609.170572][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  609.170592][    C1]  __device_attach+0x1e4/0x4b0
[  609.170606][    C1]  ? __pfx___device_attach+0x10/0x10
[  609.170620][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  609.170637][    C1]  bus_probe_device+0x17f/0x1c0
[  609.170657][    C1]  device_add+0x1148/0x1aa0
[  609.170674][    C1]  ? __pfx_device_add+0x10/0x10
[  609.170691][    C1]  ? rcu_is_watching+0x12/0xc0
[  609.170714][    C1]  platform_device_add+0x316/0x810
[  609.170732][    C1]  ? platform_device_add_resources+0x76/0x100
[  609.170756][    C1]  mfd_add_device+0x1158/0x17e0
[  609.170784][    C1]  ? __pfx_mfd_add_device+0x10/0x10
[  609.170807][    C1]  ? kasan_quarantine_put+0x10a/0x240
[  609.170821][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  609.170843][    C1]  ? __dev_printk+0xf5/0x270
[  609.170865][    C1]  mfd_add_devices+0xe0/0x170
[  609.170885][    C1]  ? __pfx_mfd_add_devices+0x10/0x10
[  609.170903][    C1]  ? lockdep_init_map_type+0x5c/0x280
[  609.170919][    C1]  vprbrd_probe+0x2cd/0x470
[  609.170933][    C1]  usb_probe_interface+0x303/0xa40
[  609.170953][    C1]  ? __pfx_usb_probe_interface+0x10/0x10
[  609.170972][    C1]  really_probe+0x241/0xa90
[  609.170986][    C1]  __driver_probe_device+0x1de/0x440
[  609.171001][    C1]  driver_probe_device+0x4c/0x1b0
[  609.171014][    C1]  __device_attach_driver+0x1df/0x310
[  609.171028][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[  609.171042][    C1]  bus_for_each_drv+0x159/0x1e0
[  609.171060][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[  609.171078][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  609.171098][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  609.171118][    C1]  __device_attach+0x1e4/0x4b0
[  609.171132][    C1]  ? __pfx___device_attach+0x10/0x10
[  609.171146][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  609.171163][    C1]  bus_probe_device+0x17f/0x1c0
[  609.171183][    C1]  device_add+0x1148/0x1aa0
[  609.171199][    C1]  ? __pfx_device_add+0x10/0x10
[  609.171215][    C1]  ? mark_held_locks+0x49/0x80
[  609.171237][    C1]  usb_set_configuration+0x1187/0x1e20
[  609.171260][    C1]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  609.171275][    C1]  usb_generic_driver_probe+0xb1/0x110
[  609.171290][    C1]  usb_probe_device+0xef/0x3e0
[  609.171307][    C1]  ? __pfx_usb_probe_device+0x10/0x10
[  609.171324][    C1]  really_probe+0x241/0xa90
[  609.171339][    C1]  __driver_probe_device+0x1de/0x440
[  609.171351][    C1]  ? usb_driver_applicable+0x1c7/0x220
[  609.171371][    C1]  driver_probe_device+0x4c/0x1b0
[  609.171385][    C1]  __device_attach_driver+0x1df/0x310
[  609.171399][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[  609.171412][    C1]  bus_for_each_drv+0x159/0x1e0
[  609.171430][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[  609.171448][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[  609.171468][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  609.171488][    C1]  __device_attach+0x1e4/0x4b0
[  609.171501][    C1]  ? __pfx___device_attach+0x10/0x10
[  609.171516][    C1]  ? do_raw_spin_unlock+0x172/0x230
[  609.171532][    C1]  bus_probe_device+0x17f/0x1c0
[  609.171552][    C1]  device_add+0x1148/0x1aa0
[  609.171569][    C1]  ? __pfx_device_add+0x10/0x10
[  609.171583][    C1]  ? usb_detect_static_quirks+0x335/0x3e0
[  609.171599][    C1]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  609.171621][    C1]  usb_new_device+0xd07/0x1a60
[  609.171639][    C1]  ? do_raw_spin_lock+0x12c/0x2b0
[  609.171653][    C1]  ? __pfx_usb_new_device+0x10/0x10
[  609.171670][    C1]  ? mark_held_locks+0x49/0x80
[  609.171691][    C1]  hub_event+0x2f34/0x4fe0
[  609.171724][    C1]  ? __pfx_hub_event+0x10/0x10
[  609.171740][    C1]  ? assoc_array_apply_edit+0x110/0x6c0
[  609.171765][    C1]  ? rcu_is_watching+0x12/0xc0
[  609.171784][    C1]  process_one_work+0x9cf/0x1b70
[  609.171802][    C1]  ? __pfx_usb_gadget_state_work+0x10/0x10
[  609.171823][    C1]  ? __pfx_process_one_work+0x10/0x10
[  609.171842][    C1]  ? assign_work+0x1a0/0x250
[  609.171857][    C1]  worker_thread+0x6c8/0xf10
[  609.171875][    C1]  ? __kthread_parkme+0x19e/0x250
[  609.171894][    C1]  ? __pfx_worker_thread+0x10/0x10
[  609.171908][    C1]  kthread+0x3c5/0x780
[  609.171922][    C1]  ? __pfx_kthread+0x10/0x10
[  609.171936][    C1]  ? rcu_is_watching+0x12/0xc0
[  609.171952][    C1]  ? __pfx_kthread+0x10/0x10
[  609.171965][    C1]  ret_from_fork+0x675/0x7d0
[  609.171977][    C1]  ? __pfx_kthread+0x10/0x10
[  609.171990][    C1]  ret_from_fork_asm+0x1a/0x30
[  609.172015][    C1]  </TASK>
[  610.168261][ T5872] viperboard-i2c viperboard-i2c.3.auto: probe with driver viperboard-i2c failed with error -5
[  610.184940][T12760] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  610.193419][T12760] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  610.201652][  T979] viperboard-i2c viperboard-i2c.4.auto: probe with driver viperboard-i2c failed with error -5
[  610.436419][   T95] block nbd4: Possible stuck request ffff888026455080: control (read@0,1024B). Runtime 180 seconds
[  610.450557][   T95] block nbd4: Possible stuck request ffff888026455240: control (read@1024,1024B). Runtime 180 seconds
[  610.461763][   T95] block nbd4: Possible stuck request ffff888026455400: control (read@2048,1024B). Runtime 180 seconds
[  610.472769][   T95] block nbd4: Possible stuck request ffff8880264555c0: control (read@3072,1024B). Runtime 180 seconds
[  610.559746][ T5881] usb 4-1: USB disconnect, device number 45
[  610.603077][T12759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  610.612970][T12759] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  610.703467][    T9] usb 2-1: USB disconnect, device number 49
[  614.881070][ T6264] block nbd3: Possible stuck request ffff888026410000: control (read@0,1024B). Runtime 210 seconds
[  614.891861][ T6264] block nbd3: Possible stuck request ffff8880264101c0: control (read@1024,1024B). Runtime 210 seconds
[  614.902869][ T6264] block nbd3: Possible stuck request ffff888026410380: control (read@2048,1024B). Runtime 210 seconds
[  614.913928][ T6264] block nbd3: Possible stuck request ffff888026410540: control (read@3072,1024B). Runtime 210 seconds
[  614.914059][   T95] block nbd1: Possible stuck request ffff88802638e000: control (read@0,1024B). Runtime 240 seconds
[  614.935914][   T95] block nbd1: Possible stuck request ffff88802638e1c0: control (read@1024,1024B). Runtime 240 seconds
[  614.981035][   T95] block nbd1: Possible stuck request ffff88802638e380: control (read@2048,1024B). Runtime 240 seconds
[  614.992002][   T95] block nbd1: Possible stuck request ffff88802638e540: control (read@3072,1024B). Runtime 240 seconds
[  616.802815][   T95] block nbd2: Possible stuck request ffff8880263e7000: control (read@0,1024B). Runtime 240 seconds
[  616.813800][   T95] block nbd2: Possible stuck request ffff8880263e71c0: control (read@1024,1024B). Runtime 240 seconds
[  616.824899][   T95] block nbd2: Possible stuck request ffff8880263e7380: control (read@2048,1024B). Runtime 240 seconds
[  616.835955][   T95] block nbd2: Possible stuck request ffff8880263e7540: control (read@3072,1024B). Runtime 240 seconds