last executing test programs:

28m26.746394598s ago: executing program 2 (id=2790):
syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
r0 = socket(0xa, 0x2, 0x0)
ioctl$SIOCSIFMTU(r0, 0x541b, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d1bf91b4d090955f70e06d038e7ff7fc6e5539b0d3f0e8b089b3f35076e090890e0878f0e1ac6e7049b3346959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x96d)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
ioctl$SG_IO(0xffffffffffffffff, 0x2285, &(0x7f00000033c0)={0x53, 0x0, 0x0, 0xfa, @scatter={0x4, 0x0, &(0x7f0000000a80)=[{0x0}, {&(0x7f00000006c0)=""/235, 0xeb}, {&(0x7f00000008c0)=""/132, 0x84}, {&(0x7f0000000980)=""/221, 0xdd}]}, 0x0, 0x0, 0x0, 0x0, 0x800001, 0x0})
r5 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000006, 0x10, r5, 0xcf032000)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x3, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, r5, 0x8, 0x0, 0xff9e, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffedb, 0x0, 0x0, 0x10, 0x4}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000015000200071b1750bd030100000000009500000000000000bc26080000000000bf67000000000000070300000fff0700670200000300000016060a000ee600f0bf050000000000000f650000000000006507f4ff0200000007070000"], &(0x7f0000000100)='GPL\x00'}, 0x94)
setsockopt$MRT6_INIT(0xffffffffffffffff, 0x29, 0xc8, &(0x7f0000000340), 0x4)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_trie\x00')
r7 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
ioctl$TIOCGSID(r6, 0x5429, &(0x7f0000000040))
getdents64(r7, &(0x7f0000001f00)=""/4093, 0xffd)
socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x25dfdbfe, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6, 0x5, @val=0x9}]}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x9, 0x7, 0x5, 0x1}, 0x1}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}]}]}, 0x6c}}, 0x0)

28m24.885659477s ago: executing program 2 (id=2800):
openat$selinux_status(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x3, 0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x3)
socket$nl_xfrm(0x10, 0x3, 0x6)
shmctl$SHM_LOCK(0x0, 0xb)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r3, &(0x7f0000001180)={0x23d, 0x7d, 0x0, {{0x500, 0xfc, 0x0, 0xfffffffa, {}, 0x1bac0000, 0x0, 0x0, 0x0, 0x25, '\x04no\xc8f\xc9}`\x99\x06\x00\x00\x00\x00\x00\x00\x00\x90\x00\x00\x1d\xf6\xdb\x00\x00\x00\x00\x00\x00=\xd3\x00\x00\x00\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x17, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x0fX\x05\x02\xb6n\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x05\x00\x00\x00\x00\x00\x00\x00\xc2g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x23d)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = epoll_create1(0x80000)
r6 = fcntl$dupfd(r4, 0x406, r5)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000100)={0xc0002002})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x20, r6, &(0x7f0000000040))
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0xe, 0x8}, {0x3, 0x180, 0x77, 0x8}}}}, 0x15)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r0, 0x5, 0x4002)

28m22.357713914s ago: executing program 2 (id=2807):
r0 = socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x401}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904001f0000000000000000000000080004000100", 0x22)

28m17.660261187s ago: executing program 2 (id=2820):
r0 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$KEYCTL_PKEY_QUERY(0x18, r0, 0x0, &(0x7f0000000000)='\x00', &(0x7f0000000040))
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
request_key(&(0x7f0000000180)='pkcs7_test\x00', 0x0, &(0x7f0000000340)='syz', 0xfffffffffffffff8)
add_key$user(0x0, 0x0, &(0x7f0000000540)="31f4ab74", 0x4, 0xfffffffffffffffd)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, r6, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r5, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="0100000000000000"], 0x44}}, 0x0)
r9 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r9, 0x400452c8, &(0x7f0000000100))
ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x400452c9, &(0x7f0000000100))

28m16.669611863s ago: executing program 2 (id=2823):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r0 = accept(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0), 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xe}, {0x10, 0xffff}}}, 0x7}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x23, 0x2, 0x0)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r2)
syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x80000000, 0x10100}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_io_uring_submit(r4, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE_FIXED={0x5, 0x1c, 0x2004, @fd_index=0x7, 0x5, 0x4, 0x7, 0x2, 0x0, {0x3}})
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f000001ab00)=ANY=[@ANYBLOB="4c00000000000000000000000000ed0e0e6d5fc9bfc7459c3787534f6fd86c1ac875af9b951cb3d6223496b4a57c3f7e85af8e70c1a09695880f683caee32d44fd738c943c79cbd98397452d9bc05b8abc446d4efa5a86a492bb2d15f18c7844aeb1e6afb9893c191028093508089c1e06253462ae2344e28d7325dee07a064264d325150df9a5b3cbd036c11e2f6a33c09341962effaae762808e71ca0e4be087fa08c62957383d0b91067116d0486018e8ff9bb8b1a98b4a7bc12eef0bada686fe17f53ebe6c", @ANYRES32=r5, @ANYBLOB="000000000000000018001280090001006900140003006ea86376663000"/38, @ANYRES64=0x0, @ANYRESOCT=r3, @ANYRES64=r4, @ANYRESHEX=0x0], 0x4c}, 0x1, 0x0, 0x0, 0xc845}, 0x4080)
sendmmsg(r0, &(0x7f000001c300), 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r7, &(0x7f0000000080)=""/102341, 0x18fc5, 0x3)
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_opts(r8, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="3c1204"], 0x98)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x83)
sendmsg$nl_route_sched_retired(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=@newtaction={0xf0, 0x32, 0x205, 0x70bd2d, 0x25dfdbfc, {}, [{0xc9}]}, 0xf0}, 0x1, 0x0, 0x0, 0x85}, 0x8000)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r9, 0x40086602, &(0x7f0000000000))
symlinkat(&(0x7f0000000400)='./file1/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00')
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f000001aa40)=ANY=[@ANYBLOB="1c0000162400fc0229bd7000f7dbdf250500000008001b00060000000027dd0fb734b2d63c9214fe9f96733d28c26df1f5e918c72512ef701c3e02f4c87f637f934fa74cbb4e1213d5b860ef0649d09daa2883924c9bd8155cf8334b0ed0b9fe9ed16555bca182797eef028997d0d0058eb499196b078b4fadfe72f9a217cdae1406b4ac9adf95b99ac04063c93a83cccc2925fddd0ee5ebeb42025bcdf8c7258cb28085a21d546b3235aad5bd29a5ad2d92cb02aa7b79f410627d76a6"], 0x1c}}, 0x0)

28m15.577150831s ago: executing program 2 (id=2829):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0xffcb, 0x7, r3, 0x0, &(0x7f000057a000/0x1000)=nil, 0x1000})
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x12143, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$usbmon(0x0, 0xba, 0x280802)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_MCAST_REPLICAST(r5, 0x10f, 0x86)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000080)={0xe, {0x2, 0x2, 0x8, 0x8f, "480b9b1620be7a875f23255e89cea0332e47e72ddfd57a946a473998b1fb6fd36a04f580bcca3e3e143e235fd9df75b860cfc4fb9d438f78ad1a622bc5d26a003d38d86e2e507653f6ee231c56d6d9c3f8ec3e6ce34201af8d93383509040e723259f1e02abe181e0ff7a4b075ebbf96ffd8e4d099b51fa3fc38d1543d62d49ed0d059540bf368055a548af6972ea1"}}, 0x9b)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r2, 0x0, <r6=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r1, 0x3ba0, &(0x7f00000005c0)={0x48, 0x7, r6, 0x0, 0x0, 0x0, 0x0, 0x5})

28m0.488313012s ago: executing program 32 (id=2829):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000140)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000280)={0xffcb, 0x7, r3, 0x0, &(0x7f000057a000/0x1000)=nil, 0x1000})
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x12143, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$usbmon(0x0, 0xba, 0x280802)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$TIPC_MCAST_REPLICAST(r5, 0x10f, 0x86)
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, &(0x7f0000000080)={0xe, {0x2, 0x2, 0x8, 0x8f, "480b9b1620be7a875f23255e89cea0332e47e72ddfd57a946a473998b1fb6fd36a04f580bcca3e3e143e235fd9df75b860cfc4fb9d438f78ad1a622bc5d26a003d38d86e2e507653f6ee231c56d6d9c3f8ec3e6ce34201af8d93383509040e723259f1e02abe181e0ff7a4b075ebbf96ffd8e4d099b51fa3fc38d1543d62d49ed0d059540bf368055a548af6972ea1"}}, 0x9b)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x5, r2, 0x0, <r6=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r1, 0x3ba0, &(0x7f00000005c0)={0x48, 0x7, r6, 0x0, 0x0, 0x0, 0x0, 0x5})

26m19.485670008s ago: executing program 3 (id=3157):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket(0x16, 0xa, 0x8)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'tunl0\x00', <r3=>0x0})
sendto$packet(r2, &(0x7f00000002c0)="05", 0x1, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r3, 0x1, 0x0, 0x6, @remote}, 0x14)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000081001811", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r6, &(0x7f0000000040)=ANY=[@ANYBLOB="00006003ffffffffffffaaaaaaaaaa0208004500002440000000032f90"], 0x36)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r7=>0x0})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0xe0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000400)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000004c0)=[0x0, 0x0], &(0x7f0000000800), <r8=>0x0, 0xd4, &(0x7f0000000500)=[{}, {}], 0x10, 0x10, &(0x7f0000000580), &(0x7f00000005c0), 0x8, 0x6f, 0x8, 0x8, &(0x7f0000000600)}}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x1b, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', r7, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, r5, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000780)={r9, 0x2000000, 0x0, 0x0, &(0x7f0000000200), 0x0, 0x8003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x50)
r10 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r10, &(0x7f0000019680)=""/102392, 0x18ff8)
r11 = socket(0x2000000000000021, 0x2, 0x10000000000002)
socket$inet_tcp(0x2, 0x1, 0x0)
connect$rxrpc(r11, &(0x7f0000000140)=@in6={0x21, 0x4, 0x2, 0x1c, {0xa, 0x4e23, 0x7fff, @private2={0xfc, 0x2, '\x00', 0x9}, 0x3}}, 0x24)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1d)
sendmmsg(r11, &(0x7f0000000000), 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x15)
r12 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r12)
sendmsg$NLBL_CIPSOV4_C_ADD(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000006040)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="010000000000000000000100000004000480080002000100000008000140000000000400088010000c800c00"], 0x3c}}, 0x20000810)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x0, @dev={0xac, 0x14, 0x14, 0x1b}, 0x0, 0x0, 'dh\x00'}, 0x2c)

26m17.916508343s ago: executing program 3 (id=3164):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x54c, 0x3d5, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x4f8}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x1}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000140)={@local})
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r1, 0x7ac, &(0x7f0000000bc0)={0x0, 0x0, 0x9})
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
ioctl$EVIOCSKEYCODE_V2(r2, 0x40284504, &(0x7f0000000080)={0x73, 0x18, 0x4, 0x0, "d80004000000000000957f00003d4a100a000000000020020661e6e66b8b37ff"})
syz_usb_control_io(r0, &(0x7f0000000280)={0x2c, &(0x7f0000000100)={0x20, 0x8, 0x75, {0x75, 0x24, "65373343d6386d90cf28e13c212b184c7b8685daa3cc96aadd7c58cdee1318228c8475289494632960a440f488563d0d7b7cc218545935f5d034f7c2044859a49d5e31ee2de34a8339dea673acd3d3a05b70e4a7d35d50d045d7c10ba55f5201aacd86df0cf868434597c5ebc2d26263392dfd"}}, &(0x7f0000000180)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x455}}, &(0x7f00000001c0)={0x0, 0xf, 0x5, {0x5, 0xf, 0x5}}, &(0x7f0000000200)={0x20, 0x29, 0xf, {0xf, 0x29, 0x94, 0x60, 0x9, 0x4, "a0ff2b68", "ff3104ce"}}, &(0x7f0000000240)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0xc, 0x1, 0x7, 0xff, 0x5, 0x2b, 0xfff}}}, &(0x7f0000000780)={0x84, &(0x7f0000000380)={0x40, 0x16, 0xa5, "092f3c7fd94b4f41012e0581dc5abd5311071107e69b17c089939b6c6f4ef96d4fc55f4d89f0d49daca3efef91f75b034769ba8fb11c3d04a44fb07ac41544e87007be7c1c7ba73c9ddc2aa17e7c13625bc41f4c1f672138ae3c16c2d2e3578bd21f7a0f6d74f453a0d67ab2e62069d6752a5b0e959ff0b92dbec7daf1d19eb4f87e6a161154f2bb107150973b5c8dd140d303151b61396173793e14b7028bd8f45ed9c0e6"}, &(0x7f00000002c0)={0x0, 0xa, 0x1, 0x52}, &(0x7f0000000300)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000000440)={0x20, 0x0, 0x4, {0x3, 0x1}}, &(0x7f0000000480)={0x20, 0x0, 0x8, {0xa0, 0x8, [0xfff0]}}, &(0x7f00000004c0)={0x40, 0x7, 0x2, 0x7}, &(0x7f0000000500)={0x40, 0x9, 0x1, 0x87}, &(0x7f0000000540)={0x40, 0xb, 0x2, "16e2"}, &(0x7f0000000580)={0x40, 0xf, 0x2, 0x4}, &(0x7f00000005c0)={0x40, 0x13, 0x6}, &(0x7f0000000600)={0x40, 0x17, 0x6, @multicast}, &(0x7f0000000640)={0x40, 0x19, 0x2, 'H!'}, &(0x7f0000000680)={0x40, 0x1a, 0x2, 0x4}, &(0x7f00000006c0)={0x40, 0x1c, 0x1}, &(0x7f0000000700)={0x40, 0x1e, 0x1, 0x79}, &(0x7f0000000740)={0x40, 0x21, 0x1, 0x7}})

26m15.245400565s ago: executing program 3 (id=3169):
openat$selinux_status(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f00000000c0)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000180)=0x3)
socket$nl_xfrm(0x10, 0x3, 0x6)
shmctl$SHM_LOCK(0x0, 0xb)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r3, &(0x7f0000001180)={0x23d, 0x7d, 0x0, {{0x500, 0xfc, 0x0, 0xfffffffa, {}, 0x1bac0000, 0x0, 0x0, 0x0, 0x25, '\x04no\xc8f\xc9}`\x99\x06\x00\x00\x00\x00\x00\x00\x00\x90\x00\x00\x1d\xf6\xdb\x00\x00\x00\x00\x00\x00=\xd3\x00\x00\x00\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00;Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x17, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x0fX\x05\x02\xb6n\x00\xf3\x13\xf6\x00', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x05\x00\x00\x00\x00\x00\x00\x00\xc2g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x23d)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = epoll_create1(0x80000)
r6 = fcntl$dupfd(r4, 0x406, r5)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000100)={0xc0002002})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x20, r6, &(0x7f0000000040))
syz_emit_vhci(&(0x7f00000001c0)=@HCI_ACLDATA_PKT={0x2, {0xc9, 0x0, 0x0, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_ecred_conn_req={{0x17, 0xe, 0x8}, {0x3, 0x180, 0x77, 0x8}}}}, 0x15)
ptrace$ARCH_ENABLE_TAGGED_ADDR(0x1e, r0, 0x5, 0x4002)

26m14.204432832s ago: executing program 3 (id=3172):
ioctl$IOMMU_VFIO_IOAS$SET(0xffffffffffffffff, 0x3b88, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee6, 0x40010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x100)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x12a)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x458002, 0x55)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x52, 0x0, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000cc0), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r5, 0xae03, 0x52)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x50)

26m12.013473433s ago: executing program 3 (id=3180):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207"], 0x10}}, 0x0)

26m8.377498168s ago: executing program 3 (id=3187):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x6, &(0x7f0000006680))
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(r3, 0x0, 0x0, 0xfffffe04, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
rseq(0x0, 0x0, 0x0, 0x300)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)
openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x1, 0x1, 0x40}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}}, 0x5c)
setresuid(0x0, 0x0, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(r1, 0xffffffff80000900, 0x0, &(0x7f00000002c0))
close(r0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(0xffffffffffffffff, 0x0)

26m7.177061838s ago: executing program 33 (id=3187):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x6, &(0x7f0000006680))
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(r3, 0x0, 0x0, 0xfffffe04, 0x1)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x50, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000340)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
rseq(0x0, 0x0, 0x0, 0x300)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)
openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x1, 0x1, 0x40}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(r1, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}, 0x0, {[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}}, 0x5c)
setresuid(0x0, 0x0, 0x0)
quotactl_fd$Q_GETNEXTQUOTA(r1, 0xffffffff80000900, 0x0, &(0x7f00000002c0))
close(r0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(0xffffffffffffffff, 0x0)

25m33.423695148s ago: executing program 5 (id=3281):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000000)=@gcm_256={{0x303}, "41328ac34a4ad2ba", "e8582491a0c4050000000000f6542a9b6800000000000000003967d2daa45b4e", "61241765", "89b06aff130000fd"}, 0x38)
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[@ip_tos_int={{0x14, 0x11a, 0x20, 0x8}}], 0x18}, 0x0) (fail_nth: 1)

25m33.265589871s ago: executing program 5 (id=3282):
mmap$usbfs(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x8, 0x4010, 0xffffffffffffffff, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0xfffffffffffffffc, 0x0, 0x0, &(0x7f0000000100))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x52f01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f00007be000/0x18000)=nil, &(0x7f0000000300)=[@text16={0x10, 0x0}], 0x1, 0x2c, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r2, 0x4010ae42, &(0x7f0000000000)={0x0, 0x0, &(0x7f00007cf000/0x2000)=nil})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, r0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nfc(0x0, 0xffffffffffffffff)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000240)=ANY=[@ANYBLOB="400000001300050000000000b8fe6e2d1dae2ebd", @ANYRES32=0x0, @ANYBLOB="0804000000000000140003006272696467655f736c6176655f31000008000a00", @ANYRES32=0x0, @ANYBLOB="04001980"], 0x40}}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000040)={0x4}, 0x10)
write(r7, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe020002000000000800040001000000", 0x24)
ioctl$int_in(r5, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
fcntl$F_GET_RW_HINT(r5, 0x40b, &(0x7f0000000100))
r8 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c8", 0xb)

25m31.904024194s ago: executing program 5 (id=3285):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x2c, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x10000047}, 0x0)

25m31.769160567s ago: executing program 5 (id=3288):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r4, 0x4020aeb2, &(0x7f0000000080)={0x0, 0x12c, @ioapic={0x5000, 0x3, 0x2, 0x0, 0x0, [{0x5, 0x8, 0x6, '\x00', 0x9}, {0x3, 0x1, 0xd1, '\x00', 0x3}, {0xfe, 0x5, 0x3, '\x00', 0x69}, {0x0, 0x4, 0x19, '\x00', 0xff}, {0x1, 0xd, 0x2, '\x00', 0x7}, {0x1, 0x27, 0x3, '\x00', 0x7}, {0xc, 0x9, 0x2, '\x00', 0x4}, {0x85, 0x1, 0x6, '\x00', 0x7}, {0x9, 0x9, 0x1, '\x00', 0x6}, {0x8, 0x4, 0xd, '\x00', 0x5}, {0xff, 0xb6, 0x3, '\x00', 0x80}, {0x7, 0x0, 0x81, '\x00', 0x3}, {0x8, 0x1, 0x4, '\x00', 0x2}, {0x8, 0xfe, 0x60, '\x00', 0x1}, {0x7, 0x3, 0x3, '\x00', 0x10}, {0x9, 0x6, 0x4, '\x00', 0x2}, {0x8, 0x4, 0xec, '\x00', 0x5}, {0x8, 0x8}, {0x8, 0x8, 0x5, '\x00', 0x1}, {0x3, 0x8, 0x6, '\x00', 0x4}, {0x7, 0x3, 0xf, '\x00', 0x7}, {0x2, 0x0, 0xf1, '\x00', 0xcf}, {0x2, 0x9, 0x5, '\x00', 0x7}, {0x2, 0x0, 0x9, '\x00', 0x7}]}})
r5 = socket$nl_route(0x10, 0x3, 0x0)
getpeername$unix(r2, &(0x7f0000000300), &(0x7f0000000000)=0x6e)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1c000000200001030000000000000000020020044400000100000000b5be9a2b831f18"], 0x1c}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'macvtap0\x00'})
sendmsg$nl_route(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x28001}, 0x8000002)
syz_emit_ethernet(0x6e, &(0x7f0000000340)={@multicast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "02adf7", 0x38, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @time_exceed={0x2, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "fd9063", 0x0, 0x3a, 0x0, @mcast1, @loopback={0x0, 0xffffac1414aa}, [], "1e520b4c951ee12e"}}}}}}}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000100)='asymmetric\x00', &(0x7f0000000000)=@secondary)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r7, 0x400448ca, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000001fd8)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0xffffffbc, 0x10, 0x20}, [@ldst={0x7, 0xff05, 0x0, 0x0, 0xa}]}, &(0x7f0000003ff6)='GPL\x00', 0x1, 0xff06, &(0x7f000000cf3d)=""/195}, 0x48)

25m30.447757152s ago: executing program 5 (id=3292):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L'], 0x4c}, 0x8, 0x3000000000002}, 0x0)

25m29.613402679s ago: executing program 5 (id=3294):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xf}, 0x94)
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r1 = io_uring_setup(0x13dd, &(0x7f0000000780)={0x0, 0xca8a, 0x1000})
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, 0x0) (fail_nth: 1)

25m14.207591543s ago: executing program 34 (id=3294):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0xf}, 0x94)
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r1 = io_uring_setup(0x13dd, &(0x7f0000000780)={0x0, 0xca8a, 0x1000})
close_range(r1, 0xffffffffffffffff, 0x0)
ioctl$USBDEVFS_REAPURB(r0, 0x4008550c, 0x0) (fail_nth: 1)

12.084202994s ago: executing program 6 (id=7589):
r0 = syz_open_dev$vbi(0x0, 0x1, 0x2)
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(0xffffffffffffffff, 0x3b71, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$qrtr(0x2a, 0x2, 0x0)
write$binfmt_format(0xffffffffffffffff, &(0x7f0000000300)='1\x00', 0x2)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x20000894)
syz_open_dev$tty1(0xc, 0x4, 0x1)
capset(0x0, 0x0)
r4 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fadvise64(r0, 0xa, 0x7, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
connect$qrtr(r3, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r5 = syz_io_uring_setup(0x497, &(0x7f00000004c0)={0x0, 0x465e, 0x400, 0x3, 0x31d}, &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000300)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x0, 0x0})
io_uring_enter(r5, 0x40f9, 0x217, 0xa5, 0x0, 0xffa1)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0xb16, 0x1, 0x1})
openat2(r4, &(0x7f0000000280)='./file0\x00', &(0x7f0000000340)={0x628141, 0x28, 0x14}, 0x18)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, 0x0, 0x0)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, 0x0, 0xc000)

10.109403481s ago: executing program 1 (id=7594):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0xa7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
writev(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000000)={0xf0f027, 0x1})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001540)=ANY=[@ANYBLOB="03000000"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$9p_rdma(&(0x7f00000013c0), &(0x7f0000001400)='.\x00', &(0x7f0000001440), 0x800, &(0x7f0000000180)=ANY=[@ANYBLOB="7472616e733d72646d612c706f72743d307856a030352181397341eef099fd321757501e223030301b3030303030346532342c74696d656f75743d3078303030303030303066396664666666662c00"])
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r7, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r8 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r8, &(0x7f0000000240)={&(0x7f00000003c0)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1000a8d0}, 0x0)
epoll_create1(0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
dup(0xffffffffffffffff)

9.577539183s ago: executing program 6 (id=7595):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r0}, 0x18)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2080, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0xc048aec8, &(0x7f0000000000)={0x40004})
r3 = syz_io_uring_setup(0x53f, &(0x7f0000000780)={0x0, 0x807734, 0x400, 0xfffffff9, 0xfe}, &(0x7f00000000c0)=<r4=>0x0, &(0x7f00000002c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffe, 0x0, 0x4)
syz_io_uring_submit(0x0, r5, &(0x7f0000000200)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x29, 0x0, @fd, 0x4, 0x0, 0x1200000, 0x5, 0x1})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000200)=[{0x39, 0x0, 0x0, 0x1000004}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/devices.allow\x00', 0x2, 0xc8)
open_by_handle_at(r6, &(0x7f0000000140)=@ceph_nfs_fh={0x8, 0x1, {0x7}}, 0x2241c2)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_clone3(&(0x7f00000003c0)={0x385200080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r7}}, 0x58)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0)
ioctl$TUNSETFILTEREBPF(r8, 0x800454e1, &(0x7f0000000300)=r0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r6, 0xc0189373, &(0x7f0000000080)={{0x1, 0x1, 0x18, r7, {0x5}}, './file0\x00'})

8.160318306s ago: executing program 1 (id=7596):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kvm_fpu\x00', r1}, 0x18)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x4a2b79e8511e8789, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r0, 0x2000)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil)

8.100029003s ago: executing program 6 (id=7597):
ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, &(0x7f0000000140)={&(0x7f0000000040), &(0x7f0000000080)=""/154, 0x9a})
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000007c0)='children\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r3 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, &(0x7f0000000300)={0x1c, &(0x7f0000000140)={0x40, 0x0, 0x1, "d0"}, 0x0, 0x0})
r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000180)={0x1, 0x9, 0x1, &(0x7f0000000040)={0x51, "c6c1f7b51030c4b7c54bf28facb1ed3ee2dfe17a04bc517b5452b3b94bce47509d"}})
read$FUSE(r2, &(0x7f0000002140)={0x2020, 0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(r2, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d80762ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0xffffffffffffffff, {0xffffffffffffffff, 0x2, 0xfffffffffffffffe, 0x0, 0x0, 0x10000000, {0x40, 0xd08, 0x0, 0x4, 0x0, 0x0, 0x7, 0x0, 0x122, 0x6000, 0x10000, 0x0, 0x0, 0x902}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r2, &(0x7f0000000440)={0x50, 0x0, r5, {0x7, 0x29, 0x0, 0x0, 0xfffc, 0x2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1}}, 0x50)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
socket(0x10, 0x3, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r6, 0xc008ae09, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdir(0x0, 0x0)
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000080)=""/123, 0xfffb}], 0x1, 0x20004, 0x102)
r7 = socket$qrtr(0x2a, 0x2, 0x0)
r8 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$SIOCRSGL2CALL(r8, 0x89e5, 0x0)
ioctl$sock_qrtr_TIOCOUTQ(r7, 0x5411, &(0x7f0000000000))
setsockopt(r0, 0x84, 0x80, 0x0, 0x0)

7.529676626s ago: executing program 1 (id=7599):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x3, 0x8, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300000100000085000000c0000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
preadv(r2, &(0x7f0000000640)=[{&(0x7f0000000080)=""/141, 0x8d}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'team0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYRES16=r0], 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

7.441693537s ago: executing program 1 (id=7600):
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x6e23, 0xfffffdff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000006480)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000280)="e00688906b97878270b4e2a5780fadc188fe287a823f5abed27e4fb5cb87096e3d8901282cf56e61a604e941cf082f4889de79c2b3584eb4cc2455696c784b805b072b58615878e38d53a9", 0x4b}, {&(0x7f0000000300)="3599e95720f34e2f35527f68a8807e45206c336a1df7314f4042db703d25bb5312943490dc482149505006f469dfd72981349715e9c181a8a5efc4d7878f76f4ca03c4a57d52456184ffd03a82b11dd769d9f50a78235578b473e82237da105b1a1a2e67ba2d8b3b9e8d5f50d2a535e8a01e30f17cf9cd882eb9f0baa7eb74a176b37df1", 0x84}, {&(0x7f00000003c0)="cf80396936f8a6a14b59caa3096bcf9ce5c989877e242f6121eacbcf31c4776b6b3861535adec08486be4ed6f75b7dda9af055a0d3a762d2d5eddd39769dd82382b2cdee0c3ed2206e79347c5d9b27c103d629bc849f0210c5da759ef2940e299168d000e9578b7e2fab9f36c8a47a7fa9528d37dcf370452ad402561111e42b0766f5414182c108d4f89c3f958ea3ed03a82affced73ca6fd02fc2046a270885e9e007d4aca8b778df400b23322add44fa869fe12fbb1dfd2978708679abb3bbcfc6b5e6d537624db4d642595c3d03b17c17b5b2a4461db0c6e59", 0xdb}, {&(0x7f0000000500)="e63dd3b79d52e25566fb589091ae0936d572354d99d6407f2d69d912f0f7dd838d2814315a52385f68531123012a131a7427055b3c2170b73ee47575a1f00e0c0f0438399ffdc5550d2121c91f223fc29fb265f49e6fc61284d7d4fdaa4a03b5785000050f22d3fd669307b99135c808571cd1067b6498327bb29daabc8c074d891316f7cf56b74b3b81169f36a0c30da540357f6fcaab960df8a99b661a7cf207db6003fa2e0bdf9d1c4376b408dfa27c7cb38ad6aa24e6fad0b595819a681010e247c27aa84e84a2c4b06c4085226ecf65f6c04505668c9a", 0xd9}, {&(0x7f0000000600)="7ede2bf5d6052203748e547c68292a53f38e33bffb13b4a089bf07917afb597537bb458811ff706941e303abc3a6fb78a1c33a190a367d16920e900710b90eedc4228a52581fc386548d40205757eb0daa05e09e0535ce03f632d9c7d65d1e15e7a6a76660d5ab042b77a321d4164d4e6aac68316187b9ac22c2349f66683c3cf786dc6d4edb50f354ef416c486d77f22d9bc7fd82007fb9f5c9cabf72080aba3682f0fae4279c0a70b15c3ed4c60c674ec5f7d7e96edc9f7f4d7be6ac5c6ce26e68653a78117896d3c9a86b1b93b7f7725e76facca1", 0xd6}, {0x0}], 0x6, &(0x7f00000009c0)=[@dstopts={{0x1a0, 0x29, 0x37, {0x2b, 0x30, '\x00', [@padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x40, {0x3, 0xe, 0x10, 0xaa8, [0x8000000000000000, 0xffffffff, 0x80e, 0x8001, 0x80000000, 0x0, 0x2]}}, @generic={0x68, 0xcf, "ca3fd1e409f0450a1d12e21b79e03ed15a064706249abae2befd097496efca869ca4a2363c430b74631d4773182470a2765b4150e92ab60c62cb6df2152e80878bd5421df7e03e8f753d2b08b8d0e962b4073ad8e0ffa2abd804d883052c4e8b261fb3b4e293ea26bbddda406d1dc31f07323cfdb9a5e33af752c5acae6f852c56228d082bc5a427371b96eced97df5fea49e1ec733cee6e80737072639a95f9e78d3d9da386195527e6a161bc9f293844873a32904f3e3cdbaf886a7a901fad4ae9c5a5534054f0f30ed05046f95a"}, @ra={0x5, 0x2, 0x1135}, @calipso={0x7, 0x10, {0x2, 0x2, 0x4, 0x748, [0x7]}}, @enc_lim={0x4, 0x1, 0x4}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x81}, @calipso={0x7, 0x40, {0x3, 0xe, 0x9, 0x1, [0x7f, 0x7f, 0x1, 0x6, 0x5, 0x8001, 0xc2000]}}]}}}, @rthdrdstopts={{0x38, 0x29, 0x37, {0x0, 0x3, '\x00', [@padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @mcast2}]}}}], 0x1d8}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=[@pktinfo={{0x24, 0x29, 0x32, {@private0}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xffffffff}}], 0x40}}], 0x2, 0x0)

6.495740895s ago: executing program 0 (id=7603):
r0 = add_key(&(0x7f00000001c0)='big_key\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000002240)="d790b0c9", 0x4, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x26)
keyctl$update(0x2, r0, &(0x7f0000000240)="ac", 0x1)

6.410292405s ago: executing program 4 (id=7604):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000000)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="240000001000010025fd7000fddbdf2500000000", @ANYRES32=r1, @ANYBLOB="1008fbff05011680"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x4000000)
r2 = socket$rds(0x15, 0x5, 0x0) (async)
prctl$PR_SET_THP_DISABLE(0x41, 0x3) (async)
io_setup(0x3, &(0x7f0000000300))
setsockopt$RDS_GET_MR_FOR_DEST(r2, 0x114, 0x7, &(0x7f0000000240)={@llc={0x1a, 0x118, 0x3, 0x8, 0xf1, 0x80, @broadcast}, {&(0x7f0000000040)=""/251, 0xfb}, &(0x7f0000000140), 0x65}, 0xa0)

6.359820172s ago: executing program 1 (id=7605):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan0\x00'})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x14, r3, 0x5eae78d9c54e9d3f, 0x70bd2a, 0x25dfdc01}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x48804)
r4 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x343ec0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
creat(&(0x7f00000002c0)='./file0\x00', 0x51)
pipe2$9p(&(0x7f0000001900)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r8 = dup(r7)
syz_usb_connect$hid(0x2, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r9, &(0x7f0000019680)=""/102392, 0x18ff8)
write$FUSE_BMAP(r8, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r8, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r8}, 0x2c, {[{@cache_readahead}], [{@euid_lt}], 0x6b}})
truncate(&(0x7f0000000240)='./file0\x00', 0x206b12)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa2f00, 0xa3)
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000240)={0x28, 0x3, r5, 0x0, &(0x7f0000000380)="f3", 0x1, 0xfffffffffffffc01})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x3, r1, 0x0, &(0x7f0000000100)="ac", 0x1, 0x3})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x4, r1, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x13})

6.330638002s ago: executing program 0 (id=7606):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60cf, 0x8})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
madvise(&(0x7f0000009000/0x2000)=nil, 0x2000, 0x4)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x40, 0x170)
fgetxattr(r1, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000340)='./file0/file0\x00', 0x1)
clock_gettime(0x0, &(0x7f00000001c0)={<r2=>0x0, <r3=>0x0})
timer_settime(r0, 0xbb1072b00faf0a95, &(0x7f0000000040)={{0x0, 0x989680}, {r2, r3+10000000}}, 0x0)
r4 = inotify_init()
read$FUSE(r4, 0x0, 0x0)
pipe2$9p(&(0x7f0000000080), 0x84800)

5.877477961s ago: executing program 4 (id=7608):
syz_usb_connect(0x3, 0x24, &(0x7f0000000740)={{0x12, 0x1, 0x250, 0x69, 0x48, 0x69, 0x8, 0x17ef, 0x721e, 0xc63d, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xf6, 0x40, 0xa0, 0x4, [{{0x9, 0x4, 0x90, 0x5, 0x0, 0x73, 0xbc, 0x5, 0xde}}]}}]}}, &(0x7f0000000680)={0x0, 0x0, 0x5, &(0x7f0000000440)={0x5, 0xf, 0x5}})
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$netlink(0x10, 0x3, 0x0)
getpid()
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f00000029c0)='/dev/comedi4\x00', 0x600, 0x0)
ioctl$COMEDI_BUFCONFIG(r0, 0x8020640d, &(0x7f0000000040)={0x1, 0x3, 0x10})
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x1)
ioctl$KVM_IOEVENTFD(r2, 0x40a0ae49, &(0x7f0000000080)={0x7ff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
unshare(0x2040600)
r4 = add_key(&(0x7f00000001c0)='big_key\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000002240)="d790b0c9", 0x4, 0xfffffffffffffffe)
syz_emit_ethernet(0x76, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe2$watch_queue(&(0x7f0000000000)={<r5=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0x26)
keyctl$update(0x2, r4, &(0x7f0000000240)="ac", 0x1)
read(0xffffffffffffffff, &(0x7f0000000040)=""/208, 0xd0)

5.427835195s ago: executing program 7 (id=7609):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000003b810000850000007d000000850000005000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
nanosleep(&(0x7f00000025c0)={0xffffffffefff8002}, 0x0)
r0 = accept(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0), 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000480)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xe}, {0x10, 0xffff}}}, 0x7}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=@newlink={0x1d0, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x4}}}, @IFLA_VF_PORTS={0x19c, 0x18, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0xb, 0x2, 'nicvf0\x00'}]}, {0x4}, {0x84, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0x6, 0x7}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "688eee43a1242e11e8a801f022cc148e"}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8, 0x1, 0x9}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "f8c4aace18bf76b8f5cdabe2c3555e48"}, @IFLA_PORT_VF={0x8, 0x1, 0x5}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "21b0629f46fc56ff450a8b7892fae15d"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "b47b39284630c628e384e9162b59803f"}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x8}]}, {0x50, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0x6, 0x7}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_PROFILE={0x9, 0x2, 'ipip\x00'}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x1a}, @IFLA_PORT_PROFILE={0xa, 0x2, '\xbc\xcbsfs\x00'}, @IFLA_PORT_PROFILE={0x8, 0x2, '\'$^\x00'}, @IFLA_PORT_PROFILE={0x14, 0x2, '\xc6id\xb58\x17]\a\xc6\xbf\xecv\xc8l6\x00'}]}, {0x24, 0x1, 0x0, 0x1, [@IFLA_PORT_PROFILE={0xb, 0x2, 'nicvf0\x00'}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "5fde8ba2342d6dcf3b79e74f8865df3e"}]}, {0x20, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "657dcdf697e8012f54884053a9edef64"}, @IFLA_PORT_VF={0x8, 0x1, 0x6}]}, {0x6c, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "ccc0fc8e92b6bf8c320267468c34b920"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "0bacb76644e97aaa9d24a35b78465c61"}, @IFLA_PORT_REQUEST={0x5, 0x6, 0x1}, @IFLA_PORT_VF={0x8, 0x1, 0x9a0}, @IFLA_PORT_PROFILE={0x5, 0x2, '\x00'}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "48ab74c97008b0f5a4f4b0a2e6d5d36d"}, @IFLA_PORT_PROFILE={0xb, 0x2, 'nicvf0\x00'}]}]}]}, 0x1d0}, 0x1, 0x0, 0x0, 0xc845}, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)

5.371438024s ago: executing program 0 (id=7610):
socket$packet(0x11, 0x2, 0x300)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000d5e9bd40eb030200c0ba050000010902115c01000000000904000001b504b100090581"], 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x9, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000e4ed634f5f9d2cbc0000ee000047b9d7472c664a307f00aeee3c24a098ec2fd276"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x18)
syz_emit_ethernet(0x52, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004c0000440000000000069078ac1e0001ac14140d8307d7e0000002440c05030000000700000000860600"/66, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5008bae4c7"], 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x2121)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
ioctl$IOCTL_VMCI_CTX_SET_CPT_STATE(0xffffffffffffffff, 0x7b2, &(0x7f0000000380)={&(0x7f00000007c0)=[0x9, 0x10000, 0x4, 0x8, 0xf, 0xffff, 0x56f, 0x1, 0x1000, 0x1, 0x6a53, 0x6, 0x101, 0x100, 0x80, 0x2, 0x6, 0x5, 0x4, 0x800, 0x80000000, 0x200, 0x7, 0x8ae1, 0x8, 0x7, 0x7, 0x8, 0x9, 0xad0, 0x7, 0x6, 0x401, 0x6, 0xfffff217, 0x8, 0x81, 0x6, 0x30, 0x6, 0x1, 0x5, 0x3, 0x1ff, 0x9, 0x3, 0x80, 0x8, 0x100, 0x800, 0x4, 0x7, 0x6, 0x0, 0x4, 0x2, 0xffff8001, 0x8, 0xfffffffd, 0x3, 0x9, 0x7, 0x386, 0x1, 0x7, 0xa, 0x8, 0xe63, 0x0, 0x7fff, 0x4, 0x4, 0xd, 0x4, 0x0, 0x9, 0x401, 0x9, 0x400, 0x0, 0x4, 0xfffff1f5, 0x5176, 0x4, 0x6, 0x200, 0x8001, 0xd, 0x0, 0x5060, 0x355, 0x7fff, 0x0, 0x5, 0x866, 0x7, 0x2, 0x3, 0x8, 0xfffffd4c, 0x80000001, 0x10000, 0x1, 0x5, 0x63, 0xe, 0xffffffff, 0x4, 0xd, 0x1000, 0xd746, 0x7, 0x7, 0x6c3, 0xc0f, 0x80000000, 0x283, 0x8, 0xaa16, 0x5, 0x6, 0x3, 0xfb6d, 0x101, 0x3, 0x7, 0x0, 0x2, 0xb512, 0xffffffff, 0x2, 0x1, 0xfffffffa, 0x0, 0x4, 0x3, 0x5, 0x401, 0x4, 0x0, 0x7fffffff, 0x3, 0x2, 0x3, 0xb1, 0x3, 0x10001, 0x1, 0x5, 0x88e3, 0x1, 0x0, 0x2, 0x5, 0x6, 0x59a, 0x6, 0x1, 0x5, 0x1e61, 0x7, 0x67, 0x3, 0x1, 0x8, 0xd3d1, 0x3, 0xb, 0x1, 0x2, 0x2, 0x1, 0x7, 0x9, 0x7, 0x7, 0x1c, 0x9, 0x3ff, 0x6e8, 0x5, 0x3c, 0x5, 0xa00, 0xff, 0x1, 0x200, 0x1c3, 0x28eb, 0x0, 0x0, 0x4, 0x5, 0xd, 0x4, 0x2, 0x200, 0x960, 0x3, 0xe835, 0x28, 0x2, 0xed6, 0x8, 0x401, 0xffff, 0x6, 0xec4, 0x101, 0x8, 0x6, 0x1, 0x2, 0x0, 0x2, 0x5, 0xfffffffd, 0x100, 0x9, 0x3, 0x7ff, 0xc0, 0x81, 0x5, 0x5f9d6f6a, 0x8, 0xcc22, 0x40, 0x2000, 0x7f, 0x1, 0x8000, 0xff, 0x6, 0x2, 0x4, 0x0, 0x1, 0x2, 0xaa, 0x7, 0x1, 0x6, 0x3, 0x10, 0x100, 0x4, 0x9, 0x6, 0x4, 0xf5, 0xd7c, 0x6a8a, 0x511, 0x3ff, 0x3, 0x6, 0x9, 0xa68a, 0x5, 0x2, 0x9, 0x7, 0xffd7, 0x6, 0x4, 0xfffffffe, 0x7, 0x9, 0x2, 0x6, 0x183b, 0x5, 0x3, 0x6, 0x2, 0x80000001, 0x0, 0x6, 0x400, 0x4, 0x7, 0x8, 0x101, 0x5, 0x5, 0x6, 0x7, 0xfb5f, 0x1, 0xc5a8, 0xffff, 0x4, 0x2, 0x0, 0xb10, 0x1, 0x9, 0x28, 0x6, 0x5541, 0x6, 0x9, 0x5, 0x8, 0xa2a5, 0x2, 0xcc2, 0x3, 0xfc6, 0x7, 0x1, 0x615, 0x0, 0x4, 0x3, 0x0, 0x7, 0x36, 0xfffffe6f, 0x10001, 0x3, 0x3, 0x3, 0x7, 0x260, 0x401, 0x5, 0x3, 0xc, 0x4ef0, 0x4, 0x43bb, 0xb, 0xa4, 0x3, 0x1, 0x80, 0xb, 0x7, 0x4, 0x800, 0x3ff, 0x200, 0x1, 0x5, 0x0, 0x8, 0x3, 0x80, 0x0, 0x18e, 0x3, 0x9, 0x3, 0x1ff, 0xe4, 0x80, 0x800, 0x7, 0xfffff117, 0x7fff, 0x37, 0x401, 0x8000, 0x4, 0x0, 0x2, 0x8fc, 0x8, 0x7f, 0xf, 0x8001, 0x4, 0x4, 0x2, 0xfffff120, 0x8001, 0x6, 0x6, 0x3, 0x3ff, 0x8, 0x0, 0x2, 0xaedc, 0x7, 0xfffffff8, 0x1, 0x3de7b291, 0x40, 0x6, 0x0, 0x9, 0x0, 0xb, 0x0, 0x1000, 0x3ff, 0x4, 0x47d7, 0x3, 0xd63, 0x2, 0xe, 0x4, 0x5, 0x8, 0xd, 0x9, 0x7, 0x8, 0xabe, 0xfffffffc, 0x8000000, 0x2, 0x2, 0x100, 0x7, 0x2, 0x4000000, 0x4, 0x4, 0x80000000, 0x80, 0x2fba, 0x5e, 0x1000, 0x7, 0x7, 0x6, 0x80000001, 0x2, 0x8, 0x1d, 0x400, 0x0, 0x12f9, 0xfbd, 0x0, 0x0, 0x2, 0x2a9, 0x6, 0x3, 0xc0, 0x8, 0xb, 0x5, 0xffff, 0x10001, 0x70000, 0x4, 0x4, 0x30c, 0x8, 0x6, 0x7, 0xb, 0x1d1, 0x9, 0x2, 0x4f, 0xffffffff, 0x647e7bff, 0x7, 0x2, 0xffff, 0x0, 0x9, 0x7, 0x0, 0x6, 0x61d, 0x80000000, 0x200004, 0x7, 0x5, 0x8001, 0x3, 0x7, 0x1, 0xf0, 0x5, 0x990, 0x8, 0x1, 0xa42, 0x0, 0x28, 0x101, 0xe063, 0x7, 0x9, 0xd2, 0xf, 0x5, 0x7fffffff, 0x7, 0xd, 0x544, 0x339, 0x9, 0x3, 0x1, 0xfff, 0xffff, 0x7f, 0x7f, 0x3, 0x118f, 0x97, 0x7, 0x1, 0x3, 0x3, 0x2, 0x7ff, 0x0, 0x2, 0xfff, 0x7, 0x2a, 0x6, 0x80000001, 0x3, 0x1, 0x9, 0x5c530d21, 0x1, 0x6fe, 0x20000001, 0xc84, 0x100, 0x5, 0xa, 0x7f, 0x0, 0x1000, 0x2, 0x8000, 0xfffffffc, 0x3, 0x5, 0x10000, 0x101, 0x4, 0xffff, 0xdfef, 0x2, 0x3, 0x3, 0x3, 0x9, 0xa1, 0x80000000, 0x10, 0x10000, 0x88, 0x400, 0x10, 0x7fffffff, 0x1af, 0x6, 0x1, 0xffffffff, 0x80000001, 0x85e2, 0x1000, 0x0, 0x0, 0x80000001, 0x1, 0x1, 0x6, 0xff, 0x8, 0x3ff, 0x8, 0x1, 0x80000001, 0x3, 0x2b81, 0x7, 0xfffffc00, 0x89f, 0x200, 0x0, 0x170c, 0x3, 0x9, 0x4, 0x7, 0x1, 0x4, 0x2, 0x5, 0x736, 0xe660, 0x8, 0x7, 0xb443, 0x10001, 0x0, 0xa, 0x9, 0x2, 0x8, 0x1000, 0x81, 0x2, 0x1, 0x6, 0x8000, 0x9, 0x5, 0x60, 0x7d, 0xffff, 0x7f, 0x7, 0x7, 0x4, 0xbb38, 0x2, 0x0, 0x5, 0x800, 0x3d7, 0x9, 0x33f, 0x9, 0x400, 0x101, 0x4, 0x36d, 0x5, 0x1, 0x5ac, 0x77, 0x3, 0x4, 0xfffffff8, 0x5c42, 0x3, 0x1, 0x1, 0x0, 0x1, 0x7, 0x6, 0xe9f, 0x4, 0x81, 0x5, 0x0, 0x5, 0xffffffff, 0x10000, 0x10000, 0x9, 0x9, 0x2, 0x80, 0x10001, 0x3, 0x13, 0x80000000, 0x6, 0x9, 0xfffffff9, 0x9, 0xc2, 0x400, 0x4, 0xfff, 0x6, 0x8, 0x5, 0x100, 0x7, 0x6c, 0x1, 0x145f, 0x9, 0x8, 0x7, 0x6, 0xb4, 0xffffffff, 0x4, 0x4, 0x5, 0xd, 0x3ff, 0x8, 0x4, 0x200, 0x5, 0x9fa3, 0x8, 0x9, 0x7, 0x0, 0x9ef, 0x7, 0xe87, 0x2, 0x0, 0x4, 0x23d, 0x5, 0x8, 0x0, 0x1, 0x7, 0x3, 0x9, 0x8d, 0x8, 0x9, 0xe23, 0x7, 0x0, 0x5, 0xae, 0x3, 0xaeb8, 0x3, 0x24c, 0x8, 0xa, 0x10, 0x8, 0x10, 0x0, 0x52, 0x2, 0x3, 0x502b, 0x401, 0xffffffff, 0x5, 0x8, 0x2, 0x80, 0x26, 0x9, 0x1da, 0x4, 0x2, 0x7b3, 0xd, 0xb, 0x1, 0x60, 0x9cac, 0xffffff81, 0x1d3, 0x6, 0xff, 0x5, 0x80, 0x4, 0x4, 0x8001, 0x5, 0x9, 0x3, 0x7fe0000, 0x8, 0x6, 0xe, 0x5, 0x8, 0x76d, 0x8000000, 0x3, 0xa, 0x1, 0x401, 0x8, 0x7, 0xffffffff, 0x40, 0x9, 0x1, 0x7ff, 0x3, 0x3, 0xff, 0x7, 0xb7f, 0x9, 0x8001, 0x9, 0x5, 0x3, 0x8, 0x2, 0x4, 0x0, 0x9, 0x3, 0x2, 0x5, 0x9, 0x8, 0x7, 0x10001, 0x4, 0x2, 0x9, 0x5, 0x8, 0x2, 0x7, 0x6, 0x0, 0x1, 0xfffffff9, 0xff, 0x1, 0x40, 0x1, 0x7, 0xb, 0x8000000, 0x7fffffff, 0x4, 0x0, 0xfffffc01, 0x6, 0x3, 0xffffffff, 0x0, 0x8, 0xfff, 0x4, 0x10000, 0x2, 0x2, 0x1, 0x1, 0x0, 0x1, 0x7, 0x6, 0x800, 0x1, 0x2, 0x0, 0x7, 0x2, 0x2, 0x64d4, 0x8, 0x3, 0x7, 0x7fffffff, 0x4, 0x7, 0x6, 0x7, 0x3, 0x7, 0xf94, 0x7fff, 0xff, 0x5, 0xfff, 0xfffffffb, 0x1, 0x7a, 0x80000001, 0x0, 0x4, 0x8, 0x400, 0x0, 0xe, 0x0, 0x8001, 0xd, 0x1, 0x2, 0x10, 0xffffffff, 0xfffffff9, 0x45c5, 0x2, 0xf54, 0x607, 0xfffffff7, 0x9, 0xfd4, 0x5, 0x6, 0x7, 0x2, 0x401, 0x1, 0x0, 0x4, 0x4, 0x5, 0x2, 0x3, 0x4, 0x0, 0x4, 0x4, 0xc74, 0x58, 0x8, 0x9, 0x80000001, 0x285, 0x1, 0x101, 0x1, 0x0, 0x40, 0x1, 0x7d0, 0x8, 0x7c78bda5, 0x4, 0x954, 0x10, 0x4, 0x14000000, 0x7, 0x4, 0x4, 0x5, 0x8, 0x2, 0x9, 0x1, 0xffffffff, 0x8, 0x0, 0x7, 0x7, 0x4, 0x7, 0xf77f, 0x9, 0x7, 0x0, 0xf172, 0xe, 0x9, 0xff, 0x40, 0xb, 0x10000, 0x7, 0x3, 0x4, 0xc, 0x4, 0xe9e, 0x1000, 0x9, 0x4, 0x42, 0x3, 0x1, 0x7, 0x7, 0x7, 0x3, 0x4, 0x401, 0x2, 0xff, 0x7, 0x5, 0x5, 0xffffffff, 0x9, 0x9, 0x8, 0x9, 0x1000, 0x5, 0xd4d, 0x9, 0x1c0, 0x100, 0x0, 0x1, 0xffffffff, 0x9, 0x200, 0x401, 0x80000000, 0x0, 0x8000, 0x9, 0x2, 0x2, 0x4, 0x3, 0x0, 0x3d, 0x7fff, 0xfffffffd, 0x8, 0x6, 0x7, 0x1, 0xc, 0xfffffffb, 0x9, 0x8, 0x4, 0x5, 0x80000000, 0xc874, 0x8, 0x800], 0x6, 0x400, 0x5})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'trusted:', 'syz', 0x20, 0x1000}, 0x2d, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_update={'update ', 'default', 0x20, 'trusted:', 'trusted:'}, 0x20, 0xfffffffffffffffd)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')

4.912280326s ago: executing program 6 (id=7611):
execve(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)={[&(0x7f0000000040)=':/(\'\\^\x00']}, &(0x7f0000000180)={[&(0x7f00000000c0)='-\x00', &(0x7f0000000100)='!]-\x00', &(0x7f0000000140)='\x00']})
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000001c0), 0x80081, 0x0)
ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f0000000200))
r1 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000240), 0x200002, 0x0)
connect$bt_sco(r1, &(0x7f0000000280)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}}, 0x8)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_TEST_OP_ACCESS_REPLACE_IOAS(r1, 0x3ba0, &(0x7f0000000300)={0x48, 0xb, r1, 0x0, r2})
recvfrom$ax25(0xffffffffffffffff, &(0x7f0000000380)=""/4096, 0x1000, 0x10020, &(0x7f0000001380)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x7}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @bcast, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
r3 = syz_init_net_socket$llc(0x1a, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001400)={'team_slave_0\x00', <r4=>0x0})
ioctl$sock_SIOCOUTQNSD(r1, 0x894b, &(0x7f0000001440))
connect$bt_l2cap(r1, &(0x7f0000001480)={0x1f, 0x5, @any, 0xd6b3}, 0xe)
ioctl$KVM_S390_VCPU_FAULT(r1, 0x4008ae52, &(0x7f00000014c0)=0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001500)={'veth0_to_bond\x00'})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000001540)={<r5=>0x0, 0x5, 0x9eb}, &(0x7f0000001580)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000015c0)={r5, @in={{0x2, 0x4e23, @empty}}, 0x7, 0x400, 0xd85, 0xc, 0x30, 0x2}, &(0x7f0000001680)=0x9c)
setsockopt$MRT_DEL_VIF(r1, 0x0, 0xcb, &(0x7f00000016c0)={0x0, 0x1, 0x6, 0x3, @vifc_lcl_addr=@multicast1, @multicast2}, 0x10)
bind$x25(r1, &(0x7f0000001700)={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}}, 0x12)
ioctl$IOMMU_IOAS_IOVA_RANGES(r1, 0x3b84, &(0x7f00000017c0)={0x20, r2, 0x8, 0x0, &(0x7f0000001740)=[{}, {}, {}, {}, {}, {}, {}, {}]})
r6 = getpgid(0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000001840)={{0x7, 0x1, 0x7, 0xffff, 'syz1\x00', 0xbff8}, 0x0, 0x200, 0xc, r6, 0x4, 0x3, 'syz0\x00', &(0x7f0000001800)=['!]-\x00', '%\\{/)*:#&++!\x00', '\x00', '\x00'], 0x13})
syz_genetlink_get_family_id$fou(&(0x7f0000001980), r1)
ioctl$RTC_EPOCH_READ(r1, 0x8008700d, &(0x7f00000019c0))
openat$dsp(0xffffffffffffff9c, &(0x7f0000001a00), 0x101082, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000001b00)={'syztnl0\x00', &(0x7f0000001a40)={'ip_vti0\x00', r4, 0x1, 0x40, 0x1, 0xffff, {{0x1c, 0x4, 0x2, 0x7, 0x70, 0x65, 0x0, 0xd, 0x29, 0x0, @remote, @multicast1, {[@timestamp_prespec={0x44, 0x1c, 0x39, 0x3, 0x7, [{@dev={0xac, 0x14, 0x14, 0x25}}, {@loopback, 0x267d}, {@private=0xa010102, 0x8}]}, @timestamp={0x44, 0xc, 0x83, 0x0, 0x7, [0x0, 0x8]}, @lsrr={0x83, 0x7, 0xc0, [@loopback]}, @lsrr={0x83, 0xf, 0x88, [@broadcast, @broadcast, @local]}, @end, @timestamp_prespec={0x44, 0x1c, 0x6b, 0x3, 0xa, [{@broadcast, 0x4}, {@multicast2, 0xa}, {@private=0xa010101}]}]}}}}})
ioctl$SIOCGETSGCNT(r1, 0x89e1, &(0x7f0000001b40)={@empty, @remote})
getsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000001b80)={@remote}, &(0x7f0000001bc0)=0xc)
fsopen(&(0x7f0000001c00)='smb3\x00', 0x0)
socket$inet6(0xa, 0xa, 0xbe8)

4.865605274s ago: executing program 7 (id=7612):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x7f00000000000000, 0x0, 0x1)

4.766773346s ago: executing program 6 (id=7613):
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='stack\x00')
lseek(r2, 0xae7d, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x42000, 0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r2)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000000780))
sendmsg$DEVLINK_CMD_RELOAD(r2, &(0x7f0000000480)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x201}, 0xc, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="84000000", @ANYRES8, @ANYBLOB="01042dbd7000fcdbdf2525000000080001007063690011000200303030303a30303a31302e300000000008008a00", @ANYRES32=r2, @ANYBLOB="08000100706369300000000008008b000000000000000000000000000000000001d4a9880749a97370008920f077df72b0fd6020ed157160f676272c6b0ec8491a43c50491e8d6b649af992c6a6c8c19313acd09869227d208", @ANYRES16=r4, @ANYRES32=r2, @ANYBLOB], 0x84}, 0x1, 0x0, 0x0, 0x200c000}, 0x20040801)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
ioctl$TUNSETOFFLOAD(r3, 0x400454d0, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r6, 0x84, 0x1, &(0x7f0000000900)={0x0, 0x0, 0x2, 0x7, 0x1ffd, 0x2}, 0x14)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$USBDEVFS_ALLOW_SUSPEND(0xffffffffffffffff, 0x5522)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000040)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x4, 0x25, 0x0, 0x0, 0x800, 0xa, 0x0, 0x0, 0xb5, 0x0})
syz_genetlink_get_family_id$tipc2(0x0, r2)
sendmsg$TIPC_NL_KEY_SET(r5, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYRES16=r5, @ANYRES32=0x0], 0xfc}, 0x1, 0x0, 0x0, 0x20004001}, 0x4010)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000140), 0x4)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f00000001c0)={0x4, &(0x7f0000000040)=[{0x0, 0x0, 0xcc, 0x5}, {0x6, 0x9, 0x2, 0x7}, {0xd, 0x7, 0x3c, 0x40}, {0x6, 0xa, 0x10}]}, 0x10)
r8 = syz_io_uring_setup(0x5c2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x8006, 0x11f}, &(0x7f0000000240)=<r9=>0x0, &(0x7f0000000200)=<r10=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000700)={r2, 0x0, 0xc2, 0x22, &(0x7f0000000540)="f107f4f79202202ca28c9fe08862f8794e1b46e5f08cf7c6c568321b2b7b1b332555b951534815c7217a63042f38d6f2ea52997c2f62dbe82573fd6711092c097fb8ebdcf2279733759ded45fb5d8d4c00ca11cc80caf5abda01775b15dac058d7070d1eb26860380207879af486b51923f23d1946859818032aa57b5f34f38568470bc5914131c22fc232bc4201ba1cf269432f92d3fc8b7742233991bf3549553c3ca995ed2915e5aec6e250b27115a859f21a83293973d9fffe5895f36399e88c", &(0x7f0000000640)=""/34, 0xb4b, 0x0, 0x0, 0x3c, 0x0, &(0x7f00000006c0)="ea99394a5f49cab8cef339b7f0def184c373ac8c50a2f4c7f39c9f9db92be8e16dde31179a29927a4c4c7e892c5eda9eec7dfb4bb198d6e470fa3d38", 0x4}, 0x50)
syz_io_uring_submit(r9, r10, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x68, 0x3, r8, 0x0, 0x0, 0x0, 0x1, 0x1, {0x2}})
io_uring_enter(r8, 0x6e2, 0x600, 0x1, 0x0, 0x0)

3.850901111s ago: executing program 7 (id=7614):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
recvmmsg(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)=""/106, 0x6a}], 0x1}, 0x2}], 0x1, 0x10002, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={<r2=>r1})
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0x50, 0x140c, 0x0, 0x70bd2b, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_RES_CQN={0x8, 0x3d, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_RES_CQN={0x8, 0x3d, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DISASSOCIATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="ffffffff", @ANYRES16=r3, @ANYBLOB="010081fffffffddbdf252800000008000300", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0xc0c0)

3.012648265s ago: executing program 1 (id=7615):
process_vm_writev(0x0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, 0x0, 0x0, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x20)
preadv(r3, &(0x7f0000001b00), 0x0, 0x2, 0x0)
read$FUSE(r3, 0x0, 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r0, 0xff08, 0x0)
r4 = gettid()
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r5, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, 0x0, 0x0)
write$rfkill(r5, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000005000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b80)=@newtaction={0xc8, 0x30, 0xeaa3ef926154e70d, 0x0, 0x0, {}, [{0xb4, 0x1, [@m_sample={0xb0, 0x2, 0x0, 0x0, {{0xb}, {0x64, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PARMS={0x18, 0x2, {0x3, 0xd, 0x10000000, 0x0, 0x3}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x100008, 0x4d82, 0xffffffffffffffff, 0x7ff, 0x4}}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0xfff, 0x88, 0x6, 0x3, 0x1}}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xffffffff}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x8}, @TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x2}]}, {0x22, 0x6, "b993a266d04d68c578a189161d7b3605ae1ad871dbd78a555343b82aff5a"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xc8}}, 0x0)
r7 = socket(0x10, 0x800, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x2004cc43)
sendmmsg$alg(r7, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000000))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=ANY=[@ANYRESDEC=r7, @ANYBLOB="cbe9d64dbc55ee28943a285094f6519f1a293363c8ea2effd63ac7d825493059a3e07c6c3ecfd3d9d54b0353ac1e978b4651db133f0b97011fa699a56f8453bd158f766141a0e2c0ce36f9ef228e34085704c384b49ef660779354135b12cd592b6d88a2781a44b984efa0cd2b90aa1595ddfbb250e96f1157fb738bb7dfe5e312b7f9d2bfeb9ac3d22166968252ed1ca8af1b34c01cefcb323874ad2b308481ff96173593545176cea708b56e9ea02027", @ANYRESDEC], 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)
ioctl$LOOP_SET_DIRECT_IO(r3, 0x4c08, 0x8)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x118, &(0x7f0000000400)=0xb, 0x0, 0x4)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100002b715f08e11d02c1894d0000000109021200010000006c0904"], 0x0)

2.885528361s ago: executing program 7 (id=7616):
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x6e23, 0xfffffdff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000006480)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000280)="e00688906b97878270b4e2a5780fadc188fe287a823f5abed27e4fb5cb87096e3d8901282cf56e61a604e941cf082f4889de79c2b3584eb4cc2455696c784b805b072b58615878e38d53a9", 0x4b}, {&(0x7f0000000300)="3599e95720f34e2f35527f68a8807e45206c336a1df7314f4042db703d25bb5312943490dc482149505006f469dfd72981349715e9c181a8a5efc4d7878f76f4ca03c4a57d52456184ffd03a82b11dd769d9f50a78235578b473e82237da105b1a1a2e67ba2d8b3b9e8d5f50d2a535e8a01e30f17cf9cd882eb9f0baa7eb74a176b37df1", 0x84}, {&(0x7f00000003c0)="cf80396936f8a6a14b59caa3096bcf9ce5c989877e242f6121eacbcf31c4776b6b3861535adec08486be4ed6f75b7dda9af055a0d3a762d2d5eddd39769dd82382b2cdee0c3ed2206e79347c5d9b27c103d629bc849f0210c5da759ef2940e299168d000e9578b7e2fab9f36c8a47a7fa9528d37dcf370452ad402561111e42b0766f5414182c108d4f89c3f958ea3ed03a82affced73ca6fd02fc2046a270885e9e007d4aca8b778df400b23322add44fa869fe12fbb1dfd2978708679abb3bbcfc6b5e6d537624db4d642595c3d03b17c17b5b2a4461db0c6e59", 0xdb}, {&(0x7f0000000500)="e63dd3b79d52e25566fb589091ae0936d572354d99d6407f2d69d912f0f7dd838d2814315a52385f68531123012a131a7427055b3c2170b73ee47575a1f00e0c0f0438399ffdc5550d2121c91f223fc29fb265f49e6fc61284d7d4fdaa4a03b5785000050f22d3fd669307b99135c808571cd1067b6498327bb29daabc8c074d891316f7cf56b74b3b81169f36a0c30da540357f6fcaab960df8a99b661a7cf207db6003fa2e0bdf9d1c4376b408dfa27c7cb38ad6aa24e6fad0b595819a681010e247c27aa84e84a2c4b06c4085226ecf65f6c04505668c9a", 0xd9}, {&(0x7f0000000600)="7ede2bf5d6052203748e547c68292a53f38e33bffb13b4a089bf07917afb597537bb458811ff706941e303abc3a6fb78a1c33a190a367d16920e900710b90eedc4228a52581fc386548d40205757eb0daa05e09e0535ce03f632d9c7d65d1e15e7a6a76660d5ab042b77a321d4164d4e6aac68316187b9ac22c2349f66683c3cf786dc6d4edb50f354ef416c486d77f22d9bc7fd82007fb9f5c9cabf72080aba3682f0fae4279c0a70b15c3ed4c60c674ec5f7d7e96edc9f7f4d7be6ac5c6ce26e68653a78117896d3c9a86b1b93b7f7725e76facca1", 0xd6}, {0x0}], 0x6, &(0x7f00000009c0)=[@dstopts={{0x1a0, 0x29, 0x37, {0x2b, 0x30, '\x00', [@padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x40, {0x3, 0xe, 0x10, 0xaa8, [0x8000000000000000, 0xffffffff, 0x80e, 0x8001, 0x80000000, 0x0, 0x2]}}, @generic={0x68, 0xcf, "ca3fd1e409f0450a1d12e21b79e03ed15a064706249abae2befd097496efca869ca4a2363c430b74631d4773182470a2765b4150e92ab60c62cb6df2152e80878bd5421df7e03e8f753d2b08b8d0e962b4073ad8e0ffa2abd804d883052c4e8b261fb3b4e293ea26bbddda406d1dc31f07323cfdb9a5e33af752c5acae6f852c56228d082bc5a427371b96eced97df5fea49e1ec733cee6e80737072639a95f9e78d3d9da386195527e6a161bc9f293844873a32904f3e3cdbaf886a7a901fad4ae9c5a5534054f0f30ed05046f95a"}, @ra={0x5, 0x2, 0x1135}, @calipso={0x7, 0x10, {0x2, 0x2, 0x4, 0x748, [0x7]}}, @enc_lim={0x4, 0x1, 0x4}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x81}, @calipso={0x7, 0x40, {0x3, 0xe, 0x9, 0x1, [0x7f, 0x7f, 0x1, 0x6, 0x5, 0x8001, 0xc2000]}}]}}}, @rthdrdstopts={{0x38, 0x29, 0x37, {0x0, 0x3, '\x00', [@padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @mcast2}]}}}], 0x1d8}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)=[@pktinfo={{0x24, 0x29, 0x32, {@private0}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xffffffff}}], 0x40}}], 0x2, 0x0)

2.837136024s ago: executing program 7 (id=7617):
r0 = add_key(&(0x7f00000001c0)='big_key\x00', &(0x7f0000000200)={'syz', 0x1}, &(0x7f0000002240)="d790b0c9", 0x4, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r0, r1, 0x26)
keyctl$update(0x2, r0, &(0x7f0000000240)="ac", 0x1)

2.743715539s ago: executing program 6 (id=7618):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x3c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x20, 0x11d, 0x0, 0x1, [{0xfffffffffffffd2d, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6}, @NL80211_TID_CONFIG_ATTR_NOACK]}]}]}, 0x3c}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x80)
socket$igmp(0x2, 0x3, 0x2)
openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000004200)=ANY=[@ANYBLOB="12010000e2793b10d1050120f808010203010902"], 0x0)
socket(0x10, 0x3, 0x0)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000200)={0x0, 0x9e74, 0x0, 0x4}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0xfffffffffffffdd1, 0x0, 0x0, &(0x7f0000000140)}, 0x100)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r8, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9, 0x12, r8, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080), 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd_index=0x7fffffd, 0x2, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x3f70, 0x0, 0x0, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="880000000314100029f07b25082f5dbd7000ffdbdf250900020073797a3000000000080041007369770014003300766c616e300000000000000000000000090002007379783000000000080041007278650014003300766c616e3000000000000000000000000900020073797a320000000008004100727865001400330069705f7674693000000000000000000052348016655780c299aeffc79e227f63a5a2f3cd8457d53b44bbc92998fd17ce34a9"], 0x88}, 0x1, 0x0, 0x0, 0x880}, 0x20000004)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r9, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r9, &(0x7f000000e280)={0x2020, 0x0, <r10=>0x0}, 0x2020)
write$FUSE_BMAP(r9, &(0x7f0000000080)={0x18, 0x0, r10, {0x7}}, 0x18)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

2.605455806s ago: executing program 7 (id=7619):
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000580)={'batadv_slave_1\x00', <r2=>0x0})
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x691, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000300)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x4, r2, 0x0, r0}, 0x10)
mmap$xdp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x6, 0x11, r0, 0x100000000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x8)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f00000011c0)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f00000000c0)='./file0\x00')
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000180)=@filename='./cgroup/cgroup.procs\x00', 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa3e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r4}, 0x10)
setregid(0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xc00, 0x100)

1.930252455s ago: executing program 4 (id=7620):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r2=>0x0})
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010428bd7000fbdbdf250100000008000300", @ANYRES32=r2, @ANYBLOB="080003", @ANYRES32=0x0, @ANYBLOB="0c00060001"], 0x30}, 0x1, 0x0, 0x0, 0x8000}, 0x80)

1.75073126s ago: executing program 0 (id=7621):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
recvmmsg(r0, &(0x7f0000001e40)=[{{&(0x7f00000000c0)=@qipcrtr, 0x80, &(0x7f0000000800)=[{&(0x7f0000000140)=""/111, 0x6f}, {&(0x7f00000001c0)=""/217, 0xd9}, {&(0x7f0000000380)=""/204, 0xcc}, {&(0x7f0000000480)=""/234, 0xea}, {&(0x7f0000000580)=""/211, 0xd3}, {&(0x7f0000000680)=""/181, 0xb5}, {&(0x7f0000001f00)=""/172, 0xac}, {&(0x7f00000002c0)=""/95, 0x5f}, {&(0x7f0000000040)}], 0x9, &(0x7f00000008c0)=""/119, 0x77}, 0x400}, {{&(0x7f0000000940)=@ieee802154={0x24, @short}, 0x80, &(0x7f0000001d40)=[{&(0x7f00000009c0)=""/244, 0xf4}, {&(0x7f0000000ac0)=""/22, 0x16}, {&(0x7f0000000b00)=""/7, 0x7}, {&(0x7f0000000b40)=""/76, 0x4c}, {&(0x7f0000000bc0)=""/171, 0xab}, {&(0x7f0000000c80)=""/4096, 0x1000}, {&(0x7f0000001c80)=""/182, 0xb6}], 0x7, &(0x7f0000001dc0)=""/102, 0x66}, 0x3}], 0x2, 0x12000, &(0x7f0000001ec0))
setresgid(0x0, 0xee01, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000080), 0x8000, &(0x7f00000024c0)=ANY=[@ANYBLOB='quota'])
lchown(&(0x7f0000000000)='./file1\x00', 0x0, 0x0)

1.647131555s ago: executing program 4 (id=7622):
r0 = socket$kcm(0x10, 0x2, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x2)
getsockopt$sock_cred(r3, 0x1, 0x11, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmsg(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x8)

981.432374ms ago: executing program 0 (id=7623):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setresgid(0x0, 0xee01, 0xffffffffffffffff)
mount$tmpfs(0x0, 0x0, &(0x7f0000000080), 0x8000, &(0x7f00000024c0)=ANY=[@ANYBLOB='quota'])
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000f80)={'wlan1\x00', &(0x7f0000000f40)=@ethtool_stats})

709.454199ms ago: executing program 4 (id=7624):
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x6e23, 0xfffffdff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000006480)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000280)="e00688906b97878270b4e2a5780fadc188fe287a823f5abed27e4fb5cb87096e3d8901282cf56e61a604e941cf082f4889de79c2b3584eb4cc2455696c784b805b072b58615878e38d53a9", 0x4b}, {&(0x7f0000000300)="3599e95720f34e2f35527f68a8807e45206c336a1df7314f4042db703d25bb5312943490dc482149505006f469dfd72981349715e9c181a8a5efc4d7878f76f4ca03c4a57d52456184ffd03a82b11dd769d9f50a78235578b473e82237da105b1a1a2e67ba2d8b3b9e8d5f50d2a535e8a01e30f17cf9cd882eb9f0baa7eb74a176b37df1", 0x84}, {&(0x7f00000003c0)="cf80396936f8a6a14b59caa3096bcf9ce5c989877e242f6121eacbcf31c4776b6b3861535adec08486be4ed6f75b7dda9af055a0d3a762d2d5eddd39769dd82382b2cdee0c3ed2206e79347c5d9b27c103d629bc849f0210c5da759ef2940e299168d000e9578b7e2fab9f36c8a47a7fa9528d37dcf370452ad402561111e42b0766f5414182c108d4f89c3f958ea3ed03a82affced73ca6fd02fc2046a270885e9e007d4aca8b778df400b23322add44fa869fe12fbb1dfd2978708679abb3bbcfc6b5e6d537624db4d642595c3d03b17c17b5b2a4461db0c6e59", 0xdb}, {&(0x7f0000000500)="e63dd3b79d52e25566fb589091ae0936d572354d99d6407f2d69d912f0f7dd838d2814315a52385f68531123012a131a7427055b3c2170b73ee47575a1f00e0c0f0438399ffdc5550d2121c91f223fc29fb265f49e6fc61284d7d4fdaa4a03b5785000050f22d3fd669307b99135c808571cd1067b6498327bb29daabc8c074d891316f7cf56b74b3b81169f36a0c30da540357f6fcaab960df8a99b661a7cf207db6003fa2e0bdf9d1c4376b408dfa27c7cb38ad6aa24e6fad0b595819a681010e247c27aa84e84a2c4b06c4085226ecf65f6c04505668c9a", 0xd9}, {&(0x7f0000000600)="7ede2bf5d6052203748e547c68292a53f38e33bffb13b4a089bf07917afb597537bb458811ff706941e303abc3a6fb78a1c33a190a367d16920e900710b90eedc4228a52581fc386548d40205757eb0daa05e09e0535ce03f632d9c7d65d1e15e7a6a76660d5ab042b77a321d4164d4e6aac68316187b9ac22c2349f66683c3cf786dc6d4edb50f354ef416c486d77f22d9bc7fd82007fb9f5c9cabf72080aba3682f0fae4279c0a70b15c3ed4c60c674ec5f7d7e96edc9f7f4d7be6ac5c6ce26e68653a78117896d3c9a86b1b93b7f7725e76facca1", 0xd6}, {&(0x7f0000000700)="cdd56db2730921b02aa5b7c6ff2e8078e2e8f707694ae912de358fd113b8707eff485095689f250a3219309761cec7c12e5df20ac93f470c4783a6757f58b03b5182c4c193fe2caa04a018eb0379a9e2cb41c89a4ef3f5b4cc4ae97514a89b6810ba4052c1a9f799e766aaa169d57e93ddd81b7f9dad0ea0f8443826a8c72c846689f1ff2aee7215119f9cdac2323a6164854fecb2ab823a7c6978a17797276056bc05", 0xa3}, {&(0x7f00000007c0)="a66a8c854f6f353f57fe04179a9abff9ceea01bdb2e08328eac9956e6fd6217f67e90a1f54269632d90b2d283312832b0be44a9d6522ea82d92ce0689b23493bad575cd107dc22a87c9d44a38808ce268b05ad2a04edde0517059adc2d43f09161427613ee4acca6dbd877ca3b01b92c9b567933fdd39706a9e4111563a9a41406761a2bbf", 0x85}, {&(0x7f0000000200)="88c7364a83d2ac07d5c6cd", 0xb}, {&(0x7f0000000880)="cce03d926cc56beab365a56289398a81d58352de463020e1040ab23489a71d949e8e4f5406b13c9950e474901cdd5bccbcd72344b7955d05022de97dbc56361097291a83f96972af27742cedcbed1a3d49ab3cbbd8e2f21b297de10149d19baf8e62bbf969f6004a4627e33e80057b7712", 0x71}], 0x9, &(0x7f00000009c0)=[@dstopts={{0x1a0, 0x29, 0x37, {0x2b, 0x30, '\x00', [@padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x40, {0x3, 0xe, 0x10, 0xaa8, [0x8000000000000000, 0xffffffff, 0x80e, 0x8001, 0x80000000, 0x0, 0x2]}}, @generic={0x68, 0xcf, "ca3fd1e409f0450a1d12e21b79e03ed15a064706249abae2befd097496efca869ca4a2363c430b74631d4773182470a2765b4150e92ab60c62cb6df2152e80878bd5421df7e03e8f753d2b08b8d0e962b4073ad8e0ffa2abd804d883052c4e8b261fb3b4e293ea26bbddda406d1dc31f07323cfdb9a5e33af752c5acae6f852c56228d082bc5a427371b96eced97df5fea49e1ec733cee6e80737072639a95f9e78d3d9da386195527e6a161bc9f293844873a32904f3e3cdbaf886a7a901fad4ae9c5a5534054f0f30ed05046f95a"}, @ra={0x5, 0x2, 0x1135}, @calipso={0x7, 0x10, {0x2, 0x2, 0x4, 0x748, [0x7]}}, @enc_lim={0x4, 0x1, 0x4}, @padn={0x1, 0x4, [0x0, 0x0, 0x0, 0x0]}, @jumbo={0xc2, 0x4, 0x81}, @calipso={0x7, 0x40, {0x3, 0xe, 0x9, 0x1, [0x7f, 0x7f, 0x1, 0x6, 0x5, 0x8001, 0xc2000]}}]}}}, @rthdrdstopts={{0x38, 0x29, 0x37, {0x0, 0x3, '\x00', [@padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @hao={0xc9, 0x10, @mcast2}]}}}], 0x1d8}}], 0x1, 0x0)

232.990389ms ago: executing program 4 (id=7625):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x402b80, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000480), 0x8, 0x0)
syz_io_uring_setup(0x3, &(0x7f0000000580)={0x0, 0x226f, 0x13500, 0x0, 0xeffffffd}, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000014000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0xfffffffffffffffc)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xff}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x9, 0x5, 0x0, 0x0, 0x2004cb, 0x200000000000, 0x0, 0x16, 0xfffffffffffffffd, 0x0, 0x5], 0x0, 0x200})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_ext={0x1c, 0xd, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x9}, [@printk={@lli, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x2}}, @call={0x85, 0x0, 0x0, 0x82}, @alu={0x7, 0x0, 0x4, 0x1e42d74df128cf22, 0x5, 0x100}]}, 0x0, 0x95, 0x0, 0x0, 0x40f00, 0x4a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x1f979, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10000000}, 0x94)
r4 = shmget$private(0x0, 0x1000, 0x8, &(0x7f0000ffe000/0x1000)=nil)
shmctl$SHM_STAT_ANY(r4, 0xf, &(0x7f0000000600)=""/4096)
r5 = socket$kcm(0x11, 0x2, 0x0)
ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0x5)
setsockopt$sock_attach_bpf(r5, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r5, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x4008050)

0s ago: executing program 0 (id=7626):
socket$pppoe(0x18, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/vlan/config\x00')
read$FUSE(r1, &(0x7f0000003940)={0x2020}, 0x2020)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
getsockopt$sock_buf(r0, 0x1, 0x1c, &(0x7f0000000200)=""/148, &(0x7f0000000000)=0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102387, 0x18ff3)
ioperm(0x7, 0x81, 0x2)
gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x4, 0x800000000004, @thr={&(0x7f0000000080)="b2e0086e22c2909304ed158502963497c2b36383477d4e5d7c01c49062b4b92dfbe828c559cc2b500194e706cadbee774501f927227139bd8239ed23760d3d764e4a692f2ee244d5c81beba73a867fa370aa3c56fdd3275964f90804043179cc157060338af69a13525e74a455df4b6f8825f31459e1293d848cc9aff5ac8ff181661200111763b0798c5712b76aea0f5e35809b1b2bb93a0e5c9cbe64669178b62f3f5e7b4526bdd661894010e57bebe399c898788590620759286118c35d836bd1773d7bc7", &(0x7f0000000300)="762a2a0ae042c1ea502f93ed7b93ca2ecc06565499704687833f54cfdd71582fc455a8568c244de8c5667eb998c6d791c3df1f8e86c12af650ed3cc3f13b3107c3a4178905cb9b1eaf49151bda799c76e0ed8a2395d611ef533761752f8b1e5c46abf0948a88d4a51c1f83af64a0b5c5553536c4c2d1eba6f78022a700f996947ab323c08a76ecb1243a20d1d8d6ec9f82346800c236127a62bb439cb2e6223c83d45cc80910084ec39dd3fa8371318478269648296a161fca852e664f7a99b95dab99a0d089ba2bcffc76a050d09db9dd9d5ae2a4d78c336c18f4cc566c7439a4d1be804028546f83f4328671f8b6bcb55032a8d1540e5e7516358226e0851f5d6b3cb698320d8e606db38dc76836f5cd09ddda066b8fe7114a407c3d1170bd248a3756667a6d3bb91e0a8264338f59be78e8ed649849c2705bb21dec86bde4844d3b8973b09fef12d8573b63e4c4f519109da8c0dcdf373dd64e1406628b0efbc8d4971555861e6f2a10c19218312aa9deec3cf5f5c33edbb70475635e48a50f2a13edda16f78d27691d990e49297d3bb2ec86fd5029ccb9935de2616bdadab40836ff355af9c6dee602c1ea0f62240014361181360cf17789f69f25d372c56c7ef07136a0af1818f1a7a09f0dfdd2a68121a6dd46d80595fe2a58e52598b9a485d7e1624848376fc215c7f3b0d16e42a8d5f0f90d3ec4cfb67e2820844b153159a512f441dc33528a7016ab636411e80d60e84689b373a1607fcaf078e1c34ce0c148c416cac567ad656c357820cc5ae2ee9de8de309c7a189950a92209f0e3ff89cd684f7ce28b08d438ad4f8e170ce566fee7f71c716650541f788f2c3a1f431a7eeb82c62f67d0c4c9a7d1915814521d6d085bdd0a5dc4f9ed32eb48f67f5134786142de88a45a719c3b3bef0c842fb999ae040d487b632d0fd44051ec22533bf152996ed816cfaf375bfee1bbc83e2cccd546494cfd3f5b324c096ba9d0f0a9c19955dc2810fa395b40db99c8fba343b3432147a7983b99a89935a17786ca41ac1dcaf8fc40b5d0022fd2c41bed0d85991874c2aaf2b35fc7ad16ec55429f71df00025b0262a3b002995209c43bc7a1cf7d0b60a7b881f0bf91441dc2bd82ad317200b5826f1701cf9b8e31bf60a6c2651f514936dd5c79bcd8aab1c49d18632fc63d4db391ac9e0b4960dfbf4015a85b2176aef1f8c18afa18326eeb82489bfe31f5867ddf19dd1b88af84f944fd1e20ea7b69d87aa74c02da178fb6e24ca984e77596972868475e21c144076f673f9911aa054ee457775e23f91f7359c0b92d4a4ef42021d39f90f398366bfcc0fbfcce31d0acaf64e3b59ae70cdd849cd641215c64b9760d00ee4a7e331587bc2d9fb75c94b7e0156f9dba8881a8f30e911dca3baf6e11b5d4a7f2c3b3dc2a73503efd4697b28f9d97316d0aac7923240cbaf3113ba090f5744ad6103aed6a79b0f3150cf3d38c5843d6d60c1776432c39d86f2c23799860218fcc8e17c443df298b784a064a819a6fe7f43347d644388824ad6788b9f9f2236d6caa19f36d73095c3c04021d6a10d4bf8f95751019e6289c9cfeaa017b68d8365e7d4457f8e331e188e46827de5ee4ce936972d0da0645e336b440d185df13827afbe4e998d0e99162171211afc2b8f0802bb12706f935a7e98d8c9057b89025adb1102c59bfbfa02567c05a7075f2171f20d356af163ee77e9461387d732e8b872c3f202fa209de9dff66c17d70fb33d99375b367bc358ee295e5391252b2abd8a99406d7ada84022d7832bd13ec5a9e844afd5306665a2d76c1ead813ed5f32f4fc574b84ff0e2003d5e39dfeb27c05442b90add133a4a49f13504cdc5b483b26fd4131986e07dfab7d4bbb43208bbc56e069e8e848c4655704747ff519c9ebab94f35e4cad1a09970127b6c59bad18359ff5b92de52095e980764c11b126e119959b1d8bab5a5a7fda562826c28697b7c3f02d9a614a4e23d67d83ee02d7f5dc529d2779c6b653480eb1e2dff9cec2c2bbf8202fc00b0cfb0cba3bd4dcd02505febf23dae54561d977f8552e1b3a9571c9c9374f5bdf095abe59f744d917ac6a41a1853cd372862e76ddbe0ca7509a316e2216dd826f15434968f2ac4ce1df41d9ae41ba6554739e7e4c99189b0d5a5f81deec790daf38e16f7a4fe70cfb9411eafac952b6233d4a818cd1264f46fda3c2c4a118e91123e65f6d547e0d9723f885740c70bb3f1a7dda916193d626e0c3418c822aaa4aab8aa25e57189d9fb7e784b3112dfc3898cec23d7e496830aa96633725af085c5b2d510a270e0a391e1bd466ad543d16816526b93bc04f2e97a290f9dde119325d2ca763ec2a3fbf4f8934082e103318ceee987e972adc822b2a49c6e0affc119cdbd39e511516c0996451f2cf50b583cb5d1cd36b3920d5d97c66f04d8654bf155c898fbed2a1811269c739576a6d646d4fed2c3fd581c25e43874f41e99b16ddda3b8f3bbf34cf00487007bf25669890966454551e2b44f48a645a1dd504d3ed5c5783b8121ae5e86b52476ad8631005a4f70681af088efd915745ec3d413e0c835e1954140ef7c9b195c5bec1a6d2f12a52773454313b305b43bbffcfd9a95878c16bb68cbe93b18a13bf075caeac6813cd5f7243632c23f2d4e7b9777819bf5ab9aa516b989b3596fdbebc24bd38603100ef08e98a1f8d39ac8247e0f8e1b594c5639597188a4594f3c2823be8f8ddca6862b70cb5ec163fe31cf076d4986fd3630873b0f4c82dc01da8138dca05b89df38a63ecb22ef6296a1b20b4815b7d5bc358e51c6001ef6f17847be8d0af2eefb2a1b671693948d669e4d3b8a4ab9833cd710a42bd779eb0d0beb918affe6edc9c1e6f257e0791bc4090277f2073939d40a02931ee505ae3499824f32a76bd6544aca1d35ca067a2348996b6b76c7ab3feee5b5ab6b4f93f42dc82cfafd76c73510c160b74992937e3ac933130cc263a8345138146008d0a09957655145d37d6b56a74519a18e33358f028150be79dc79e1d368f4f074e0eedae3a7f9aa55440e79ac0a0a2963ef86b9ec7a545e12ebf9e556d0680be0802bdb9030310035f803627076bbdf94d972175ed3c7694737028cf7b44ac6dc39ae3044aecaf7d673210d141dbe19f5e90f743572bea253309a82a986e25c03ada90176f6ddb02c09404ff29343b07a47068e565951b3dcbc6539edbe630b8b27cee980506d1739a20b254abe6c4d8a1e887b16eb52a3cda327aed2375f6077bf3bf0ff0ecf2fbc0a070bbe94a07c7ccb1e3871e89a24fc336f5038f43646f1a2eeb8be3f42b14bc67e03eb3dd2d1508707e84c62de68da198028cbb5aca74e1a93f92d209d9c1528a9ee8634ed63a9af164176a7b3901a98f5a7d8c9f477274357ac3d88b35018c84de1fcc3f0e4c98a554d9db8bada728b25a4baecfa87c57d4ce1a607e88370b8136d2b99e31b1195bbead78ecac688c10fbfcb3c5ff7f73514628d29be8eea840cf9b12ee70c050a8729c7bb3066ed810dc623cea7717364c4fb37814545a5633f8a114128da2f9e76ce7f8684f80a786079a8631be809ca832fb215e8df8f834390aab91d246e8a599ef0ee9af3156fd39260590aee298cf909b4f28cae2dacdbcdec9e594fc20e60eefc47248705793f965c8595bf736e4466f6fff38d13f85e8ab74e88cad457413cf4498afc35879d8ea716144bbc5d93f379d661c456a4db661b239625c3122396702028d6d5ea33ac82a519f212dd489991a94f1f666fe3c0c50d93faf24a8cf018a8fe7bfc58b63297a72f3f77bdb71e7a98b531a1a89ce70471368d1a43b81614b913aae719ec64a540f9ececb12e135029d39d43f418b604e4dded2a2dc416e4dde7376b6466df62a51e5bedf4e46bd1c16685aafbfab9d02ef70b61f91eb0758cdf58319e49955b7a4c095a5b7a07feb186b9f00ddad0f06443b0c17be2e2027a7e301691103b45f47ffa5e1dba9d4cbbe57067367de7b01f7300d739012e7b7394dfdec72f8454cefa5dfd6c0fd7e4d9f7509145c93229a035100679fc9ac048b2d04a78314c491b5914f1a341c18d6161c39e41ade74d13649e6a44d9a9dfcc792f677d52ae9d7b830de4fe0323a44050e5e0ddf5f141232196be3115b9812ccd4c53d5bf1cb5fb53859de1034a305a5a49417a5ba27069797fc77fa604805800904b22d1679db11985a7ae3ce537b25628d29007739892a4a29b03f3a5ba04b9ee35399bf07ff85c043181d9029e972e0000b94562a35289e8e6434282238c9bd911d09fb5a6cbb6bc88addac4b75d105010440b742e3f965d9e16465196c8770e7bffcca60c4f5b3ae5d6de6f0bc00869b5228bc1692d018505e64782597c21d2f174fda0b65891e6659c3438b0c1b83a421e5241c67ca92afc743b8f5d68d102c8f2bf729545893eda8aa8aeb0a82742538d09dc05663fc89e4b4131af2755763371d40d4158028e2b634e8e9c6b7aa7db434b3f4cf7ca461b45ecff6ac9c7555e20735276d6e2940402980cb874b9e044b25f776a3dc528dddf1df794ba5690d1df0803b984b535dd5a7320dae21d57342688ec8a33d7dc97cb44ad065f882c13063d8a18b285b780e39c844e0924205d19f960fd13f34f4fbd72f1aa9d132a58b6ecdd09d39201a69d61bc1ad8bd3d82adb7a426dd58d0ff40c3ef7ecb07f769fda8b1b4282b820fcc29977a6a66bb0293b6d18aea3d8667aaecc24df2f873cd1b02ed668889ef7aea511843bf02cbcdec2ececfad63f2e0834ca9c58f19e9d88bb3adbb12860385767b3940e421c20fa3c2afd6d8f54ababd6cab282fd93ed463c84fd085619ee559e88eed9497bcadb059842db458dac72c92ca02304a596f0bc89f0e4654c7b22b1dd0d96219599b27529df3abe6e90d019d58556b44045976fea892c451b7cc1ea0aa59f57df5d17ec655171d231f7ab70452ed541185d486d526670e40bbda9aeee9ed5644690908f77ead394843e8959c1db11b5578f51c35ae5c519991305208a24c05e754a4b4595c4683525a804da1e1151b680860531554553f62ff7e3c26faa2d4f4da887170404358cbc6850271e39b34589cf49e8336c9e7ee6e0840ac8b5a7bf3f82d137da540f0716f32bc6c75a4df99139c6da1d599856aec9fbb470407d5df292de400e1ec51702419ccc81102b7f39dc2dc49cfff3213da20982d786c31988e605f24327cd20a66842cdb420a0e678931aa5110ddbe9bbd76fb65428bba6b8d77c14c8e1cb771513beeba7a39aa64e14b5b99e8e27ceac173b6af4e017cad98916252030fd28df0020d5050d1af6bb067a58c08ad19ab4e83c946a0bd68fbedc820c6211d32545c01c79a59b2b5aca38a7d5b6d548fce4d4681a255926bfc992a5593a0ec217976704d4a9c5da296b833adb812e0fcb930b5f46d7cc332729c2fe840a0882c1bfacac3e92c592b0107e0c5fb88f3c90f4ba92187c0edc054b5b5eeff8149bd363d2b7a3257286ea64baf19f08778d2f1180d9378874d611d1bc15312c8b2f1566a2c62abc6d00fcc4926d696b40917d47ff14363427b6873f63078add4b93cb87a850d5b7a6b65a566a9624d8bbb05c18550d5451f010dda35755f7920bd41b17b40c3a52ad2a5a444192b6f08a1a3bbf7c7b727fa5f5b6d74850e0b70c1d7c7a47ee062d87ddbba81fc5ab1238971707349eb9c3de5696c1960c12ab9bc06f3737a159348d108c26af990c0d46872fa07871e9873bbcb0e47cadd1a4e193b78dc4ee4daf7c0"}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2)
fcntl$setlease(r3, 0x400, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x1000000)

kernel console output (not intermixed with test programs):

[ 2564.452272][ T5923] usb 2-1: Using ep0 maxpacket: 32
[ 2564.457759][T14352] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7166'.
[ 2564.475709][ T5923] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 2564.487519][T14352] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7166'.
[ 2564.496694][   T30] audit: type=1326 audit(1757129210.596:1817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.6.7160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f49451909b4 code=0x7ffc0000
[ 2564.506768][ T5923] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2564.873929][ T5923] usb 2-1: config 0 descriptor??
[ 2564.938626][   T30] audit: type=1326 audit(1757129210.596:1818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.6.7160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f494518d84a code=0x7ffc0000
[ 2565.049221][   T30] audit: type=1326 audit(1757129210.596:1819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.6.7160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494518ebe9 code=0x7ffc0000
[ 2565.079245][   T30] audit: type=1326 audit(1757129210.606:1820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14315 comm="syz.6.7160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f494518ebe9 code=0x7ffc0000
[ 2565.167457][ T5923] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 2565.291882][ T5923] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2565.406509][ T5923] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 2565.425095][ T5923] usb 2-1: media controller created
[ 2565.473859][ T5923] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2565.560873][T19305] usb 7-1: new high-speed USB device number 87 using dummy_hcd
[ 2565.800253][T14339] pim6reg: left allmulticast mode
[ 2566.043328][T14388] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7171'.
[ 2566.153189][T19305] usb 7-1: Using ep0 maxpacket: 32
[ 2566.180661][T19305] usb 7-1: config 0 has an invalid interface number: 89 but max is 0
[ 2566.221054][T14381] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7170'.
[ 2566.240672][T19305] usb 7-1: config 0 has no interface number 0
[ 2566.246804][T19305] usb 7-1: config 0 interface 89 has no altsetting 0
[ 2566.290920][T19305] usb 7-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[ 2566.295430][ T5923] az6027: usb out operation failed. (-71)
[ 2566.330770][T19305] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2566.352061][T19305] usb 7-1: Product: syz
[ 2566.359455][ T5923] az6027: usb out operation failed. (-71)
[ 2566.390179][T19305] usb 7-1: Manufacturer: syz
[ 2566.390735][ T5923] stb0899_attach: Driver disabled by Kconfig
[ 2566.402351][T19305] usb 7-1: SerialNumber: syz
[ 2566.417898][T19305] usb 7-1: config 0 descriptor??
[ 2566.419636][ T5923] az6027: no front-end attached
[ 2566.419636][ T5923] 
[ 2566.435766][T19305] em28xx 7-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 2566.448194][T19305] em28xx 7-1:0.89: Video interface 89 found: bulk
[ 2566.468535][ T5923] az6027: usb out operation failed. (-71)
[ 2566.479815][ T5923] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 2566.509128][ T5923] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input149
[ 2566.540907][ T5923] dvb-usb: schedule remote query interval to 400 msecs.
[ 2566.551615][ T5923] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 2566.587469][ T5923] usb 2-1: USB disconnect, device number 35
[ 2566.734049][ T5923] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 2567.060004][T19305] em28xx 7-1:0.89: unknown em28xx chip ID (0)
[ 2567.967261][T19305] em28xx 7-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 2568.004328][T19305] em28xx 7-1:0.89: board has no eeprom
[ 2568.081651][T19305] em28xx 7-1:0.89: Identified as Terratec Grabby (card=67)
[ 2568.093686][T19305] em28xx 7-1:0.89: analog set to bulk mode.
[ 2568.103234][ T5908] em28xx 7-1:0.89: Registering V4L2 extension
[ 2568.116915][T19305] usb 7-1: USB disconnect, device number 87
[ 2568.128509][T19305] em28xx 7-1:0.89: Disconnecting em28xx
[ 2568.135878][T14448] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7178'.
[ 2568.242232][ T5908] em28xx 7-1:0.89: Config register raw data: 0xffffffed
[ 2568.304548][ T5908] em28xx 7-1:0.89: AC97 chip type couldn't be determined
[ 2568.330546][ T5908] em28xx 7-1:0.89: No AC97 audio processor
[ 2568.453312][ T5908] usb 7-1: Decoder not found
[ 2568.457934][ T5908] em28xx 7-1:0.89: failed to create media graph
[ 2568.466635][ T5908] em28xx 7-1:0.89: V4L2 device video103 deregistered
[ 2568.922891][ T5908] em28xx 7-1:0.89: Registering snapshot button...
[ 2568.946293][ T5908] input: em28xx snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.89/input/input150
[ 2568.959714][T14448] bond0: (slave bond_slave_1): Releasing backup interface
[ 2568.984161][ T5908] em28xx 7-1:0.89: Remote control support is not available for this card.
[ 2569.006354][T19305] em28xx 7-1:0.89: Closing input extension
[ 2569.013251][T19305] em28xx 7-1:0.89: Deregistering snapshot button
[ 2569.067787][T19305] em28xx 7-1:0.89: Freeing device
[ 2569.858884][T14503] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7185'.
[ 2570.005706][T14510] netlink: 'syz.4.7183': attribute type 1 has an invalid length.
[ 2570.039677][T14500] netlink: 48 bytes leftover after parsing attributes in process `syz.6.7186'.
[ 2570.441736][T12827] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 2570.640411][T12827] usb 1-1: Using ep0 maxpacket: 16
[ 2570.692544][T12827] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[ 2570.720520][T12827] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2570.762267][T12827] usb 1-1: config 0 has no interface number 0
[ 2570.776845][T12827] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice=81.28
[ 2570.794089][T12827] usb 1-1: New USB device strings: Mfr=0, Product=27, SerialNumber=3
[ 2570.815024][T12827] usb 1-1: Product: syz
[ 2570.834704][T12827] usb 1-1: SerialNumber: syz
[ 2570.869181][T12827] usb 1-1: config 0 descriptor??
[ 2570.909909][T12827] usb 1-1: Found UVC 0.00 device syz (046d:08f3)
[ 2570.916731][T12827] usb 1-1: No valid video chain found.
[ 2571.743585][ T5908] usb 1-1: USB disconnect, device number 37
[ 2572.120323][T12827] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 2572.770197][T12827] usb 2-1: Using ep0 maxpacket: 8
[ 2572.776896][T12827] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2572.799278][T12827] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2572.838663][T12827] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2572.848698][T12827] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2572.867563][T12827] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2572.886275][T12827] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2573.109327][T12827] usb 2-1: GET_CAPABILITIES returned 0
[ 2573.118758][T12827] usbtmc 2-1:16.0: can't read capabilities
[ 2573.122409][ T5908] usb 7-1: new high-speed USB device number 88 using dummy_hcd
[ 2573.540377][ T5908] usb 7-1: Using ep0 maxpacket: 32
[ 2573.615564][T14577] usbtmc 2-1:16.0: usbtmc488_ioctl_trigger returned -90
[ 2574.674111][ T5908] usb 7-1: config 0 has an invalid interface number: 89 but max is 0
[ 2575.053862][ T5908] usb 7-1: config 0 has no interface number 0
[ 2575.060308][ T5908] usb 7-1: config 0 interface 89 has no altsetting 0
[ 2575.072087][ T5908] usb 7-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[ 2575.082979][ T5923] usb 2-1: USB disconnect, device number 36
[ 2575.085535][ T5908] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2575.097956][ T5908] usb 7-1: Product: syz
[ 2575.102441][ T5908] usb 7-1: Manufacturer: syz
[ 2575.107222][ T5908] usb 7-1: SerialNumber: syz
[ 2575.190713][ T5908] usb 7-1: config 0 descriptor??
[ 2575.203946][ T5908] em28xx 7-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 2575.213740][ T5908] em28xx 7-1:0.89: Video interface 89 found: bulk
[ 2575.855712][   T30] kauditd_printk_skb: 57 callbacks suppressed
[ 2575.855728][   T30] audit: type=1326 audit(1757129223.037:1878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="syz.0.7197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2575.886479][ T5908] em28xx 7-1:0.89: unknown em28xx chip ID (0)
[ 2575.957627][T14590] pim6reg: entered allmulticast mode
[ 2576.010401][T14608] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7200'.
[ 2576.337439][T14582] pim6reg: left allmulticast mode
[ 2576.377309][   T30] audit: type=1326 audit(1757129223.037:1879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="syz.0.7197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2576.400785][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2576.581093][ T5908] em28xx 7-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 2576.590611][ T5908] em28xx 7-1:0.89: board has no eeprom
[ 2576.651353][ T5908] em28xx 7-1:0.89: Identified as Terratec Grabby (card=67)
[ 2576.660588][ T5908] em28xx 7-1:0.89: analog set to bulk mode.
[ 2576.666646][   T30] audit: type=1326 audit(1757129223.077:1880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="syz.0.7197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2576.670930][ T5964] em28xx 7-1:0.89: Registering V4L2 extension
[ 2576.703718][   T30] audit: type=1326 audit(1757129223.077:1881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="syz.0.7197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2576.737079][   T30] audit: type=1326 audit(1757129223.077:1882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="syz.0.7197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2576.742877][ T5908] usb 7-1: USB disconnect, device number 88
[ 2576.766014][   T30] audit: type=1326 audit(1757129223.087:1883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="syz.0.7197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1ec990b07 code=0x7ffc0000
[ 2576.796474][   T30] audit: type=1326 audit(1757129223.087:1884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="syz.0.7197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fe1ec990a7c code=0x7ffc0000
[ 2576.824478][   T30] audit: type=1326 audit(1757129223.087:1885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="syz.0.7197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fe1ec9909b4 code=0x7ffc0000
[ 2576.847984][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2576.922177][   T30] audit: type=1326 audit(1757129223.087:1886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="syz.0.7197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fe1ec9909b4 code=0x7ffc0000
[ 2576.945943][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2577.031007][ T5908] em28xx 7-1:0.89: Disconnecting em28xx
[ 2577.125484][   T30] audit: type=1326 audit(1757129223.087:1887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14582 comm="syz.0.7197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe1ec98d84a code=0x7ffc0000
[ 2577.148811][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2577.460128][T19305] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 2577.649363][T14626] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7201'.
[ 2577.694887][ T5964] em28xx 7-1:0.89: Config register raw data: 0xffffffed
[ 2577.706557][ T5964] em28xx 7-1:0.89: AC97 chip type couldn't be determined
[ 2577.714053][ T5964] em28xx 7-1:0.89: No AC97 audio processor
[ 2577.789454][ T5964] usb 7-1: Decoder not found
[ 2577.804548][ T5964] em28xx 7-1:0.89: failed to create media graph
[ 2577.814637][ T5964] em28xx 7-1:0.89: V4L2 device video103 deregistered
[ 2577.822846][T19305] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2578.263929][ T5964] em28xx 7-1:0.89: Registering snapshot button...
[ 2578.270528][T19305] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2578.282361][ T5964] input: em28xx snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.89/input/input151
[ 2578.293086][T19305] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 2578.321648][T19305] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2578.339083][ T5964] em28xx 7-1:0.89: Remote control support is not available for this card.
[ 2578.371252][T19305] usb 1-1: config 0 descriptor??
[ 2578.388896][ T5908] em28xx 7-1:0.89: Closing input extension
[ 2578.400456][ T5908] em28xx 7-1:0.89: Deregistering snapshot button
[ 2578.444245][ T5908] em28xx 7-1:0.89: Freeing device
[ 2579.252302][T14666] block nbd4: Attempted send on invalid socket
[ 2579.447179][T14666] blk_print_req_error: 138 callbacks suppressed
[ 2579.455352][T14666] I/O error, dev nbd4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 2579.905955][T19305] usbhid 1-1:0.0: can't add hid device: -71
[ 2579.912044][T19305] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 2579.922712][T19305] usb 1-1: USB disconnect, device number 38
[ 2580.121483][T14683] lo speed is unknown, defaulting to 1000
[ 2580.889923][ T5964] usb 8-1: new high-speed USB device number 82 using dummy_hcd
[ 2581.069836][ T5964] usb 8-1: Using ep0 maxpacket: 8
[ 2581.159612][ T5964] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2581.169977][ T5964] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2581.309861][ T5964] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2581.330380][ T5964] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2581.343991][ T5964] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2581.353570][ T5964] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2581.692637][ T5964] usb 8-1: GET_CAPABILITIES returned 0
[ 2581.746516][ T5964] usbtmc 8-1:16.0: can't read capabilities
[ 2581.908653][T14731] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7212'.
[ 2582.186122][T14729] fuse: Unknown parameter '0x0000000000000004'
[ 2584.043937][T14746] FAULT_INJECTION: forcing a failure.
[ 2584.043937][T14746] name failslab, interval 1, probability 0, space 0, times 0
[ 2584.096024][   T30] kauditd_printk_skb: 34 callbacks suppressed
[ 2584.096051][   T30] audit: type=1400 audit(1757129231.277:1922): avc:  denied  { setopt } for  pid=14745 comm="syz.0.7214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 2584.097887][T14746] CPU: 0 UID: 0 PID: 14746 Comm: syz.6.7215 Not tainted syzkaller #0 PREEMPT(full) 
[ 2584.097907][T14746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2584.097917][T14746] Call Trace:
[ 2584.097923][T14746]  <TASK>
[ 2584.097931][T14746]  dump_stack_lvl+0x16c/0x1f0
[ 2584.097955][T14746]  should_fail_ex+0x512/0x640
[ 2584.097975][T14746]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 2584.097995][T14746]  should_failslab+0xc2/0x120
[ 2584.098013][T14746]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 2584.098030][T14746]  ? __alloc_skb+0x2b2/0x380
[ 2584.098051][T14746]  __alloc_skb+0x2b2/0x380
[ 2584.098068][T14746]  ? __pfx___alloc_skb+0x10/0x10
[ 2584.098089][T14746]  ? netlink_has_listeners+0x20f/0x430
[ 2584.098111][T14746]  alloc_uevent_skb+0x7d/0x210
[ 2584.098136][T14746]  kobject_uevent_env+0xca4/0x1870
[ 2584.098163][T14746]  ? lockdep_init_map_type+0x5c/0x280
[ 2584.098183][T14746]  swnode_register+0x4ec/0x6c0
[ 2584.098199][T14746]  ? kasan_save_track+0x14/0x30
[ 2584.098217][T14746]  fwnode_create_software_node+0x1c8/0x3f0
[ 2584.098237][T14746]  device_create_managed_software_node+0x103/0x270
[ 2584.098259][T14746]  iommufd_test+0x1566/0x61d0
[ 2584.098282][T14746]  ? __pfx_iommufd_test+0x10/0x10
[ 2584.098300][T14746]  ? find_held_lock+0x2b/0x80
[ 2584.098317][T14746]  ? __might_fault+0xe3/0x190
[ 2584.098344][T14746]  iommufd_fops_ioctl+0x34a/0x540
[ 2584.098365][T14746]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 2584.098386][T14746]  ? hook_file_ioctl_common+0x145/0x410
[ 2584.098409][T14746]  ? selinux_file_ioctl+0x180/0x270
[ 2584.098430][T14746]  ? selinux_file_ioctl+0xb4/0x270
[ 2584.098453][T14746]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[ 2584.098474][T14746]  __x64_sys_ioctl+0x18e/0x210
[ 2584.098500][T14746]  do_syscall_64+0xcd/0x4c0
[ 2584.098523][T14746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2584.098539][T14746] RIP: 0033:0x7f494518ebe9
[ 2584.098552][T14746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2584.098567][T14746] RSP: 002b:00007f4946007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2584.098582][T14746] RAX: ffffffffffffffda RBX: 00007f49453c5fa0 RCX: 00007f494518ebe9
[ 2584.098593][T14746] RDX: 0000200000000180 RSI: 0000000000003ba0 RDI: 0000000000000003
[ 2584.098603][T14746] RBP: 00007f4946007090 R08: 0000000000000000 R09: 0000000000000000
[ 2584.098612][T14746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2584.098621][T14746] R13: 00007f49453c6038 R14: 00007f49453c5fa0 R15: 00007ffe6a4dc628
[ 2584.098643][T14746]  </TASK>
[ 2584.189290][T14746] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2584.323313][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2584.531432][ T5964] usb 8-1: USB disconnect, device number 82
[ 2585.433812][T14781] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7216'.
[ 2585.499998][ T5923] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 2585.672275][ T5923] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2585.816765][ T5923] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2585.847115][ T5923] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 2585.868750][ T5923] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2585.954822][T14797] netlink: 'syz.4.7223': attribute type 10 has an invalid length.
[ 2585.962932][T14797] netlink: 40 bytes leftover after parsing attributes in process `syz.4.7223'.
[ 2585.974268][T14797] dummy0: entered promiscuous mode
[ 2585.984398][T14797] bridge0: port 4(dummy0) entered blocking state
[ 2585.991392][T14797] bridge0: port 4(dummy0) entered disabled state
[ 2585.999817][T14797] dummy0: entered allmulticast mode
[ 2586.016595][T14797] bridge0: port 4(dummy0) entered blocking state
[ 2586.023290][T14797] bridge0: port 4(dummy0) entered forwarding state
[ 2586.516819][ T5923] usb 2-1: config 0 descriptor??
[ 2586.744367][T14812] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7225'.
[ 2586.941953][T14818] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7227'.
[ 2587.442545][T14829] netlink: 16 bytes leftover after parsing attributes in process `syz.0.7229'.
[ 2587.487211][ T5964] libceph: connect (1)[c::]:6789 error -101
[ 2587.500008][ T5964] libceph: mon0 (1)[c::]:6789 connect error
[ 2587.782723][ T5923] usbhid 2-1:0.0: can't add hid device: -71
[ 2587.790205][ T5923] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2587.845326][T14821] ceph: No mds server is up or the cluster is laggy
[ 2587.880314][ T5923] usb 2-1: USB disconnect, device number 37
[ 2588.019626][ T5908] libceph: connect (1)[c::]:6789 error -101
[ 2588.026251][ T5908] libceph: mon0 (1)[c::]:6789 connect error
[ 2588.491801][T14869] netlink: 24 bytes leftover after parsing attributes in process `syz.4.7233'.
[ 2590.149896][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 2590.489222][  T697] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 2590.849645][T14898] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2590.859285][T14898] bridge_slave_1: left allmulticast mode
[ 2590.865106][T14898] bridge_slave_1: left promiscuous mode
[ 2590.873112][T14898] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2590.950552][  T697] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 2590.964462][T14898] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[ 2590.971402][  T697] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 2591.077800][  T697] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 57250, setting to 1024
[ 2591.107000][  T697] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 1024
[ 2591.125324][  T697] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 2591.135183][  T697] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2591.449363][ T5964] usb 8-1: new high-speed USB device number 83 using dummy_hcd
[ 2591.564272][  T697] usb 2-1: Product: syz
[ 2591.569235][  T697] usb 2-1: Manufacturer: syz
[ 2591.573985][  T697] usb 2-1: SerialNumber: syz
[ 2591.599643][  T697] usb 2-1: config 0 descriptor??
[ 2591.619233][   T92] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 2591.630452][T14882] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2591.637698][T14882] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2591.660907][  T697] usb 2-1: ucan: probing device on interface #0
[ 2591.789195][   T92] usb 1-1: Using ep0 maxpacket: 8
[ 2591.870917][ T5964] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2591.882006][ T5964] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2591.897051][ T5964] usb 8-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 2591.906763][ T5964] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2591.913372][   T92] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2591.920924][ T5964] usb 8-1: config 0 descriptor??
[ 2591.954071][   T92] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2592.343745][   T92] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2592.354865][   T92] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2592.376680][   T92] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2592.386149][   T92] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2592.670108][   T92] usb 1-1: usb_control_msg returned -71
[ 2592.698911][   T92] usbtmc 1-1:16.0: can't read capabilities
[ 2592.743520][   T92] usb 1-1: USB disconnect, device number 39
[ 2592.789705][  T697] usb 2-1: ucan: could not read protocol version, ret=-110
[ 2592.808110][  T697] usb 2-1: ucan: probe failed; try to update the device firmware
[ 2592.890514][T17379] usb 2-1: USB disconnect, device number 38
[ 2593.576189][   T30] audit: type=1326 audit(1757129240.758:1923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14948 comm="syz.6.7247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494518ebe9 code=0x7ffc0000
[ 2593.876234][   T30] audit: type=1326 audit(1757129241.058:1924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14948 comm="syz.6.7247" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494518ebe9 code=0x7ffc0000
[ 2593.976266][ T5964] usbhid 8-1:0.0: can't add hid device: -71
[ 2594.010988][ T5964] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 2594.197122][ T5964] usb 8-1: USB disconnect, device number 83
[ 2594.684322][T14959] pim6reg: entered allmulticast mode
[ 2594.878980][ T5964] usb 8-1: new high-speed USB device number 84 using dummy_hcd
[ 2595.047596][T12827] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[ 2595.097688][T14948] pim6reg: left allmulticast mode
[ 2595.269530][T12827] usb 5-1: Using ep0 maxpacket: 8
[ 2595.312063][T12827] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2595.563493][ T5964] usb 8-1: config 8 has an invalid interface number: 177 but max is 0
[ 2595.572250][ T5964] usb 8-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[ 2595.585698][ T5964] usb 8-1: config 8 has no interface number 0
[ 2595.613543][T12827] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2595.623451][T12827] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2595.628911][ T5964] usb 8-1: config 8 interface 177 altsetting 9 has an endpoint descriptor with address 0xFB, changing to 0x8B
[ 2595.633726][T12827] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2595.687997][T12827] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2595.705171][T12827] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2595.732972][ T5964] usb 8-1: config 8 interface 177 altsetting 9 bulk endpoint 0x8B has invalid maxpacket 255
[ 2595.769034][ T5964] usb 8-1: config 8 interface 177 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2595.809841][ T5964] usb 8-1: config 8 interface 177 has no altsetting 0
[ 2595.816673][ T5964] usb 8-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[ 2595.881350][T15004] fuse: Bad value for 'fd'
[ 2595.897162][ T5964] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2595.944230][T14975] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 2595.969276][T12827] usb 5-1: GET_CAPABILITIES returned 0
[ 2595.979341][T12827] usbtmc 5-1:16.0: can't read capabilities
[ 2596.159049][   T92] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 2596.336511][T15019] usbtmc 5-1:16.0: usbtmc488_ioctl_trigger returned -90
[ 2597.287421][   T92] usb 1-1: Using ep0 maxpacket: 32
[ 2597.550413][   T92] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 2597.559679][   T92] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2597.571777][   T92] usb 1-1: config 0 descriptor??
[ 2597.577696][ T5964] usb 8-1: string descriptor 0 read error: -71
[ 2597.686651][ T5964] ir_toy 8-1:8.177: required endpoints not found
[ 2597.709293][ T5964] usb 8-1: USB disconnect, device number 84
[ 2597.729049][   T30] audit: type=1326 audit(1757129244.828:1925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15015 comm="syz.6.7255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494518ebe9 code=0x7ffc0000
[ 2597.790866][   T92] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 2597.802498][  T976] usb 5-1: USB disconnect, device number 33
[ 2597.818582][   T30] audit: type=1326 audit(1757129244.858:1926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15015 comm="syz.6.7255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494518ebe9 code=0x7ffc0000
[ 2597.866955][T15022] pim6reg: entered allmulticast mode
[ 2597.978389][   T30] audit: type=1326 audit(1757129244.858:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15015 comm="syz.6.7255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f494518ebe9 code=0x7ffc0000
[ 2598.009034][   T30] audit: type=1326 audit(1757129244.858:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15015 comm="syz.6.7255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f494518ebe9 code=0x7ffc0000
[ 2598.039871][   T92] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2598.059762][   T92] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 2598.077345][   T92] usb 1-1: media controller created
[ 2598.101072][   T30] audit: type=1326 audit(1757129244.958:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15015 comm="syz.6.7255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4945190b07 code=0x7ffc0000
[ 2598.119658][   T92] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2598.177308][   T30] audit: type=1326 audit(1757129244.978:1930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15015 comm="syz.6.7255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f4945190a7c code=0x7ffc0000
[ 2598.208545][   T30] audit: type=1326 audit(1757129244.998:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15015 comm="syz.6.7255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f49451909b4 code=0x7ffc0000
[ 2598.283149][T15015] pim6reg: left allmulticast mode
[ 2598.317211][   T30] audit: type=1326 audit(1757129245.078:1932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15015 comm="syz.6.7255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f49451909b4 code=0x7ffc0000
[ 2598.358253][   T92] az6027: usb out operation failed. (-71)
[ 2598.401809][   T92] az6027: usb out operation failed. (-71)
[ 2598.407631][   T92] stb0899_attach: Driver disabled by Kconfig
[ 2598.414740][   T92] az6027: no front-end attached
[ 2598.414740][   T92] 
[ 2598.425797][   T92] az6027: usb out operation failed. (-71)
[ 2598.434199][   T92] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 2598.534713][   T92] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input152
[ 2598.576981][   T92] dvb-usb: schedule remote query interval to 400 msecs.
[ 2598.694584][   T92] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 2598.706153][T15061] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7257'.
[ 2599.343458][   T92] usb 1-1: USB disconnect, device number 40
[ 2599.616141][   T92] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 2600.112516][T15094] vim2m vim2m.0: vidioc_s_fmt queue busy
[ 2601.668044][T15115] netlink: 48 bytes leftover after parsing attributes in process `syz.6.7266'.
[ 2602.195329][T15124] misc userio: No port type given on /dev/userio
[ 2603.227369][T15151] netlink: 48 bytes leftover after parsing attributes in process `syz.7.7270'.
[ 2605.147426][T15160] netlink: 28 bytes leftover after parsing attributes in process `syz.1.7275'.
[ 2606.724840][T15202] pim6reg: entered allmulticast mode
[ 2607.209152][T15186] pim6reg: left allmulticast mode
[ 2607.224719][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 2607.224729][   T30] audit: type=1326 audit(1757129253.839:1936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.4.7278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cda38ebe9 code=0x7ffc0000
[ 2607.254371][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2607.274356][   T30] audit: type=1326 audit(1757129253.839:1937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.4.7278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cda38ebe9 code=0x7ffc0000
[ 2607.484063][   T30] audit: type=1326 audit(1757129253.849:1938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.4.7278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1cda38ebe9 code=0x7ffc0000
[ 2607.508913][T15210] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7283'.
[ 2607.552566][   T30] audit: type=1326 audit(1757129253.849:1939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.4.7278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cda38ebe9 code=0x7ffc0000
[ 2607.651948][   T30] audit: type=1326 audit(1757129253.849:1940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.4.7278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1cda38ebe9 code=0x7ffc0000
[ 2607.806257][   T30] audit: type=1326 audit(1757129253.849:1941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.4.7278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1cda390b07 code=0x7ffc0000
[ 2607.831114][   T30] audit: type=1326 audit(1757129253.859:1942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.4.7278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f1cda390a7c code=0x7ffc0000
[ 2607.854496][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2607.881128][   T30] audit: type=1326 audit(1757129253.859:1943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.4.7278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f1cda3909b4 code=0x7ffc0000
[ 2607.904537][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2608.344989][   T30] audit: type=1326 audit(1757129253.859:1944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.4.7278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f1cda3909b4 code=0x7ffc0000
[ 2608.368562][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2608.375022][   T30] audit: type=1326 audit(1757129253.859:1945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15186 comm="syz.4.7278" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1cda38d84a code=0x7ffc0000
[ 2608.875607][T15222] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 2609.373064][T15236] netlink: 48 bytes leftover after parsing attributes in process `syz.7.7288'.
[ 2610.379523][T15265] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7295'.
[ 2610.754649][T15274] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7296'.
[ 2611.198060][T12827] usb 7-1: new high-speed USB device number 89 using dummy_hcd
[ 2611.360213][T15289] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7300'.
[ 2611.588890][T12827] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2611.611064][T12827] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2611.621060][T12827] usb 7-1: config 0 interface 0 has no altsetting 0
[ 2611.627904][T12827] usb 7-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[ 2611.637234][T12827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2611.674017][T12827] usb 7-1: config 0 descriptor??
[ 2611.725474][T15295] team0: Device ip6gre1 is of different type
[ 2611.826929][T15300] netlink: 48 bytes leftover after parsing attributes in process `syz.7.7302'.
[ 2612.133181][T15277] FAULT_INJECTION: forcing a failure.
[ 2612.133181][T15277] name failslab, interval 1, probability 0, space 0, times 0
[ 2612.147400][T15277] CPU: 1 UID: 0 PID: 15277 Comm: syz.6.7297 Not tainted syzkaller #0 PREEMPT(full) 
[ 2612.147427][T15277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2612.147438][T15277] Call Trace:
[ 2612.147444][T15277]  <TASK>
[ 2612.147451][T15277]  dump_stack_lvl+0x16c/0x1f0
[ 2612.147484][T15277]  should_fail_ex+0x512/0x640
[ 2612.147506][T15277]  ? fs_reclaim_acquire+0xae/0x150
[ 2612.147534][T15277]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 2612.147559][T15277]  should_failslab+0xc2/0x120
[ 2612.147580][T15277]  __kmalloc_noprof+0xd2/0x510
[ 2612.147605][T15277]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 2612.147633][T15277]  ? tomoyo_profile+0x47/0x60
[ 2612.147653][T15277]  tomoyo_path_number_perm+0x245/0x580
[ 2612.147674][T15277]  ? tomoyo_path_number_perm+0x237/0x580
[ 2612.147698][T15277]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2612.147723][T15277]  ? find_held_lock+0x2b/0x80
[ 2612.147769][T15277]  ? find_held_lock+0x2b/0x80
[ 2612.147789][T15277]  ? hook_file_ioctl_common+0x145/0x410
[ 2612.147814][T15277]  ? __fget_files+0x20e/0x3c0
[ 2612.147839][T15277]  security_file_ioctl+0x9b/0x240
[ 2612.147865][T15277]  __x64_sys_ioctl+0xb7/0x210
[ 2612.147894][T15277]  do_syscall_64+0xcd/0x4c0
[ 2612.147915][T15277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2612.147933][T15277] RIP: 0033:0x7f494518ebe9
[ 2612.147947][T15277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2612.147964][T15277] RSP: 002b:00007f4946007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2612.147981][T15277] RAX: ffffffffffffffda RBX: 00007f49453c5fa0 RCX: 00007f494518ebe9
[ 2612.147993][T15277] RDX: 0000200000000bc0 RSI: 00000000000007ac RDI: 0000000000000004
[ 2612.148004][T15277] RBP: 00007f4946007090 R08: 0000000000000000 R09: 0000000000000000
[ 2612.148015][T15277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2612.148026][T15277] R13: 00007f49453c6038 R14: 00007f49453c5fa0 R15: 00007ffe6a4dc628
[ 2612.148051][T15277]  </TASK>
[ 2612.355858][T15277] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2612.674420][T12827] usbhid 7-1:0.0: can't add hid device: -71
[ 2612.681005][T12827] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 2612.948092][T12827] usb 7-1: USB disconnect, device number 89
[ 2613.032035][T15311] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7306'.
[ 2613.166517][T15330] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7308'.
[ 2613.840305][T15340] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7310'.
[ 2614.974031][T15356] netlink: 196 bytes leftover after parsing attributes in process `syz.6.7315'.
[ 2615.417163][T15367] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7319'.
[ 2615.605289][T15373] netlink: 24 bytes leftover after parsing attributes in process `syz.1.7317'.
[ 2616.707849][ T5964] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 2617.498045][T15398] sg_write: data in/out 209/10 bytes for SCSI command 0xfd-- guessing data in;
[ 2617.498045][T15398]    program syz.6.7325 not setting count and/or reply_len properly
[ 2617.521128][T15398] FAULT_INJECTION: forcing a failure.
[ 2617.521128][T15398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2617.534401][T15398] CPU: 0 UID: 0 PID: 15398 Comm: syz.6.7325 Not tainted syzkaller #0 PREEMPT(full) 
[ 2617.534427][T15398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2617.534438][T15398] Call Trace:
[ 2617.534444][T15398]  <TASK>
[ 2617.534452][T15398]  dump_stack_lvl+0x16c/0x1f0
[ 2617.534478][T15398]  should_fail_ex+0x512/0x640
[ 2617.534504][T15398]  _copy_from_iter+0x29f/0x1720
[ 2617.534529][T15398]  ? rcu_is_watching+0x12/0xc0
[ 2617.534549][T15398]  ? irqentry_exit+0x3b/0x90
[ 2617.534569][T15398]  ? __pfx__copy_from_iter+0x10/0x10
[ 2617.534596][T15398]  ? copy_page_from_iter+0x40/0x180
[ 2617.534619][T15398]  ? copy_page_from_iter+0x91/0x180
[ 2617.534646][T15398]  copy_page_from_iter+0xde/0x180
[ 2617.534675][T15398]  bio_copy_from_iter+0x11e/0x280
[ 2617.534711][T15398]  blk_rq_map_user_iov+0xe70/0x13b0
[ 2617.534746][T15398]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2617.534767][T15398]  ? __pfx_blk_rq_map_user_iov+0x10/0x10
[ 2617.534798][T15398]  ? sg_common_write.constprop.0+0xbf9/0x1c90
[ 2617.534816][T15398]  ? preempt_schedule_notrace_thunk+0x16/0x30
[ 2617.534845][T15398]  ? find_held_lock+0x2b/0x80
[ 2617.534868][T15398]  ? sg_common_write.constprop.0+0xbf9/0x1c90
[ 2617.534885][T15398]  ? import_ubuf+0x1b6/0x220
[ 2617.534910][T15398]  blk_rq_map_user_io+0x1ff/0x230
[ 2617.534939][T15398]  ? __pfx_blk_rq_map_user_io+0x10/0x10
[ 2617.534966][T15398]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2617.535000][T15398]  sg_common_write.constprop.0+0xd43/0x1c90
[ 2617.535029][T15398]  ? __pfx_sg_common_write.constprop.0+0x10/0x10
[ 2617.535050][T15398]  ? __pfx____ratelimit+0x10/0x10
[ 2617.535075][T15398]  sg_write+0x813/0xe10
[ 2617.535092][T15398]  ? __pfx_sg_write+0x10/0x10
[ 2617.535107][T15398]  ? __lock_acquire+0x62e/0x1ce0
[ 2617.535162][T15398]  ? bpf_lsm_file_permission+0x9/0x10
[ 2617.535186][T15398]  ? security_file_permission+0x71/0x210
[ 2617.535214][T15398]  ? rw_verify_area+0xcf/0x6c0
[ 2617.535244][T15398]  ? __pfx_sg_write+0x10/0x10
[ 2617.535259][T15398]  vfs_write+0x2a0/0x11d0
[ 2617.535283][T15398]  ? __pfx_vfs_write+0x10/0x10
[ 2617.535299][T15398]  ? find_held_lock+0x2b/0x80
[ 2617.535321][T15398]  ? __fget_files+0x204/0x3c0
[ 2617.535345][T15398]  ? __fget_files+0x20e/0x3c0
[ 2617.535378][T15398]  ksys_write+0x12a/0x250
[ 2617.535395][T15398]  ? __pfx_ksys_write+0x10/0x10
[ 2617.535421][T15398]  do_syscall_64+0xcd/0x4c0
[ 2617.535446][T15398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2617.535464][T15398] RIP: 0033:0x7f494518ebe9
[ 2617.535479][T15398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2617.535496][T15398] RSP: 002b:00007f4945fe6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2617.535515][T15398] RAX: ffffffffffffffda RBX: 00007f49453c6090 RCX: 00007f494518ebe9
[ 2617.535527][T15398] RDX: 0000000000000038 RSI: 0000200000000180 RDI: 0000000000000005
[ 2617.535538][T15398] RBP: 00007f4945fe6090 R08: 0000000000000000 R09: 0000000000000000
[ 2617.535548][T15398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2617.535559][T15398] R13: 00007f49453c6128 R14: 00007f49453c6090 R15: 00007ffe6a4dc628
[ 2617.535583][T15398]  </TASK>
[ 2617.840742][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2617.852144][ T5964] usb 2-1: Using ep0 maxpacket: 8
[ 2618.023016][ T5964] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2618.032926][ T5964] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2618.042734][ T5964] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2618.052782][ T5964] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2618.066040][ T5964] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2618.075095][ T5964] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2618.387393][ T5964] usb 2-1: GET_CAPABILITIES returned 0
[ 2618.393158][ T5964] usbtmc 2-1:16.0: can't read capabilities
[ 2620.292546][ T5964] usb 2-1: USB disconnect, device number 39
[ 2620.987699][  T697] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 2621.289928][  T697] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2621.302408][T15447] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.7332'.
[ 2621.536780][   T30] kauditd_printk_skb: 40 callbacks suppressed
[ 2621.536815][   T30] audit: type=1400 audit(1757129268.719:1986): avc:  denied  { create } for  pid=15452 comm="syz.0.7333" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=key permissive=1
[ 2621.770315][T15447] netlink: zone id is out of range
[ 2621.771455][  T697] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2621.775607][T15447] netlink: zone id is out of range
[ 2621.790712][T15447] netlink: zone id is out of range
[ 2621.796098][T15447] netlink: zone id is out of range
[ 2621.804797][T15447] netlink: zone id is out of range
[ 2621.812927][T15447] netlink: zone id is out of range
[ 2621.814172][  T697] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 2621.829923][T15447] netlink: zone id is out of range
[ 2621.838083][  T697] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2621.861649][T15447] netlink: zone id is out of range
[ 2621.910091][T15447] netlink: zone id is out of range
[ 2621.915458][T15447] netlink: get zone limit has 8 unknown bytes
[ 2621.934958][  T697] usb 2-1: config 0 descriptor??
[ 2622.126706][T15463] netlink: 24 bytes leftover after parsing attributes in process `syz.7.7334'.
[ 2623.117682][   T30] audit: type=1800 audit(1757129270.290:1987): pid=15464 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.7335" name="/" dev="9p" ino=2 res=0 errno=0
[ 2623.360457][T15492] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7340'.
[ 2623.559925][  T697] usbhid 2-1:0.0: can't add hid device: -71
[ 2623.606334][  T697] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2623.628126][   T92] usb 8-1: new high-speed USB device number 85 using dummy_hcd
[ 2623.650891][  T697] usb 2-1: USB disconnect, device number 40
[ 2623.847374][   T92] usb 8-1: Using ep0 maxpacket: 16
[ 2623.855917][   T92] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[ 2623.880468][   T92] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 2623.905597][   T92] usb 8-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[ 2623.952984][   T92] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2623.977302][   T92] usb 8-1: Product: syz
[ 2623.981513][   T92] usb 8-1: Manufacturer: syz
[ 2623.986089][   T92] usb 8-1: SerialNumber: syz
[ 2624.006481][   T92] usb 8-1: config 0 descriptor??
[ 2624.237719][   T92] appledisplay 8-1:0.0: Error while getting initial brightness: -90
[ 2624.258202][   T92] appledisplay 8-1:0.0: probe with driver appledisplay failed with error -90
[ 2624.411176][T15522] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7344'.
[ 2624.650471][T15523] erofs (device nbd7): cannot find valid erofs superblock
[ 2624.908389][T15528] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7343'.
[ 2625.051070][   T92] usb 8-1: USB disconnect, device number 85
[ 2625.351461][T15544] Bluetooth: MGMT ver 1.23
[ 2625.358550][T15544] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7346'.
[ 2627.040816][   T30] audit: type=1800 audit(1757129274.230:1988): pid=15515 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.7342" name="/" dev="9p" ino=2 res=0 errno=0
[ 2627.447017][T15542] fuse: Invalid rootmode
[ 2627.957285][T17379] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 2628.538273][T15574] netlink: 28 bytes leftover after parsing attributes in process `syz.7.7352'.
[ 2628.554083][T12827] usb 7-1: new high-speed USB device number 90 using dummy_hcd
[ 2628.737560][T17379] usb 2-1: device not accepting address 41, error -71
[ 2629.198432][T12827] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2629.211081][T12827] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2629.222295][T12827] usb 7-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 2629.231506][T12827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2629.275146][T12827] usb 7-1: config 0 descriptor??
[ 2629.813892][T15611] sg_write: data in/out 209/8 bytes for SCSI command 0xbf-- guessing data in;
[ 2629.813892][T15611]    program syz.0.7358 not setting count and/or reply_len properly
[ 2630.295160][T15620] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7360'.
[ 2630.650386][T12827] usbhid 7-1:0.0: can't add hid device: -71
[ 2630.657547][T12827] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 2630.669038][T12827] usb 7-1: USB disconnect, device number 90
[ 2631.050231][T15632] netlink: 48 bytes leftover after parsing attributes in process `syz.6.7361'.
[ 2631.292696][T15636] netlink: 48 bytes leftover after parsing attributes in process `syz.7.7363'.
[ 2631.783036][   T30] audit: type=1326 audit(1757129278.970:1989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2631.822902][T15653] pim6reg: entered allmulticast mode
[ 2631.834794][   T30] audit: type=1326 audit(1757129279.000:1990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2631.895416][   T30] audit: type=1326 audit(1757129279.000:1991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2631.934701][   T30] audit: type=1326 audit(1757129279.000:1992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2632.041896][   T30] audit: type=1326 audit(1757129279.000:1993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2632.065587][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2632.233376][   T30] audit: type=1326 audit(1757129279.000:1994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2632.299314][   T30] audit: type=1326 audit(1757129279.000:1995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2632.435952][T15644] pim6reg: left allmulticast mode
[ 2632.445987][T15671] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7369'.
[ 2632.471973][   T30] audit: type=1326 audit(1757129279.000:1996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=284 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2632.495502][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2632.552506][   T30] audit: type=1326 audit(1757129279.000:1997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2632.626666][T15672] use of bytesused == 0 is deprecated and will be removed in the future,
[ 2632.642174][T15672] use the actual size instead.
[ 2632.650719][   T30] audit: type=1326 audit(1757129279.000:1998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2632.766857][ T5964] usb 7-1: new high-speed USB device number 91 using dummy_hcd
[ 2632.832379][   T30] audit: type=1326 audit(1757129279.000:1999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2632.946908][ T5964] usb 7-1: Using ep0 maxpacket: 32
[ 2632.957313][ T5964] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2633.156901][  T976] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 2633.286525][ T5964] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2633.297662][ T5964] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 2633.324907][   T30] audit: type=1326 audit(1757129279.000:2000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2633.348603][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2633.355470][ T5964] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2633.381718][ T5964] usb 7-1: config 0 descriptor??
[ 2633.399860][   T30] audit: type=1326 audit(1757129279.000:2001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2633.439756][   T30] audit: type=1326 audit(1757129279.000:2002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2633.441198][  T976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2633.463136][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2633.469624][   T30] audit: type=1326 audit(1757129279.000:2003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15644 comm="syz.0.7365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2633.484850][  T976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2633.528690][T15699] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(4)
[ 2633.535230][T15699] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 2633.547752][T15699] vhci_hcd vhci_hcd.0: Device attached
[ 2633.554928][  T976] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 2633.569073][  T976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2633.584939][  T976] usb 2-1: config 0 descriptor??
[ 2633.727168][T17379] vhci_hcd: vhci_device speed not set
[ 2633.786999][T17379] usb 33-1: new full-speed USB device number 6 using vhci_hcd
[ 2634.176221][ T5964] savu 0003:1E7D:2D5A.0059: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.6-1/input0
[ 2634.216750][ T5923] usb 1-1: new low-speed USB device number 41 using dummy_hcd
[ 2634.623612][ T5923] usb 1-1: config 0 has no interfaces?
[ 2634.701002][ T5923] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 2634.730827][   T92] usb 7-1: USB disconnect, device number 91
[ 2634.890690][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2634.979769][ T5923] usb 1-1: config 0 descriptor??
[ 2635.046337][T15748] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7376'.
[ 2635.071838][T15748] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7376'.
[ 2635.218036][T15700] usbip_core: unknown command
[ 2635.222781][T15700] vhci_hcd: unknown pdu 1701999472
[ 2635.227989][T15700] usbip_core: unknown command
[ 2635.245519][T16241] vhci_hcd: stop threads
[ 2635.264358][T16241] vhci_hcd: release socket
[ 2635.273405][T16241] vhci_hcd: disconnect device
[ 2635.391858][ T5964] usb 1-1: USB disconnect, device number 41
[ 2635.562863][T15757] sctp: [Deprecated]: syz.7.7377 (pid 15757) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 2635.562863][T15757] Use struct sctp_sack_info instead
[ 2635.664122][  T976] usbhid 2-1:0.0: can't add hid device: -71
[ 2635.718805][  T976] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 2635.739831][  T976] usb 2-1: USB disconnect, device number 43
[ 2635.987994][T15782] FAULT_INJECTION: forcing a failure.
[ 2635.987994][T15782] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 2636.006995][T15782] CPU: 1 UID: 0 PID: 15782 Comm: syz.6.7380 Not tainted syzkaller #0 PREEMPT(full) 
[ 2636.007021][T15782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2636.007032][T15782] Call Trace:
[ 2636.007039][T15782]  <TASK>
[ 2636.007046][T15782]  dump_stack_lvl+0x16c/0x1f0
[ 2636.007073][T15782]  should_fail_ex+0x512/0x640
[ 2636.007099][T15782]  should_fail_alloc_page+0xe7/0x130
[ 2636.007123][T15782]  prepare_alloc_pages+0x3c2/0x610
[ 2636.007150][T15782]  __alloc_frozen_pages_noprof+0x18b/0x23f0
[ 2636.007169][T15782]  ? is_bpf_text_address+0x8a/0x1a0
[ 2636.007189][T15782]  ? bpf_ksym_find+0x127/0x1c0
[ 2636.007212][T15782]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2636.007237][T15782]  ? is_bpf_text_address+0x94/0x1a0
[ 2636.007256][T15782]  ? kernel_text_address+0x8d/0x100
[ 2636.007277][T15782]  ? __kernel_text_address+0xd/0x40
[ 2636.007296][T15782]  ? unwind_get_return_address+0x59/0xa0
[ 2636.007319][T15782]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 2636.007346][T15782]  ? _parse_integer_limit+0x17f/0x1d0
[ 2636.007370][T15782]  ? _kstrtoull+0x145/0x200
[ 2636.007388][T15782]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 2636.007411][T15782]  ? policy_nodemask+0xea/0x4e0
[ 2636.007435][T15782]  alloc_pages_mpol+0x1fb/0x550
[ 2636.007457][T15782]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 2636.007485][T15782]  alloc_pages_noprof+0x131/0x390
[ 2636.007506][T15782]  get_free_pages_noprof+0x10/0xb0
[ 2636.007528][T15782]  vcs_read+0xba/0xbe0
[ 2636.007543][T15782]  ? find_held_lock+0x2b/0x80
[ 2636.007566][T15782]  ? get_pid_task+0xfc/0x250
[ 2636.007585][T15782]  ? avc_policy_seqno+0x9/0x20
[ 2636.007603][T15782]  ? selinux_file_permission+0x126/0x660
[ 2636.007629][T15782]  ? __pfx_vcs_read+0x10/0x10
[ 2636.007646][T15782]  ? bpf_lsm_file_permission+0x9/0x10
[ 2636.007668][T15782]  ? security_file_permission+0x71/0x210
[ 2636.007696][T15782]  ? rw_verify_area+0xcf/0x6c0
[ 2636.007723][T15782]  ? __pfx_vcs_read+0x10/0x10
[ 2636.007740][T15782]  vfs_read+0x1e1/0xcf0
[ 2636.007763][T15782]  ? __pfx_vfs_read+0x10/0x10
[ 2636.007779][T15782]  ? find_held_lock+0x2b/0x80
[ 2636.007801][T15782]  ? __fget_files+0x204/0x3c0
[ 2636.007825][T15782]  ? __fget_files+0x20e/0x3c0
[ 2636.007842][T15782]  ? __fget_files+0x150/0x3c0
[ 2636.007868][T15782]  __x64_sys_pread64+0x1eb/0x250
[ 2636.007893][T15782]  ? __pfx___x64_sys_pread64+0x10/0x10
[ 2636.007921][T15782]  do_syscall_64+0xcd/0x4c0
[ 2636.007946][T15782]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2636.007964][T15782] RIP: 0033:0x7f494518ebe9
[ 2636.007980][T15782] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2636.007997][T15782] RSP: 002b:00007f4946007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[ 2636.008015][T15782] RAX: ffffffffffffffda RBX: 00007f49453c5fa0 RCX: 00007f494518ebe9
[ 2636.008027][T15782] RDX: 0000000000000032 RSI: 0000200000000100 RDI: 0000000000000003
[ 2636.008038][T15782] RBP: 00007f4946007090 R08: 0000000000000000 R09: 0000000000000000
[ 2636.008049][T15782] R10: 0020000000000041 R11: 0000000000000246 R12: 0000000000000001
[ 2636.008060][T15782] R13: 00007f49453c6038 R14: 00007f49453c5fa0 R15: 00007ffe6a4dc628
[ 2636.008085][T15782]  </TASK>
[ 2636.467408][ T5923] hid-generic 0000:0000:0000.005A: unknown main item tag 0x0
[ 2636.476422][ T5923] hid-generic 0000:0000:0000.005A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 2636.746879][ T5923] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[ 2636.936861][ T5923] usb 5-1: Using ep0 maxpacket: 32
[ 2636.975149][ T5923] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 2637.111590][ T5923] usb 5-1: config 7 has an invalid interface number: 128 but max is 0
[ 2637.157791][ T5923] usb 5-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 2637.176569][ T5923] usb 5-1: config 7 has no interface number 0
[ 2637.186971][ T5923] usb 5-1: config 7 interface 128 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 6
[ 2637.213571][ T5923] usb 5-1: config 7 interface 128 has no altsetting 0
[ 2637.228786][ T5923] usb 5-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13
[ 2637.242196][ T5923] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2637.258786][ T5923] usb 5-1: Product: syz
[ 2637.267069][ T5923] usb 5-1: Manufacturer: syz
[ 2637.276745][ T5923] usb 5-1: SerialNumber: syz
[ 2637.526663][ T5923] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2637.553359][ T5923] usb 5-1: MIDIStreaming interface descriptor not found
[ 2637.664111][ T5923] usb 5-1: USB disconnect, device number 34
[ 2637.866729][ T5964] usb 7-1: new high-speed USB device number 92 using dummy_hcd
[ 2639.266482][   T92] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 2639.404329][T15826] lo speed is unknown, defaulting to 1000
[ 2639.410093][T17379] vhci_hcd: vhci_device speed not set
[ 2639.468041][   T92] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2639.488851][ T5964] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[ 2639.499812][   T92] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2639.499858][   T92] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 2639.499887][   T92] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2639.513132][   T92] usb 1-1: config 0 descriptor??
[ 2639.536514][ T5964] usb 7-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[ 2639.545583][ T5964] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2639.737831][  T976] IPVS: starting estimator thread 0...
[ 2639.745965][T15890] SELinux: failed to load policy
[ 2639.836844][T15891] IPVS: using max 38 ests per chain, 91200 per kthread
[ 2639.946775][ T5923] usb 8-1: new high-speed USB device number 86 using dummy_hcd
[ 2640.101854][ T5964] usb 7-1: config 0 descriptor??
[ 2640.142927][ T5923] usb 8-1: device descriptor read/64, error -71
[ 2640.224188][ T5964] smsusb:smsusb_probe: board id=8, interface number 0
[ 2640.382797][ T5964] smsusb:smsusb_probe: Device initialized with return code -19
[ 2640.416816][ T5923] usb 8-1: new high-speed USB device number 87 using dummy_hcd
[ 2640.576412][ T5923] usb 8-1: device descriptor read/64, error -71
[ 2640.719369][ T5923] usb usb8-port1: attempt power cycle
[ 2640.954976][   T92] usbhid 1-1:0.0: can't add hid device: -71
[ 2640.967775][   T92] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 2641.052599][   T92] usb 1-1: USB disconnect, device number 42
[ 2641.107599][ T5923] usb 8-1: new high-speed USB device number 88 using dummy_hcd
[ 2641.141862][ T5923] usb 8-1: device descriptor read/8, error -71
[ 2641.307424][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 2641.307442][   T30] audit: type=1326 audit(1757129288.471:2013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15927 comm="syz.0.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2641.384284][   T30] audit: type=1326 audit(1757129288.471:2014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15927 comm="syz.0.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2641.459624][   T30] audit: type=1326 audit(1757129288.471:2015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15927 comm="syz.0.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1ec990b07 code=0x7ffc0000
[ 2641.497792][ T5923] usb 8-1: new high-speed USB device number 89 using dummy_hcd
[ 2641.524234][T15943] pim6reg: entered allmulticast mode
[ 2641.536136][   T30] audit: type=1326 audit(1757129288.471:2016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15927 comm="syz.0.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fe1ec990a7c code=0x7ffc0000
[ 2641.641754][ T5923] usb 8-1: device descriptor read/8, error -71
[ 2641.726305][   T30] audit: type=1326 audit(1757129288.471:2017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15927 comm="syz.0.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fe1ec9909b4 code=0x7ffc0000
[ 2641.756366][ T5923] usb usb8-port1: unable to enumerate USB device
[ 2641.790515][   T30] audit: type=1326 audit(1757129288.471:2018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15927 comm="syz.0.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7fe1ec9909b4 code=0x7ffc0000
[ 2641.876370][   T30] audit: type=1326 audit(1757129288.471:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15927 comm="syz.0.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe1ec98d84a code=0x7ffc0000
[ 2641.913114][T15927] pim6reg: left allmulticast mode
[ 2641.970049][   T30] audit: type=1326 audit(1757129288.471:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15927 comm="syz.0.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2642.046630][   T30] audit: type=1326 audit(1757129288.471:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15927 comm="syz.0.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2642.071201][   T30] audit: type=1326 audit(1757129288.471:2022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15927 comm="syz.0.7395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2642.588233][T12827] usb 7-1: USB disconnect, device number 92
[ 2642.756020][   T92] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 2642.821272][T15993] tmpfs: Bad value for 'nr_inodes'
[ 2643.103992][   T92] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2643.127731][   T92] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[ 2643.147889][   T92] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2643.701470][   T92] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2643.743250][T12827] usb 7-1: new high-speed USB device number 93 using dummy_hcd
[ 2643.908763][T12827] usb 7-1: Using ep0 maxpacket: 8
[ 2643.919235][T12827] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2644.003762][T16008] FAULT_INJECTION: forcing a failure.
[ 2644.003762][T16008] name failslab, interval 1, probability 0, space 0, times 0
[ 2644.017132][T16008] CPU: 0 UID: 0 PID: 16008 Comm: syz.7.7403 Not tainted syzkaller #0 PREEMPT(full) 
[ 2644.017158][T16008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2644.017169][T16008] Call Trace:
[ 2644.017176][T16008]  <TASK>
[ 2644.017183][T16008]  dump_stack_lvl+0x16c/0x1f0
[ 2644.017210][T16008]  should_fail_ex+0x512/0x640
[ 2644.017232][T16008]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 2644.017263][T16008]  should_failslab+0xc2/0x120
[ 2644.017284][T16008]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 2644.017310][T16008]  ? drm_mode_duplicate+0x47/0x200
[ 2644.017338][T16008]  drm_mode_duplicate+0x47/0x200
[ 2644.017362][T16008]  drm_add_modes_noedid+0x167/0x200
[ 2644.017385][T16008]  vkms_conn_get_modes+0x20/0x40
[ 2644.017404][T16008]  drm_helper_probe_single_connector_modes+0x574/0x16d0
[ 2644.017435][T16008]  ? rcu_is_watching+0x12/0xc0
[ 2644.017459][T16008]  ? trace_contention_end+0xdd/0x130
[ 2644.017478][T16008]  ? __pfx_drm_helper_probe_single_connector_modes+0x10/0x10
[ 2644.017516][T16008]  ? preempt_schedule_thunk+0x16/0x30
[ 2644.017546][T16008]  ? __pfx_drm_helper_probe_single_connector_modes+0x10/0x10
[ 2644.017570][T16008]  drm_mode_getconnector+0x727/0x14d0
[ 2644.017601][T16008]  ? __pfx_drm_mode_getconnector+0x10/0x10
[ 2644.017632][T16008]  ? drm_dev_exit+0x41/0x60
[ 2644.017662][T16008]  drm_ioctl_kernel+0x1f4/0x3e0
[ 2644.017685][T16008]  ? __pfx_drm_mode_getconnector+0x10/0x10
[ 2644.017708][T16008]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[ 2644.017741][T16008]  drm_ioctl+0x5c9/0xc30
[ 2644.017769][T16008]  ? __pfx_drm_mode_getconnector+0x10/0x10
[ 2644.017792][T16008]  ? __pfx_drm_ioctl+0x10/0x10
[ 2644.017832][T16008]  ? selinux_file_ioctl+0x180/0x270
[ 2644.017857][T16008]  ? selinux_file_ioctl+0xb4/0x270
[ 2644.017883][T16008]  ? __pfx_drm_ioctl+0x10/0x10
[ 2644.017908][T16008]  __x64_sys_ioctl+0x18e/0x210
[ 2644.017938][T16008]  do_syscall_64+0xcd/0x4c0
[ 2644.017963][T16008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2644.017980][T16008] RIP: 0033:0x7f08c198ebe9
[ 2644.017996][T16008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2644.018013][T16008] RSP: 002b:00007f08c2734038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2644.018032][T16008] RAX: ffffffffffffffda RBX: 00007f08c1bc6180 RCX: 00007f08c198ebe9
[ 2644.018043][T16008] RDX: 0000200000000500 RSI: 00000000c05064a7 RDI: 0000000000000007
[ 2644.018055][T16008] RBP: 00007f08c2734090 R08: 0000000000000000 R09: 0000000000000000
[ 2644.018065][T16008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2644.018075][T16008] R13: 00007f08c1bc6218 R14: 00007f08c1bc6180 R15: 00007ffcb18db588
[ 2644.018100][T16008]  </TASK>
[ 2644.285057][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2644.319170][T12827] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2644.333012][T12827] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2644.348827][T15970] overlay: Unknown parameter 'mask'
[ 2644.370200][T12827] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2644.399137][T12827] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2644.411665][T12827] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2644.809212][T12827] usb 7-1: GET_CAPABILITIES returned 0
[ 2644.814788][T12827] usbtmc 7-1:16.0: can't read capabilities
[ 2645.276332][T12827] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[ 2645.657423][T16025] usbtmc 7-1:16.0: usbtmc488_ioctl_trigger returned -90
[ 2646.092793][T12827] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2646.104876][T12827] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2646.117637][T12827] usb 1-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice=d6.af
[ 2646.128217][T12827] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2647.030047][T16010] syz.4.7404 (16010): drop_caches: 2
[ 2647.067368][T12827] usb 1-1: config 0 descriptor??
[ 2647.088351][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 2647.088362][   T30] audit: type=1400 audit(1757129294.271:2039): avc:  denied  { write } for  pid=16026 comm="syz.7.7406" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 2647.228652][   T30] audit: type=1400 audit(1757129294.271:2040): avc:  denied  { ioctl } for  pid=16026 comm="syz.7.7406" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 2647.256587][  T976] usb 2-1: USB disconnect, device number 44
[ 2647.318780][ T5964] usb 7-1: USB disconnect, device number 93
[ 2647.360816][T16039] FAULT_INJECTION: forcing a failure.
[ 2647.360816][T16039] name failslab, interval 1, probability 0, space 0, times 0
[ 2647.400155][T16039] CPU: 0 UID: 0 PID: 16039 Comm: syz.1.7408 Not tainted syzkaller #0 PREEMPT(full) 
[ 2647.400185][T16039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2647.400196][T16039] Call Trace:
[ 2647.400202][T16039]  <TASK>
[ 2647.400210][T16039]  dump_stack_lvl+0x16c/0x1f0
[ 2647.400237][T16039]  should_fail_ex+0x512/0x640
[ 2647.400260][T16039]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 2647.400282][T16039]  should_failslab+0xc2/0x120
[ 2647.400303][T16039]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2647.400322][T16039]  ? getname_flags.part.0+0x4c/0x550
[ 2647.400353][T16039]  getname_flags.part.0+0x4c/0x550
[ 2647.400382][T16039]  getname_flags+0x93/0xf0
[ 2647.400401][T16039]  do_sys_openat2+0xb8/0x1d0
[ 2647.400427][T16039]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2647.400453][T16039]  ? __fget_files+0x20e/0x3c0
[ 2647.400479][T16039]  __x64_sys_open+0x153/0x1e0
[ 2647.400504][T16039]  ? __pfx___x64_sys_open+0x10/0x10
[ 2647.400534][T16039]  ? rcu_is_watching+0x12/0xc0
[ 2647.400560][T16039]  do_syscall_64+0xcd/0x4c0
[ 2647.400583][T16039]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2647.400602][T16039] RIP: 0033:0x7f4a89d8ebe9
[ 2647.400617][T16039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2647.400635][T16039] RSP: 002b:00007f4a8ab59038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 2647.400653][T16039] RAX: ffffffffffffffda RBX: 00007f4a89fc5fa0 RCX: 00007f4a89d8ebe9
[ 2647.400665][T16039] RDX: 0000000000000040 RSI: 00000000000e8142 RDI: 0000200000000440
[ 2647.400676][T16039] RBP: 00007f4a8ab59090 R08: 0000000000000000 R09: 0000000000000000
[ 2647.400687][T16039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2647.400697][T16039] R13: 00007f4a89fc6038 R14: 00007f4a89fc5fa0 R15: 00007ffcb27d5cd8
[ 2647.400720][T16039]  </TASK>
[ 2647.585561][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2648.337510][T12827] usbhid 1-1:0.0: can't add hid device: -71
[ 2648.343526][T12827] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 2648.357524][T12827] usb 1-1: USB disconnect, device number 43
[ 2648.790239][T16078] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7412'.
[ 2649.430340][T16084] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7413'.
[ 2650.017283][   T30] audit: type=1326 audit(1757129297.201:2041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16096 comm="syz.0.7417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2650.020912][T16098] netlink: 48 bytes leftover after parsing attributes in process `syz.7.7415'.
[ 2650.040758][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2650.107521][   T30] audit: type=1326 audit(1757129297.201:2042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16096 comm="syz.0.7417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2650.144562][   T30] audit: type=1326 audit(1757129297.201:2043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16096 comm="syz.0.7417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2650.267478][  T976] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[ 2650.282304][   T30] audit: type=1326 audit(1757129297.211:2044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16096 comm="syz.0.7417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2650.315927][   T30] audit: type=1326 audit(1757129297.251:2045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16096 comm="syz.0.7417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2650.344634][   T30] audit: type=1326 audit(1757129297.251:2046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16096 comm="syz.0.7417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2650.411146][   T30] audit: type=1326 audit(1757129297.251:2047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16096 comm="syz.0.7417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2650.445389][   T30] audit: type=1326 audit(1757129297.251:2048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16096 comm="syz.0.7417" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ec98ebe9 code=0x7ffc0000
[ 2650.585921][  T976] usb 5-1: Using ep0 maxpacket: 32
[ 2650.594084][  T976] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2651.029107][  T976] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[ 2651.085931][  T976] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2651.094121][  T976] usb 5-1: Product: syz
[ 2651.098979][  T976] usb 5-1: Manufacturer: syz
[ 2651.103647][  T976] usb 5-1: SerialNumber: syz
[ 2651.136062][  T976] usb 5-1: config 0 descriptor??
[ 2651.151035][  T976] usb 5-1: bad CDC descriptors
[ 2651.170920][  T976] usb 5-1: unsupported MDLM descriptors
[ 2651.432259][  T976] usb 5-1: USB disconnect, device number 35
[ 2651.581529][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 2652.335733][  T976] usb 5-1: new full-speed USB device number 36 using dummy_hcd
[ 2652.456859][T16144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2652.522636][T16147] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2652.547520][T16149] FAULT_INJECTION: forcing a failure.
[ 2652.547520][T16149] name failslab, interval 1, probability 0, space 0, times 0
[ 2652.578695][ T5964] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[ 2652.600855][ T5964] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[ 2652.605452][T16149] CPU: 1 UID: 0 PID: 16149 Comm: syz.6.7427 Not tainted syzkaller #0 PREEMPT(full) 
[ 2652.605477][T16149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2652.605486][T16149] Call Trace:
[ 2652.605492][T16149]  <TASK>
[ 2652.605499][T16149]  dump_stack_lvl+0x16c/0x1f0
[ 2652.605523][T16149]  should_fail_ex+0x512/0x640
[ 2652.605546][T16149]  should_failslab+0xc2/0x120
[ 2652.605566][T16149]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2652.605583][T16149]  ? skb_clone+0x190/0x3f0
[ 2652.605606][T16149]  skb_clone+0x190/0x3f0
[ 2652.605629][T16149]  netlink_deliver_tap+0xabd/0xd30
[ 2652.605655][T16149]  netlink_unicast+0x64c/0x870
[ 2652.605679][T16149]  ? __pfx_netlink_unicast+0x10/0x10
[ 2652.605708][T16149]  netlink_sendmsg+0x8d1/0xdd0
[ 2652.605775][T16149]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2652.605804][T16149]  ____sys_sendmsg+0xa98/0xc70
[ 2652.605827][T16149]  ? copy_msghdr_from_user+0x10a/0x160
[ 2652.605845][T16149]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2652.605872][T16149]  ? __pfx__kstrtoull+0x10/0x10
[ 2652.605894][T16149]  ___sys_sendmsg+0x134/0x1d0
[ 2652.605914][T16149]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2652.605944][T16149]  ? find_held_lock+0x2b/0x80
[ 2652.605978][T16149]  __sys_sendmmsg+0x200/0x420
[ 2652.605999][T16149]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2652.606025][T16149]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2652.606055][T16149]  ? fput+0x9b/0xd0
[ 2652.606076][T16149]  ? ksys_write+0x1ac/0x250
[ 2652.606091][T16149]  ? __pfx_ksys_write+0x10/0x10
[ 2652.606112][T16149]  __x64_sys_sendmmsg+0x9c/0x100
[ 2652.606130][T16149]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2652.606149][T16149]  do_syscall_64+0xcd/0x4c0
[ 2652.606170][T16149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2652.606185][T16149] RIP: 0033:0x7f494518ebe9
[ 2652.606198][T16149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2652.606213][T16149] RSP: 002b:00007f4946007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2652.606229][T16149] RAX: ffffffffffffffda RBX: 00007f49453c5fa0 RCX: 00007f494518ebe9
[ 2652.606240][T16149] RDX: 0492492492492627 RSI: 00002000000000c0 RDI: 0000000000000003
[ 2652.606249][T16149] RBP: 00007f4946007090 R08: 0000000000000000 R09: 0000000000000000
[ 2652.606259][T16149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2652.606268][T16149] R13: 00007f49453c6038 R14: 00007f49453c5fa0 R15: 00007ffe6a4dc628
[ 2652.606289][T16149]  </TASK>
[ 2652.690647][T16144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2652.923623][  T976] usb 5-1: config 0 has an invalid interface number: 176 but max is 2
[ 2652.955533][  T976] usb 5-1: config 0 has no interface number 1
[ 2653.005240][  T976] usb 5-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[ 2653.014768][  T976] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2653.025359][  T976] usb 5-1: config 0 descriptor??
[ 2653.235334][  T976] usb 5-1: Could not set interface, error -71
[ 2653.256625][  T976] usb 5-1: USB disconnect, device number 36
[ 2654.105773][T16180] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7431'.
[ 2654.614776][ T7133] wlan1: send auth to 08:02:11:00:00:00 (try 2/3)
[ 2655.046407][T21400] wlan1: send auth to 08:02:11:00:00:00 (try 3/3)
[ 2656.152005][T21404] wlan1: authentication with 08:02:11:00:00:00 timed out
[ 2657.278518][T16210] FAULT_INJECTION: forcing a failure.
[ 2657.278518][T16210] name failslab, interval 1, probability 0, space 0, times 0
[ 2657.301312][T16210] CPU: 1 UID: 0 PID: 16210 Comm: syz.1.7438 Not tainted syzkaller #0 PREEMPT(full) 
[ 2657.301339][T16210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2657.301350][T16210] Call Trace:
[ 2657.301357][T16210]  <TASK>
[ 2657.301365][T16210]  dump_stack_lvl+0x16c/0x1f0
[ 2657.301393][T16210]  should_fail_ex+0x512/0x640
[ 2657.301420][T16210]  should_failslab+0xc2/0x120
[ 2657.301442][T16210]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2657.301462][T16210]  ? skb_clone+0x190/0x3f0
[ 2657.301488][T16210]  skb_clone+0x190/0x3f0
[ 2657.301511][T16210]  netlink_deliver_tap+0xabd/0xd30
[ 2657.301540][T16210]  netlink_unicast+0x64c/0x870
[ 2657.301568][T16210]  ? __pfx_netlink_unicast+0x10/0x10
[ 2657.301601][T16210]  netlink_sendmsg+0x8d1/0xdd0
[ 2657.301629][T16210]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2657.301662][T16210]  ____sys_sendmsg+0xa98/0xc70
[ 2657.301689][T16210]  ? copy_msghdr_from_user+0x10a/0x160
[ 2657.301710][T16210]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2657.301740][T16210]  ? __pfx__kstrtoull+0x10/0x10
[ 2657.301765][T16210]  ___sys_sendmsg+0x134/0x1d0
[ 2657.301789][T16210]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2657.301824][T16210]  ? find_held_lock+0x2b/0x80
[ 2657.301863][T16210]  __sys_sendmmsg+0x200/0x420
[ 2657.301888][T16210]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 2657.301919][T16210]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 2657.301953][T16210]  ? fput+0x9b/0xd0
[ 2657.301977][T16210]  ? ksys_write+0x1ac/0x250
[ 2657.302000][T16210]  ? __pfx_ksys_write+0x10/0x10
[ 2657.302023][T16210]  __x64_sys_sendmmsg+0x9c/0x100
[ 2657.302044][T16210]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2657.302065][T16210]  do_syscall_64+0xcd/0x4c0
[ 2657.302091][T16210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2657.302110][T16210] RIP: 0033:0x7f4a89d8ebe9
[ 2657.302125][T16210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2657.302143][T16210] RSP: 002b:00007f4a8ab59038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 2657.302160][T16210] RAX: ffffffffffffffda RBX: 00007f4a89fc5fa0 RCX: 00007f4a89d8ebe9
[ 2657.302173][T16210] RDX: 0492492492492627 RSI: 00002000000000c0 RDI: 0000000000000003
[ 2657.302185][T16210] RBP: 00007f4a8ab59090 R08: 0000000000000000 R09: 0000000000000000
[ 2657.302196][T16210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2657.302210][T16210] R13: 00007f4a89fc6038 R14: 00007f4a89fc5fa0 R15: 00007ffcb27d5cd8
[ 2657.302235][T16210]  </TASK>
[ 2657.553070][T12827] libceph: connect (1)[c::]:6789 error -101
[ 2657.559230][T12827] libceph: mon0 (1)[c::]:6789 connect error
[ 2657.604697][   T92] libceph: connect (1)[b::]:6789 error -101
[ 2657.611024][   T92] libceph: mon0 (1)[b::]:6789 connect error
[ 2657.666292][T16204] ceph: No mds server is up or the cluster is laggy
[ 2657.666341][T16206] ceph: No mds server is up or the cluster is laggy
[ 2657.817875][   T92] libceph: connect (1)[c::]:6789 error -101
[ 2657.823917][   T92] libceph: mon0 (1)[c::]:6789 connect error
[ 2658.560256][T16226] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 2658.852223][T16240] FAULT_INJECTION: forcing a failure.
[ 2658.852223][T16240] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2658.890802][T16240] CPU: 0 UID: 0 PID: 16240 Comm: syz.7.7443 Not tainted syzkaller #0 PREEMPT(full) 
[ 2658.890829][T16240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2658.890839][T16240] Call Trace:
[ 2658.890845][T16240]  <TASK>
[ 2658.890851][T16240]  dump_stack_lvl+0x16c/0x1f0
[ 2658.890876][T16240]  should_fail_ex+0x512/0x640
[ 2658.890901][T16240]  _copy_from_user+0x2e/0xd0
[ 2658.890927][T16240]  copy_msghdr_from_user+0x98/0x160
[ 2658.890950][T16240]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 2658.890983][T16240]  ___sys_sendmsg+0xfe/0x1d0
[ 2658.891006][T16240]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2658.891057][T16240]  __sys_sendmsg+0x16d/0x220
[ 2658.891076][T16240]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2658.891109][T16240]  do_syscall_64+0xcd/0x4c0
[ 2658.891132][T16240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2658.891150][T16240] RIP: 0033:0x7f08c198ebe9
[ 2658.891164][T16240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2658.891181][T16240] RSP: 002b:00007f08c2776038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2658.891197][T16240] RAX: ffffffffffffffda RBX: 00007f08c1bc5fa0 RCX: 00007f08c198ebe9
[ 2658.891209][T16240] RDX: 0000000008000002 RSI: 0000200000000000 RDI: 0000000000000003
[ 2658.891220][T16240] RBP: 00007f08c2776090 R08: 0000000000000000 R09: 0000000000000000
[ 2658.891229][T16240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2658.891238][T16240] R13: 00007f08c1bc6038 R14: 00007f08c1bc5fa0 R15: 00007ffcb18db588
[ 2658.891262][T16240]  </TASK>
[ 2659.050544][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2659.569271][T16248] pim6reg: entered allmulticast mode
[ 2660.502492][T16252] pim6reg: entered allmulticast mode
[ 2660.831201][T16273] overlay: ./file0 is not a directory
[ 2660.838961][T16235] pim6reg: left allmulticast mode
[ 2660.881968][T16264] overlay: ./file0 is not a directory
[ 2661.014996][T16276] sp0: Synchronizing with TNC
[ 2661.212896][T16283] FAULT_INJECTION: forcing a failure.
[ 2661.212896][T16283] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2661.245414][T16283] CPU: 0 UID: 0 PID: 16283 Comm: syz.4.7449 Not tainted syzkaller #0 PREEMPT(full) 
[ 2661.245433][T16283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2661.245439][T16283] Call Trace:
[ 2661.245443][T16283]  <TASK>
[ 2661.245448][T16283]  dump_stack_lvl+0x16c/0x1f0
[ 2661.245467][T16283]  should_fail_ex+0x512/0x640
[ 2661.245484][T16283]  _copy_from_user+0x2e/0xd0
[ 2661.245500][T16283]  memdup_user+0x6b/0xe0
[ 2661.245514][T16283]  _autofs_dev_ioctl+0x212/0xb40
[ 2661.245530][T16283]  ? hook_file_ioctl_common+0x145/0x410
[ 2661.245542][T16283]  ? __pfx__autofs_dev_ioctl+0x10/0x10
[ 2661.245559][T16283]  ? selinux_file_ioctl+0x180/0x270
[ 2661.245574][T16283]  ? selinux_file_ioctl+0xb4/0x270
[ 2661.245591][T16283]  autofs_dev_ioctl+0x1a/0x30
[ 2661.245604][T16283]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[ 2661.245619][T16283]  __x64_sys_ioctl+0x18e/0x210
[ 2661.245637][T16283]  do_syscall_64+0xcd/0x4c0
[ 2661.245652][T16283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2661.245664][T16283] RIP: 0033:0x7f1cda38ebe9
[ 2661.245673][T16283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2661.245683][T16283] RSP: 002b:00007f1cdb1b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2661.245694][T16283] RAX: ffffffffffffffda RBX: 00007f1cda5c5fa0 RCX: 00007f1cda38ebe9
[ 2661.245701][T16283] RDX: 00002000000019c0 RSI: 00000000c018937e RDI: 0000000000000004
[ 2661.245708][T16283] RBP: 00007f1cdb1b3090 R08: 0000000000000000 R09: 0000000000000000
[ 2661.245714][T16283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2661.245720][T16283] R13: 00007f1cda5c6038 R14: 00007f1cda5c5fa0 R15: 00007ffcde93ed08
[ 2661.245734][T16283]  </TASK>
[ 2663.243668][   T30] kauditd_printk_skb: 37 callbacks suppressed
[ 2663.243685][   T30] audit: type=1400 audit(1757129309.392:2086): avc:  denied  { create } for  pid=16301 comm="syz.0.7453" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_nflog_socket permissive=1
[ 2664.068928][T16329] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7457'.
[ 2664.605437][T16336] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7459'.
[ 2664.866224][T16347] fuse: Unknown parameter 'use00000000000000000000'
[ 2664.885044][  T697] usb 8-1: new high-speed USB device number 90 using dummy_hcd
[ 2665.086320][  T697] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 2665.097419][  T697] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 2665.105590][ T5908] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[ 2665.109988][  T697] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 2665.126681][  T697] usb 8-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[ 2665.136057][  T697] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2665.154443][  T697] usb 8-1: config 0 descriptor??
[ 2665.162994][  T697] em28xx 8-1:0.0: error: skipping audio endpoint 0x83, because it uses bulk transfers !
[ 2665.235196][ T5964] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[ 2665.285057][ T5908] usb 1-1: Using ep0 maxpacket: 32
[ 2665.291512][ T5908] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 2665.302883][ T5908] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2665.313441][ T5908] usb 1-1: config 0 descriptor??
[ 2665.385070][ T5964] usb 5-1: Using ep0 maxpacket: 32
[ 2665.392490][ T5964] usb 5-1: config 0 has an invalid interface number: 89 but max is 0
[ 2665.406223][ T5964] usb 5-1: config 0 has no interface number 0
[ 2665.412552][ T5964] usb 5-1: config 0 interface 89 has no altsetting 0
[ 2665.434117][ T5964] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[ 2665.444524][ T5964] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2665.465996][ T5964] usb 5-1: Product: syz
[ 2665.472869][ T5964] usb 5-1: Manufacturer: syz
[ 2665.479338][ T5964] usb 5-1: SerialNumber: syz
[ 2665.506323][ T5964] usb 5-1: config 0 descriptor??
[ 2665.517244][  T976] usb 8-1: USB disconnect, device number 90
[ 2665.542126][ T5908] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 2665.554402][ T5964] em28xx 5-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[ 2665.566486][ T5964] em28xx 5-1:0.89: Video interface 89 found: bulk
[ 2665.574212][ T5908] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2665.587815][ T5908] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 2665.587871][ T5908] usb 1-1: media controller created
[ 2665.619255][ T5908] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2666.393153][ T5908] az6027: usb out operation failed. (-71)
[ 2666.399267][ T5908] az6027: usb out operation failed. (-71)
[ 2666.405540][ T5964] em28xx 5-1:0.89: unknown em28xx chip ID (0)
[ 2666.447541][ T5908] stb0899_attach: Driver disabled by Kconfig
[ 2666.546180][ T5908] az6027: no front-end attached
[ 2666.546180][ T5908] 
[ 2666.564539][ T5908] az6027: usb out operation failed. (-71)
[ 2666.595063][ T5908] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 2666.635957][ T5908] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input153
[ 2666.872285][ T5964] em28xx 5-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[ 2666.899273][ T5964] em28xx 5-1:0.89: board has no eeprom
[ 2666.907331][ T5908] dvb-usb: schedule remote query interval to 400 msecs.
[ 2666.934786][ T5908] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 2666.974763][ T5964] em28xx 5-1:0.89: Identified as Terratec Grabby (card=67)
[ 2667.345926][ T5964] em28xx 5-1:0.89: analog set to bulk mode.
[ 2667.352368][ T5908] usb 1-1: USB disconnect, device number 44
[ 2667.371350][  T976] em28xx 5-1:0.89: Registering V4L2 extension
[ 2667.398534][ T5964] usb 5-1: USB disconnect, device number 37
[ 2667.425363][ T5964] em28xx 5-1:0.89: Disconnecting em28xx
[ 2667.507940][  T976] em28xx 5-1:0.89: Config register raw data: 0xffffffed
[ 2667.528413][ T5908] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 2667.543290][  T976] em28xx 5-1:0.89: AC97 chip type couldn't be determined
[ 2667.589359][  T976] em28xx 5-1:0.89: No AC97 audio processor
[ 2667.685786][  T976] usb 5-1: Decoder not found
[ 2667.690421][  T976] em28xx 5-1:0.89: failed to create media graph
[ 2667.754896][  T976] em28xx 5-1:0.89: V4L2 device video103 deregistered
[ 2667.867365][  T976] em28xx 5-1:0.89: Registering snapshot button...
[ 2667.955949][  T976] input: em28xx snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.89/input/input154
[ 2668.258453][  T976] em28xx 5-1:0.89: Remote control support is not available for this card.
[ 2668.297953][ T5964] em28xx 5-1:0.89: Closing input extension
[ 2668.303807][ T5964] em28xx 5-1:0.89: Deregistering snapshot button
[ 2668.365267][ T5964] em28xx 5-1:0.89: Freeing device
[ 2668.486971][T16473] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7472'.
[ 2668.529502][T16475] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7475'.
[ 2668.538512][ T5908] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 2668.675199][T16475] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=16475 comm=syz.6.7475
[ 2668.742753][ T5908] usb 2-1: Using ep0 maxpacket: 8
[ 2668.754595][T16481] netlink: ct family unspecified
[ 2668.773715][ T5908] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2668.797742][T16481] openvswitch: netlink: Actions may not be safe on all matching packets
[ 2668.810598][ T5908] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2668.844882][ T5908] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2668.907065][ T5908] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2668.963324][ T5908] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2668.989460][ T5908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2669.188937][T16493] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7476'.
[ 2669.268443][ T5908] usb 2-1: GET_CAPABILITIES returned 0
[ 2669.380766][ T5908] usbtmc 2-1:16.0: can't read capabilities
[ 2669.517977][T16459] usbtmc 2-1:16.0: usbtmc488_ioctl_trigger returned -90
[ 2669.527414][ T5908] usb 2-1: USB disconnect, device number 45
[ 2671.569267][T16518] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7479'.
[ 2671.833725][T16521] ALSA: mixer_oss: invalid index 40000
[ 2671.937561][T16527] FAULT_INJECTION: forcing a failure.
[ 2671.937561][T16527] name failslab, interval 1, probability 0, space 0, times 0
[ 2671.986973][T16527] CPU: 1 UID: 0 PID: 16527 Comm: syz.0.7482 Not tainted syzkaller #0 PREEMPT(full) 
[ 2671.986999][T16527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2671.987009][T16527] Call Trace:
[ 2671.987016][T16527]  <TASK>
[ 2671.987023][T16527]  dump_stack_lvl+0x16c/0x1f0
[ 2671.987049][T16527]  should_fail_ex+0x512/0x640
[ 2671.987070][T16527]  ? __kmalloc_noprof+0xbf/0x510
[ 2671.987089][T16527]  ? skcipher_walk_next+0xb20/0xe20
[ 2671.987113][T16527]  should_failslab+0xc2/0x120
[ 2671.987132][T16527]  __kmalloc_noprof+0xd2/0x510
[ 2671.987154][T16527]  skcipher_walk_next+0xb20/0xe20
[ 2671.987183][T16527]  skcipher_walk_done+0x400/0x8b0
[ 2671.987212][T16527]  crypto_aegis128_aesni_encrypt+0x2b6/0x480
[ 2671.987235][T16527]  ? __pfx_crypto_aegis128_aesni_encrypt+0x10/0x10
[ 2671.987263][T16527]  ? memcpy_sglist+0x15d/0x1c0
[ 2671.987303][T16527]  crypto_aead_encrypt+0xbd/0x100
[ 2671.987320][T16527]  aead_recvmsg+0x11cc/0x16d0
[ 2671.987354][T16527]  ? __pfx_aead_recvmsg+0x10/0x10
[ 2671.987384][T16527]  sock_recvmsg+0x1f9/0x250
[ 2671.987409][T16527]  ____sys_recvmsg+0x218/0x6b0
[ 2671.987437][T16527]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 2671.987469][T16527]  ? __lock_acquire+0x62e/0x1ce0
[ 2671.987499][T16527]  ___sys_recvmsg+0x114/0x1a0
[ 2671.987519][T16527]  ? __pfx____sys_recvmsg+0x10/0x10
[ 2671.987542][T16527]  ? find_held_lock+0x2b/0x80
[ 2671.987577][T16527]  do_recvmmsg+0x2fe/0x750
[ 2671.987601][T16527]  ? __pfx_do_recvmmsg+0x10/0x10
[ 2671.987626][T16527]  ? __mutex_unlock_slowpath+0x161/0x7b0
[ 2671.987655][T16527]  ? __fget_files+0x20e/0x3c0
[ 2671.987679][T16527]  __x64_sys_recvmmsg+0x22a/0x280
[ 2671.987701][T16527]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 2671.987729][T16527]  do_syscall_64+0xcd/0x4c0
[ 2671.987751][T16527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2671.987768][T16527] RIP: 0033:0x7fe1ec98ebe9
[ 2671.987787][T16527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2671.987804][T16527] RSP: 002b:00007fe1ed7bd038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 2671.987825][T16527] RAX: ffffffffffffffda RBX: 00007fe1ecbc6090 RCX: 00007fe1ec98ebe9
[ 2671.987836][T16527] RDX: 0000000000000001 RSI: 00002000000008c0 RDI: 0000000000000006
[ 2671.987846][T16527] RBP: 00007fe1ed7bd090 R08: 0000000000000000 R09: 0000000000000000
[ 2671.987856][T16527] R10: 00000000000000cb R11: 0000000000000246 R12: 0000000000000001
[ 2671.987866][T16527] R13: 00007fe1ecbc6128 R14: 00007fe1ecbc6090 R15: 00007ffe0d7d6d58
[ 2671.987889][T16527]  </TASK>
[ 2672.239784][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2672.785465][T16541] netlink: 20 bytes leftover after parsing attributes in process `syz.0.7487'.
[ 2673.896894][T16552] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7489'.
[ 2675.123767][T16573] netlink: 'syz.6.7493': attribute type 10 has an invalid length.
[ 2675.134512][T16573] netlink: 40 bytes leftover after parsing attributes in process `syz.6.7493'.
[ 2675.546888][T16565] lo speed is unknown, defaulting to 1000
[ 2676.451580][T16611] netlink: 20 bytes leftover after parsing attributes in process `syz.4.7498'.
[ 2677.255522][T16626] netlink: 'syz.0.7502': attribute type 10 has an invalid length.
[ 2677.263746][T16626] netlink: 40 bytes leftover after parsing attributes in process `syz.0.7502'.
[ 2678.074347][   T92] usb 7-1: new high-speed USB device number 94 using dummy_hcd
[ 2678.654286][   T92] usb 7-1: Using ep0 maxpacket: 8
[ 2678.662591][   T92] usb 7-1: config 246 has an invalid interface number: 144 but max is 0
[ 2678.675962][   T92] usb 7-1: config 246 has no interface number 0
[ 2678.682847][   T92] usb 7-1: config 246 interface 144 has no altsetting 0
[ 2678.701828][   T92] usb 7-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=c6.3d
[ 2678.721074][   T92] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2678.732497][   T92] usb 7-1: Product: syz
[ 2678.739900][   T92] usb 7-1: Manufacturer: syz
[ 2678.747394][   T92] usb 7-1: SerialNumber: syz
[ 2678.943017][   T92] r8152-cfgselector 7-1: Unknown version 0x0000
[ 2679.682387][T16656] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7508'.
[ 2680.354190][   T92] r8152-cfgselector 7-1: USB disconnect, device number 94
[ 2680.444637][T16679] FAULT_INJECTION: forcing a failure.
[ 2680.444637][T16679] name failslab, interval 1, probability 0, space 0, times 0
[ 2680.502919][T16679] CPU: 0 UID: 0 PID: 16679 Comm: syz.6.7512 Not tainted syzkaller #0 PREEMPT(full) 
[ 2680.502945][T16679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2680.502956][T16679] Call Trace:
[ 2680.502963][T16679]  <TASK>
[ 2680.502970][T16679]  dump_stack_lvl+0x16c/0x1f0
[ 2680.502997][T16679]  should_fail_ex+0x512/0x640
[ 2680.503021][T16679]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 2680.503043][T16679]  should_failslab+0xc2/0x120
[ 2680.503065][T16679]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2680.503083][T16679]  ? getname_kernel+0x52/0x370
[ 2680.503111][T16679]  getname_kernel+0x52/0x370
[ 2680.503135][T16679]  kern_path+0x1d/0x50
[ 2680.503153][T16679]  lookup_bdev+0xd8/0x280
[ 2680.503178][T16679]  ? __pfx_lookup_bdev+0x10/0x10
[ 2680.503201][T16679]  ? cred_has_capability.isra.0+0x190/0x310
[ 2680.503228][T16679]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[ 2680.503259][T16679]  get_tree_bdev_flags+0xbe/0x620
[ 2680.503277][T16679]  ? __pfx_ext4_fill_super+0x10/0x10
[ 2680.503305][T16679]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[ 2680.503329][T16679]  ? bpf_lsm_capable+0x9/0x10
[ 2680.503354][T16679]  ? security_capable+0x7e/0x260
[ 2680.503376][T16679]  vfs_get_tree+0x8e/0x340
[ 2680.503402][T16679]  path_mount+0x1513/0x2000
[ 2680.503430][T16679]  ? __pfx_path_mount+0x10/0x10
[ 2680.503455][T16679]  ? kmem_cache_free+0x2d1/0x4d0
[ 2680.503472][T16679]  ? putname+0x154/0x1a0
[ 2680.503498][T16679]  ? putname+0x154/0x1a0
[ 2680.503523][T16679]  ? __x64_sys_mount+0x28d/0x310
[ 2680.503543][T16679]  __x64_sys_mount+0x28d/0x310
[ 2680.503566][T16679]  ? __pfx___x64_sys_mount+0x10/0x10
[ 2680.503596][T16679]  do_syscall_64+0xcd/0x4c0
[ 2680.503621][T16679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2680.503639][T16679] RIP: 0033:0x7f494518ebe9
[ 2680.503655][T16679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2680.503673][T16679] RSP: 002b:00007f4945fe6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 2680.503691][T16679] RAX: ffffffffffffffda RBX: 00007f49453c6090 RCX: 00007f494518ebe9
[ 2680.503704][T16679] RDX: 0000200000000000 RSI: 0000200000000080 RDI: 00002000000000c0
[ 2680.503715][T16679] RBP: 00007f4945fe6090 R08: 0000000000000000 R09: 0000000000000000
[ 2680.503726][T16679] R10: 0000000000808f53 R11: 0000000000000246 R12: 0000000000000002
[ 2680.503737][T16679] R13: 00007f49453c6128 R14: 00007f49453c6090 R15: 00007ffe6a4dc628
[ 2680.503761][T16679]  </TASK>
[ 2680.503789][T16679] /dev/sg0: Can't lookup blockdev
[ 2681.841917][T16693] netlink: 28 bytes leftover after parsing attributes in process `syz.4.7515'.
[ 2681.889703][T16693] 9pnet: Could not find request transport: fd
rfdno=�\v��m
�&�G�o�����j�N3XY�)�I��;^[����m-��<�X��5.����
e�r�[~�`�@h[J�/(��JK@-}�`�%K���]���%�9��Uq -N�~�6�0x0000000000000008
[ 2682.491316][T16698] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7517'.
[ 2682.499897][T16699] netlink: 48 bytes leftover after parsing attributes in process `syz.4.7516'.
[ 2685.096354][T16746] lo speed is unknown, defaulting to 1000
[ 2685.659148][T16744] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3089888063 (3089888063 ns) > initial count (2126324423 ns). Using initial count to start timer.
[ 2688.248182][T16802] random: crng reseeded on system resumption
[ 2689.077974][   T30] audit: type=1400 audit(1757129335.433:2087): avc:  denied  { ioctl } for  pid=16800 comm="syz.6.7535" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 2689.685654][T16809] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7536'.
[ 2689.822910][T16812] tipc: Started in network mode
[ 2689.915782][T16812] tipc: Node identity b617231b3e3c, cluster identity 4711
[ 2689.929946][T16812] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2690.395488][T16819] syzkaller0: entered promiscuous mode
[ 2690.500357][T16819] syzkaller0: entered allmulticast mode
[ 2690.569727][T16812] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 2690.792501][T16819] sch_tbf: burst 4 is lower than device syzkaller0 mtu (1514) !
[ 2690.802274][T16824] tipc: Resetting bearer <eth:syzkaller0>
[ 2690.934966][T16811] tipc: Resetting bearer <eth:syzkaller0>
[ 2690.987108][T16811] tipc: Disabling bearer <eth:syzkaller0>
[ 2691.032039][T16835] FAULT_INJECTION: forcing a failure.
[ 2691.032039][T16835] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2691.046880][T16835] CPU: 1 UID: 0 PID: 16835 Comm: syz.0.7542 Not tainted syzkaller #0 PREEMPT(full) 
[ 2691.046907][T16835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2691.046918][T16835] Call Trace:
[ 2691.046925][T16835]  <TASK>
[ 2691.046933][T16835]  dump_stack_lvl+0x16c/0x1f0
[ 2691.046961][T16835]  should_fail_ex+0x512/0x640
[ 2691.046987][T16835]  _copy_to_user+0x32/0xd0
[ 2691.047015][T16835]  simple_read_from_buffer+0xcb/0x170
[ 2691.047036][T16835]  proc_fail_nth_read+0x197/0x240
[ 2691.047059][T16835]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2691.047082][T16835]  ? rw_verify_area+0xcf/0x6c0
[ 2691.047110][T16835]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2691.047130][T16835]  vfs_read+0x1e1/0xcf0
[ 2691.047152][T16835]  ? __pfx___mutex_lock+0x10/0x10
[ 2691.047175][T16835]  ? __pfx_vfs_read+0x10/0x10
[ 2691.047200][T16835]  ? __fget_files+0x20e/0x3c0
[ 2691.047227][T16835]  ksys_read+0x12a/0x250
[ 2691.047245][T16835]  ? __pfx_ksys_read+0x10/0x10
[ 2691.047272][T16835]  do_syscall_64+0xcd/0x4c0
[ 2691.047297][T16835]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2691.047316][T16835] RIP: 0033:0x7fe1ec98d5fc
[ 2691.047332][T16835] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2691.047350][T16835] RSP: 002b:00007fe1ed7de030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2691.047368][T16835] RAX: ffffffffffffffda RBX: 00007fe1ecbc5fa0 RCX: 00007fe1ec98d5fc
[ 2691.047379][T16835] RDX: 000000000000000f RSI: 00007fe1ed7de0a0 RDI: 0000000000000004
[ 2691.047390][T16835] RBP: 00007fe1ed7de090 R08: 0000000000000000 R09: 0000000000000000
[ 2691.047400][T16835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2691.047416][T16835] R13: 00007fe1ecbc6038 R14: 00007fe1ecbc5fa0 R15: 00007ffe0d7d6d58
[ 2691.047442][T16835]  </TASK>
[ 2691.284935][T16837] tipc: Started in network mode
[ 2691.289820][T16837] tipc: Node identity be5da23b8f87, cluster identity 4711
[ 2691.297641][T16837] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 2691.306477][T16837] syzkaller0: mtu greater than device maximum
[ 2691.320449][T16836] tipc: Disabling bearer <eth:syzkaller0>
[ 2691.457623][T16854] netlink: 'syz.4.7546': attribute type 1 has an invalid length.
[ 2691.523238][T16856] syz_tun: entered allmulticast mode
[ 2691.532876][T16856] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7548'.
[ 2691.582735][T16856] syz_tun (unregistering): left allmulticast mode
[ 2691.725583][ T5964] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 2691.758579][T16863] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2691.794018][  T976] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[ 2691.883561][ T5964] usb 2-1: Using ep0 maxpacket: 16
[ 2691.954455][  T976] usb 1-1: Using ep0 maxpacket: 16
[ 2691.961638][ T5964] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2692.034784][  T976] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2692.097040][ T5964] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2692.183231][  T976] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[ 2692.260449][ T5964] usb 2-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[ 2692.270227][  T976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2692.280317][ T5964] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2692.289279][  T976] usb 1-1: Product: syz
[ 2692.293721][  T976] usb 1-1: Manufacturer: syz
[ 2692.301305][ T5964] usb 2-1: config 0 descriptor??
[ 2692.309017][  T976] usb 1-1: SerialNumber: syz
[ 2692.341325][  T976] usb 1-1: config 0 descriptor??
[ 2692.373952][ T5908] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[ 2692.385970][  T976] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 2692.728513][T17379] usb 1-1: USB disconnect, device number 45
[ 2692.735074][T21400] usb 1-1: Failed to submit usb control message: -71
[ 2692.743731][T21400] usb 1-1: unable to send the bmi data to the device: -71
[ 2692.755884][ T5964] apple 0003:05AC:024B.005B: unknown global tag 0xe
[ 2692.771632][ T5964] apple 0003:05AC:024B.005B: item 0 1 1 14 parsing failed
[ 2692.786875][ T5964] apple 0003:05AC:024B.005B: parse failed
[ 2692.798414][ T5964] apple 0003:05AC:024B.005B: probe with driver apple failed with error -22
[ 2692.801071][T21400] usb 1-1: unable to get target info from device
[ 2692.832692][T21400] usb 1-1: could not get target info (-71)
[ 2692.840257][T21400] usb 1-1: could not probe fw (-71)
[ 2692.974511][ T5964] usb 2-1: USB disconnect, device number 46
[ 2693.419987][T16918] netlink: 'syz.0.7553': attribute type 5 has an invalid length.
[ 2694.095965][T16929] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=16929 comm=syz.0.7556
[ 2694.240777][T16934] netlink: 'syz.6.7557': attribute type 2 has an invalid length.
[ 2694.636689][ T5908] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 2694.653415][ T5908] usb 5-1: no configurations
[ 2694.659441][ T5908] usb 5-1: can't read configurations, error -22
[ 2694.666943][T16939] netlink: 48 bytes leftover after parsing attributes in process `syz.6.7559'.
[ 2694.786008][T16948] netlink: 'syz.7.7558': attribute type 1 has an invalid length.
[ 2695.807784][T16962] netlink: 36 bytes leftover after parsing attributes in process `syz.7.7563'.
[ 2696.236352][T16957] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7562'.
[ 2697.253680][T16977] pim6reg: entered allmulticast mode
[ 2697.269829][   T30] audit: type=1326 audit(1757129344.304:2088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16976 comm="syz.7.7566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08c198ebe9 code=0x7ffc0000
[ 2697.446920][   T30] audit: type=1326 audit(1757129344.304:2089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16976 comm="syz.7.7566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f08c198ebe9 code=0x7ffc0000
[ 2697.518254][   T30] audit: type=1326 audit(1757129344.304:2090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16976 comm="syz.7.7566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08c198ebe9 code=0x7ffc0000
[ 2697.640962][T16976] pim6reg: left allmulticast mode
[ 2697.994545][   T30] audit: type=1326 audit(1757129344.314:2091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16976 comm="syz.7.7566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f08c1990b07 code=0x7ffc0000
[ 2698.070175][   T30] audit: type=1326 audit(1757129344.314:2092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16976 comm="syz.7.7566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f08c1990a7c code=0x7ffc0000
[ 2698.144191][   T30] audit: type=1326 audit(1757129344.314:2093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16976 comm="syz.7.7566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f08c19909b4 code=0x7ffc0000
[ 2698.417968][   T30] audit: type=1326 audit(1757129344.314:2094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16976 comm="syz.7.7566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f08c19909b4 code=0x7ffc0000
[ 2698.506097][   T30] audit: type=1326 audit(1757129344.314:2095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16976 comm="syz.7.7566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f08c198d84a code=0x7ffc0000
[ 2698.529552][   T30] audit: type=1326 audit(1757129344.324:2096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16976 comm="syz.7.7566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08c198ebe9 code=0x7ffc0000
[ 2698.553029][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2698.677724][   T30] audit: type=1326 audit(1757129344.324:2097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16976 comm="syz.7.7566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f08c198ebe9 code=0x7ffc0000
[ 2699.429218][T17020] netlink: 48 bytes leftover after parsing attributes in process `syz.7.7573'.
[ 2700.004389][ T5908] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[ 2700.773492][ T5908] usb 5-1: Using ep0 maxpacket: 8
[ 2700.997470][ T5908] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2701.027438][ T5908] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2701.066974][ T5908] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2701.159828][ T5908] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2701.176864][ T5908] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2701.190549][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2701.269789][T17054] FAULT_INJECTION: forcing a failure.
[ 2701.269789][T17054] name failslab, interval 1, probability 0, space 0, times 0
[ 2701.282800][T17054] CPU: 1 UID: 0 PID: 17054 Comm: syz.0.7581 Not tainted syzkaller #0 PREEMPT(full) 
[ 2701.282825][T17054] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2701.282836][T17054] Call Trace:
[ 2701.282843][T17054]  <TASK>
[ 2701.282851][T17054]  dump_stack_lvl+0x16c/0x1f0
[ 2701.282880][T17054]  should_fail_ex+0x512/0x640
[ 2701.282902][T17054]  ? __kmalloc_noprof+0xbf/0x510
[ 2701.282919][T17054]  ? vb2_core_allocated_buffers_storage+0xc4/0x220
[ 2701.282944][T17054]  should_failslab+0xc2/0x120
[ 2701.282965][T17054]  __kmalloc_noprof+0xd2/0x510
[ 2701.282981][T17054]  ? __pfx___schedule+0x10/0x10
[ 2701.283000][T17054]  ? trace_sched_exit_tp+0xd1/0x120
[ 2701.283025][T17054]  vb2_core_allocated_buffers_storage+0xc4/0x220
[ 2701.283052][T17054]  vb2_core_reqbufs+0x398/0xfe0
[ 2701.283082][T17054]  ? irqentry_exit+0x3b/0x90
[ 2701.283104][T17054]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[ 2701.283136][T17054]  ? vb2_verify_memory_type+0x295/0x620
[ 2701.283159][T17054]  ? vb2_verify_memory_type+0x1b5/0x620
[ 2701.283183][T17054]  ? vb2_verify_memory_type+0x1e1/0x620
[ 2701.283210][T17054]  vb2_ioctl_reqbufs+0x291/0x450
[ 2701.283236][T17054]  ? __pfx_vb2_ioctl_reqbufs+0x10/0x10
[ 2701.283262][T17054]  ? check_fmt+0x234/0x910
[ 2701.283291][T17054]  v4l_reqbufs+0x152/0x1e0
[ 2701.283311][T17054]  __video_do_ioctl+0xb3d/0xfc0
[ 2701.283335][T17054]  ? __might_fault+0xe3/0x190
[ 2701.283354][T17054]  ? __pfx___video_do_ioctl+0x10/0x10
[ 2701.283384][T17054]  video_usercopy+0x4d0/0x1720
[ 2701.283407][T17054]  ? __pfx___video_do_ioctl+0x10/0x10
[ 2701.283427][T17054]  ? selinux_kernel_read_file+0xc0/0x130
[ 2701.283454][T17054]  ? __pfx_video_usercopy+0x10/0x10
[ 2701.283511][T17054]  v4l2_ioctl+0x1ba/0x250
[ 2701.283530][T17054]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 2701.283550][T17054]  __x64_sys_ioctl+0x18e/0x210
[ 2701.283581][T17054]  do_syscall_64+0xcd/0x4c0
[ 2701.283606][T17054]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2701.283624][T17054] RIP: 0033:0x7fe1ec98ebe9
[ 2701.283639][T17054] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2701.283657][T17054] RSP: 002b:00007fe1ed79c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2701.283674][T17054] RAX: ffffffffffffffda RBX: 00007fe1ecbc6180 RCX: 00007fe1ec98ebe9
[ 2701.283686][T17054] RDX: 00002000000000c0 RSI: 00000000c0145608 RDI: 0000000000000006
[ 2701.283697][T17054] RBP: 00007fe1ed79c090 R08: 0000000000000000 R09: 0000000000000000
[ 2701.283708][T17054] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2701.283719][T17054] R13: 00007fe1ecbc6218 R14: 00007fe1ecbc6180 R15: 00007ffe0d7d6d58
[ 2701.283744][T17054]  </TASK>
[ 2701.825236][ T5908] usb 5-1: GET_CAPABILITIES returned 0
[ 2701.875618][ T5908] usbtmc 5-1:16.0: can't read capabilities
[ 2702.306099][T17071] usbtmc 5-1:16.0: usbtmc488_ioctl_trigger returned -90
[ 2703.091841][T17065] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=17168 sclass=netlink_route_socket pid=17065 comm=syz.0.7584
[ 2703.184394][ T5964] usb 5-1: USB disconnect, device number 40
[ 2703.602939][ T5908] usb 1-1: new low-speed USB device number 46 using dummy_hcd
[ 2703.878683][ T5908] usb 1-1: config 0 has an invalid interface number: 207 but max is 0
[ 2703.886916][ T5908] usb 1-1: config 0 has no interface number 0
[ 2703.893418][ T5908] usb 1-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=da.df
[ 2703.902441][ T5908] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2704.458018][ T5908] usb 1-1: config 0 descriptor??
[ 2704.519570][ T5908] usb 1-1: selecting invalid altsetting 3
[ 2704.666833][ T5908] comedi comedi4: could not set alternate setting 3 in high speed
[ 2704.695365][ T5908] usbdux 1-1:0.207: driver 'usbdux' failed to auto-configure device.
[ 2704.721521][ T5908] usbdux 1-1:0.207: probe with driver usbdux failed with error -22
[ 2705.637662][T17085] netlink: 24 bytes leftover after parsing attributes in process `syz.0.7587'.
[ 2705.926770][   T92] usb 1-1: USB disconnect, device number 46
[ 2707.580433][T17149] FAULT_INJECTION: forcing a failure.
[ 2707.580433][T17149] name failslab, interval 1, probability 0, space 0, times 0
[ 2707.632907][T17149] CPU: 0 UID: 0 PID: 17149 Comm: syz.0.7598 Not tainted syzkaller #0 PREEMPT(full) 
[ 2707.632935][T17149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2707.632946][T17149] Call Trace:
[ 2707.632952][T17149]  <TASK>
[ 2707.632959][T17149]  dump_stack_lvl+0x16c/0x1f0
[ 2707.632987][T17149]  should_fail_ex+0x512/0x640
[ 2707.633009][T17149]  ? fs_reclaim_acquire+0xae/0x150
[ 2707.633035][T17149]  ? tomoyo_encode2+0x100/0x3e0
[ 2707.633063][T17149]  should_failslab+0xc2/0x120
[ 2707.633084][T17149]  __kmalloc_noprof+0xd2/0x510
[ 2707.633103][T17149]  ? d_absolute_path+0x136/0x1a0
[ 2707.633133][T17149]  tomoyo_encode2+0x100/0x3e0
[ 2707.633161][T17149]  tomoyo_encode+0x29/0x50
[ 2707.633192][T17149]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 2707.633226][T17149]  tomoyo_path_number_perm+0x245/0x580
[ 2707.633247][T17149]  ? tomoyo_path_number_perm+0x237/0x580
[ 2707.633272][T17149]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2707.633296][T17149]  ? find_held_lock+0x2b/0x80
[ 2707.633342][T17149]  ? find_held_lock+0x2b/0x80
[ 2707.633362][T17149]  ? hook_file_ioctl_common+0x145/0x410
[ 2707.633386][T17149]  ? __fget_files+0x20e/0x3c0
[ 2707.633409][T17149]  security_file_ioctl+0x9b/0x240
[ 2707.633436][T17149]  __x64_sys_ioctl+0xb7/0x210
[ 2707.633471][T17149]  do_syscall_64+0xcd/0x4c0
[ 2707.633492][T17149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2707.633508][T17149] RIP: 0033:0x7fe1ec98ebe9
[ 2707.633520][T17149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2707.633535][T17149] RSP: 002b:00007fe1ed7de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2707.633550][T17149] RAX: ffffffffffffffda RBX: 00007fe1ecbc5fa0 RCX: 00007fe1ec98ebe9
[ 2707.633563][T17149] RDX: 0000200000000100 RSI: 00000000c02064b2 RDI: 0000000000000003
[ 2707.633573][T17149] RBP: 00007fe1ed7de090 R08: 0000000000000000 R09: 0000000000000000
[ 2707.633581][T17149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2707.633590][T17149] R13: 00007fe1ecbc6038 R14: 00007fe1ecbc5fa0 R15: 00007ffe0d7d6d58
[ 2707.633610][T17149]  </TASK>
[ 2707.633662][T17149] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2707.999285][T17151] fuse: Unknown parameter 'user_id00000000000000000000'
[ 2708.901523][   T92] usb 7-1: new high-speed USB device number 95 using dummy_hcd
[ 2709.133805][T17171] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7604'.
[ 2709.154866][   T92] usb 7-1: Using ep0 maxpacket: 32
[ 2709.167051][   T92] usb 7-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 2709.177296][   T92] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2709.225813][   T92] usb 7-1: config 0 descriptor??
[ 2709.436574][   T92] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 2709.484014][   T92] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2709.533776][   T92] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 2709.564299][   T92] usb 7-1: media controller created
[ 2709.600525][   T92] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2709.842628][T12827] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[ 2709.889830][   T92] az6027: usb out operation failed. (-71)
[ 2709.898880][   T92] az6027: usb out operation failed. (-71)
[ 2709.936930][   T92] stb0899_attach: Driver disabled by Kconfig
[ 2709.947758][   T92] az6027: no front-end attached
[ 2709.947758][   T92] 
[ 2709.959319][   T92] az6027: usb out operation failed. (-71)
[ 2709.973831][   T92] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 2710.002804][T12827] usb 5-1: Using ep0 maxpacket: 8
[ 2710.018106][T12827] usb 5-1: config 246 has an invalid interface number: 144 but max is 0
[ 2710.064117][   T92] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.6/usb7/7-1/input/input155
[ 2710.094905][T12827] usb 5-1: config 246 has no interface number 0
[ 2710.176766][T12827] usb 5-1: config 246 interface 144 has no altsetting 0
[ 2710.304532][ T5908] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[ 2710.307932][   T92] dvb-usb: schedule remote query interval to 400 msecs.
[ 2710.353150][   T92] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 2710.353779][T12827] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=c6.3d
[ 2710.416398][   T92] usb 7-1: USB disconnect, device number 95
[ 2710.493880][T12827] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2710.501922][T12827] usb 5-1: Product: syz
[ 2710.541965][T12827] usb 5-1: Manufacturer: syz
[ 2710.552070][T12827] usb 5-1: SerialNumber: syz
[ 2710.565341][   T92] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 2710.565517][ T5908] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[ 2710.590955][T12827] r8152-cfgselector 5-1: Unknown version 0x0000
[ 2710.635044][ T5908] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2710.647752][ T5908] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 2710.658163][ T5908] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 2710.667042][ T5908] usb 1-1: Manufacturer: syz
[ 2710.682630][ T5908] usb 1-1: config 0 descriptor??
[ 2711.423454][T17242] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 2712.553528][ T5908] rc_core: IR keymap rc-hauppauge not found
[ 2712.565532][ T5908] Registered IR keymap rc-empty
[ 2712.576302][ T5908] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[ 2712.629661][ T5908] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input156
[ 2713.025661][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[ 2713.112379][   T92] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 2713.417006][ T5923] usb 7-1: new high-speed USB device number 96 using dummy_hcd
[ 2713.515585][T12827] r8152-cfgselector 5-1: USB disconnect, device number 41
[ 2713.610216][T17292] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7620'.
[ 2713.645721][  T697] usb 1-1: USB disconnect, device number 47
[ 2713.663627][ T5923] usb 7-1: Using ep0 maxpacket: 16
[ 2713.702270][ T5923] usb 7-1: config 0 has no interfaces?
[ 2713.719044][ T5923] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 8.f8
[ 2713.729803][ T5923] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2713.739623][ T5923] usb 7-1: Product: syz
[ 2713.746184][ T5923] usb 7-1: Manufacturer: syz
[ 2713.751931][ T5923] usb 7-1: SerialNumber: syz
[ 2713.765224][ T5923] usb 7-1: config 0 descriptor??
[ 2714.413029][ T5964] usb 7-1: USB disconnect, device number 96
[ 2714.491334][T17278] netlink: 'syz.7.7619': attribute type 13 has an invalid length.
[ 2715.152692][   T30] kauditd_printk_skb: 28 callbacks suppressed
[ 2715.152762][   T30] audit: type=1400 audit(1757129362.345:2126): avc:  denied  { bind } for  pid=17273 comm="syz.7.7619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2715.271671][T17278] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 2715.286339][T17325] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 2715.295676][T17274] lo speed is unknown, defaulting to 1000
[ 2715.422180][    C1] ------------[ cut here ]------------
[ 2715.428299][    C1] ODEBUG: activate active (active state 0) object: ffff88802709eed8 object type: rcu_head hint: 0x0
[ 2715.439488][    C1] WARNING: CPU: 1 PID: 21409 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0
[ 2715.449239][    C1] Modules linked in:
[ 2715.453690][    C1] CPU: 1 UID: 0 PID: 21409 Comm: kworker/u8:30 Not tainted syzkaller #0 PREEMPT(full) 
[ 2715.463576][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2715.473679][    C1] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[ 2715.481532][    C1] RIP: 0010:debug_print_object+0x1a2/0x2b0
[ 2715.487423][    C1] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd e0 3b 16 8c 4c 89 e6 48 c7 c7 60 30 16 8c e8 df 54 8f fc 90 <0f> 0b 90 90 58 83 05 46 b6 c0 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[ 2715.507077][    C1] RSP: 0018:ffffc90000a08ad8 EFLAGS: 00010286
[ 2715.513194][    C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a3388
[ 2715.521157][    C1] RDX: ffff888054c32440 RSI: ffffffff817a3395 RDI: 0000000000000001
[ 2715.529160][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[ 2715.537163][    C1] R10: 0000000000000000 R11: 00000000000be638 R12: ffffffff8c163680
[ 2715.545172][    C1] R13: ffffffff8baeb6a0 R14: 0000000000000000 R15: ffffc90000a08b98
[ 2715.553155][    C1] FS:  0000000000000000(0000) GS:ffff8881247b6000(0000) knlGS:0000000000000000
[ 2715.562094][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2715.568677][    C1] CR2: 00007f28947ea38c CR3: 000000000e380000 CR4: 00000000003526f0
[ 2715.576664][    C1] Call Trace:
[ 2715.579954][    C1]  <IRQ>
[ 2715.582791][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 2715.588587][    C1]  debug_object_activate+0x2bc/0x4c0
[ 2715.593888][    C1]  ? __pfx_debug_object_activate+0x10/0x10
[ 2715.599706][    C1]  ? find_held_lock+0x2b/0x80
[ 2715.604396][    C1]  ? do_raw_spin_unlock+0x172/0x230
[ 2715.609578][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 2715.615390][    C1]  ? __pfx_radix_tree_node_rcu_free+0x10/0x10
[ 2715.621465][    C1]  __call_rcu_common.constprop.0+0x35/0xa10
[ 2715.627439][    C1]  delete_node+0x1fc/0x8d0
[ 2715.631857][    C1]  ? find_held_lock+0x2b/0x80
[ 2715.636569][    C1]  __radix_tree_delete+0x193/0x3d0
[ 2715.641667][    C1]  radix_tree_delete_item+0xea/0x230
[ 2715.646980][    C1]  ? __pfx_radix_tree_delete_item+0x10/0x10
[ 2715.652889][    C1]  ? queue_work_on+0x12a/0x1f0
[ 2715.657654][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2715.662874][    C1]  ? queue_work_on+0x8b/0x1f0
[ 2715.667587][    C1]  ? rcu_core+0x797/0x1530
[ 2715.672013][    C1]  ? rcu_core+0x797/0x1530
[ 2715.676439][    C1]  afs_cell_destroy+0x1db/0x310
[ 2715.681299][    C1]  rcu_core+0x799/0x1530
[ 2715.685570][    C1]  ? __pfx_rcu_core+0x10/0x10
[ 2715.690254][    C1]  ? mark_held_locks+0x49/0x80
[ 2715.695065][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 2715.701053][    C1]  handle_softirqs+0x219/0x8e0
[ 2715.705848][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 2715.711144][    C1]  __irq_exit_rcu+0x109/0x170
[ 2715.715851][    C1]  irq_exit_rcu+0x9/0x30
[ 2715.720117][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 2715.725772][    C1]  </IRQ>
[ 2715.728687][    C1]  <TASK>
[ 2715.731606][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2715.737575][    C1] RIP: 0010:lock_release+0x183/0x2f0
[ 2715.742856][    C1] Code: 0f c1 05 f8 1d 3f 12 83 f8 01 0f 85 1d 01 00 00 9c 58 f6 c4 02 0f 85 08 01 00 00 41 f7 c5 00 02 00 00 74 01 fb 48 8b 44 24 10 <65> 48 2b 05 0d dc 3e 12 0f 85 58 01 00 00 48 83 c4 18 5b 41 5c 41
[ 2715.762482][    C1] RSP: 0018:ffffc900110dfa78 EFLAGS: 00000206
[ 2715.768573][    C1] RAX: c04d37ee621dd100 RBX: ffffffff8e5c1260 RCX: ffffc900110dfa84
[ 2715.776553][    C1] RDX: 0000000000000003 RSI: ffffffff8de2c4c0 RDI: ffffffff8c162b00
[ 2715.784528][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[ 2715.792495][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8b5bf950
[ 2715.800626][    C1] R13: 0000000000000202 R14: ffff888054c32440 R15: 0000000000000004
[ 2715.808618][    C1]  ? batadv_iv_ogm_schedule_buff+0x780/0x14c0
[ 2715.814727][    C1]  batadv_iv_ogm_schedule_buff+0x785/0x14c0
[ 2715.820623][    C1]  ? __pfx_batadv_iv_ogm_schedule_buff+0x10/0x10
[ 2715.826977][    C1]  ? batadv_send_skb_packet+0x5dd/0x780
[ 2715.832542][    C1]  batadv_iv_send_outstanding_bat_ogm_packet+0x329/0x920
[ 2715.839576][    C1]  process_one_work+0x9cc/0x1b70
[ 2715.844546][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 2715.849905][    C1]  ? __pfx_process_one_work+0x10/0x10
[ 2715.855306][    C1]  ? assign_work+0x1a0/0x250
[ 2715.859895][    C1]  worker_thread+0x6c8/0xf10
[ 2715.864514][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 2715.869623][    C1]  kthread+0x3c2/0x780
[ 2715.873701][    C1]  ? __pfx_kthread+0x10/0x10
[ 2715.878280][    C1]  ? rcu_is_watching+0x12/0xc0
[ 2715.883081][    C1]  ? __pfx_kthread+0x10/0x10
[ 2715.887751][    C1]  ret_from_fork+0x5d4/0x6f0
[ 2715.892352][    C1]  ? __pfx_kthread+0x10/0x10
[ 2715.896940][    C1]  ret_from_fork_asm+0x1a/0x30
[ 2715.901714][    C1]  </TASK>
[ 2715.904748][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 2715.912017][    C1] CPU: 1 UID: 0 PID: 21409 Comm: kworker/u8:30 Not tainted syzkaller #0 PREEMPT(full) 
[ 2715.921650][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 2715.931711][    C1] Workqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet
[ 2715.939604][    C1] Call Trace:
[ 2715.942871][    C1]  <IRQ>
[ 2715.945704][    C1]  dump_stack_lvl+0x3d/0x1f0
[ 2715.950285][    C1]  vpanic+0x6e8/0x7a0
[ 2715.954274][    C1]  ? __pfx_vpanic+0x10/0x10
[ 2715.958784][    C1]  ? debug_print_object+0x1a2/0x2b0
[ 2715.963977][    C1]  panic+0xca/0xd0
[ 2715.967711][    C1]  ? __pfx_panic+0x10/0x10
[ 2715.972179][    C1]  ? check_panic_on_warn+0x1f/0xb0
[ 2715.977307][    C1]  check_panic_on_warn+0xab/0xb0
[ 2715.982249][    C1]  __warn+0xf6/0x3c0
[ 2715.986148][    C1]  ? debug_print_object+0x1a2/0x2b0
[ 2715.991330][    C1]  report_bug+0x3c3/0x580
[ 2715.995638][    C1]  ? debug_print_object+0x1a2/0x2b0
[ 2716.000922][    C1]  handle_bug+0x184/0x210
[ 2716.005274][    C1]  exc_invalid_op+0x17/0x50
[ 2716.009779][    C1]  asm_exc_invalid_op+0x1a/0x20
[ 2716.014627][    C1] RIP: 0010:debug_print_object+0x1a2/0x2b0
[ 2716.020442][    C1] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd e0 3b 16 8c 4c 89 e6 48 c7 c7 60 30 16 8c e8 df 54 8f fc 90 <0f> 0b 90 90 58 83 05 46 b6 c0 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d
[ 2716.040067][    C1] RSP: 0018:ffffc90000a08ad8 EFLAGS: 00010286
[ 2716.046838][    C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a3388
[ 2716.054800][    C1] RDX: ffff888054c32440 RSI: ffffffff817a3395 RDI: 0000000000000001
[ 2716.062751][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[ 2716.070702][    C1] R10: 0000000000000000 R11: 00000000000be638 R12: ffffffff8c163680
[ 2716.078663][    C1] R13: ffffffff8baeb6a0 R14: 0000000000000000 R15: ffffc90000a08b98
[ 2716.086647][    C1]  ? __warn_printk+0x198/0x350
[ 2716.091462][    C1]  ? __warn_printk+0x1a5/0x350
[ 2716.096243][    C1]  ? debug_print_object+0x1a1/0x2b0
[ 2716.101469][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 2716.107292][    C1]  debug_object_activate+0x2bc/0x4c0
[ 2716.112584][    C1]  ? __pfx_debug_object_activate+0x10/0x10
[ 2716.118381][    C1]  ? find_held_lock+0x2b/0x80
[ 2716.123053][    C1]  ? do_raw_spin_unlock+0x172/0x230
[ 2716.128260][    C1]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 2716.134073][    C1]  ? __pfx_radix_tree_node_rcu_free+0x10/0x10
[ 2716.140138][    C1]  __call_rcu_common.constprop.0+0x35/0xa10
[ 2716.146062][    C1]  delete_node+0x1fc/0x8d0
[ 2716.150481][    C1]  ? find_held_lock+0x2b/0x80
[ 2716.155151][    C1]  __radix_tree_delete+0x193/0x3d0
[ 2716.160268][    C1]  radix_tree_delete_item+0xea/0x230
[ 2716.165544][    C1]  ? __pfx_radix_tree_delete_item+0x10/0x10
[ 2716.171415][    C1]  ? queue_work_on+0x12a/0x1f0
[ 2716.176160][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2716.181340][    C1]  ? queue_work_on+0x8b/0x1f0
[ 2716.186023][    C1]  ? rcu_core+0x797/0x1530
[ 2716.190452][    C1]  ? rcu_core+0x797/0x1530
[ 2716.194878][    C1]  afs_cell_destroy+0x1db/0x310
[ 2716.199719][    C1]  rcu_core+0x799/0x1530
[ 2716.203938][    C1]  ? __pfx_rcu_core+0x10/0x10
[ 2716.208600][    C1]  ? mark_held_locks+0x49/0x80
[ 2716.213371][    C1]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 2716.219246][    C1]  handle_softirqs+0x219/0x8e0
[ 2716.224006][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 2716.229281][    C1]  __irq_exit_rcu+0x109/0x170
[ 2716.233950][    C1]  irq_exit_rcu+0x9/0x30
[ 2716.238178][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 2716.243815][    C1]  </IRQ>
[ 2716.246729][    C1]  <TASK>
[ 2716.249653][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2716.255640][    C1] RIP: 0010:lock_release+0x183/0x2f0
[ 2716.260934][    C1] Code: 0f c1 05 f8 1d 3f 12 83 f8 01 0f 85 1d 01 00 00 9c 58 f6 c4 02 0f 85 08 01 00 00 41 f7 c5 00 02 00 00 74 01 fb 48 8b 44 24 10 <65> 48 2b 05 0d dc 3e 12 0f 85 58 01 00 00 48 83 c4 18 5b 41 5c 41
[ 2716.280524][    C1] RSP: 0018:ffffc900110dfa78 EFLAGS: 00000206
[ 2716.286582][    C1] RAX: c04d37ee621dd100 RBX: ffffffff8e5c1260 RCX: ffffc900110dfa84
[ 2716.294624][    C1] RDX: 0000000000000003 RSI: ffffffff8de2c4c0 RDI: ffffffff8c162b00
[ 2716.302587][    C1] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000
[ 2716.310541][    C1] R10: 0000000000000001 R11: 0000000000000000 R12: ffffffff8b5bf950
[ 2716.318499][    C1] R13: 0000000000000202 R14: ffff888054c32440 R15: 0000000000000004
[ 2716.326472][    C1]  ? batadv_iv_ogm_schedule_buff+0x780/0x14c0
[ 2716.332568][    C1]  batadv_iv_ogm_schedule_buff+0x785/0x14c0
[ 2716.338470][    C1]  ? __pfx_batadv_iv_ogm_schedule_buff+0x10/0x10
[ 2716.345291][    C1]  ? batadv_send_skb_packet+0x5dd/0x780
[ 2716.350835][    C1]  batadv_iv_send_outstanding_bat_ogm_packet+0x329/0x920
[ 2716.357867][    C1]  process_one_work+0x9cc/0x1b70
[ 2716.362808][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[ 2716.368164][    C1]  ? __pfx_process_one_work+0x10/0x10
[ 2716.373522][    C1]  ? assign_work+0x1a0/0x250
[ 2716.378106][    C1]  worker_thread+0x6c8/0xf10
[ 2716.382705][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 2716.387890][    C1]  kthread+0x3c2/0x780
[ 2716.391945][    C1]  ? __pfx_kthread+0x10/0x10
[ 2716.396521][    C1]  ? rcu_is_watching+0x12/0xc0
[ 2716.401282][    C1]  ? __pfx_kthread+0x10/0x10
[ 2716.405874][    C1]  ret_from_fork+0x5d4/0x6f0
[ 2716.410460][    C1]  ? __pfx_kthread+0x10/0x10
[ 2716.415047][    C1]  ret_from_fork_asm+0x1a/0x30
[ 2716.419824][    C1]  </TASK>
[ 2716.423147][    C1] Kernel Offset: disabled
[ 2716.427459][    C1] Rebooting in 86400 seconds..