last executing test programs:

12m53.145198705s ago: executing program 1 (id=2067):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r4], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000005880)=@newtfilter={0x34, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0xfff2}, {0x4}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x7}, @TCA_RATE={0x6, 0x5, {0x81, 0x1}}]}, 0x34}}, 0x10)

12m53.09541434s ago: executing program 1 (id=2070):
r0 = socket$nl_generic(0x11, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r1, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
sendmsg$inet(r1, &(0x7f0000000280)={&(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10, 0x0, 0x0, &(0x7f00000001c0)=ANY=[], 0x60}, 0x20044881)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000540)='kmem_cache_free\x00'}, 0x18)
r3 = socket(0x10, 0x80002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000980)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000000feffff720a00fef8ffffff71a400fe0000000071105000000000001d300200000000004704000001ed030407030000020000001d2c62232d7907b5eac1b43062176da444000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
sendmmsg$alg(r3, &(0x7f00000000c0), 0x492492492492627, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0, <r5=>0xffffffffffffffff}, 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{0xffffffffffffffff, <r6=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000001c0)}, 0x20)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000280)={'ip6gre0\x00', &(0x7f00000004c0)={'ip6_vti0\x00', <r7=>0x0, 0x29, 0x5, 0x3, 0x0, 0x5, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8, 0x7, 0xe, 0x3}})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r9 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)
r10 = fsmount(r9, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r8, r10, 0x1, 0x0, @void}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000580)={0xffff, <r11=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0xd, 0x16, &(0x7f0000000300)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @alu={0x7, 0x0, 0x1715314de1069410, 0x6, 0x0, 0x40, 0x8}, @map_idx={0x18, 0x8, 0x5, 0x0, 0x1}, @exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}}, @map_val={0x18, 0x5, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x5}, @exit], &(0x7f0000000240)='syzkaller\x00', 0x59a1417, 0x8b, &(0x7f0000000680)=""/139, 0x40f00, 0x0, '\x00', r7, @fallback=0x33, r10, 0x8, &(0x7f00000003c0)={0x5, 0x4}, 0x8, 0x10, 0x0, 0x0, r11, 0xffffffffffffffff, 0x4, 0x0, &(0x7f0000000600)=[{0x0, 0x5, 0x9, 0xb}, {0x2, 0x1, 0xb, 0x5}, {0x3, 0x5, 0x10, 0xd}, {0x4, 0x3, 0x5, 0xa}], 0x10, 0x101, @void, @value}, 0x94)
sendmsg$nl_xfrm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000400)=ANY=[@ANYBLOB="54020000170001000000000000000000200100000000000000000000000000010000000000000000ac141400000000000000000000000000fc020000000000000003000000000000e000000200001000000000000000000000000000000000080a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="1242ffff040000000000000000000037660b6aff000000000000000000000000000000000000000002000020", @ANYRES32, @ANYRES32], 0x254}}, 0x0)

12m53.019834416s ago: executing program 1 (id=2071):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x800)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
semget(0x3, 0x3, 0x6c8)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r4, 0x0, 0x1, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000030002001040e5"], 0x44}, 0x1, 0x0, 0x0, 0x4048800}, 0x0)

12m52.501240833s ago: executing program 1 (id=2073):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000040)=@framed={{}, [@printk={@s}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000240)="b9ff03316844268cb89e14f00800", 0x0, 0x9, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x201, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000280)="8d56b616ff620d9d6dcd3292ea542b99c882537f00000000", 0x18)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be521634", 0xc}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@assoc={0x18, 0x117, 0x4, 0x40}], 0x18}], 0x1, 0x40800)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x92)
r4 = socket(0x15, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x2718, 0x0, &(0x7f0000000000))
write$sequencer(r1, &(0x7f0000000000)=[@l={0x92, 0x0, 0xc0}], 0x8)

12m52.189033547s ago: executing program 1 (id=2075):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000001340), 0x2, 0x0)
ioctl$UI_BEGIN_FF_ERASE(r0, 0xc00c55ca, &(0x7f0000001380)={0x10, 0x1}) (fail_nth: 6)

12m51.825001676s ago: executing program 1 (id=2078):
capset(&(0x7f0000000080)={0x0, 0xffffffffffffffff}, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2010, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000000000/0x2000)=nil)
chdir(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x117)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000040000000000000000707dc08033e1624e740e95450d63bdf90e37ea00", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES64=r4], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="659c2d5606971b36e208a11619c996fd60bd90322b69ce0983909928ee43617e061288d9d27dd9e925a8437114106d5ac852fe0cab6cc448dd5705b8ff41344c5294b7c8e75991112d", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r4}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r6}, 0x10)
pipe2$9p(&(0x7f0000000180)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x84800)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
r9 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r9, 0xc02064b2, &(0x7f0000000040)={0x40028, 0x6576, 0x1})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r9, 0x100000000)
syz_open_procfs(0x0, &(0x7f0000000440)='net/route\x00')

12m36.807697334s ago: executing program 32 (id=2078):
capset(&(0x7f0000000080)={0x0, 0xffffffffffffffff}, &(0x7f0000000040))
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2010, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x2000, 0x3, &(0x7f0000000000/0x2000)=nil)
chdir(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x117)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000040000000000000000707dc08033e1624e740e95450d63bdf90e37ea00", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES64=r4], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="659c2d5606971b36e208a11619c996fd60bd90322b69ce0983909928ee43617e061288d9d27dd9e925a8437114106d5ac852fe0cab6cc448dd5705b8ff41344c5294b7c8e75991112d", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0, 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r4}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='9p_client_res\x00', r6}, 0x10)
pipe2$9p(&(0x7f0000000180)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x84800)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r7, @ANYBLOB=',wfdno=', @ANYRESHEX=r8])
r9 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r9, 0xc02064b2, &(0x7f0000000040)={0x40028, 0x6576, 0x1})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r9, 0x100000000)
syz_open_procfs(0x0, &(0x7f0000000440)='net/route\x00')

12m18.502704492s ago: executing program 2 (id=2206):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='hugetlbfs\x00', 0x0, 0x0)
r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x24800, 0x0)
read$FUSE(r0, &(0x7f00000013c0)={0x2020}, 0x2020)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r1, 0x10001, 0x0)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000001340), 0x2, 0x0)
ioctl$UI_BEGIN_FF_ERASE(r2, 0xc00c55ca, &(0x7f0000001380)={0x10, 0x1})

12m18.085393096s ago: executing program 2 (id=2211):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendto$packet(0xffffffffffffffff, &(0x7f0000000340), 0x0, 0x20000001, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000500)=ANY=[], 0x15)
fcntl$lock(r2, 0x24, &(0x7f0000000300)={0x2, 0x1, 0x2, 0x7fef})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000100)=0x1)
sendmmsg$alg(r4, 0x0, 0x0, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000000)=ANY=[], 0x33fe0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)

12m17.074498889s ago: executing program 2 (id=2213):
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfdef)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$ENABLE_STATS(0x20, &(0x7f0000000040), 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, 0x0, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x2, &(0x7f0000006680))
mknod(&(0x7f0000000280)='./file0\x00', 0x0, 0xfffffffd)
faccessat2(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x2, 0x0)
socket$igmp(0x2, 0x3, 0x2)
setsockopt$inet_mreq(r2, 0x0, 0x20, &(0x7f0000000000)={@initdev={0xac, 0x1e, 0x1, 0x0}, @local}, 0x8)
syz_emit_ethernet(0x46, 0x0, 0x0)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x80201, 0x0)
write$rfkill(r3, &(0x7f0000000000)={0x0, 0x8, 0x2, 0x1}, 0x8)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0)
socket(0x10, 0x3, 0x0)
openat$cgroup_ro(r4, &(0x7f0000000080)='net_prio.prioidx\x00', 0x0, 0x0)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x145100)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r5, 0x3ba0, &(0x7f0000000440)={0x87})

12m16.554287351s ago: executing program 2 (id=2216):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001d00)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff7ff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b70500000000e000720a23fe000000008500000012000000b70000000000000095000000000000004e6258941c823b7505608556ba4ababb42684e890d31ae450400373a0a5447a801b8c1c4f0c4bd97c6555e61345400f9bd42abeb9ade0105000000000000a21902ff07000094a2b51c21df74924f5436a6ed89b98f75e800230c49c90fe1336481f3b92a63336c36fcd745d61d7739c6554ca201000000bebbe8282f8b1e26407437a397bf8f50e87ed4d27adfd876bffc402887781979461c4363bc5c9b6202ea471428197ef88bc333fbcec0ea4334f1ddb9d679ae95a90fd41d528f58d305000000435883df6c10ce86188c92292b2d0226082960be682836bdff8b0971f2a5405e453228e7b1005bd73479358a90df3e481947de6453736aa572158af6ea63d6d418fbbd2bba050000001da000ef78df03000000d19913a5fb03c79dac2e489f68127892658115e7ffb588a71dffffff951b8535167ab8069a2c92a3aa18e22517000026637b4c34bf2d0aa304ed42bf70480e9e97203fd169411f37fddd1f7fbe16dbbc0f307bceb5064f388a0350c3dc928b0e638b1e2b2a9d25264233e5d45eb377f56b95241024dbe30f67191c2b56b70328d6d3215dfffe5d89af1d10599bd494d921d1fb2db99b6aba0fa978f41eb1d4c553e5a9326ed550c13f8dd36716a899a1e79234294707c5312b924d142c17b20bb80ee202222c03fa84ccc374e717f694018630366397266090a82343aedfbf7afe892390c2eb775b0d16073da2229958db05de7df6ab7600004000010000006d8081cb3bf251d906c00da0e23b50465f8394820be571e3592d0000c7ef10fdc462e7040e7074ec43aa461fc54401a76406db718d4efd6c1bd10ce1d087cf9bba461162555a95524c84df0952d32093082b7aa71304e0d2d9ec310d1b676b378a5879e47941de1a28c3a8f400000000000000000e032b7d2badd0bc6617a859b7ac273b6304555f664469cec152030f06cc"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x14, 0x2, 0x6, 0x5, 0x0, 0x0, {0xa}}, 0x14}}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r3 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000400)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f0000000380)='./file0/../file0/../file0/../file0\x00')
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d5f549b, 0x0, [0xffffffffffffffff, 0x3, 0x410e, 0x3, 0x1, 0x8, 0xfffffffffffffffc, 0x800000]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

12m15.929244086s ago: executing program 2 (id=2219):
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1000000032ac10210000000000004000"], 0x10}}, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
mount(0x0, 0x0, 0x0, 0x2000000, 0x0)
r1 = syz_open_dev$evdev(0x0, 0x3, 0x822b01)
write$char_usb(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r3, &(0x7f0000000040)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r3, &(0x7f00000000c0), 0x2)
preadv(r3, &(0x7f0000000b00)=[{0x0}, {&(0x7f0000000800)=""/21, 0x15}], 0x2, 0x1000, 0x3)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)
r4 = socket$inet(0x2, 0x2, 0x0)
getsockopt$inet_mreqsrc(r4, 0x0, 0x33, 0x0, &(0x7f0000000040))
socket$inet6_udp(0xa, 0x2, 0x0)
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='jfs\x00', 0x1, &(0x7f0000000100)='x\xe2~\x0fU@\xa0\x18\xa6\xc5?\xf0\x01\xfd\xccy\xb3}\xa3y1\x85\xa3\xe2\x7f#\xbb\x9a\xfe\x01\xe8!\x86|\x8d\x83\xfb\x8a\xa3z\x85`\xc5\x94\v+Yv\xdd\xd6\xe4/\xf9b\x00\x00\x00\x00\x00\x00\x00')
setrlimit(0x8, &(0x7f00000001c0)={0x8})

12m15.53875204s ago: executing program 2 (id=2220):
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_emit_ethernet(0xbc, &(0x7f0000000640)={@random="1c0323288bb8", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x86, 0x3a, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, {[], @ni={0x8c, 0x0, 0x0, 0x1, 0xb, 0x9, "b7b2347d3fd3d9d22706e1d97935d6630b0b9e2805b9f768f7ecef7801b37e573a4d790c8d42ad5beb188ade7f6d9f1ce2c37cc80741973ed7cf853b6adc179fd61fe32a513e828792751ed1e9f2e1b639a7e96d949707157d28f3501b37e922843337fe361d7a2be289daa7e04a4094e520c4704f8b"}}}}}}, 0x0)
set_mempolicy(0x3, &(0x7f00000000c0)=0x7, 0xa)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binfmt_format(0xffffff9c, &(0x7f0000000080)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioperm(0x7, 0x449, 0x7ff)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0x0], 0x1}, 0x58)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000002000000950000000027d508"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc4c85513, &(0x7f0000000b00)={{0x2, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x400000, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xc6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x81, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8838, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x3, 0x800000000000000, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x6, 0x0, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]})
writev(0xffffffffffffffff, 0x0, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_tree(r1, &(0x7f0000000240)='./file0\x00', 0x900)
sendfile(r0, r1, 0x0, 0x1000004)

12m15.360262889s ago: executing program 33 (id=2220):
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_emit_ethernet(0xbc, &(0x7f0000000640)={@random="1c0323288bb8", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x86, 0x3a, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, {[], @ni={0x8c, 0x0, 0x0, 0x1, 0xb, 0x9, "b7b2347d3fd3d9d22706e1d97935d6630b0b9e2805b9f768f7ecef7801b37e573a4d790c8d42ad5beb188ade7f6d9f1ce2c37cc80741973ed7cf853b6adc179fd61fe32a513e828792751ed1e9f2e1b639a7e96d949707157d28f3501b37e922843337fe361d7a2be289daa7e04a4094e520c4704f8b"}}}}}}, 0x0)
set_mempolicy(0x3, &(0x7f00000000c0)=0x7, 0xa)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binfmt_format(0xffffff9c, &(0x7f0000000080)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfffffd9d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioperm(0x7, 0x449, 0x7ff)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000000)=[0x0], 0x1}, 0x58)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000002000000950000000027d508"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc4c85513, &(0x7f0000000b00)={{0x2, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x400000, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xc6c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x81, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8838, 0x0, 0x0, 0x4, 0x0, 0x2, 0x0, 0x3, 0x800000000000000, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3, 0x0, 0x0, 0x6, 0x0, 0x5, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]})
writev(0xffffffffffffffff, 0x0, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open_tree(r1, &(0x7f0000000240)='./file0\x00', 0x900)
sendfile(r0, r1, 0x0, 0x1000004)

11m57.434408349s ago: executing program 0 (id=2291):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x54)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff}, 0x0)
r3 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x0, 0xf0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
splice(r2, 0x0, r3, 0x0, 0x10000000000016, 0x0)
r5 = open(&(0x7f0000000300)='./bus\x00', 0x14103e, 0x18a)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x143042, 0x83)
ftruncate(r6, 0x3000000)
sendfile(r5, r6, 0x0, 0x80000001)
setsockopt$SO_J1939_PROMISC(r0, 0x6b, 0x2, &(0x7f0000000000)=0x1, 0x4)

11m56.283627931s ago: executing program 0 (id=2296):
r0 = socket$inet6(0xa, 0x3, 0x53)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
io_setup(0x4, &(0x7f0000000000))
shutdown(r1, 0x1)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
r3 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_INIT(r3, 0x29, 0xc8, &(0x7f0000000340), 0x4)
sendmsg(r2, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x4040804)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00', 0x1000000}, 0x1c)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r4=>0x0})
setsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000100)={@private2, r4}, 0x14)
listen(r0, 0x8957)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r6 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r6, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000002c0)={'wlan1\x00', <r9=>0x0})
r10 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r10, 0x1, 0x22, &(0x7f0000000240), 0x4)
sendmsg$NL80211_CMD_DISCONNECT(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYRESDEC=r8, @ANYRES16=r1, @ANYBLOB="05002bbd7000fcdbdf253000000008000300ddedfcddd81725e517b06b3928f454b51872e9057738605695c66f401ec69042d4dea9ae48410b3bfd6ada82a152a8b7ee71597dce94c4c15279d802329028044b8fdcb962e035dc90af440d0c62dba2d3b6510c0adc726a9408b9e6f38bbc79f467367937afc43ffae6c76d9fc893ac04f55d748e094cbc1adf84f5ac2744e13d820bd65e88dab53e0d8f7b9638661789873daee55b98ea125e78ffff462cb5a268e2b0d8fdf1cff74b9935f52cca2e1f12f9aed4b373b21df60b712c749568768423a7fc2a659946299e0d29621f952a8dc80b38ebdd63a46142ec5b41a765207fbc26f08c8d", @ANYRES32=r9, @ANYRESDEC=r5], 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
r11 = accept4(r6, 0x0, 0x0, 0x180800)
syz_genetlink_get_family_id$SEG6(&(0x7f00000000c0), r11)
syz_open_dev$sg(&(0x7f0000000140), 0x5, 0x180880)
r12 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r12, 0x4040aea0, &(0x7f0000000180)=@x86={0x48, 0xf3, 0x2, 0x0, 0x0, 0x86, 0x8, 0x0, 0xf5, 0x1, 0x1, 0x8, 0x0, 0x9, 0x5, 0x4, 0x1, 0xfa, 0x5, '\x00', 0x3, 0x7000000000})
sendmmsg(r6, &(0x7f00000002c0), 0x400000000000114, 0x0)

11m56.119973163s ago: executing program 0 (id=2299):
r0 = socket$netlink(0x10, 0x3, 0x4)
syz_open_dev$MSR(0x0, 0x5, 0x0)
socket(0x1e, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x9, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000140), 0xb, 0x103205)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r2, 0xc0305602, &(0x7f0000000000)={0x0, 0x8})
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
r3 = syz_open_procfs(0x0, 0x0)
pread64(r3, 0x0, 0x0, 0x4000000000000f3)
read$usbmon(r3, &(0x7f0000000480)=""/4096, 0x1000)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r4 = syz_open_dev$sndmidi(&(0x7f0000000180), 0x2, 0x141101)
r5 = dup(r4)
syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0xf2cf, 0x10100, 0x0, 0x0, 0x0, r5}, &(0x7f00000000c0)=<r6=>0x0, &(0x7f0000000340)=<r7=>0x0)
syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd, 0x0, 0x0, 0x0, {}, 0x1})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/syz1\x00', 0x200002, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
write(r0, &(0x7f00000000c0)="29000000140005b7ff000000040860eb0101b6ff02", 0x15)

11m55.821161851s ago: executing program 0 (id=2300):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
connect$bt_rfcomm(r0, &(0x7f00000001c0)={0x1f, @none, 0x1}, 0xa)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r2 = dup(r1)
bind$bt_l2cap(r2, &(0x7f0000000080), 0xe)
listen(r1, 0x9)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r4, 0x4b66, &(0x7f0000000280)={0x300, 0x0})
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)

11m54.951518043s ago: executing program 0 (id=2302):
r0 = syz_open_dev$amidi(&(0x7f0000000000), 0x2, 0x1)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045730, &(0x7f0000002780))

11m54.747907415s ago: executing program 0 (id=2303):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r1 = socket(0x1e, 0x4, 0x0)
iopl(0x3)
connect$tipc(r1, &(0x7f0000000040)=@id, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(r1, &(0x7f0000004400), 0x400000000000203, 0x101d0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_VENDOR(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01070000000000000000670000000800010048000000080003", @ANYRES32=r6, @ANYBLOB="0800c300008000000800c400000000009462616c2e23441bed4a79e5aa1fe96c503f2a57bc18ae3b9584920211e78825d82638cc191bbbd8f5a4028df8a036b7977d26cbfeed76446f026dee034db0ec10f26044a9300c1ee369092d64d1205a1be2a4e0363e2ea0da5baa625fdf6f383bbd59aad92615bcdb40e72dae2113527904dbb3ff920fdcc5e15af74975181675a4f2e44a9d025777263c1698014f13652a8ab9223460c1abe5675f032d17d3420e965953fdcf51a01acd3a0511525ab3d22f990e1c5fc8dfa5b061f4a1bf4ded54fe05c302040dbbbe752ce998687e34b165d7"], 0x34}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)

11m54.641154583s ago: executing program 34 (id=2303):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r1 = socket(0x1e, 0x4, 0x0)
iopl(0x3)
connect$tipc(r1, &(0x7f0000000040)=@id, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(r1, &(0x7f0000004400), 0x400000000000203, 0x101d0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_VENDOR(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01070000000000000000670000000800010048000000080003", @ANYRES32=r6, @ANYBLOB="0800c300008000000800c400000000009462616c2e23441bed4a79e5aa1fe96c503f2a57bc18ae3b9584920211e78825d82638cc191bbbd8f5a4028df8a036b7977d26cbfeed76446f026dee034db0ec10f26044a9300c1ee369092d64d1205a1be2a4e0363e2ea0da5baa625fdf6f383bbd59aad92615bcdb40e72dae2113527904dbb3ff920fdcc5e15af74975181675a4f2e44a9d025777263c1698014f13652a8ab9223460c1abe5675f032d17d3420e965953fdcf51a01acd3a0511525ab3d22f990e1c5fc8dfa5b061f4a1bf4ded54fe05c302040dbbbe752ce998687e34b165d7"], 0x34}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)

9.145301122s ago: executing program 5 (id=6138):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000140)={0x53, 0xfffffffffffffffe, 0x106, 0x1, @buffer={0x0, 0x0, 0x0}, &(0x7f00000001c0)="851666ce20db96ab0c7d83e114e73a1762249711e34f4ce12c6aa714067726f58b7c42feb7e6d77bd3b97644edd8e3a3b71fcd006b6237766e151f344afb2306455034ea7a31b1a48724e372a5a8a9ca040f5831f2eb11842a4b8ec9064fa439440f374355d9af754314ce445ac9bea7fac19c3ac58a131895c378ec497ffdf9a82032d9f2225397b92d2e2193de6fe2f6b6c0bd0f80de3dc72890b6900c5b86752639bf37ab325c16dc2f3d4d01b4c3b71ebbfd6fc9b316f76a07144538506a68ae00df22f2fa9cbb0c9da73c1dcf3eb2eb4fe3534fcee01e9ca0c66f27b8e05e7545cbc3511b3d086f51d58f9acdb7e141743d3c60f75451bcd5c081a8db84ff509a2f874d", 0x0, 0x10, 0x5bb727690d5e0ff6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb})

9.108657669s ago: executing program 3 (id=6139):
rename(0x0, &(0x7f0000000240)='./file0\x00')
mprotect(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x1000004)
semtimedop(0x0, &(0x7f0000000180)=[{0x3, 0x1}], 0x1f4, &(0x7f0000000240)={0x0, 0x989680})
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
mmap$KVM_VCPU(&(0x7f0000ffc000/0x1000)=nil, r2, 0x1, 0x50, r0, 0x0)
mmap$KVM_VCPU(&(0x7f0000001000/0x4000)=nil, r2, 0x0, 0x80010, 0xffffffffffffffff, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000140)={0x53, 0xfffffffffffffffe, 0x106, 0x1, @buffer={0x0, 0xf5ff, 0x0}, &(0x7f00000001c0)="851666ce20db96ab0c7d83e114e73a1762249711e34f4ce12c6aa714067726f58b7c42feb7e6d77bd3b97644edd8e3a3b71fcd006b6237766e151f344afb2306455034ea7a31b1a48724e372a5a8a9ca040f5831f2eb11842a4b8ec9064fa439440f374355d9af754314ce445ac9bea7fac19c3ac58a131895c378ec497ffdf9a82032d9f2225397b92d2e2193de6fe2f6b6c0bd0f80de3dc72890b6900c5b86752639bf37ab325c16dc2f3d4d01b4c3b71ebbfd6fc9b316f76a07144538506a68ae00df22f2fa9cbb0c9da73c1dcf3eb2eb4fe3534fcee01e9ca0c66f27b8e05e7545cbc3511b3d086f51d58f9acdb7e141743d3c60f75451bcd5c081a8db84ff509a2f874d", 0x0, 0x10, 0x5bb727690d5e0ff6, 0x0, 0x0})
mmap$snddsp(&(0x7f0000003000/0x3000)=nil, 0x3000, 0x1000004, 0x10, r1, 0x3000)
r4 = syz_usb_connect$cdc_ecm(0x0, 0x71, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x1, 0x1, 0x7f, 0x20, 0x2, [{{0x9, 0x4, 0x0, 0x80, 0x2, 0x2, 0x6, 0x0, 0x2, {{0x7, 0x24, 0x6, 0x0, 0x0, "da0f"}, {0x5}, {0xd, 0x24, 0xf, 0x1, 0x6, 0x2, 0xe4, 0x4e}, [@call_mgmt={0x5, 0x24, 0x1, 0x3, 0x9}, @mbim_extended={0x8, 0x24, 0x1c, 0x6, 0x2}, @acm={0x4, 0x24, 0x2, 0x4}, @mbim_extended={0x8, 0x24, 0x1c, 0x0, 0xff, 0x6}]}, {[{{0x9, 0x5, 0x81, 0x3, 0x200, 0xfa, 0x9}}], {{0x9, 0x5, 0x82, 0x2, 0x200, 0x5, 0xb4, 0xf2}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x4, 0x94, 0x81}}}}}]}}]}}, &(0x7f0000000480)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x300, 0x6, 0x4, 0xa, 0x10, 0x6}, 0x11a, &(0x7f0000000300)={0x5, 0xf, 0x11a, 0x4, [@ss_cap={0xa, 0x10, 0x3, 0x0, 0x6, 0xfd, 0x1, 0x7ff}, @ext_cap={0x7, 0x10, 0x2, 0x0, 0x4, 0xc, 0x5}, @ptm_cap={0x3}, @generic={0x101, 0x10, 0x2, "13fda7e79552fd1280634d7ff0d0586df4b6b8defeb3aa0c6b746cf3fbda116b2e7a0a59aa2f9fac03034f7cb7b0911e9fa0bff22d4feefbc7ff5b6c73aff788f142815355c126ab0c1ea4fb3909bdebfeace81d6a6f906358d9859270d9965b04180c6b61e0c4db6a91f9bee297cc698dfc12170fdc92e57890ca962bda29e8ce5520475ec7c0292ae8528473ae55f73353cb030805428135d73ed5951e164267cd5ad368f8a56ed1b8c468df5ba14511f4da277e71fc397cf474fbdabcc61a41e723a1482ab5b26e11ad37917385b292cdd7a81ff2afd7432bec4ed364d125c78635a227fb80c38f14e713640e3d5702d8e5040641440c1a38c202138b"}]}, 0x1, [{0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x444}}]})
syz_usb_control_io$cdc_ecm(r4, &(0x7f00000005c0)={0x14, &(0x7f00000004c0)={0x60, 0x8, 0x92, {0x92, 0xe, "d4f99c8aec00d20e57ea7acca5239ce0a2f10a42a6e91e3824e73e85874936db1240d28d866fc895e4c6bf44a27f87559f09db4508a2f99f6413521f44d6991cee104391691587f71bd0c79fe5e09a77de823f129b9c1a273528beedf88fc8195d92c65e36367e9deb3a9174e805db4676f86f20411c221712f4f8038b299050f8e5e86a81c7aaf4ed840fd9f7607281"}}, &(0x7f0000000580)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f00000006c0)={0x1c, &(0x7f0000000600)={0x0, 0xa, 0x26, "264bdc06559da71fe79478b3c9343bdc1062a747ecc88dd2cbb003760eb7ff6829c16ae97d8c"}, &(0x7f0000000640)={0x0, 0xa, 0x1}, &(0x7f0000000680)={0x0, 0x8, 0x1, 0x6}})

8.989199665s ago: executing program 5 (id=6142):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
write$UHID_INPUT(r3, &(0x7f0000000540)={0x8, {"1a17924ab218eacb15a3fccf929e2dd2497903c1f853d95b995c65e99449ff953fa11c7723b2149ecdaa7f833f60e13b19a66e963f7e8da4297ebbfdda5b36fb4d01bd02e6c652dc4d99e2cb82c2a1d4a45e4c89ba9994e82f854bbc34a40b3a58aa256c9b4512fbf91b9846446c4909e4ec53982e7d7fd11ee0bdeab0bb4c469c9665dde8cb58f0ca148223b6cc4e2f306cfbeccedec8db5212f2fc4e14f836c68bdace4db1afbde9d463e5ac24567925b5fdf0e3af1a52dbd7669fe9227302c8f635bc2ddbf5bd7dccd7b92a9bd5c7363375a57851c2bc72509f2005f138f5a59cf85e9ddb1c972c89d50806e8941b7059cd3eca77527a7f20af70841b4d6f026614bdbb276a6814cc74d91856b968c5fdb52674d892a90d01ab91841b6811def78bdac9bc6f9df2598569fbdfef75079832b2750801dc83fd1987713c61136ac9e5f2f7e67f302109bb9a7fea75290b506a89a19d7e0e472937a8c9ecfe16ef6eb88c7a88a060756196d55d6a3d3f7cdf9915d22b6b3af69ec55017b821ec0621e8a59414efc2b46977a85846b53ae75a350947afcafbdef7233cc371bc2a6f29c0315b352ac2741c81df534303ddb30a4408db5679d05d245259c245c9d7f861711cc287cfd0462b948512623b921060386c587fd166df29e71ecfc8ed90031e95b2af1406b5ae73f6084e39e88194e3d37dc801982656b5b66342d74100f9f5b8c94c1e91b626bbf426a07b4be91dbdb76a6e40d0b788f89359e462e69bc4499fd4f9aa1e7f0c3f73a996b6ecef606c7651286e1f18a6823eed7191cd542057eaaf09aa32e8ce370c09050278b85fd359b8ca23e66e9d294ec57b3ddd90409d9b1ca28c6993b244f8ca46f6bf478ff22fb1df53e33abdda4b2b1e5cff7de19957bdc8e7ca39e4762204b1f9f33b9375b7282422b91841706751038e42023ba45c1cd0998c1794c1c2a5ff65466189bbb27bcbf01e5a48bfd8b6845f7d5c87d977df4ded5273ebf56b96c50b4eadc44bfaa0994259eeb1031644415fa9d729753d2138b06f9b7b624d9eeb1ef71dfdff0b639078f058c7a070451c4670af0c6eb1202f77be82faba9b6287995066b5f7e59b7967706d8d8c5bde48137e13df537ae54664fe4e8460b1bdf5b92a1dcf39ee1726bc6690d0ac5f799bcfab918c59cb132c45054ba17b8a44d505ad3eaeee95b4275b25b2087da8902552727a1e739014df348cfa3a1102661c35a6a38df6c410f5343577955dd57de5af089e3f1bcdf96d4ef1d5944243470b0ed10616144cccc5cac44e36fefd9441120c5d047867af0ea353da21fc0ae73b78b84d53a62efeb94ea8d441cc698c92fd7b36cf41472d036c5093bbdf943620c29ffa3b21ef4a0bb9274912b046834ee6f855ceadf18fb488040d5829ab6e8bf69a90315f7f84d002ac4e929e9f1010a8486746bd316799ba3a65744980c388202324ba50768c77a8481ba74d135da7507048c82714a8234837b69922126e4084a68f7418bfd26417cade786c7f8185e2492e3b64eb9d2c2c721504c7b4aeb383503f745fd69315c56b5b0158decd1b1606a63366b7e2d2b9124b6efca4480c703c8f37d6ddff55b0ec15f2ce6be6c902d06aec2ccabeba13b442b608076c33d19e690ab66cf6678d679758d22fb5d8d963f25d00c45576f8b2938543080297b9cb6c305e3131d2f412f00370c285251909f8ebefc3d18a23e25a183997b08251450b29fff32781e6a70e6e070ab3921f3f809392deb732d6f30cc034b5f77d41218bca86d515b16da0457dbf7aaefdcef9d5358e7b4f1e5d1a410f55449e765609d122f938fd57b71482244dff0523067cabfd322fc47aca1c331112e3d969f5fe3594c3c7adea7c36e9b9af6754cdea5ccf05b139f783d4b24540c50a6a9f7dff472d47c87c151d8439b5740cd1f423335dae2680050bd44766159cba66666b7dbc9e190130494327a0d8c9dbed5c8b831ce2b2bb236353ff7175a48b61a0f3209fa3db44f07a21a485ef1682a33cdf632ac2d6ca993b6cd90913e31704bb851711e1f2b5ebb19baaba102dd42d550933e9dfc17311665fef4d0206d7debbcbbd97efafffb905bf9a77b8eeb67d5f8bef8526f6f8607672bb3c50b14e16c264265594e05fa481f724290abdc9f60a899f26033236e3b90548c24288a7b627b51c4d7c638c359ec6325b0d79e1d69cf18cd9136a263b6aa84ad062b9831fc7c201b7ccec7d3b7ea2132ee4579632bf614bcde285527c36ef8a8e12651ef34a677a8d2f84360afa2f2245e4e0d61a12e8e446045fae61375082f983363795f11848edad24b3f7ae53f0eeb329fa62b6d7b446e3b2c1257981f9c0c3ea371c71021af834a285203b2e3177ddf5251044ea215c048f78701dec36a94ca3c435278d1fd889996adf5ea7c8db62f2b1331bc22c4b7798d587a5c4e619b7b576e19d92996bc0bdc0c8c15374e11b6eeda0e18b35aac4b96db9cdba025080bf5bea4ffdf4fa3c93ec5feede0a140f7f6727ef255783565935d59d348aaa6d12c060afd5f6d084346309d8cbf54b33050ecccf30ae083c4034165880214a94a5296427e2fcb6d90692a82212b6b8d86c6d163f0643944aaba4af1171aed463994f1374e1ec1654b89b04e9d635074e8d131bc2443daf1caad455671470329a287f4c711cb907403d5c05184cd3a647823b5b9c6dc4451fdde92dc1cb87010197026458b40d4809ab60aca1af6bb3702a3e0506cdd21faa6d9909f4ed74723de75fc48d44314fa3cc0c8e8ea226ec1d5875b9595aeacdff0a9f75b4a60dde781c58179f997ecb6479c91ecacc65bfe293a2d26c21ae7c1d7be1241cc1c4ea86a6cf8d93012bd98508aae8db723ff167026298cab227b7d0062c27ccc8e81df7268423ad063638760b44e77147ee9bd84140166ae2bfd592f845ca68c719f7520ae3c9988cc89db73bf93ad6f2f7d9394b2288f0176723acd167081ade4e066a26832f7b655cd874aa5026a7369bb9912c90599d1407f0488a9c540a31997890f5433bd1df91ba13a9e0721c9a707eac7cff1c3efef6cd716779c7ad631c3560caa2031d9d2591329c1867d0d5f96b5897cac2c6a381f0ce5c27969c2b3e7d188e1e896d815b01a3e177933817325953140272ad718a36ae522d43de109ba92255ee66d2a14897f2b2014dc9a495c108727e0eef54df617e269e43a0c48d28a91aaf14d58719e21ea39c1c534e39a1dfabb61377b55d2f69fe79c7d5111b8b952c388925ea8ab1503ae68bce95a34a10a85aa0e5da52add14b93eaac5861a6504e23dda8034e809253c1071ddda934663faac454cd378c5725f5c6f4d943779994357185e512a4b6993156e624f25d86d24e7254d3e9b231aa80ed5a32e108cb528d402f93e58c25ac937420ff7dcd7d9ec2126c7fe7cefa47c038f23de40523d5e026fe3bb4cfd3040f9bd9631cf5a2cde1e20a6032703cd64c2ad97ea95d05a7aa3ea3b3b9d5a86961116dd1338c0a2caae0ceab3178ac7736dfa8a949cd81d261748e6678cb730b57468fb2b7e22c5eb08ad496e76775dce0c31950a596580ad7d6c3fd9ce90dded340f20b77fe53e81fb6e2a7a6c450b8ac9009c7c077893f704457a90401fb758c0769fbfd38e40ae692e410b889bbf0b09a32dc731b6768c0fa3963a5b6279b6a5db611174339f3218fff567f6cfb7377ddc8e2c730da35cc3ec680a6bc95010dd03834caab7afb2c0023ad9ce3aae3c0fd1ece42ea840bf5fc798a0b5fbe7692f13549cdba4a0b68f722ef6877856a76fc3c39f7cfd760675a9f341d9f09f381972be9171e50455ed13e665e61a03b0c2a79276a871c25fc5c486639a71a8dfdf36174373b8995014752aba3026045be6b43074ac3824d687bbf5f6544228cea52791828f54980ee9f728534ea32edd205aaace717adcf61ce28f92719048d44b09812bcfd2d22cc9d7a45ed6b4634756f6b3189908c71728c373ea94aa5c74ce4a73c20138b8cb21db6e2dfb35329b86b1805a5208dd370b8342ca8aa3cbd3e7a3ec79d7b8ee677b04e19c524ddc6de0b22443ac15de908f61719399d0f9890ca2b0283a7db914944f424af10ba0ec9e3e253c060d7b28552eaae5eed1e906f8f93c2195293deabdad6cb38ddab51603e4a96ef1e086de911fb716ffbca467294d9e66e5d0f8225bc28d6c074c4ffba76706f61b0b386b7e4b6500a15fad291f34f6c84f1596a97512f31196a529a7a5725437c038e17d531da3838c8aef3bade6bc1d4c7624560d4fba72e5f8be2c5dc905e1e4bcb2aa7eddb275408ef4288ac69c7a18ae58fb26c2f5a6964f051b81d2e426fc2a5d8617050341b96d5a746e3419fbe94bd3752403868b655c2dba6f48ef109a2e6ec0041842fae52bfab70481ecfe8d27f3d5e444f1b941d871c8057cbe35df68665bc3aadea02d203b106d1179a428daa7d9fea9dbddd8955bb289a92ec790de74cd6a1edf925ab85471633dedf8ba46abe456963a2381addce2aa16c06dd80bb54d8e53d7c82607916af175061da29122afde8687add6b6f42233b76a1164893dcc1ec3dcf935576d2d0f3ab3b1adbace086da915234b4f9bad0afc2915608fc4f6611dc3b91d7e0e48cb0a0f3fdc70ef70ef82043afbd3325f0f6186390ab28ca9f0009184637530d79f0c5a77c6e912afbe6533988f543fc6c02d3d44fbdb0e2ebfad2680184f1ed451991667df958a71fb41cf4367bdb931389ea8b6340e225b312a09dadd8e2ac2d200db6e75323d48c73c6b819e13f92b01bf405e796a2e10b863e773598abcbcc196987e18b19530337809b56480778207103a12acfff1c0ad62846088251a1a0d0d6b300059a99698c84ccac78d53eb32e3984001978db7679960b4d75d71b49696909826c66320526fe02a060265821d15b8b2337121a201402a118ec03ff0d4f3dfa48f2dadd20b510ecdf4e6440b5b2466b9bf28e32327189f0405245694a6371dbe4eae7a8293cdc15193c284123d64690120634f808096a8f3f7a04a5bac9dd86c09f2e4e87c7d7c98d0b370e84ea5f265730f5480eb1375d4f82c7d4efbb6e58c5a92848331b2becd2531f6c456b5d0e690b102dd8faec55bde56f95727f4abf52c58543faaeb9cefd39bba788bd7e2b02b27ecbc1679a1ac00823c83e1ae29690cd25544d3ae0a8db25e963e9fb5bd94987637ac3546b9b312bf04d5c6211c135e806525d423fde9ccb5ef7962ec1e056e6f29adaeebb331f6c234586d1fe21577f56d620c6942a29d4915772144cc60008d1236db21100d5a3112c29396b9e18cdb5b104bed2df2b6ea72c9aa03bb6082f3eb07f0eae359864967a749492d21005b0d39c9613c20b1e21700ab66a4f5ca03ec08d67b95f759252d758743820ba243032e1708447fbaebc27e1316af4cf547cef3ac4966a1f04dd07012f257a0204107c23a0046b12493d9784b24dc561c1f88e591056bcc3b338ab1de65e5ad578021f26f93e9b12f00b5f8c8ae2db6b7b8f254303c7ff06514735974e65fb9a93dc79b115a12310040490ca11ef315340af104e20a2e22dcd132f7d7a61d9d3a12e832ee048a2170dbe03d747ed7402180eb964fde0ecb77e778b18a4e5a83479bb7e0ea0a7d5145ffed4607bd7e6b8f961625d5e3dcac2d4a05e71dc9c2e52195bd55aed4e6749dc1c329e2cda966d18e9bf882c05db627c1047fc71533bbba2c8a83d04db5bad6da349a9ad1992eb88e0274d32a16137e2396ad973c0ecbbc2d243e68b6959bf9b", 0x1000}}, 0x1006) (fail_nth: 8)

8.967153689s ago: executing program 5 (id=6143):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000340)=[{{&(0x7f0000000000)={0xa, 0x4e22, 0x3, @private1={0xfc, 0x1, '\x00', 0x8}}, 0x1c, &(0x7f0000000300)=[{&(0x7f00000005c0)="18", 0x1}], 0x1}}, {{&(0x7f0000000140)={0xa, 0x4e23, 0xc, @remote, 0x9}, 0x1c, 0x0}}], 0x2, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket(0x2, 0x2, 0x1)
bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e)

8.685051683s ago: executing program 5 (id=6146):
r0 = memfd_create(&(0x7f00000002c0)='\x103q}2\x9a\xce\xaf\x03\x86\xe7\xc0\x14\x8f^\xd5\xfd\xa1\r\xac7A\x94\xeb\xcd\t\x00\x90k\xd6\x05\r\x84\x87\x1c\b\x8c`\xea\x13A\x90m\xb6&\xd0\x9daA\xc5\xb8_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2_\xdb\xc0\x8b\x19\x17\xb7Rvd\xcb:\b\xeeC0\xa3\xa6\xcf\x00\x00\xac\xc5h&+\t\x98\'\xfd|\x11\x99\xa2*6{\xd2C>2\x0e\"\xbc\xda\xee\xb0\xd8\xbf\xaf)\xf58c\x189K\x82\xd1(\xceY*\xcb\x9b\xbdn\x8e\x88m\x10L\xec\xfdWF\x7fj\x19\xb8<\xd2\x9d\xf0\xe9Qy\xe32\xed\x16f\xfe&\x1a\xdb\xeb\xad\xaaE\b\xa9\xf8\xa9s\xc4d\xd4\x03\xf1\xb7xO\x99\x804m[Ai\x13\x02\xf0\x84c2s\xd5P\t`\x9b\x12&\x8cx\x8eg\x9d\xe6g', 0x3)
ftruncate(r0, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0x1000000, 0x1010, r0, 0x7fac0000)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00004bd000/0x3000)=nil, 0x3000}})
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r2, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x46, 0x0, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x100000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
brk(0x400000001000)
sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, 0x0, 0x810)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000140)={0x53, 0xfffffffffffffffe, 0x106, 0x1, @buffer={0x0, 0x0, 0x0}, &(0x7f00000001c0)="851666ce20db96ab0c7d83e114e73a1762249711e34f4ce12c6aa714067726f58b7c42feb7e6d77bd3b97644edd8e3a3b71fcd006b6237766e151f344afb2306455034ea7a31b1a48724e372a5a8a9ca040f5831f2eb11842a4b8ec9064fa439440f374355d9af754314ce445ac9bea7fac19c3ac58a131895c378ec497ffdf9a82032d9f2225397b92d2e2193de6fe2f6b6c0bd0f80de3dc72890b6900c5b86752639bf37ab325c16dc2f3d4d01b4c3b71ebbfd6fc9b316f76a07144538506a68ae00df22f2fa9cbb0c9da73c1dcf3eb2eb4fe3534fcee01e9ca0c66f27b8e05e7545cbc3511b3d086f51d58f9acdb7e141743d3c60f75451bcd5c081a8db84ff509a2f874d", 0x0, 0x10, 0x5bb727690d5e0ff6, 0x0, 0x0})

6.709172229s ago: executing program 3 (id=6158):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412b", 0xf}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6125e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45", 0xc8}], 0x3, &(0x7f00000004c0)=[@iv={0x78, 0x117, 0x2, 0x5f, "c35527dce5614c9ba9dcfaca27fb3fd30fa865dd4c241c1cea5a7e497b4fd7c91d1094980747eab7ec47dcd32c1d5888431d7e7c2ba26e24698cc6eb4d98e9e2c3e38089c241157cfc7793f33f3237300f340b7becb437d91d86e95c1cd69a"}], 0x78}], 0x1, 0x20008054)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000029c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r4, @ANYBLOB="08009e00", @ANYRESDEC, @ANYBLOB="10b11a6a1e974590bec63c75f137d7ab4b6df7561154cba0af013466d8bf0e23d054a456bdc818535d8c953082dbf489c62db30c7d18a49b82075ab5402927fb9139905bb36e77be10f3de495722a6f88a36078bbcafe8b36111dd9ac0fccbbe8c49ac8a848f70869450a0a4eceeccaa7f8039957f468455379caeec009a39804de540eaf80cd0156e3ec1d68c1b0048cd864ad7b9f35f1a7146c54585f81d45436a3c7102041cd23aaa1b9d84f88d284b0793be4963aa2e3ca975798974b225908396dea5504fb3f8fbe66f80c10b8c5aa0220395d333e7f04ec50b884badcce569b2f56bd64110c67edd5c81a3d4e80d9cf30936b185621b53a70af97ff6b9bb3154337051485e39d61dc7ada6a839e06387a3bcfcbe7eaf2705cb051bec3570f5a450e7f4d24fccf5ad13ae08bb3d9536867656761a036247f2f0a35d47bb78456652594166950d230795fa4b3f3deaef58ee4f2b8810317cc6db2d3abae5f65501a50d1b22fbd499bd9a981091acdbe453475e26ecab907795f8d9bc6dd5c532cb3f5cdf09da7c148110399c43167a180d3c29cb1b787b4c8ae6f2a8055ac717019aae831170ae0a4e0c303de46521169659c98a483a50b7d6be0ba86219ee36552ba82c268eafc66cb78e05702ab983c3c815d55f84bf73e89ba759de9276b6bdf89eac3d3161c051681bce6ff019ea2599de457aaf7bf8334e08f5c042905d879c224f144532c8711fb5e111759db7e756d9e74935169cab6394bf8553034e420935f63fa98a29f2a6abf05dc5d558776217c94309d24b2fa7d5a7c168a6121779bc4a21b33d358c12bef7d2677cdd11887b5106f97326133c2537514fef045a768694bc46d66ef1b71204e60553edac12f9d8bbd1fc0800955aa6336101803b1110777a4a3825a818d3cd463303793f4958017a8be2d7cac1396197d4500a73c0aaa08a2b6c5995e10899a08f91cfa2be49973673818ba40e08fbfb71afcea01be83911dc8af05cc3acd753e29a27ccd5722d815e2a5db36d51c786be0ff96ebcd4e6ebcec2804975b6a7a2ab18c08d76ebfec6af782605d7603914b35a555c279dfa17b55a9795b847961d0b4a231cd000cd7e51eea842fa936706a2f933958da6299a4131fc0b2b249f4cdff32552d7dd68dd2ff850357bf258bd432e874ee23858d90a87afa8b14aaa90cf059a1b4e2a42ad3c06e4408692b5b18d99d01081d9c3af40cf90eec0e2ce7131b276a8177344126b6edb3af7d3ff3a56fbf73e9307cb2788c7a91caf9e15e4c99888f691872a7adc912a164b751a89be7869cb998bbf9687afe96dc40d789f81c4a8f8c2ec33b1bca83234c21cc37e96e59274afd96c920b0d3e263c1f99a8d7550216ff42d5e5a15420e9357f1aad1915656728b47c07fe72ab6dec0995de00d61d369788f05f661a4c673c1dbb0169c2195a3cfafd6e75b9c6323614459f35caf1ae25b2e635686d3056a161aab00b42a04ec4fc275b2d185b5fd0000491bf26bcfcaa6306ae5ab41998b2850331c296b11ef1841b9a3eef49b8504a6248d62e54202c28b3085502bbfeb1a60bec202c8c373d9e3e88df057703f567a32a4f448027ea6822f8c6dc7bf3828068217580f580de0db2ee9d956181e5e830c40faf735a565c4ad5fad4f751f1575f7d8bdbaf01b3dca9ddb8121d3dd5434782059b89f146ea92b80aaec32593fb5ec88e861f1f7e56a87a872b9aea47c702c9d28492a56d87953e8f140dd480e352fba95791142677bc1f1ec7fd38bc03c54db09354aebf2a2f08e9d63c6da74da06a2e0b4adde038121ccbbfaf2e70d5be4b933965d8a4d33070f0015dd43b3210b64e046b0c965fc3c3bf59c9f30379b58c4a330e75c1f27e85858bcbc8b19886c2a1b99479d1914ed571dafe8f4e5a27ae498223280aef4aca1265f521198a5e15a32b8a7cbe273f6962ed98744547c3173744495d370b1d9077884772975d6e462482d90ece1403642ac3e8a71822cc47159ad3cd5e46ebe1e6eecadd743ea574f297fd5692ae36555daa7ca89c9be72f8325f6fe2bf689e5e49d52a3cf8af5d51cd6ab0bcb099ad2889a9c8308616c907b052f3693c36914e9636592be460259c5c9c325ac39af1e063830bd7296c81c93324e239b50f299b148dd49add78c84c61a5eed397ec0b7b7d343007a20ec222ed6040dca14e9cfc5fef4724b3454553125ae14b210663c7d2f279af4d4dae80c511a6a4e6c446518df42fe731d27cea1b09a372a3df97df831f9b7d146768799bfef2c01c1f0b5f0be423aac0a5b917163dd6022075ebf83d8982b365e2994df94daaf2ea45ca7d693433ad5f0f7cf59d7930e5a5f674ba8d2e717739bef2e6ce07f8471d5c25d18445b9b2c1b548edec6b9c45179e02ad130a71b28d6877ba246b7297e46b78c5718a82e4fa788085c105c349d6a7e69ea5ca1480b73b444199cfd9673ee0260af038e1f047183e11170860d4445b107a94ae54a7aee0a110838241982f70ea9f2fd8a2114d21453f7433302ff442eaaacce86b28cf55a9220500ca5d8cb36ca657af9d6fcd9e87ba94ef68364728e70fa5fe93c3a4efe26d9c3cb1b9c474ef5508a03a87d47d084409d6541e10b8b622c1518fe01396bd862f55e5a625a45e353359fa00471b0a492e39dd06414debc75a0edb2106b56efcad73c813353774fc0e1add35d471478994ba1710ef2681c009f8747b38a7c4202684c5400d8e5ecd6739a99b0fa5d91e8015a5015c0aa333817d3aaf554ca9e1101efc3b49b44f28fc752c0a586eb2aa72cc27651bdaf1a79f08cee7512bebf4ca56d9440bafaf5f132cf38a57ab9d8c7f3abccaa76522c2497aba742d0b9987ce53de4542f2798f5742759881f63fda9058eb6c8b94c6b536fa626bdfc019778ee425ef8892a1348fe72553d82ca7669cb5bd7af729ebf6502fe0238696a6380d9858946cd8777d45ff2a7823ca7c3f09de978554c65542e8048763e466363b68fc10192d3a43cab0a5fc5d58ebd31f2c0e398d82311fdb7973519c1f194df7b96f067e44de4a3ba6a1238e664c0881578ebee92998ff47ee87ba1a8382f20c9b4b6efdd535780fc429efb64db591df29da07791fa55dd1ecf2b6bdf2681f650d72d5b1206769af27a517fb451e53c02ef6211ca135bc7cb27f2881ecf1bcbbf81dcf11aae6486adbd2a62de6de11896dfb4c7f3a705a3c7d94942d395a826b946771da16dd46b707f33d8c2965f975f36aa8e5e345af9c89c904f2f109b0543602f0cfd7f45a484fc9df5ce46045da8d523dfc977f2156fe9477ec8f1c6e4136662cfc6b2d34dc2f4220273bb4b7cd407e6c9cff8d431c2b9aa6d968c4eb0fc14b76c6f64f55852b8a25d4953995ba7e991c146c07e500b31bdebbb3020dd81fe66bb640fee7777b16e32f3a96c3d2d711954da73bede03a4a64c86e48b994ce0948835e18fdf7f8291f9e878bc6fbe2ff597fa69b6849614419f34cfb3bb1351f702d1d7dea912bd7030dd8fcb14daeda89170f0c2eb3adf2d62ea0b40af133e71966441621ca878fb50cf3347b51760f2ebe483ca65253504deec5aafe480e333b4a0d893dc176172fa3d3126902814978ddd4ca10c824329292c8c3471994ef95e2aa227e9c01a5d36d61b3b423206d781caac9abf9511ea13088c05500315696399c46ce4473e22edf882ca8dd7be330c4619def7e56e9b64d22c54c86111ec3bf9f690caa5ea12338df989f7b58bcb7f25bcd049c8f9de60594bea114ae9488a4a70d3c64f7e87fa6e86a689a9ddd6162e03ce537a76b3a69b5d0ded17b2fb602261eb923ef54c28892ea87b373658e9d49b36bd5fc7f9d03f4cdc73ff8031876b9fa5628ef5da172df200a67cf7eacf25e3d4964048d63121716f47abcb558ddf54937d554d1813c7aa935528ff2c0330f435e105241aa489ff541169cd4fcf3e3c04c7a8c43069b94578a281215ac5aff5b6b2ac42cc5121bf287768556fa99353e69387d4c3de7a11c93661fb60c372856af311b3a37b05f2e7fac40ef8f22f2f33487dbf73c980eaa59c2fb7dd5d0a9f6833bd9181f682a1a984d44edbd4791a844f7718465efb32c3b4fe0b9f4a6f53f05867363a414328ffcd58e598c8ff6b61554666efaca65da892e66dc812013c8643b097fd50eb346ab9f00cac9dc8015091489c782762e7d9e1f4fd7cca58f792ad4be962e2b5d7dea490eea2c84ecaf4897502244223d9a7845d91417748eaefb1944be195474ed082a5e2b24fdf135a4c47ae7bcadb8eaf9cb8c51f2f009e339721fb9a9ef85244df36bc8761e4bfd4b563971e031c466f13415e654a38f5c09adbe96365386d018cf379242c9c8d9ec96f1c73a9e1ecd3036511e7e09a553f2172b436aee9bbc1dc74d291c505d4a2126b0d0473af4da7fe5ab6fadd75fa94597d829e602430cf267f636c7e359e7b7f94308bbe28a932d1986bdcb9201a270693a14172eb2fa35c02f76ac9ed973db073c46c115d7e6b32d42f676275992af6663079f839acadaca850d162d66e20cd81d384f6d2b6c241772318f2b6a6f935ffe3004b53b6af3af3e03875c1e8c138975e1cf0dc3fce94305b6dc7851e14bc8254627d8d0eeaf26da51c8be81bb13f301b454f1cedd87a5f7cf8e152ad67d4c2fa541627e97bc64fb3254290eb30728c6e2423cca0ce7b158fa65bfd1a7c347c5d675e4ff9b96e9372e6d0e9de584f90b600915839137d83dd494a0f7023df12464e951b50337fceba9ec6342ed3956e8ac8fe597c11e9dba1d6c1b93ab6a73786b18d72035e11cbaa86391a79c23c1daeeb57a59cd25147da281b73ec5127c26182ac7d50209b2608156f0d07aeaeda577fbc83b466055862bbdc4f578a4f641740710344792f41cd219791a8e1a7b6daf9fae2de49dd6386addc023ea1de5e03c907987b3a979053f8920d3af6714e4542fc7d176aad46922ba8c8b141286ed1a06018dc0d277ac8246d33e7735a22720109db36a1d15f36b81dc76e5e62d62d6b318486a6c9860c19c1e3a23fb0713a21b6fe01cb70c4cb7e7d3922987c5bef51d9faab455f6ab758f425f2a3f136a1a08b37f77e16ffd4e92ebbd990ec9a714b47e029bcb860362c285d69bc6b8d8d102a23caedec44eee99e6468c5f5910929c0519e5c47a66202ba808df01a3e5589ced3e1179f7030f5be2edb149d25801424c4a729c6ca6b06c4a912b5c044350b6399515386ac0de8afc54c282063110569774491dbd7e927c0b1f16af65c688aefbfab43d4e53baa969125015f2a543a1e2bb105c940cf04e37b7dbe360ee9c2f1b0cb4cd3026c0c18ad344189128fb72d2b21746da5b05c18400661b5ecdae2fddf840ee156e12b99075ddeda8a9c6a3bb588e34a2231998f8ce83be0355b243ee847c81eec9ffed067dcd73e947286756dad3cbe50fd413f66fb5a30da78df2d19c93f75bbd87fde1339ae2646981f2e9a21e9ecbc1b60d14a6c19c008e0c16835b8a31b3459177ed6c53e7f65e2a438149f913da06a307a8a95da5163b52cf661201a71d74cbe00d5fcc16c77a6b3d8c88c50aa115601df9d862aa45326126d5dd824aca413b51635cdf2c80693cb26b4cdd022404bd41ddd98e297ab2b0f5fe6882d6c7cadaae1fb6798a17c0ef5fdf31dbc0f7e6c74c41054621e0e15ace0bafe034ca368eb78cfcca5819890963f42d16673db17dc19205be31ce1924c3be19226cccf618dab6fca55c5cc2c4ce64258b34fae7878bc42e90595b484974d1afe6546d1", @ANYRESOCT=r1, @ANYRESHEX=r5, @ANYBLOB="e7fbe57d49b2ac3edf3bfc45fabea125871f961f9979ba0a17d8de1dac1ddecf2ce7ac392561a919f7ef99c04a3fbdefb33cbfe0d59d5d5feb3450"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)

6.673058385s ago: executing program 3 (id=6159):
msgget$private(0x0, 0x101)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$usbfs(&(0x7f00000003c0), 0x16b5, 0x41)
ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000180)={0x3, 0x11, 0x102, 0x0, 0x0, 0x6, 0x0})
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000040000000030a01010000000000000000010000000900030073797a310000000014000480080002400000000008000140000000000900010073797a30000000004c000000060a010400000000000000000100000024000480200001800700010072740000140002840800014000000009080002400000000408000b40000000000900010073797a3000"], 0xd4}}, 0x0)

6.587117536s ago: executing program 3 (id=6160):
syz_open_dev$video4linux(&(0x7f0000000080), 0x2, 0x0)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000440), r2)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0100000000000000000004004000050001000000000008000700e00000020800020005000000080008"], 0x34}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r5)
io_uring_setup(0x4aec, &(0x7f0000000140)={0x0, 0x81fa, 0x80, 0x1, 0x7a})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1/file2\x00', 0x81c0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x1, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0)
landlock_create_ruleset(&(0x7f00000002c0)={0x2000, 0x2, 0x3}, 0x18, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r7}, 0x10)

5.709054794s ago: executing program 4 (id=6163):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, 0x0, &(0x7f0000000040))
r2 = socket$kcm(0x10, 0x2, 0x10)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, &(0x7f0000000000)=0x1)
prlimit64(0x0, 0xe, &(0x7f0000000680)={0x8, 0x874}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0xc0080, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000004cc0)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r4, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x10)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r4, 0x0, r6, 0x0, 0x400000, 0x0)
gettid()
timer_create(0x0, 0x0, &(0x7f0000000400))
fsetxattr$security_ima(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x0, 0x2)
close_range(r2, 0xffffffffffffffff, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'geneve0\x00'})
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[], 0x44}, 0x1, 0x2}, 0x40000)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f0000001d00)=[{{0x0, 0x0, &(0x7f0000001640)=[{&(0x7f0000001d40)=""/4078, 0xfee}, {&(0x7f0000000340)=""/141, 0x8d}, {&(0x7f0000002d40)=""/4115, 0x1013}, {&(0x7f0000000400)=""/6, 0x6}, {&(0x7f0000000440)=""/231, 0xe7}], 0x5}}], 0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x8031, 0xffffffffffffffff, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
fsopen(0x0, 0x0)

5.708618436s ago: executing program 5 (id=6164):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r0, 0x84, 0x82, &(0x7f0000000000)=""/4102, &(0x7f0000001080)=0x1006)
socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000b40)=@ethtool_dump={0x40, 0xff, 0xb}})
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100005a52cf40cd063501a4a80000000109021b0001030000000904a800012d250c020905a102", @ANYRESHEX], 0x0)
r1 = fcntl$getown(0xffffffffffffffff, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = msgget(0x1, 0x421)
msgrcv(r2, &(0x7f0000003500)={0x0, ""/4096}, 0x1008, 0x0, 0x2000)
syz_emit_ethernet(0x3b6, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x380, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0xa}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0302"}, {0x0, 0x1, "00001c050000000026000400"}, {0x3, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8675b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x19, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f003"}, {0x21, 0x7, "b8a3e100908f61640000000200fff500000000000000000000008879e66485201a0015ca83747357a02745000400"/55}, {0x0, 0x14, "5e14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e26eb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05613a12328f61129017fb632dbf04542188b196e213408c"}, {0x0, 0x5, "d5170000dce9674a36da018dff16e70b8b14c4b7a94fe18e88605aa6be1a02a326a6bce65f81ed"}]}}}}}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="160000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000000000000000000061a4ec0451df2ac82ef243c0df4f3b8e7c8a65a20dc0df139e837c1ae798823b515454db9a62375a7cbaef8f0ebb6407dea88d649b642b7b00446fa5987750250ae6ba3470dac3b2c682d94aa8a9"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_usb_connect(0x0, 0x3d, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xcc, 0x73, 0x9f, 0x20, 0x4a4, 0x14, 0xc957, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2b, 0x1, 0x0, 0x0, 0x80, 0x0, [{{0x9, 0x4, 0x13, 0x0, 0x2, 0x4, 0xce, 0x10, 0x0, [], [{{0x9, 0x5, 0x0, 0xc, 0x40, 0xa4, 0x8, 0x8}}, {{0x9, 0x5, 0x5, 0x2, 0x10, 0x3, 0xfc, 0x1, [@generic={0x7, 0x5, "910e3a85ea"}]}}]}}]}}]}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r5}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
getsockopt$inet6_udp_int(r0, 0x11, 0xa, &(0x7f0000001240), &(0x7f0000001280)=0x4)
process_vm_readv(r1, &(0x7f00000013c0)=[{&(0x7f00000010c0)=""/217, 0xd9}, {&(0x7f00000011c0)=""/97, 0x61}, {&(0x7f00000024c0)=""/4104, 0x1008}, {&(0x7f0000002240)=""/127, 0x7f}, {&(0x7f00000022c0)=""/100, 0x64}, {&(0x7f00000012c0)=""/129, 0x81}, {&(0x7f0000001380)=""/8, 0x8}], 0x7, &(0x7f0000001040)=[{&(0x7f00000023c0)=""/217, 0xd9}], 0x1, 0x0)

5.606533787s ago: executing program 3 (id=6165):
fsetxattr$trusted_overlay_nlink(0xffffffffffffffff, &(0x7f0000000000), &(0x7f0000000040)={'L+', 0xd2}, 0x16, 0x4)
inotify_init1(0x0)
removexattr(0x0, &(0x7f0000000180)=@known='system.posix_acl_access\x00')
bind$packet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000900)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0xea}]}}}]}, 0x3c}}, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904"], 0x0)

4.721000157s ago: executing program 7 (id=6168):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = gettid()
faccessat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x5, 0x300)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$gtp(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000000000008000700", @ANYRES32, @ANYBLOB="08000400000000000c0003000000000000000000080005000000000008000100", @ANYRES32=0x0, @ANYBLOB="0800020000000000060006"], 0x50}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
r5 = syz_open_dev$sg(&(0x7f00000002c0), 0x200081, 0x4df2f771f29481e5)
ioctl$FIBMAP(r5, 0x1, &(0x7f00000000c0)=0x5)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYRESHEX=r1, @ANYRES64], 0xa)
r6 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_linger(r6, 0x1, 0x3c, &(0x7f0000000180)={0xfffffffe, 0xffffffff}, 0x8)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001800010000000000000000000200000000000009000006001500050000000c00168005000400030000"], 0x30}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090000000000000000000000850000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_setup(0x1ff, &(0x7f0000002380)=<r7=>0x0)
io_destroy(r7)

4.309003934s ago: executing program 4 (id=6169):
openat$fb0(0xffffffffffffff9c, 0x0, 0x40, 0x0)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc000, 0x7f)
faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000e86dd60ff00f500280600fe8000000000000000000000000000aafe8000"/51, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a0c200adb593471b8b25ca733990"], 0x0)
r4 = socket(0x10, 0x2, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x200)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f00000001c0)={{0xffffffffffffffff, 0x2, 0x0, 0x2, 0x3}})
sendmsg$nl_route(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x20}}, 0x0)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000140)={'syztnl1\x00', r6, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @mcast2={0xff, 0x5}}})
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3.33233899s ago: executing program 4 (id=6171):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
creat(&(0x7f0000000180)='./file0\x00', 0x0)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)=[0x1], 0x0, 0x0, 0x1, 0x1}}, 0x40)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$sock(r3, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
prctl$PR_SET_NO_NEW_PRIVS(0x43, 0x1)
bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e21, 0x0, @loopback}, 0x1c)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0xea)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='huge=always\v\x00'])
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='mountinfo\x00')
read$FUSE(r4, &(0x7f0000003480)={0x2020}, 0x2020)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000048000000030a01010000000000000000010000000900030073797a3100000000080007006e6174000900010073797a310000000014000480080002407c40280f080001"], 0xb8}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x400, 0x1d1)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
mlock2(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)

3.013012423s ago: executing program 7 (id=6173):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = gettid()
faccessat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x5, 0x300)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$gtp(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000000000008000700", @ANYRES32, @ANYBLOB="08000400000000000c0003000000000000000000080005000000000008000100", @ANYRES32=0x0, @ANYBLOB="0800020000000000060006"], 0x50}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
r5 = syz_open_dev$sg(&(0x7f00000002c0), 0x200081, 0x4df2f771f29481e5)
ioctl$FIBMAP(r5, 0x1, &(0x7f00000000c0)=0x5)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYRESHEX=r1, @ANYRES64], 0xa)
r6 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_linger(r6, 0x1, 0x3c, &(0x7f0000000180)={0xfffffffe, 0xffffffff}, 0x8)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001800010000000000000000000200000000000009000006001500050000000c00168005000400030000"], 0x30}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090000000000000000000000850000002a000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
io_setup(0x4e4, &(0x7f0000000cc0))
io_destroy(0x0)

2.645776925s ago: executing program 3 (id=6175):
syz_open_procfs(0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x6, &(0x7f00000002c0)=0x40000006)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000600)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000004200)={{0x12, 0x1, 0x0, 0xe2, 0x79, 0x3b, 0x10, 0x5d1, 0x2001, 0x900, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x4d, 0x2f, 0x9c}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r4, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r5, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x4e20, 0x0, @mcast1, 0x3}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r5, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000006000000000000000005"], 0x310)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2c, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
syz_usb_control_io$hid(r4, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, &(0x7f0000000100)={[{@subsystem='cpuset'}, {@subsystem='memory'}, {@subsystem='cpuacct'}]})
r6 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000280)='cpuset.sched_relax_domain_level\x00', 0x2, 0x0)
write$cgroup_int(r6, &(0x7f00000000c0)=0x300, 0x12)
syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000700)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="088340"], 0x0, 0x0, 0x0, 0x0})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)={0xcc, 0x0, 0x1})
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = fsopen(&(0x7f0000000180)='hfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)

2.629182269s ago: executing program 4 (id=6176):
syz_open_procfs(0x0, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_CAP_EXIT_ON_EMULATION_FAILURE(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000180)={0xcc, 0x0, 0x1})
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = fsopen(&(0x7f0000000180)='hfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r7, 0x0, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r7)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000500), 0xa0201, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000400)={0x0, {0x2, 0x0, @dev}, {0x2, 0x4e20, @loopback}, {0x2, 0x0, @rand_addr=0x64010101}, 0xc8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x200})
getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x1100, 0x483, &(0x7f0000000000), &(0x7f0000000080)=0x68)

1.796189314s ago: executing program 6 (id=6179):
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket(0x2, 0x2, 0x1)
bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e)

1.760187946s ago: executing program 6 (id=6180):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000001440), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r1, &(0x7f0000001b40)={0x0, 0x0, 0x0}, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e06006220"], 0x9)
r2 = syz_open_dev$sg(&(0x7f0000000100), 0x5, 0x12181)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x10000, 0x0)
ioctl$KVM_GET_SUPPORTED_CPUID(r3, 0xc008ae05, &(0x7f0000000080)=""/4)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000140)={0x53, 0xfffffffffffffffe, 0x106, 0x1, @buffer={0x0, 0xf5ff, 0x0}, &(0x7f00000001c0)="851666ce20db96ab0c7d83e114e73a1762249711e34f4ce12c6aa714067726f58b7c42feb7e6d77bd3b97644edd8e3a3b71fcd006b6237766e151f344afb2306455034ea7a31b1a48724e372a5a8a9ca040f5831f2eb11842a4b8ec9064fa439440f374355d9af754314ce445ac9bea7fac19c3ac58a131895c378ec497ffdf9a82032d9f2225397b92d2e2193de6fe2f6b6c0bd0f80de3dc72890b6900c5b86752639bf37ab325c16dc2f3d4d01b4c3b71ebbfd6fc9b316f76a07144538506a68ae00df22f2fa9cbb0c9da73c1dcf3eb2eb4fe3534fcee01e9ca0c66f27b8e05e7545cbc3511b3d086f51d58f9acdb7e141743d3c60f75451bcd5c081a8db84ff509a2f874d", 0x0, 0x10, 0x5bb727690d5e0ff6, 0x0, 0x0})

1.683325356s ago: executing program 6 (id=6181):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0xd2681)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) (async)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0) (async)
sendmsg$nl_xfrm(r2, 0x0, 0x0) (async)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0) (async, rerun: 32)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) (async, rerun: 64)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000380)='source\xcf\x87\x86\x1bY\x0f\xde\xd6\xcd\xc0\x01\xd3\x19>K\x04\xfe\x86YG\xa5\x0f\xed\xa0\x9f\x1e\x14R\x9e\x04\xfa\xed\xd0TG&\x88\xeaz\x9aD\xf8Tt\x8c\x00{\x1fm\xfe\x9c\xf6_h\x9e\xfc\'', &(0x7f00000001c0)='sou\x01ce', 0x0) (async, rerun: 64)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
r6 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSARP(r6, 0x8955, &(0x7f0000000340)={{0x2, 0x0, @broadcast}, {0x0, @link_local}, 0xa, {0x2, 0x0, @multicast2}, 'lo\x00'})
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e2a, @broadcast}, {0x0, @remote}, 0x4a, {}, 'veth1_to_bridge\x00'}) (async)
clock_nanosleep(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x0) (async)
r7 = gettid() (async, rerun: 32)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0) (async, rerun: 32)
r8 = syz_open_dev$cec(&(0x7f0000000140), 0x0, 0x50400)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async, rerun: 64)
ioctl$CEC_ADAP_S_LOG_ADDRS(r8, 0xc05c6104, &(0x7f0000000200)={"6080d517", 0x3, 0x9, 0x1, 0x2, 0xfffffffc, "f9a927627a359827fdc4ed7cb20708", "ae6c49d8", "1c4391b3", "aa04df4e", ["e4e7d0b3748a08eb4117a58f", "a42a5eb8b97b66092e22038e", "00284dc8b857e17ccdef2efa", "d89c67314b6a13a76640b81a"]}) (rerun: 64)
tkill(r7, 0xb) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)

1.674561709s ago: executing program 4 (id=6182):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = gettid()
faccessat2(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x5, 0x300)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$gtp(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000000000008000700", @ANYRES32, @ANYBLOB="08000400000000000c0003000000000000000000080005000000000008000100", @ANYRES32=0x0, @ANYBLOB="0800020000000000060006"], 0x50}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
r5 = syz_open_dev$sg(&(0x7f00000002c0), 0x200081, 0x4df2f771f29481e5)
ioctl$FIBMAP(r5, 0x1, &(0x7f00000000c0)=0x5)
syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYRESHEX=r1, @ANYRES64], 0xa)
socket$inet6(0xa, 0x5, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001800010000000000000000000200000000000009000006001500050000000c00168005000400030000"], 0x30}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='sys_exit\x00'}, 0x10)
r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000580), 0x8302, 0x0)
syncfs(r6)

1.351150878s ago: executing program 6 (id=6183):
socket$can_j1939(0x1d, 0x2, 0x7)
openat$fb0(0xffffffffffffff9c, 0x0, 0x40, 0x0)
close(0xffffffffffffffff)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc000, 0x7f)
faccessat(0xffffffffffffff9c, 0x0, 0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000000c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000e86dd60ff00f500280600fe8000000000000000000000000000aafe8000"/51, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a0c200adb593471b8b25ca733990"], 0x0)
r4 = socket(0x10, 0x2, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000100), 0x200)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r5, 0x40345410, &(0x7f00000001c0)={{0xffffffffffffffff, 0x2, 0x0, 0x2, 0x3}})
sendmsg$nl_route(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={0x0, 0x20}}, 0x0)
getsockname$packet(r4, &(0x7f0000000040)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000140)={'syztnl1\x00', r6, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @mcast2={0xff, 0x5}}})
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.341969107s ago: executing program 7 (id=6184):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x40fffe, 0x100000001, 0x210000, 0x1, 0xa}, 0x1c)
close(r0)
syz_io_uring_setup(0x525e, &(0x7f0000000300)={0x0, 0xce5d, 0x40, 0x0, 0x285}, 0x0, 0x0)
mprotect(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x7)
r1 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
getsockopt$ax25_int(r1, 0x101, 0xc, 0x0, &(0x7f0000000300))
socket$kcm(0x10, 0x2, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x304}, "5d4b42fac245ae74", "21cb70af1a8d3978b3ad1a2c6ede97acca25f6a9000bab0d716e9ebdee04ab7e", "b65dab43", "9a2c4361134d8abe"}, 0x38)
ioctl$int_in(r2, 0x5452, &(0x7f0000000280)=0xfffffffffffff6d5)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000540)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r3)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x1c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x2c, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_USE_RRM={0x4}]}, 0x2c}}, 0x0)
nanosleep(&(0x7f0000000340)={0x0, 0x2faf080}, 0x0)
syz_80211_inject_frame(&(0x7f00000003c0)=@device_b, &(0x7f0000000380)=ANY=[@ANYBLOB="b0f4ad961ff75c00007deb027a983f640ad7000802110000010802110000000000000007001000000059aa0000"], 0x1e)
syz_80211_inject_frame(0x0, &(0x7f00000008c0)=@mgmt_frame=@reassoc_resp={{{0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x1}, @broadcast, @broadcast, @random="bbcc1e86d95e", {0x7, 0x81}, @value=@ver_80211n={0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1}}, 0x2200, 0xe, @default, @void, @val={0x2d, 0x1a, {0x2, 0x1, 0x6, 0x0, {0x3, 0xe, 0x0, 0x380}, 0x300, 0x7, 0x2}}, [{0xdd, 0xc, "50e49e472139184939af2c7b"}, {0xdd, 0xe6, "b78e4b788101dc0b94f61950730484913b735ee13f613da7182a19c7e3ba328cb508001188d141e54cbefa8690a7eb1bee65a94f13773164667033c732819d8b45555d61357228baaf5dcc4f2cbda8a80c93c0ab8784ca8b9e95e5e96975915498614d97c25a6d4cf829b55a396bcc5aae76e0788eddffa49369012df36bfa822e958223bb6d4c4309971edfd30a17cba950a688406cb17a45da0e8d16ad5568a470cf3df9cdae5b55194be5a4fe74adc1857957b39ea49a5ea34e506011b91d94244ff8ef53441529070f56c8dc1b22a5eeb6da935c6d995dec85ba994cb527cc5496360f2d"}, {0xdd, 0xab, "15b6b1a4a53cefca744f113ff489eec2269168c574c657761721107a4bbcb59b8aaa9d4746dffea0395203d2326fc6582b65cdf30b19a968c51b9a8c65b0055e8a9153f85b1a4fbdc14909525e41fa1c3e4e83bc331cb27e72bc72cf3c7edb4f7a767cfd2485d60c883b5e55203ce3b25ae35f4524eff5e399b1362fcd08e8173fe5a6a9b5b95bd4de200f590bb4f51319f7d1fe8443ae460e048dcdca2b21d321e51e0d9caaec15771b1d"}, {0xdd, 0xd4, "96534034c4a9ae9ec9ca21f4b9519c364691e5f6c5dae86550f44ec2470be10456232871f433db53913e06b568cb24abe75a72b21c7dcad61565e17c0bdfb9a9f632450b8821bc100ebd510827066979770e21d74b828747efd31a1564a46f0ac2fa8d32a58dfd7ef3afef9ed213fc64a39b0d383ef59c82766f077345ddc743f86c51ecfdb2a89b89fe9351334e579250ecd3dc4a4e4d80c4aa9d310a47ca546d77725216cf4694bf505fc8c713cbcee6c0f76078f13a31b9d7baa53dafefd36bf691e2d545e3c3e2b5a02b71aef06a2a58214a"}, {0xdd, 0x6, "3fd2fee191ae"}]}, 0x2bf)
ioctl(0xffffffffffffffff, 0x8b2a, &(0x7f0000000040))
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'wlan1\x00'})
recvmsg(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000002c0)=""/114, 0x72}], 0x1}, 0x20)
shutdown(r2, 0x0)

1.341443368s ago: executing program 5 (id=6185):
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={<r0=>0x0}, &(0x7f0000019080)=0xc)
syz_open_procfs(r0, &(0x7f0000000040)='syscall\x00')
r1 = socket$inet(0x2, 0x1, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_getaddr={0x20, 0x16, 0x205, 0x0, 0x0, {}, [@IFA_RT_PRIORITY={0x8, 0xa}]}, 0x20}}, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x70, 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x84)
r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x6, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r6, 0xc0405602, &(0x7f0000000040)={0x0, 0x1, 0x4, "eb14a05928d8633b488a516f6b33478ddb690cee1786f84687ed6f2dfa55f189", 0x32314752})
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)

561.908786ms ago: executing program 7 (id=6186):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x840000000002, 0x3, 0xff)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
getsockopt$IP_VS_SO_GET_TIMEOUT(r0, 0x0, 0x486, 0x0, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
futex(0x0, 0xb, 0x4, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./bus\x00', &(0x7f0000000340), 0x2000000, &(0x7f0000000200)={[{@xino_auto}, {@metacopy_off}], [{@fowner_lt}, {@subj_user}, {@fsmagic={'fsmagic', 0x3d, 0x100000001}}, {@obj_type={'obj_type', 0x3d, 'xino=auto'}}, {@fsmagic={'fsmagic', 0x3d, 0x3}}]})
r1 = creat(&(0x7f0000000440)='./file0/file0\x00', 0x188)
chdir(&(0x7f0000000140)='./bus\x00')
write$rfkill(r1, &(0x7f0000000180)={0x2, 0x5, 0x1, 0x0, 0x1}, 0x8)
r2 = socket$inet(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e0000001ac1414aa0000"], 0x18)
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x2, 0x3, 0x0, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x10, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f00000000c0)={0x2, 0x2, 0xeeff0000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
ioperm(0x3, 0x4, 0x1000008)
semget$private(0x0, 0x3, 0x0)

406.49419ms ago: executing program 6 (id=6187):
prlimit64(0x0, 0xb, &(0x7f0000000140), 0x0)
r0 = getpid()
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
pread64(r2, &(0x7f0000001500)=""/4075, 0xfeb, 0x7fff)
ptrace(0x10, r1)
ptrace$pokeuser(0x6, r1, 0x90, 0xffff8880b860a000)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r4 = syz_pidfd_open(r0, 0x0)
setns(r4, 0x24020000)
r5 = syz_clone(0x1b200000, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x8040ae9f, &(0x7f0000000100))
tkill(r5, 0x4)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='gid_map\x00')
preadv(r6, &(0x7f0000003240)=[{&(0x7f0000002200)=""/4096, 0x1000}], 0x1, 0x8, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r6, 0x40bc5311, &(0x7f0000000040)={0x7, 0x2, 'client0\x00', 0x0, "ac6231ef9cfd59aa", "6f80cf1aa6102a3e078ded7f2168a160830b6d144784d09b250b93c89cabd967", 0x5})

183.813655ms ago: executing program 6 (id=6188):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001000), 0x2000)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f000000c3c0)={0x2020, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x48012408}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000f60000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1997e358660e994000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b60000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000056087d7200000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, 0x0)
syz_fuse_handle_req(r1, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x6, {0x0, 0x0, 0x0, {0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3966, 0x6, 0x8000, 0x0, r3, r4, 0xe, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000080)={{{@in=@loopback, @in6=@private0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@mcast1}, 0x0, @in=@empty}}, &(0x7f0000000380)=0xf5)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r6=>r0, {<r7=>0xee01, 0xffffffffffffffff}}, './file0\x00'})
ioctl$KVM_GET_EMULATED_CPUID(r6, 0xc008ae09, &(0x7f0000000280)=""/103)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r8, &(0x7f0000006840)={0x2020, 0x0, 0x0, <r9=>0x0}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x3, {0x5, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, {0x0, 0x2000000000, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x4, 0x2000, 0x7, r9, 0x0, 0xf0ee, 0xffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r10 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
r11 = socket(0x1, 0x2, 0x0)
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000000140)={0x0, <r12=>0x0}, &(0x7f00000001c0)=0xc)
ioctl$SIOCAX25ADDUID(r10, 0x89e1, &(0x7f000009de00)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, r12})
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000200)={{}, {0x1, 0x6}, [{0x2, 0x0, r3}, {0x2, 0x1, r5}, {0x2, 0x7, r7}, {0x2, 0x0, r9}, {0x2, 0x6, r12}], {}, [], {0x10, 0x2}, {0x20, 0x1}}, 0x4c, 0x1)
r13 = socket$l2tp6(0xa, 0x2, 0x73)
sendto$l2tp6(r13, 0x0, 0x0, 0x40008d2, &(0x7f0000000000)={0xa, 0x0, 0x400, @mcast1, 0x6, 0x2}, 0x20)
setrlimit(0xf, &(0x7f0000000000)={0x1, 0x3})
timer_create(0x3, 0x0, &(0x7f0000000300)=<r14=>0x0)
timer_settime(r14, 0x1, &(0x7f0000000100)={{0x0, 0x3938700}}, 0x0)
syz_usbip_server_init(0x4)
ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0)

183.428431ms ago: executing program 4 (id=6189):
creat(&(0x7f0000000240)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
chmod(&(0x7f0000000140)='./file0\x00', 0x0)
r3 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
write$UHID_INPUT(r3, &(0x7f0000000540)={0x8, {"1a17924ab218eacb15a3fccf929e2dd2497903c1f853d95b995c65e99449ff953fa11c7723b2149ecdaa7f833f60e13b19a66e963f7e8da4297ebbfdda5b36fb4d01bd02e6c652dc4d99e2cb82c2a1d4a45e4c89ba9994e82f854bbc34a40b3a58aa256c9b4512fbf91b9846446c4909e4ec53982e7d7fd11ee0bdeab0bb4c469c9665dde8cb58f0ca148223b6cc4e2f306cfbeccedec8db5212f2fc4e14f836c68bdace4db1afbde9d463e5ac24567925b5fdf0e3af1a52dbd7669fe9227302c8f635bc2ddbf5bd7dccd7b92a9bd5c7363375a57851c2bc72509f2005f138f5a59cf85e9ddb1c972c89d50806e8941b7059cd3eca77527a7f20af70841b4d6f026614bdbb276a6814cc74d91856b968c5fdb52674d892a90d01ab91841b6811def78bdac9bc6f9df2598569fbdfef75079832b2750801dc83fd1987713c61136ac9e5f2f7e67f302109bb9a7fea75290b506a89a19d7e0e472937a8c9ecfe16ef6eb88c7a88a060756196d55d6a3d3f7cdf9915d22b6b3af69ec55017b821ec0621e8a59414efc2b46977a85846b53ae75a350947afcafbdef7233cc371bc2a6f29c0315b352ac2741c81df534303ddb30a4408db5679d05d245259c245c9d7f861711cc287cfd0462b948512623b921060386c587fd166df29e71ecfc8ed90031e95b2af1406b5ae73f6084e39e88194e3d37dc801982656b5b66342d74100f9f5b8c94c1e91b626bbf426a07b4be91dbdb76a6e40d0b788f89359e462e69bc4499fd4f9aa1e7f0c3f73a996b6ecef606c7651286e1f18a6823eed7191cd542057eaaf09aa32e8ce370c09050278b85fd359b8ca23e66e9d294ec57b3ddd90409d9b1ca28c6993b244f8ca46f6bf478ff22fb1df53e33abdda4b2b1e5cff7de19957bdc8e7ca39e4762204b1f9f33b9375b7282422b91841706751038e42023ba45c1cd0998c1794c1c2a5ff65466189bbb27bcbf01e5a48bfd8b6845f7d5c87d977df4ded5273ebf56b96c50b4eadc44bfaa0994259eeb1031644415fa9d729753d2138b06f9b7b624d9eeb1ef71dfdff0b639078f058c7a070451c4670af0c6eb1202f77be82faba9b6287995066b5f7e59b7967706d8d8c5bde48137e13df537ae54664fe4e8460b1bdf5b92a1dcf39ee1726bc6690d0ac5f799bcfab918c59cb132c45054ba17b8a44d505ad3eaeee95b4275b25b2087da8902552727a1e739014df348cfa3a1102661c35a6a38df6c410f5343577955dd57de5af089e3f1bcdf96d4ef1d5944243470b0ed10616144cccc5cac44e36fefd9441120c5d047867af0ea353da21fc0ae73b78b84d53a62efeb94ea8d441cc698c92fd7b36cf41472d036c5093bbdf943620c29ffa3b21ef4a0bb9274912b046834ee6f855ceadf18fb488040d5829ab6e8bf69a90315f7f84d002ac4e929e9f1010a8486746bd316799ba3a65744980c388202324ba50768c77a8481ba74d135da7507048c82714a8234837b69922126e4084a68f7418bfd26417cade786c7f8185e2492e3b64eb9d2c2c721504c7b4aeb383503f745fd69315c56b5b0158decd1b1606a63366b7e2d2b9124b6efca4480c703c8f37d6ddff55b0ec15f2ce6be6c902d06aec2ccabeba13b442b608076c33d19e690ab66cf6678d679758d22fb5d8d963f25d00c45576f8b2938543080297b9cb6c305e3131d2f412f00370c285251909f8ebefc3d18a23e25a183997b08251450b29fff32781e6a70e6e070ab3921f3f809392deb732d6f30cc034b5f77d41218bca86d515b16da0457dbf7aaefdcef9d5358e7b4f1e5d1a410f55449e765609d122f938fd57b71482244dff0523067cabfd322fc47aca1c331112e3d969f5fe3594c3c7adea7c36e9b9af6754cdea5ccf05b139f783d4b24540c50a6a9f7dff472d47c87c151d8439b5740cd1f423335dae2680050bd44766159cba66666b7dbc9e190130494327a0d8c9dbed5c8b831ce2b2bb236353ff7175a48b61a0f3209fa3db44f07a21a485ef1682a33cdf632ac2d6ca993b6cd90913e31704bb851711e1f2b5ebb19baaba102dd42d550933e9dfc17311665fef4d0206d7debbcbbd97efafffb905bf9a77b8eeb67d5f8bef8526f6f8607672bb3c50b14e16c264265594e05fa481f724290abdc9f60a899f26033236e3b90548c24288a7b627b51c4d7c638c359ec6325b0d79e1d69cf18cd9136a263b6aa84ad062b9831fc7c201b7ccec7d3b7ea2132ee4579632bf614bcde285527c36ef8a8e12651ef34a677a8d2f84360afa2f2245e4e0d61a12e8e446045fae61375082f983363795f11848edad24b3f7ae53f0eeb329fa62b6d7b446e3b2c1257981f9c0c3ea371c71021af834a285203b2e3177ddf5251044ea215c048f78701dec36a94ca3c435278d1fd889996adf5ea7c8db62f2b1331bc22c4b7798d587a5c4e619b7b576e19d92996bc0bdc0c8c15374e11b6eeda0e18b35aac4b96db9cdba025080bf5bea4ffdf4fa3c93ec5feede0a140f7f6727ef255783565935d59d348aaa6d12c060afd5f6d084346309d8cbf54b33050ecccf30ae083c4034165880214a94a5296427e2fcb6d90692a82212b6b8d86c6d163f0643944aaba4af1171aed463994f1374e1ec1654b89b04e9d635074e8d131bc2443daf1caad455671470329a287f4c711cb907403d5c05184cd3a647823b5b9c6dc4451fdde92dc1cb87010197026458b40d4809ab60aca1af6bb3702a3e0506cdd21faa6d9909f4ed74723de75fc48d44314fa3cc0c8e8ea226ec1d5875b9595aeacdff0a9f75b4a60dde781c58179f997ecb6479c91ecacc65bfe293a2d26c21ae7c1d7be1241cc1c4ea86a6cf8d93012bd98508aae8db723ff167026298cab227b7d0062c27ccc8e81df7268423ad063638760b44e77147ee9bd84140166ae2bfd592f845ca68c719f7520ae3c9988cc89db73bf93ad6f2f7d9394b2288f0176723acd167081ade4e066a26832f7b655cd874aa5026a7369bb9912c90599d1407f0488a9c540a31997890f5433bd1df91ba13a9e0721c9a707eac7cff1c3efef6cd716779c7ad631c3560caa2031d9d2591329c1867d0d5f96b5897cac2c6a381f0ce5c27969c2b3e7d188e1e896d815b01a3e177933817325953140272ad718a36ae522d43de109ba92255ee66d2a14897f2b2014dc9a495c108727e0eef54df617e269e43a0c48d28a91aaf14d58719e21ea39c1c534e39a1dfabb61377b55d2f69fe79c7d5111b8b952c388925ea8ab1503ae68bce95a34a10a85aa0e5da52add14b93eaac5861a6504e23dda8034e809253c1071ddda934663faac454cd378c5725f5c6f4d943779994357185e512a4b6993156e624f25d86d24e7254d3e9b231aa80ed5a32e108cb528d402f93e58c25ac937420ff7dcd7d9ec2126c7fe7cefa47c038f23de40523d5e026fe3bb4cfd3040f9bd9631cf5a2cde1e20a6032703cd64c2ad97ea95d05a7aa3ea3b3b9d5a86961116dd1338c0a2caae0ceab3178ac7736dfa8a949cd81d261748e6678cb730b57468fb2b7e22c5eb08ad496e76775dce0c31950a596580ad7d6c3fd9ce90dded340f20b77fe53e81fb6e2a7a6c450b8ac9009c7c077893f704457a90401fb758c0769fbfd38e40ae692e410b889bbf0b09a32dc731b6768c0fa3963a5b6279b6a5db611174339f3218fff567f6cfb7377ddc8e2c730da35cc3ec680a6bc95010dd03834caab7afb2c0023ad9ce3aae3c0fd1ece42ea840bf5fc798a0b5fbe7692f13549cdba4a0b68f722ef6877856a76fc3c39f7cfd760675a9f341d9f09f381972be9171e50455ed13e665e61a03b0c2a79276a871c25fc5c486639a71a8dfdf36174373b8995014752aba3026045be6b43074ac3824d687bbf5f6544228cea52791828f54980ee9f728534ea32edd205aaace717adcf61ce28f92719048d44b09812bcfd2d22cc9d7a45ed6b4634756f6b3189908c71728c373ea94aa5c74ce4a73c20138b8cb21db6e2dfb35329b86b1805a5208dd370b8342ca8aa3cbd3e7a3ec79d7b8ee677b04e19c524ddc6de0b22443ac15de908f61719399d0f9890ca2b0283a7db914944f424af10ba0ec9e3e253c060d7b28552eaae5eed1e906f8f93c2195293deabdad6cb38ddab51603e4a96ef1e086de911fb716ffbca467294d9e66e5d0f8225bc28d6c074c4ffba76706f61b0b386b7e4b6500a15fad291f34f6c84f1596a97512f31196a529a7a5725437c038e17d531da3838c8aef3bade6bc1d4c7624560d4fba72e5f8be2c5dc905e1e4bcb2aa7eddb275408ef4288ac69c7a18ae58fb26c2f5a6964f051b81d2e426fc2a5d8617050341b96d5a746e3419fbe94bd3752403868b655c2dba6f48ef109a2e6ec0041842fae52bfab70481ecfe8d27f3d5e444f1b941d871c8057cbe35df68665bc3aadea02d203b106d1179a428daa7d9fea9dbddd8955bb289a92ec790de74cd6a1edf925ab85471633dedf8ba46abe456963a2381addce2aa16c06dd80bb54d8e53d7c82607916af175061da29122afde8687add6b6f42233b76a1164893dcc1ec3dcf935576d2d0f3ab3b1adbace086da915234b4f9bad0afc2915608fc4f6611dc3b91d7e0e48cb0a0f3fdc70ef70ef82043afbd3325f0f6186390ab28ca9f0009184637530d79f0c5a77c6e912afbe6533988f543fc6c02d3d44fbdb0e2ebfad2680184f1ed451991667df958a71fb41cf4367bdb931389ea8b6340e225b312a09dadd8e2ac2d200db6e75323d48c73c6b819e13f92b01bf405e796a2e10b863e773598abcbcc196987e18b19530337809b56480778207103a12acfff1c0ad62846088251a1a0d0d6b300059a99698c84ccac78d53eb32e3984001978db7679960b4d75d71b49696909826c66320526fe02a060265821d15b8b2337121a201402a118ec03ff0d4f3dfa48f2dadd20b510ecdf4e6440b5b2466b9bf28e32327189f0405245694a6371dbe4eae7a8293cdc15193c284123d64690120634f808096a8f3f7a04a5bac9dd86c09f2e4e87c7d7c98d0b370e84ea5f265730f5480eb1375d4f82c7d4efbb6e58c5a92848331b2becd2531f6c456b5d0e690b102dd8faec55bde56f95727f4abf52c58543faaeb9cefd39bba788bd7e2b02b27ecbc1679a1ac00823c83e1ae29690cd25544d3ae0a8db25e963e9fb5bd94987637ac3546b9b312bf04d5c6211c135e806525d423fde9ccb5ef7962ec1e056e6f29adaeebb331f6c234586d1fe21577f56d620c6942a29d4915772144cc60008d1236db21100d5a3112c29396b9e18cdb5b104bed2df2b6ea72c9aa03bb6082f3eb07f0eae359864967a749492d21005b0d39c9613c20b1e21700ab66a4f5ca03ec08d67b95f759252d758743820ba243032e1708447fbaebc27e1316af4cf547cef3ac4966a1f04dd07012f257a0204107c23a0046b12493d9784b24dc561c1f88e591056bcc3b338ab1de65e5ad578021f26f93e9b12f00b5f8c8ae2db6b7b8f254303c7ff06514735974e65fb9a93dc79b115a12310040490ca11ef315340af104e20a2e22dcd132f7d7a61d9d3a12e832ee048a2170dbe03d747ed7402180eb964fde0ecb77e778b18a4e5a83479bb7e0ea0a7d5145ffed4607bd7e6b8f961625d5e3dcac2d4a05e71dc9c2e52195bd55aed4e6749dc1c329e2cda966d18e9bf882c05db627c1047fc71533bbba2c8a83d04db5bad6da349a9ad1992eb88e0274d32a16137e2396ad973c0ecbbc2d243e68b6959bf9b", 0x1000}}, 0x1006) (fail_nth: 10)

121.205414ms ago: executing program 7 (id=6190):
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket(0x2, 0x2, 0x1)
bind$unix(r0, &(0x7f0000000000)=@abs, 0x6e)

0s ago: executing program 7 (id=6191):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
accept4(r1, 0x0, 0x0, 0x800)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000029c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r3, @ANYBLOB="08009e00", @ANYRESDEC, @ANYBLOB="10b11a6a1e974590bec63c75f137d7ab4b6df7561154cba0af013466d8bf0e23d054a456bdc818535d8c953082dbf489c62db30c7d18a49b82075ab5402927fb9139905bb36e77be10f3de495722a6f88a36078bbcafe8b36111dd9ac0fccbbe8c49ac8a848f70869450a0a4eceeccaa7f8039957f468455379caeec009a39804de540eaf80cd0156e3ec1d68c1b0048cd864ad7b9f35f1a7146c54585f81d45436a3c7102041cd23aaa1b9d84f88d284b0793be4963aa2e3ca975798974b225908396dea5504fb3f8fbe66f80c10b8c5aa0220395d333e7f04ec50b884badcce569b2f56bd64110c67edd5c81a3d4e80d9cf30936b185621b53a70af97ff6b9bb3154337051485e39d61dc7ada6a839e06387a3bcfcbe7eaf2705cb051bec3570f5a450e7f4d24fccf5ad13ae08bb3d9536867656761a036247f2f0a35d47bb78456652594166950d230795fa4b3f3deaef58ee4f2b8810317cc6db2d3abae5f65501a50d1b22fbd499bd9a981091acdbe453475e26ecab907795f8d9bc6dd5c532cb3f5cdf09da7c148110399c43167a180d3c29cb1b787b4c8ae6f2a8055ac717019aae831170ae0a4e0c303de46521169659c98a483a50b7d6be0ba86219ee36552ba82c268eafc66cb78e05702ab983c3c815d55f84bf73e89ba759de9276b6bdf89eac3d3161c051681bce6ff019ea2599de457aaf7bf8334e08f5c042905d879c224f144532c8711fb5e111759db7e756d9e74935169cab6394bf8553034e420935f63fa98a29f2a6abf05dc5d558776217c94309d24b2fa7d5a7c168a6121779bc4a21b33d358c12bef7d2677cdd11887b5106f97326133c2537514fef045a768694bc46d66ef1b71204e60553edac12f9d8bbd1fc0800955aa6336101803b1110777a4a3825a818d3cd463303793f4958017a8be2d7cac1396197d4500a73c0aaa08a2b6c5995e10899a08f91cfa2be49973673818ba40e08fbfb71afcea01be83911dc8af05cc3acd753e29a27ccd5722d815e2a5db36d51c786be0ff96ebcd4e6ebcec2804975b6a7a2ab18c08d76ebfec6af782605d7603914b35a555c279dfa17b55a9795b847961d0b4a231cd000cd7e51eea842fa936706a2f933958da6299a4131fc0b2b249f4cdff32552d7dd68dd2ff850357bf258bd432e874ee23858d90a87afa8b14aaa90cf059a1b4e2a42ad3c06e4408692b5b18d99d01081d9c3af40cf90eec0e2ce7131b276a8177344126b6edb3af7d3ff3a56fbf73e9307cb2788c7a91caf9e15e4c99888f691872a7adc912a164b751a89be7869cb998bbf9687afe96dc40d789f81c4a8f8c2ec33b1bca83234c21cc37e96e59274afd96c920b0d3e263c1f99a8d7550216ff42d5e5a15420e9357f1aad1915656728b47c07fe72ab6dec0995de00d61d369788f05f661a4c673c1dbb0169c2195a3cfafd6e75b9c6323614459f35caf1ae25b2e635686d3056a161aab00b42a04ec4fc275b2d185b5fd0000491bf26bcfcaa6306ae5ab41998b2850331c296b11ef1841b9a3eef49b8504a6248d62e54202c28b3085502bbfeb1a60bec202c8c373d9e3e88df057703f567a32a4f448027ea6822f8c6dc7bf3828068217580f580de0db2ee9d956181e5e830c40faf735a565c4ad5fad4f751f1575f7d8bdbaf01b3dca9ddb8121d3dd5434782059b89f146ea92b80aaec32593fb5ec88e861f1f7e56a87a872b9aea47c702c9d28492a56d87953e8f140dd480e352fba95791142677bc1f1ec7fd38bc03c54db09354aebf2a2f08e9d63c6da74da06a2e0b4adde038121ccbbfaf2e70d5be4b933965d8a4d33070f0015dd43b3210b64e046b0c965fc3c3bf59c9f30379b58c4a330e75c1f27e85858bcbc8b19886c2a1b99479d1914ed571dafe8f4e5a27ae498223280aef4aca1265f521198a5e15a32b8a7cbe273f6962ed98744547c3173744495d370b1d9077884772975d6e462482d90ece1403642ac3e8a71822cc47159ad3cd5e46ebe1e6eecadd743ea574f297fd5692ae36555daa7ca89c9be72f8325f6fe2bf689e5e49d52a3cf8af5d51cd6ab0bcb099ad2889a9c8308616c907b052f3693c36914e9636592be460259c5c9c325ac39af1e063830bd7296c81c93324e239b50f299b148dd49add78c84c61a5eed397ec0b7b7d343007a20ec222ed6040dca14e9cfc5fef4724b3454553125ae14b210663c7d2f279af4d4dae80c511a6a4e6c446518df42fe731d27cea1b09a372a3df97df831f9b7d146768799bfef2c01c1f0b5f0be423aac0a5b917163dd6022075ebf83d8982b365e2994df94daaf2ea45ca7d693433ad5f0f7cf59d7930e5a5f674ba8d2e717739bef2e6ce07f8471d5c25d18445b9b2c1b548edec6b9c45179e02ad130a71b28d6877ba246b7297e46b78c5718a82e4fa788085c105c349d6a7e69ea5ca1480b73b444199cfd9673ee0260af038e1f047183e11170860d4445b107a94ae54a7aee0a110838241982f70ea9f2fd8a2114d21453f7433302ff442eaaacce86b28cf55a9220500ca5d8cb36ca657af9d6fcd9e87ba94ef68364728e70fa5fe93c3a4efe26d9c3cb1b9c474ef5508a03a87d47d084409d6541e10b8b622c1518fe01396bd862f55e5a625a45e353359fa00471b0a492e39dd06414debc75a0edb2106b56efcad73c813353774fc0e1add35d471478994ba1710ef2681c009f8747b38a7c4202684c5400d8e5ecd6739a99b0fa5d91e8015a5015c0aa333817d3aaf554ca9e1101efc3b49b44f28fc752c0a586eb2aa72cc27651bdaf1a79f08cee7512bebf4ca56d9440bafaf5f132cf38a57ab9d8c7f3abccaa76522c2497aba742d0b9987ce53de4542f2798f5742759881f63fda9058eb6c8b94c6b536fa626bdfc019778ee425ef8892a1348fe72553d82ca7669cb5bd7af729ebf6502fe0238696a6380d9858946cd8777d45ff2a7823ca7c3f09de978554c65542e8048763e466363b68fc10192d3a43cab0a5fc5d58ebd31f2c0e398d82311fdb7973519c1f194df7b96f067e44de4a3ba6a1238e664c0881578ebee92998ff47ee87ba1a8382f20c9b4b6efdd535780fc429efb64db591df29da07791fa55dd1ecf2b6bdf2681f650d72d5b1206769af27a517fb451e53c02ef6211ca135bc7cb27f2881ecf1bcbbf81dcf11aae6486adbd2a62de6de11896dfb4c7f3a705a3c7d94942d395a826b946771da16dd46b707f33d8c2965f975f36aa8e5e345af9c89c904f2f109b0543602f0cfd7f45a484fc9df5ce46045da8d523dfc977f2156fe9477ec8f1c6e4136662cfc6b2d34dc2f4220273bb4b7cd407e6c9cff8d431c2b9aa6d968c4eb0fc14b76c6f64f55852b8a25d4953995ba7e991c146c07e500b31bdebbb3020dd81fe66bb640fee7777b16e32f3a96c3d2d711954da73bede03a4a64c86e48b994ce0948835e18fdf7f8291f9e878bc6fbe2ff597fa69b6849614419f34cfb3bb1351f702d1d7dea912bd7030dd8fcb14daeda89170f0c2eb3adf2d62ea0b40af133e71966441621ca878fb50cf3347b51760f2ebe483ca65253504deec5aafe480e333b4a0d893dc176172fa3d3126902814978ddd4ca10c824329292c8c3471994ef95e2aa227e9c01a5d36d61b3b423206d781caac9abf9511ea13088c05500315696399c46ce4473e22edf882ca8dd7be330c4619def7e56e9b64d22c54c86111ec3bf9f690caa5ea12338df989f7b58bcb7f25bcd049c8f9de60594bea114ae9488a4a70d3c64f7e87fa6e86a689a9ddd6162e03ce537a76b3a69b5d0ded17b2fb602261eb923ef54c28892ea87b373658e9d49b36bd5fc7f9d03f4cdc73ff8031876b9fa5628ef5da172df200a67cf7eacf25e3d4964048d63121716f47abcb558ddf54937d554d1813c7aa935528ff2c0330f435e105241aa489ff541169cd4fcf3e3c04c7a8c43069b94578a281215ac5aff5b6b2ac42cc5121bf287768556fa99353e69387d4c3de7a11c93661fb60c372856af311b3a37b05f2e7fac40ef8f22f2f33487dbf73c980eaa59c2fb7dd5d0a9f6833bd9181f682a1a984d44edbd4791a844f7718465efb32c3b4fe0b9f4a6f53f05867363a414328ffcd58e598c8ff6b61554666efaca65da892e66dc812013c8643b097fd50eb346ab9f00cac9dc8015091489c782762e7d9e1f4fd7cca58f792ad4be962e2b5d7dea490eea2c84ecaf4897502244223d9a7845d91417748eaefb1944be195474ed082a5e2b24fdf135a4c47ae7bcadb8eaf9cb8c51f2f009e339721fb9a9ef85244df36bc8761e4bfd4b563971e031c466f13415e654a38f5c09adbe96365386d018cf379242c9c8d9ec96f1c73a9e1ecd3036511e7e09a553f2172b436aee9bbc1dc74d291c505d4a2126b0d0473af4da7fe5ab6fadd75fa94597d829e602430cf267f636c7e359e7b7f94308bbe28a932d1986bdcb9201a270693a14172eb2fa35c02f76ac9ed973db073c46c115d7e6b32d42f676275992af6663079f839acadaca850d162d66e20cd81d384f6d2b6c241772318f2b6a6f935ffe3004b53b6af3af3e03875c1e8c138975e1cf0dc3fce94305b6dc7851e14bc8254627d8d0eeaf26da51c8be81bb13f301b454f1cedd87a5f7cf8e152ad67d4c2fa541627e97bc64fb3254290eb30728c6e2423cca0ce7b158fa65bfd1a7c347c5d675e4ff9b96e9372e6d0e9de584f90b600915839137d83dd494a0f7023df12464e951b50337fceba9ec6342ed3956e8ac8fe597c11e9dba1d6c1b93ab6a73786b18d72035e11cbaa86391a79c23c1daeeb57a59cd25147da281b73ec5127c26182ac7d50209b2608156f0d07aeaeda577fbc83b466055862bbdc4f578a4f641740710344792f41cd219791a8e1a7b6daf9fae2de49dd6386addc023ea1de5e03c907987b3a979053f8920d3af6714e4542fc7d176aad46922ba8c8b141286ed1a06018dc0d277ac8246d33e7735a22720109db36a1d15f36b81dc76e5e62d62d6b318486a6c9860c19c1e3a23fb0713a21b6fe01cb70c4cb7e7d3922987c5bef51d9faab455f6ab758f425f2a3f136a1a08b37f77e16ffd4e92ebbd990ec9a714b47e029bcb860362c285d69bc6b8d8d102a23caedec44eee99e6468c5f5910929c0519e5c47a66202ba808df01a3e5589ced3e1179f7030f5be2edb149d25801424c4a729c6ca6b06c4a912b5c044350b6399515386ac0de8afc54c282063110569774491dbd7e927c0b1f16af65c688aefbfab43d4e53baa969125015f2a543a1e2bb105c940cf04e37b7dbe360ee9c2f1b0cb4cd3026c0c18ad344189128fb72d2b21746da5b05c18400661b5ecdae2fddf840ee156e12b99075ddeda8a9c6a3bb588e34a2231998f8ce83be0355b243ee847c81eec9ffed067dcd73e947286756dad3cbe50fd413f66fb5a30da78df2d19c93f75bbd87fde1339ae2646981f2e9a21e9ecbc1b60d14a6c19c008e0c16835b8a31b3459177ed6c53e7f65e2a438149f913da06a307a8a95da5163b52cf661201a71d74cbe00d5fcc16c77a6b3d8c88c50aa115601df9d862aa45326126d5dd824aca413b51635cdf2c80693cb26b4cdd022404bd41ddd98e297ab2b0f5fe6882d6c7cadaae1fb6798a17c0ef5fdf31dbc0f7e6c74c41054621e0e15ace0bafe034ca368eb78cfcca5819890963f42d16673db17dc19205be31ce1924c3be19226cccf618dab6fca55c5cc2c4ce64258b34fae7878bc42e90595b484974d1afe6546d1", @ANYRESOCT=r1, @ANYRESHEX=r4, @ANYBLOB="e7fbe57d49b2ac3edf3bfc45fabea125871f961f9979ba0a17d8de1dac1ddecf2ce7ac392561a919f7ef99c04a3fbdefb33cbfe0d59d5d5feb3450"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)

kernel console output (not intermixed with test programs):

 Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1210.678388][T26587] Call Trace:
[ 1210.678394][T26587]  <TASK>
[ 1210.678400][T26587]  dump_stack_lvl+0x16c/0x1f0
[ 1210.678425][T26587]  should_fail_ex+0x512/0x640
[ 1210.678444][T26587]  _copy_from_user+0x2e/0xd0
[ 1210.678462][T26587]  copy_msghdr_from_user+0x98/0x160
[ 1210.678485][T26587]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1210.678512][T26587]  ___sys_sendmsg+0xfe/0x1d0
[ 1210.678533][T26587]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1210.678570][T26587]  __sys_sendmsg+0x16d/0x220
[ 1210.678590][T26587]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1210.678615][T26587]  ? rcu_is_watching+0x12/0xc0
[ 1210.678637][T26587]  do_syscall_64+0xcd/0x260
[ 1210.678658][T26587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1210.678675][T26587] RIP: 0033:0x7f60b4d8d169
[ 1210.678687][T26587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1210.678698][T26587] RSP: 002b:00007f60b5c53038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1210.678709][T26587] RAX: ffffffffffffffda RBX: 00007f60b4fa5fa0 RCX: 00007f60b4d8d169
[ 1210.678716][T26587] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1210.678722][T26587] RBP: 00007f60b5c53090 R08: 0000000000000000 R09: 0000000000000000
[ 1210.678729][T26587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1210.678735][T26587] R13: 0000000000000000 R14: 00007f60b4fa5fa0 R15: 00007ffe0a33cb18
[ 1210.678746][T26587]  </TASK>
[ 1210.688849][T26589] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=26589 comm=syz.5.5869
[ 1210.904720][T26607] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1211.074805][   T30] audit: type=1400 audit(1742986084.001:6597): avc:  denied  { mount } for  pid=26608 comm="syz.3.5873" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1211.105664][T26611] netlink: 52 bytes leftover after parsing attributes in process `syz.3.5873'.
[ 1211.114892][T26611] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5873'.
[ 1211.720172][T19177] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[ 1211.779261][ T5899] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[ 1211.919290][T19177] usb 5-1: Using ep0 maxpacket: 8
[ 1211.926319][T19177] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1211.937684][T19177] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1211.947935][T19177] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1211.958210][T19177] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1211.968440][T19177] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1211.977844][T19177] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1212.074279][ T5899] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[ 1212.074732][T19177] usb 5-1: config 0 descriptor??
[ 1212.088355][ T5899] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1212.093776][T26636] netlink: 188 bytes leftover after parsing attributes in process `syz.3.5879'.
[ 1212.171073][ T5899] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[ 1212.207020][ T5899] usb 7-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1212.218183][ T5899] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1212.238592][ T5899] usb 7-1: Product: syz
[ 1212.242924][ T5899] usb 7-1: Manufacturer: syz
[ 1212.248788][ T5899] usb 7-1: SerialNumber: syz
[ 1212.324124][ T5899] usb 7-1: config 0 descriptor??
[ 1212.331090][T26621] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1212.338723][T26621] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1212.357380][ T5899] usb 7-1: ucan: probing device on interface #0
[ 1212.397728][T19177] usb 5-1: USB disconnect, device number 55
[ 1213.058161][   T30] kauditd_printk_skb: 10 callbacks suppressed
[ 1213.067171][   T30] audit: type=1400 audit(1742986085.521:6608): avc:  denied  { mount } for  pid=26650 comm="syz.3.5881" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 1213.352849][T26653] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1213.429559][T26652] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1213.491340][ T5899] usb 7-1: ucan: failed to retrieve device info
[ 1213.497795][ T5899] usb 7-1: ucan: probe failed; try to update the device firmware
[ 1213.513556][ T5899] usb 7-1: USB disconnect, device number 8
[ 1213.685587][   T30] audit: type=1400 audit(1742986086.611:6609): avc:  denied  { getopt } for  pid=26667 comm="syz.7.5886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 1214.160678][T26685] xt_CT: No such helper "syz1"
[ 1214.256547][T26692] netlink: 24 bytes leftover after parsing attributes in process `syz.5.5893'.
[ 1214.713872][T26724] FAULT_INJECTION: forcing a failure.
[ 1214.713872][T26724] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1214.752279][T26724] CPU: 1 UID: 0 PID: 26724 Comm: syz.5.5902 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1214.752307][T26724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1214.752317][T26724] Call Trace:
[ 1214.752323][T26724]  <TASK>
[ 1214.752330][T26724]  dump_stack_lvl+0x16c/0x1f0
[ 1214.752362][T26724]  should_fail_ex+0x512/0x640
[ 1214.752382][T26724]  _copy_from_user+0x2e/0xd0
[ 1214.752402][T26724]  copy_msghdr_from_user+0x98/0x160
[ 1214.752425][T26724]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1214.752446][T26724]  ? kfree+0x252/0x4d0
[ 1214.752469][T26724]  ? __lock_acquire+0x5ca/0x1ba0
[ 1214.752495][T26724]  ___sys_recvmsg+0xdb/0x1a0
[ 1214.752516][T26724]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1214.752546][T26724]  ? __pfx___might_resched+0x10/0x10
[ 1214.752571][T26724]  do_recvmmsg+0x2fe/0x740
[ 1214.752595][T26724]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1214.752619][T26724]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1214.752645][T26724]  ? __fget_files+0x20e/0x3c0
[ 1214.752665][T26724]  __x64_sys_recvmmsg+0x22a/0x280
[ 1214.752689][T26724]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1214.752711][T26724]  ? rcu_is_watching+0x12/0xc0
[ 1214.752734][T26724]  do_syscall_64+0xcd/0x260
[ 1214.752755][T26724]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1214.752773][T26724] RIP: 0033:0x7fa59ef8d169
[ 1214.752787][T26724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1214.752803][T26724] RSP: 002b:00007fa59fe42038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1214.752821][T26724] RAX: ffffffffffffffda RBX: 00007fa59f1a5fa0 RCX: 00007fa59ef8d169
[ 1214.752833][T26724] RDX: 0000000003ffffbd RSI: 0000200000001d00 RDI: 0000000000000004
[ 1214.752844][T26724] RBP: 00007fa59fe42090 R08: 0000000000000000 R09: 0000000000000000
[ 1214.752852][T26724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1214.752860][T26724] R13: 0000000000000000 R14: 00007fa59f1a5fa0 R15: 00007ffe19c4bca8
[ 1214.752879][T26724]  </TASK>
[ 1214.990820][T26728] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1215.076659][   T30] audit: type=1400 audit(1742986088.001:6610): avc:  denied  { name_connect } for  pid=26729 comm="syz.6.5903" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[ 1215.079926][T26720] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1215.381877][T26743] xt_CT: No such helper "syz1"
[ 1215.391027][   T64] Bluetooth: (null): Invalid header checksum
[ 1215.397090][   T64] Bluetooth: (null): Invalid header checksum
[ 1216.076173][T26762] hfs: unable to load iocharset "io#harset"
[ 1216.138202][   T30] audit: type=1400 audit(1742986089.061:6611): avc:  denied  { write } for  pid=26758 comm="syz.5.5911" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1216.193071][   T30] audit: type=1400 audit(1742986089.101:6612): avc:  denied  { ioctl } for  pid=26766 comm="syz.3.5913" path="socket:[100437]" dev="sockfs" ino=100437 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1216.265075][   T30] audit: type=1400 audit(1742986089.161:6613): avc:  denied  { name_bind } for  pid=26758 comm="syz.5.5911" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1216.348382][   T30] audit: type=1400 audit(1742986089.161:6614): avc:  denied  { mount } for  pid=26758 comm="syz.5.5911" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[ 1216.570196][   T30] audit: type=1400 audit(1742986089.491:6615): avc:  denied  { create } for  pid=26779 comm="syz.7.5916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1216.651100][   T30] audit: type=1400 audit(1742986089.561:6616): avc:  denied  { bind } for  pid=26779 comm="syz.7.5916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1216.870428][   T30] audit: type=1400 audit(1742986089.561:6617): avc:  denied  { listen } for  pid=26779 comm="syz.7.5916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1217.321008][ T5899] usb 7-1: new full-speed USB device number 9 using dummy_hcd
[ 1217.491837][ T5899] usb 7-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 1217.499212][T19177] usb 4-1: new high-speed USB device number 99 using dummy_hcd
[ 1217.508838][ T5899] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1217.549412][ T5899] usb 7-1: Product: syz
[ 1217.559238][ T5899] usb 7-1: Manufacturer: syz
[ 1217.574732][ T5899] usb 7-1: SerialNumber: syz
[ 1217.592864][ T5899] usb 7-1: config 0 descriptor??
[ 1217.659227][T19177] usb 4-1: Using ep0 maxpacket: 16
[ 1217.700577][T19177] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1217.713813][T19177] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1217.732679][T26810] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1217.743370][T19177] usb 4-1: New USB device found, idVendor=1b96, idProduct=0006, bcdDevice= 0.00
[ 1217.759110][T19177] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1217.798966][T19177] usb 4-1: config 0 descriptor??
[ 1217.838248][T26809] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1218.013150][ T5899] airspy 7-1:0.0: Board ID: 00
[ 1218.029169][ T5899] airspy 7-1:0.0: Firmware version: 
[ 1218.218826][T19177] ntrig 0003:1B96:0006.0040: item fetching failed at offset 4/5
[ 1218.229468][T19177] ntrig 0003:1B96:0006.0040: parse failed
[ 1218.249676][T19177] ntrig 0003:1B96:0006.0040: probe with driver ntrig failed with error -22
[ 1218.439092][   T30] kauditd_printk_skb: 4 callbacks suppressed
[ 1218.439109][   T30] audit: type=1400 audit(1742986091.341:6622): avc:  denied  { execute } for  pid=26787 comm="syz.6.5918" path="/120/file1" dev="tmpfs" ino=638 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1218.468443][T19177] usb 4-1: USB disconnect, device number 99
[ 1218.505784][   T30] audit: type=1800 audit(1742986091.421:6623): pid=26789 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.6.5918" name="file1" dev="tmpfs" ino=638 res=0 errno=0
[ 1218.707975][ T5899] airspy 7-1:0.0: usb_control_msg() failed -71 request 12
[ 1218.718641][ T5899] airspy 7-1:0.0: Registered as swradio24
[ 1218.729387][ T5899] airspy 7-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[ 1218.754468][ T5899] usb 7-1: USB disconnect, device number 9
[ 1218.998363][T26848] FAULT_INJECTION: forcing a failure.
[ 1218.998363][T26848] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1219.011810][T26848] CPU: 1 UID: 0 PID: 26848 Comm: syz.3.5926 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1219.011834][T26848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1219.011845][T26848] Call Trace:
[ 1219.011850][T26848]  <TASK>
[ 1219.011857][T26848]  dump_stack_lvl+0x16c/0x1f0
[ 1219.011882][T26848]  should_fail_ex+0x512/0x640
[ 1219.011899][T26848]  _copy_from_user+0x2e/0xd0
[ 1219.011919][T26848]  copy_msghdr_from_user+0x98/0x160
[ 1219.011941][T26848]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1219.011965][T26848]  ? kfree+0x252/0x4d0
[ 1219.011988][T26848]  ? __lock_acquire+0x5ca/0x1ba0
[ 1219.012014][T26848]  ___sys_recvmsg+0xdb/0x1a0
[ 1219.012034][T26848]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1219.012063][T26848]  ? __pfx___might_resched+0x10/0x10
[ 1219.012086][T26848]  do_recvmmsg+0x2fe/0x740
[ 1219.012108][T26848]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1219.012133][T26848]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1219.012159][T26848]  ? __fget_files+0x20e/0x3c0
[ 1219.012178][T26848]  __x64_sys_recvmmsg+0x22a/0x280
[ 1219.012201][T26848]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1219.012228][T26848]  do_syscall_64+0xcd/0x260
[ 1219.012250][T26848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1219.012267][T26848] RIP: 0033:0x7fea10f8d169
[ 1219.012286][T26848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1219.012303][T26848] RSP: 002b:00007fea11eb4038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1219.012320][T26848] RAX: ffffffffffffffda RBX: 00007fea111a5fa0 RCX: 00007fea10f8d169
[ 1219.012332][T26848] RDX: 0000000003ffffbd RSI: 0000200000001d00 RDI: 0000000000000004
[ 1219.012342][T26848] RBP: 00007fea11eb4090 R08: 0000000000000000 R09: 0000000000000000
[ 1219.012352][T26848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1219.012362][T26848] R13: 0000000000000000 R14: 00007fea111a5fa0 R15: 00007ffe904c2778
[ 1219.012381][T26848]  </TASK>
[ 1219.672448][T26851] hfs: unable to load iocharset "io#harset"
[ 1219.985997][T26875] FAULT_INJECTION: forcing a failure.
[ 1219.985997][T26875] name failslab, interval 1, probability 0, space 0, times 0
[ 1219.987272][T26876] netlink: 'syz.7.5933': attribute type 1 has an invalid length.
[ 1220.007588][T26875] CPU: 1 UID: 0 PID: 26875 Comm: syz.3.5934 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1220.007614][T26875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1220.007625][T26875] Call Trace:
[ 1220.007630][T26875]  <TASK>
[ 1220.007637][T26875]  dump_stack_lvl+0x16c/0x1f0
[ 1220.007663][T26875]  should_fail_ex+0x512/0x640
[ 1220.007680][T26875]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1220.007707][T26875]  should_failslab+0xc2/0x120
[ 1220.007724][T26875]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1220.007748][T26875]  ? rtnl_newlink+0x10a/0x1d40
[ 1220.007772][T26875]  rtnl_newlink+0x10a/0x1d40
[ 1220.007793][T26875]  ? find_held_lock+0x2b/0x80
[ 1220.007814][T26875]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1220.007835][T26875]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 1220.007860][T26875]  ? __lock_acquire+0x5ca/0x1ba0
[ 1220.007891][T26875]  ? find_held_lock+0x2b/0x80
[ 1220.007907][T26875]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1220.007926][T26875]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1220.007944][T26875]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1220.007965][T26875]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1220.007985][T26875]  rtnetlink_rcv_msg+0x95b/0xe90
[ 1220.008006][T26875]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1220.008025][T26875]  ? __pfx_avc_has_perm+0x10/0x10
[ 1220.008051][T26875]  netlink_rcv_skb+0x16a/0x440
[ 1220.008071][T26875]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1220.008093][T26875]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1220.008122][T26875]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1220.008144][T26875]  netlink_unicast+0x53a/0x7f0
[ 1220.008165][T26875]  ? __pfx_netlink_unicast+0x10/0x10
[ 1220.008189][T26875]  netlink_sendmsg+0x8da/0xd70
[ 1220.008210][T26875]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1220.008236][T26875]  ____sys_sendmsg+0xa8d/0xc60
[ 1220.008252][T26875]  ? copy_msghdr_from_user+0x10a/0x160
[ 1220.008280][T26875]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1220.008305][T26875]  ___sys_sendmsg+0x134/0x1d0
[ 1220.008327][T26875]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1220.008371][T26875]  __sys_sendmsg+0x16d/0x220
[ 1220.008392][T26875]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1220.008418][T26875]  ? rcu_is_watching+0x12/0xc0
[ 1220.008441][T26875]  do_syscall_64+0xcd/0x260
[ 1220.008462][T26875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1220.008478][T26875] RIP: 0033:0x7fea10f8d169
[ 1220.008492][T26875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1220.008507][T26875] RSP: 002b:00007fea11eb4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1220.008524][T26875] RAX: ffffffffffffffda RBX: 00007fea111a5fa0 RCX: 00007fea10f8d169
[ 1220.008536][T26875] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1220.008546][T26875] RBP: 00007fea11eb4090 R08: 0000000000000000 R09: 0000000000000000
[ 1220.008556][T26875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1220.008566][T26875] R13: 0000000000000000 R14: 00007fea111a5fa0 R15: 00007ffe904c2778
[ 1220.008584][T26875]  </TASK>
[ 1220.023969][T26876] bond2: entered promiscuous mode
[ 1220.105710][   T30] audit: type=1400 audit(1742986093.041:6624): avc:  denied  { getopt } for  pid=26910 comm="syz.3.5936" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1220.109805][T26876] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1220.339464][ T5899] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1220.389146][T19177] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[ 1220.526330][   T30] audit: type=1400 audit(1742986093.451:6625): avc:  denied  { unmount } for  pid=21272 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 1220.539210][T19177] usb 5-1: Using ep0 maxpacket: 16
[ 1220.554847][T19177] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1220.566401][T19177] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1220.579245][ T5899] usb 7-1: Using ep0 maxpacket: 8
[ 1220.588574][ T5899] usb 7-1: config 0 has an invalid interface number: 32 but max is 0
[ 1220.625313][ T5899] usb 7-1: config 0 has no interface number 0
[ 1220.664618][ T5899] usb 7-1: config 0 interface 32 altsetting 255 endpoint 0x8 has invalid maxpacket 512, setting to 64
[ 1220.664690][ T5899] usb 7-1: config 0 interface 32 has no altsetting 0
[ 1220.670090][ T5899] usb 7-1: New USB device found, idVendor=257a, idProduct=2603, bcdDevice=20.02
[ 1220.670159][ T5899] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1220.670221][ T5899] usb 7-1: Product: syz
[ 1220.670249][ T5899] usb 7-1: Manufacturer: syz
[ 1220.670371][ T5899] usb 7-1: SerialNumber: syz
[ 1220.769843][ T5899] usb 7-1: config 0 descriptor??
[ 1220.803192][ T5899] option 7-1:0.32: GSM modem (1-port) converter detected
[ 1220.964967][T19177] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1220.965002][T19177] usb 5-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[ 1220.965022][T19177] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1220.987427][T26913] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1220.987547][T26913] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1220.988904][    T9] usb 7-1: USB disconnect, device number 10
[ 1220.990152][    T9] option 7-1:0.32: device disconnected
[ 1220.992785][T19177] usb 5-1: config 0 descriptor??
[ 1221.482510][T26966] netlink: 20 bytes leftover after parsing attributes in process `syz.7.5944'.
[ 1221.494497][   T30] audit: type=1400 audit(1742986094.411:6626): avc:  denied  { bind } for  pid=26965 comm="syz.7.5944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1221.497554][T26973] FAULT_INJECTION: forcing a failure.
[ 1221.497554][T26973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1221.540650][T26973] CPU: 0 UID: 0 PID: 26973 Comm: syz.5.5945 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1221.540676][T26973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1221.540686][T26973] Call Trace:
[ 1221.540691][T26973]  <TASK>
[ 1221.540698][T26973]  dump_stack_lvl+0x16c/0x1f0
[ 1221.540727][T26973]  should_fail_ex+0x512/0x640
[ 1221.540746][T26973]  _copy_from_user+0x2e/0xd0
[ 1221.540765][T26973]  copy_msghdr_from_user+0x98/0x160
[ 1221.540786][T26973]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1221.540808][T26973]  ? kfree+0x252/0x4d0
[ 1221.540830][T26973]  ? __lock_acquire+0x5ca/0x1ba0
[ 1221.540854][T26973]  ___sys_recvmsg+0xdb/0x1a0
[ 1221.540873][T26973]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1221.540902][T26973]  ? __pfx___might_resched+0x10/0x10
[ 1221.540926][T26973]  do_recvmmsg+0x2fe/0x740
[ 1221.540950][T26973]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1221.540975][T26973]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1221.541008][T26973]  ? __fget_files+0x20e/0x3c0
[ 1221.541028][T26973]  __x64_sys_recvmmsg+0x22a/0x280
[ 1221.541050][T26973]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1221.541071][T26973]  ? rcu_is_watching+0x12/0xc0
[ 1221.541093][T26973]  do_syscall_64+0xcd/0x260
[ 1221.541114][T26973]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1221.541130][T26973] RIP: 0033:0x7fa59ef8d169
[ 1221.541143][T26973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1221.541158][T26973] RSP: 002b:00007fa59fe42038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1221.541175][T26973] RAX: ffffffffffffffda RBX: 00007fa59f1a5fa0 RCX: 00007fa59ef8d169
[ 1221.541187][T26973] RDX: 0000000003ffffbd RSI: 0000200000001d00 RDI: 0000000000000004
[ 1221.541198][T26973] RBP: 00007fa59fe42090 R08: 0000000000000000 R09: 0000000000000000
[ 1221.541207][T26973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1221.541216][T26973] R13: 0000000000000000 R14: 00007fa59f1a5fa0 R15: 00007ffe19c4bca8
[ 1221.541231][T26973]  </TASK>
[ 1221.746005][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1221.922873][  T975] usb 8-1: new high-speed USB device number 109 using dummy_hcd
[ 1222.540520][T26986] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5931'.
[ 1222.569245][ T5820] usb 4-1: new low-speed USB device number 100 using dummy_hcd
[ 1222.577046][  T975] usb 8-1: device descriptor read/64, error -71
[ 1222.684352][T26988] FAULT_INJECTION: forcing a failure.
[ 1222.684352][T26988] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1222.698082][T26988] CPU: 1 UID: 0 PID: 26988 Comm: syz.5.5948 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1222.698108][T26988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1222.698118][T26988] Call Trace:
[ 1222.698124][T26988]  <TASK>
[ 1222.698130][T26988]  dump_stack_lvl+0x16c/0x1f0
[ 1222.698155][T26988]  should_fail_ex+0x512/0x640
[ 1222.698174][T26988]  _copy_from_user+0x2e/0xd0
[ 1222.698193][T26988]  copy_msghdr_from_user+0x98/0x160
[ 1222.698216][T26988]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1222.698245][T26988]  ___sys_sendmsg+0xfe/0x1d0
[ 1222.698266][T26988]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1222.698307][T26988]  __sys_sendmsg+0x16d/0x220
[ 1222.698328][T26988]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1222.698354][T26988]  ? rcu_is_watching+0x12/0xc0
[ 1222.698377][T26988]  do_syscall_64+0xcd/0x260
[ 1222.698399][T26988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1222.698416][T26988] RIP: 0033:0x7fa59ef8d169
[ 1222.698429][T26988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1222.698445][T26988] RSP: 002b:00007fa59fe42038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1222.698462][T26988] RAX: ffffffffffffffda RBX: 00007fa59f1a5fa0 RCX: 00007fa59ef8d169
[ 1222.698473][T26988] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1222.698484][T26988] RBP: 00007fa59fe42090 R08: 0000000000000000 R09: 0000000000000000
[ 1222.698495][T26988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1222.698505][T26988] R13: 0000000000000000 R14: 00007fa59f1a5fa0 R15: 00007ffe19c4bca8
[ 1222.698524][T26988]  </TASK>
[ 1222.882453][ T5820] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1222.893635][ T5820] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1222.904798][ T5820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1222.919404][  T975] usb 8-1: new high-speed USB device number 110 using dummy_hcd
[ 1222.941209][ T5820] usb 4-1: config 0 descriptor??
[ 1222.957023][ T5820] iowarrior 4-1:0.0: no interrupt-in endpoint found
[ 1222.964305][T26998] FAULT_INJECTION: forcing a failure.
[ 1222.964305][T26998] name failslab, interval 1, probability 0, space 0, times 0
[ 1222.977496][T26998] CPU: 1 UID: 0 PID: 26998 Comm: syz.5.5950 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1222.977520][T26998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1222.977530][T26998] Call Trace:
[ 1222.977536][T26998]  <TASK>
[ 1222.977541][T26998]  dump_stack_lvl+0x16c/0x1f0
[ 1222.977558][T26998]  should_fail_ex+0x512/0x640
[ 1222.977569][T26998]  ? __kernel_text_address+0xd/0x40
[ 1222.977582][T26998]  should_failslab+0xc2/0x120
[ 1222.977594][T26998]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1222.977609][T26998]  ? skb_clone+0x190/0x3f0
[ 1222.977633][T26998]  skb_clone+0x190/0x3f0
[ 1222.977653][T26998]  dev_queue_xmit_nit+0x38f/0xbc0
[ 1222.977676][T26998]  ? netif_skb_features+0x3b0/0xd50
[ 1222.977690][T26998]  dev_hard_start_xmit+0x26c/0x790
[ 1222.977703][T26998]  __dev_queue_xmit+0x7eb/0x43e0
[ 1222.977718][T26998]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1222.977738][T26998]  ? __skb_clone+0x570/0x760
[ 1222.977756][T26998]  netlink_deliver_tap+0xa87/0xd30
[ 1222.977779][T26998]  netlink_unicast+0x5df/0x7f0
[ 1222.977799][T26998]  ? __pfx_netlink_unicast+0x10/0x10
[ 1222.977821][T26998]  netlink_sendmsg+0x8da/0xd70
[ 1222.977837][T26998]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1222.977854][T26998]  ____sys_sendmsg+0xa8d/0xc60
[ 1222.977864][T26998]  ? copy_msghdr_from_user+0x10a/0x160
[ 1222.977878][T26998]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1222.977895][T26998]  ___sys_sendmsg+0x134/0x1d0
[ 1222.977917][T26998]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1222.977962][T26998]  __sys_sendmsg+0x16d/0x220
[ 1222.977979][T26998]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1222.977995][T26998]  ? rcu_is_watching+0x12/0xc0
[ 1222.978009][T26998]  do_syscall_64+0xcd/0x260
[ 1222.978023][T26998]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1222.978035][T26998] RIP: 0033:0x7fa59ef8d169
[ 1222.978048][T26998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1222.978064][T26998] RSP: 002b:00007fa59fe42038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1222.978079][T26998] RAX: ffffffffffffffda RBX: 00007fa59f1a5fa0 RCX: 00007fa59ef8d169
[ 1222.978090][T26998] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1222.978099][T26998] RBP: 00007fa59fe42090 R08: 0000000000000000 R09: 0000000000000000
[ 1222.978109][T26998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1222.978117][T26998] R13: 0000000000000000 R14: 00007fa59f1a5fa0 R15: 00007ffe19c4bca8
[ 1222.978129][T26998]  </TASK>
[ 1223.059218][  T975] usb 8-1: device descriptor read/64, error -71
[ 1223.206375][   T30] audit: type=1400 audit(1742986096.141:6627): avc:  denied  { create } for  pid=27002 comm="syz.5.5952" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 1223.276217][   T30] audit: type=1400 audit(1742986096.181:6628): avc:  denied  { read } for  pid=27002 comm="syz.5.5952" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1223.286888][ T5820] usb 4-1: USB disconnect, device number 100
[ 1223.327180][   T30] audit: type=1400 audit(1742986096.181:6629): avc:  denied  { open } for  pid=27002 comm="syz.5.5952" path="/dev/dri/card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 1223.364042][  T975] usb usb8-port1: attempt power cycle
[ 1223.377966][   T30] audit: type=1400 audit(1742986096.181:6630): avc:  denied  { map_create } for  pid=26974 comm="syz.3.5946" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1223.400293][   T30] audit: type=1400 audit(1742986096.191:6631): avc:  denied  { create } for  pid=27002 comm="syz.5.5952" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1223.454211][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1223.454228][   T30] audit: type=1400 audit(1742986096.381:6648): avc:  denied  { create } for  pid=27012 comm="syz.5.5953" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1223.489803][   T30] audit: type=1400 audit(1742986096.411:6649): avc:  denied  { shutdown } for  pid=27012 comm="syz.5.5953" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1223.509896][   T30] audit: type=1400 audit(1742986096.411:6650): avc:  denied  { getopt } for  pid=27012 comm="syz.5.5953" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1223.540129][   T30] audit: type=1400 audit(1742986096.411:6651): avc:  denied  { connect } for  pid=27012 comm="syz.5.5953" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1223.560512][   T30] audit: type=1400 audit(1742986096.411:6652): avc:  denied  { name_connect } for  pid=27012 comm="syz.5.5953" dest=20004 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[ 1223.582659][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1223.607458][T19177] usbhid 5-1:0.0: can't add hid device: -71
[ 1223.609260][   T30] audit: type=1400 audit(1742986096.411:6653): avc:  denied  { setopt } for  pid=27012 comm="syz.5.5953" laddr=fe80::13 lport=49471 faddr=fe80::aa fport=20004 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1223.639687][   T30] audit: type=1400 audit(1742986096.471:6654): avc:  denied  { prog_load } for  pid=27015 comm="syz.5.5954" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[ 1223.649285][T19177] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1223.662150][   T30] audit: type=1400 audit(1742986096.471:6655): avc:  denied  { bpf } for  pid=27015 comm="syz.5.5954" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1223.690449][T19177] usb 5-1: USB disconnect, device number 56
[ 1223.696466][   T30] audit: type=1400 audit(1742986096.471:6656): avc:  denied  { perfmon } for  pid=27015 comm="syz.5.5954" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 1223.702561][T27026] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5955'.
[ 1223.726979][   T30] audit: type=1400 audit(1742986096.521:6657): avc:  denied  { read } for  pid=27015 comm="syz.5.5954" name="msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1223.728502][  T975] usb 8-1: new high-speed USB device number 111 using dummy_hcd
[ 1223.749695][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1223.780912][  T975] usb 8-1: device descriptor read/8, error -71
[ 1223.796998][T27033] netlink: 40 bytes leftover after parsing attributes in process `syz.4.5956'.
[ 1223.839316][   T47] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[ 1224.050063][   T47] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1224.122667][   T47] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1224.149297][   T47] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1224.158388][   T47] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1224.170151][T27016] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[ 1224.184005][   T47] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1224.229115][  T975] usb 8-1: new high-speed USB device number 112 using dummy_hcd
[ 1224.269644][  T975] usb 8-1: device descriptor read/8, error -71
[ 1224.324735][T27056] veth0_vlan: entered allmulticast mode
[ 1224.331409][T27056] veth0_vlan: left promiscuous mode
[ 1224.337086][T27056] veth0_vlan: entered promiscuous mode
[ 1224.379542][  T975] usb usb8-port1: unable to enumerate USB device
[ 1224.395668][   T47] usb 6-1: USB disconnect, device number 16
[ 1224.414141][T23979] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1226.430486][ T5823] Bluetooth: hci5: command 0x1003 tx timeout
[ 1226.438208][T20337] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1227.637550][T27135] ubi: mtd0 is already attached to ubi31
[ 1227.859505][  T975] libceph: connect (1)[c::]:6789 error -101
[ 1227.877904][  T975] libceph: mon0 (1)[c::]:6789 connect error
[ 1227.893360][  T975] libceph: connect (1)[c::]:6789 error -101
[ 1227.896310][T27148] FAULT_INJECTION: forcing a failure.
[ 1227.896310][T27148] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1227.909285][  T975] libceph: mon0 (1)[c::]:6789 connect error
[ 1227.913871][T27148] CPU: 1 UID: 0 PID: 27148 Comm: syz.4.5979 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1227.913893][T27148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1227.913902][T27148] Call Trace:
[ 1227.913907][T27148]  <TASK>
[ 1227.913913][T27148]  dump_stack_lvl+0x16c/0x1f0
[ 1227.913935][T27148]  should_fail_ex+0x512/0x640
[ 1227.913951][T27148]  _copy_from_iter+0x2a4/0x15b0
[ 1227.913968][T27148]  ? find_held_lock+0x2b/0x80
[ 1227.913985][T27148]  ? __pfx__copy_from_iter+0x10/0x10
[ 1227.914002][T27148]  ? __virt_addr_valid+0x5e/0x590
[ 1227.914022][T27148]  ? __phys_addr_symbol+0x30/0x80
[ 1227.914040][T27148]  ? __check_object_size+0x4c7/0x710
[ 1227.914059][T27148]  netlink_sendmsg+0x83a/0xd70
[ 1227.914079][T27148]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1227.914110][T27148]  ____sys_sendmsg+0xa8d/0xc60
[ 1227.914124][T27148]  ? copy_msghdr_from_user+0x10a/0x160
[ 1227.914142][T27148]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1227.914162][T27148]  ___sys_sendmsg+0x134/0x1d0
[ 1227.914181][T27148]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1227.914215][T27148]  __sys_sendmsg+0x16d/0x220
[ 1227.914233][T27148]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1227.914256][T27148]  ? rcu_is_watching+0x12/0xc0
[ 1227.914274][T27148]  do_syscall_64+0xcd/0x260
[ 1227.914293][T27148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1227.914308][T27148] RIP: 0033:0x7f80f238d169
[ 1227.914320][T27148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1227.914334][T27148] RSP: 002b:00007f80f3201038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1227.914349][T27148] RAX: ffffffffffffffda RBX: 00007f80f25a5fa0 RCX: 00007f80f238d169
[ 1227.914359][T27148] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1227.914368][T27148] RBP: 00007f80f3201090 R08: 0000000000000000 R09: 0000000000000000
[ 1227.914377][T27148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1227.914385][T27148] R13: 0000000000000000 R14: 00007f80f25a5fa0 R15: 00007fff58a23e48
[ 1227.914402][T27148]  </TASK>
[ 1228.109194][T11873] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[ 1228.176611][T27137] ceph: No mds server is up or the cluster is laggy
[ 1228.219831][T27156] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1228.314344][T11873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1228.325296][T27154] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1228.338613][T11873] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1228.362713][T11873] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1228.399851][T11873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1228.410637][T11873] usb 4-1: config 0 descriptor??
[ 1228.500788][T17882] Bluetooth: (null): Invalid header checksum
[ 1228.506997][T17882] Bluetooth: (null): Invalid header checksum
[ 1228.508414][T27165] xt_CT: No such helper "syz1"
[ 1228.620845][T23979] Bluetooth: (null): Invalid header checksum
[ 1228.635466][   T30] kauditd_printk_skb: 64 callbacks suppressed
[ 1228.635485][   T30] audit: type=1400 audit(1742986101.561:6722): avc:  denied  { create } for  pid=27140 comm="syz.3.5978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1228.637329][T11873] ath6kl: Failed to submit usb control message: -71
[ 1228.641822][   T30] audit: type=1400 audit(1742986101.561:6723): avc:  denied  { accept } for  pid=27140 comm="syz.3.5978" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1228.749171][ T5820] usb 8-1: new high-speed USB device number 113 using dummy_hcd
[ 1229.172959][T11873] ath6kl: unable to send the bmi data to the device: -71
[ 1229.180062][T11873] ath6kl: Unable to send get target info: -71
[ 1229.186776][T11873] ath6kl: Failed to init ath6kl core: -71
[ 1229.192837][T11873] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1229.201143][ T5820] usb 8-1: Using ep0 maxpacket: 8
[ 1229.213900][T11873] usb 4-1: USB disconnect, device number 101
[ 1229.225495][ T5820] usb 8-1: config 4 has an invalid interface number: 122 but max is 2
[ 1229.241473][ T5820] usb 8-1: config 4 has an invalid interface number: 4 but max is 2
[ 1229.257692][ T5820] usb 8-1: config 4 has an invalid interface number: 105 but max is 2
[ 1229.267315][ T5820] usb 8-1: config 4 has no interface number 0
[ 1229.282546][ T5820] usb 8-1: config 4 has no interface number 1
[ 1229.374022][ T5820] usb 8-1: config 4 has no interface number 2
[ 1229.374116][   T30] audit: type=1400 audit(1742986102.301:6724): avc:  denied  { create } for  pid=27190 comm="syz.4.5986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1229.409541][ T5820] usb 8-1: config 4 interface 4 altsetting 2 has an invalid endpoint descriptor of length 5, skipping
[ 1229.433640][ T5820] usb 8-1: config 4 interface 4 altsetting 2 has a duplicate endpoint with address 0x4, skipping
[ 1229.459215][ T5820] usb 8-1: config 4 interface 4 altsetting 2 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1229.459254][ T5820] usb 8-1: config 4 interface 105 altsetting 7 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1229.459268][ T5820] usb 8-1: config 4 interface 105 altsetting 7 has a duplicate endpoint with address 0x5, skipping
[ 1229.459281][ T5820] usb 8-1: config 4 interface 105 altsetting 7 has a duplicate endpoint with address 0x4, skipping
[ 1229.459295][ T5820] usb 8-1: config 4 interface 105 altsetting 7 endpoint 0xD has invalid maxpacket 1056, setting to 64
[ 1229.459310][ T5820] usb 8-1: config 4 interface 105 altsetting 7 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1229.459323][ T5820] usb 8-1: config 4 interface 105 altsetting 7 bulk endpoint 0x7 has invalid maxpacket 0
[ 1229.459336][ T5820] usb 8-1: config 4 interface 105 altsetting 7 has a duplicate endpoint with address 0xD, skipping
[ 1229.459349][ T5820] usb 8-1: config 4 interface 105 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[ 1229.459362][ T5820] usb 8-1: config 4 interface 105 altsetting 7 has a duplicate endpoint with address 0x1, skipping
[ 1229.459374][ T5820] usb 8-1: config 4 interface 105 altsetting 7 endpoint 0xB has an invalid bInterval 128, changing to 7
[ 1229.459389][ T5820] usb 8-1: config 4 interface 105 altsetting 7 has a duplicate endpoint with address 0xB, skipping
[ 1229.459401][ T5820] usb 8-1: config 4 interface 122 has no altsetting 0
[ 1229.459412][ T5820] usb 8-1: config 4 interface 4 has no altsetting 0
[ 1229.459422][ T5820] usb 8-1: config 4 interface 105 has no altsetting 0
[ 1229.460358][   T30] audit: type=1400 audit(1742986102.331:6725): avc:  denied  { bind } for  pid=27190 comm="syz.4.5986" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1229.460791][ T5820] usb 8-1: New USB device found, idVendor=0fd9, idProduct=003f, bcdDevice=5e.f7
[ 1229.460807][ T5820] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1229.460823][ T5820] usb 8-1: Product: syz
[ 1229.460832][ T5820] usb 8-1: Manufacturer: syz
[ 1229.460842][ T5820] usb 8-1: SerialNumber: syz
[ 1229.562507][   T30] audit: type=1400 audit(1742986102.491:6726): avc:  denied  { read } for  pid=27203 comm="syz.5.5988" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1229.562649][   T30] audit: type=1400 audit(1742986102.491:6727): avc:  denied  { open } for  pid=27203 comm="syz.5.5988" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1229.563769][   T30] audit: type=1400 audit(1742986102.491:6728): avc:  denied  { setopt } for  pid=27203 comm="syz.5.5988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1229.564928][   T30] audit: type=1400 audit(1742986102.491:6729): avc:  denied  { bind } for  pid=27203 comm="syz.5.5988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1229.569244][   T30] audit: type=1400 audit(1742986102.491:6730): avc:  denied  { ioctl } for  pid=27203 comm="syz.5.5988" path="/dev/nvram" dev="devtmpfs" ino=623 ioctlcmd=0x8905 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[ 1229.678057][   T30] audit: type=1400 audit(1742986102.601:6731): avc:  denied  { bind } for  pid=27170 comm="syz.7.5984" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 1229.683908][ T5820] dvb-usb: found a 'Elgato EyeTV DTT rev. 2' in cold state, will try to load a firmware
[ 1229.785983][ T5820] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1229.791674][ T5820] dib0700: firmware download failed at 7 with -71
[ 1229.804367][ T5820] dvb-usb: found a 'Elgato EyeTV DTT rev. 2' in cold state, will try to load a firmware
[ 1229.804773][ T5820] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1229.805018][ T5820] dib0700: firmware download failed at 7 with -71
[ 1229.808401][ T5820] dvb-usb: found a 'Elgato EyeTV DTT rev. 2' in cold state, will try to load a firmware
[ 1229.808774][ T5820] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1229.811408][ T5820] dib0700: firmware download failed at 7 with -71
[ 1229.820670][ T5820] usb 8-1: USB disconnect, device number 113
[ 1229.913542][T27222] ALSA: mixer_oss: invalid OSS volume 'u'
[ 1230.149096][T11873] usb 4-1: new full-speed USB device number 102 using dummy_hcd
[ 1230.279103][T11873] usb 4-1: device descriptor read/64, error -71
[ 1230.290414][T27229] FAULT_INJECTION: forcing a failure.
[ 1230.290414][T27229] name failslab, interval 1, probability 0, space 0, times 0
[ 1230.290434][T27229] CPU: 0 UID: 0 PID: 27229 Comm: syz.7.5990 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1230.290451][T27229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1230.290460][T27229] Call Trace:
[ 1230.290465][T27229]  <TASK>
[ 1230.290472][T27229]  dump_stack_lvl+0x16c/0x1f0
[ 1230.290497][T27229]  should_fail_ex+0x512/0x640
[ 1230.290516][T27229]  should_failslab+0xc2/0x120
[ 1230.290532][T27229]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1230.290544][T27229]  ? skb_clone+0x190/0x3f0
[ 1230.290560][T27229]  skb_clone+0x190/0x3f0
[ 1230.290574][T27229]  netlink_deliver_tap+0xabd/0xd30
[ 1230.290588][T27229]  netlink_unicast+0x5df/0x7f0
[ 1230.290602][T27229]  ? __pfx_netlink_unicast+0x10/0x10
[ 1230.290618][T27229]  netlink_sendmsg+0x8da/0xd70
[ 1230.290633][T27229]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1230.290649][T27229]  ____sys_sendmsg+0xa8d/0xc60
[ 1230.290659][T27229]  ? copy_msghdr_from_user+0x10a/0x160
[ 1230.290674][T27229]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1230.290688][T27229]  ___sys_sendmsg+0x134/0x1d0
[ 1230.290702][T27229]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1230.290727][T27229]  __sys_sendmsg+0x16d/0x220
[ 1230.290741][T27229]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1230.290757][T27229]  ? rcu_is_watching+0x12/0xc0
[ 1230.290772][T27229]  do_syscall_64+0xcd/0x260
[ 1230.290785][T27229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1230.290796][T27229] RIP: 0033:0x7f62d6d8d169
[ 1230.290805][T27229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1230.290815][T27229] RSP: 002b:00007f62d7be5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1230.290825][T27229] RAX: ffffffffffffffda RBX: 00007f62d6fa5fa0 RCX: 00007f62d6d8d169
[ 1230.290832][T27229] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1230.290839][T27229] RBP: 00007f62d7be5090 R08: 0000000000000000 R09: 0000000000000000
[ 1230.290845][T27229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1230.290852][T27229] R13: 0000000000000000 R14: 00007f62d6fa5fa0 R15: 00007ffc8db35d58
[ 1230.290864][T27229]  </TASK>
[ 1230.533395][T11873] usb 4-1: new full-speed USB device number 103 using dummy_hcd
[ 1230.680890][T11873] usb 4-1: device descriptor read/64, error -71
[ 1230.792625][T11873] usb usb4-port1: attempt power cycle
[ 1230.843823][   T47] usb 8-1: new high-speed USB device number 114 using dummy_hcd
[ 1230.973851][T27197] tty tty33: ldisc open failed (-12), clearing slot 32
[ 1230.999137][   T47] usb 8-1: Using ep0 maxpacket: 32
[ 1231.032364][   T47] usb 8-1: config 0 has an invalid interface number: 51 but max is 0
[ 1231.041235][   T47] usb 8-1: config 0 has no interface number 0
[ 1231.054105][   T47] usb 8-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1231.082792][   T47] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1231.101651][   T47] usb 8-1: Product: syz
[ 1231.116034][   T47] usb 8-1: Manufacturer: syz
[ 1231.120764][   T47] usb 8-1: SerialNumber: syz
[ 1231.129080][T11873] usb 4-1: new full-speed USB device number 104 using dummy_hcd
[ 1231.137384][   T47] usb 8-1: config 0 descriptor??
[ 1231.148974][   T47] quatech2 8-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1231.175990][T27251] xt_CT: No such helper "syz1"
[ 1231.190280][T11873] usb 4-1: device descriptor read/8, error -71
[ 1231.206918][T17882] Bluetooth: (null): Invalid header checksum
[ 1231.219350][T17882] Bluetooth: (null): Invalid header checksum
[ 1231.371097][   T47] usb 8-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1231.398558][   T47] usb 8-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1231.408848][T27277] FAULT_INJECTION: forcing a failure.
[ 1231.408848][T27277] name failslab, interval 1, probability 0, space 0, times 0
[ 1231.421540][T27277] CPU: 0 UID: 0 PID: 27277 Comm: syz.5.6003 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1231.421564][T27277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1231.421575][T27277] Call Trace:
[ 1231.421581][T27277]  <TASK>
[ 1231.421588][T27277]  dump_stack_lvl+0x16c/0x1f0
[ 1231.421614][T27277]  should_fail_ex+0x512/0x640
[ 1231.421647][T27277]  ? __kernel_text_address+0xd/0x40
[ 1231.421667][T27277]  should_failslab+0xc2/0x120
[ 1231.421687][T27277]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1231.421705][T27277]  ? skb_clone+0x190/0x3f0
[ 1231.421729][T27277]  skb_clone+0x190/0x3f0
[ 1231.421751][T27277]  dev_queue_xmit_nit+0x38f/0xbc0
[ 1231.421774][T27277]  ? netif_skb_features+0x3b0/0xd50
[ 1231.421792][T27277]  dev_hard_start_xmit+0x26c/0x790
[ 1231.421813][T27277]  __dev_queue_xmit+0x7eb/0x43e0
[ 1231.421839][T27277]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1231.421876][T27277]  ? __skb_clone+0x570/0x760
[ 1231.421899][T27277]  netlink_deliver_tap+0xa87/0xd30
[ 1231.421921][T27277]  netlink_unicast+0x5df/0x7f0
[ 1231.421944][T27277]  ? __pfx_netlink_unicast+0x10/0x10
[ 1231.421969][T27277]  netlink_sendmsg+0x8da/0xd70
[ 1231.421992][T27277]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1231.422026][T27277]  ____sys_sendmsg+0xa8d/0xc60
[ 1231.422043][T27277]  ? copy_msghdr_from_user+0x10a/0x160
[ 1231.422063][T27277]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1231.422088][T27277]  ___sys_sendmsg+0x134/0x1d0
[ 1231.422111][T27277]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1231.422156][T27277]  __sys_sendmsg+0x16d/0x220
[ 1231.422177][T27277]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1231.422203][T27277]  ? rcu_is_watching+0x12/0xc0
[ 1231.422227][T27277]  do_syscall_64+0xcd/0x260
[ 1231.422249][T27277]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1231.422266][T27277] RIP: 0033:0x7fa59ef8d169
[ 1231.422279][T27277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1231.422296][T27277] RSP: 002b:00007fa59fe42038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1231.422313][T27277] RAX: ffffffffffffffda RBX: 00007fa59f1a5fa0 RCX: 00007fa59ef8d169
[ 1231.422323][T27277] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1231.422333][T27277] RBP: 00007fa59fe42090 R08: 0000000000000000 R09: 0000000000000000
[ 1231.422343][T27277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1231.422352][T27277] R13: 0000000000000000 R14: 00007fa59f1a5fa0 R15: 00007ffe19c4bca8
[ 1231.422372][T27277]  </TASK>
[ 1231.429437][T11873] usb 4-1: new full-speed USB device number 105 using dummy_hcd
[ 1231.574884][T27240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1231.639029][T11873] usb 4-1: device descriptor read/8, error -71
[ 1231.663536][T27240] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1231.703675][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1231.835652][T27298] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1231.882089][T11873] usb usb4-port1: unable to enumerate USB device
[ 1232.093896][    C1] usb 8-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1232.106287][T11873] usb 8-1: USB disconnect, device number 114
[ 1232.178196][T11873] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1232.256262][T11873] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1232.311054][T11873] quatech2 8-1:0.51: device disconnected
[ 1232.553598][T27322] ubi: mtd0 is already attached to ubi31
[ 1233.155827][T27343] xt_CT: No such helper "syz1"
[ 1233.179190][ T5902] usb 8-1: new high-speed USB device number 115 using dummy_hcd
[ 1233.190975][   T54] Bluetooth: (null): Invalid header checksum
[ 1233.200312][   T54] Bluetooth: (null): Invalid header checksum
[ 1233.349234][ T5902] usb 8-1: Using ep0 maxpacket: 32
[ 1233.460721][ T5820] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1233.475147][ T5902] usb 8-1: config 0 interface 0 altsetting 74 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1233.486194][T11873] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 1233.572728][T27364] ubi: mtd0 is already attached to ubi31
[ 1233.580575][ T5902] usb 8-1: config 0 interface 0 altsetting 74 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1233.590885][ T5902] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1233.597507][ T5902] usb 8-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[ 1233.606638][ T5902] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1233.617239][ T5902] usb 8-1: config 0 descriptor??
[ 1233.650385][ T5820] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1233.662558][ T5820] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1233.672474][ T5820] usb 7-1: config 0 descriptor??
[ 1233.683076][ T5820] cp210x 7-1:0.0: cp210x converter detected
[ 1233.754097][T11873] usb 6-1: config 0 interface 0 altsetting 63 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1233.768456][T11873] usb 6-1: config 0 interface 0 altsetting 63 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1233.781012][T11873] usb 6-1: config 0 interface 0 altsetting 63 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 1233.794522][T11873] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1233.801945][T11873] usb 6-1: New USB device found, idVendor=056a, idProduct=0018, bcdDevice= 0.00
[ 1233.811219][T11873] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1233.822171][T27370] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6019'.
[ 1233.836052][T11873] usb 6-1: config 0 descriptor??
[ 1234.146036][ T5902] petalynx 0003:18B1:0037.0041: hidraw0: USB HID v0.00 Device [HID 18b1:0037] on usb-dummy_hcd.7-1/input0
[ 1234.506388][ T5820] cp210x 7-1:0.0: failed to get vendor val 0x0010 size 3: -32
[ 1234.519776][ T5820] usb 7-1: cp210x converter now attached to ttyUSB0
[ 1234.540087][ T5820] usb 8-1: USB disconnect, device number 115
[ 1234.618022][   T30] kauditd_printk_skb: 23 callbacks suppressed
[ 1234.618033][   T30] audit: type=1400 audit(1742986107.541:6755): avc:  denied  { read write } for  pid=27406 comm="syz.7.6022" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1234.650110][   T30] audit: type=1400 audit(1742986107.571:6756): avc:  denied  { open } for  pid=27406 comm="syz.7.6022" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1234.674592][   T30] audit: type=1400 audit(1742986107.571:6757): avc:  denied  { mount } for  pid=27406 comm="syz.7.6022" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 1234.722613][    T9] usb 7-1: USB disconnect, device number 11
[ 1234.741510][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1234.755136][T11873] wacom 0003:056A:0018.0042: Unknown device_type for 'HID 056a:0018'. Assuming pen.
[ 1234.765861][    T9] cp210x 7-1:0.0: device disconnected
[ 1234.773342][T11873] wacom 0003:056A:0018.0042: hidraw0: USB HID v0.03 Device [HID 056a:0018] on usb-dummy_hcd.5-1/input0
[ 1234.786657][T11873] input: Wacom BambooFun 6x8 Pen as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:056A:0018.0042/input/input128
[ 1234.802271][   T30] audit: type=1400 audit(1742986107.731:6758): avc:  denied  { read } for  pid=5179 comm="acpid" name="mouse1" dev="devtmpfs" ino=4006 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1234.826547][T27436] netlink: 24 bytes leftover after parsing attributes in process `syz.4.6023'.
[ 1234.835949][   T30] audit: type=1400 audit(1742986107.731:6759): avc:  denied  { open } for  pid=5179 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=4006 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1234.881664][   T30] audit: type=1400 audit(1742986107.741:6760): avc:  denied  { shutdown } for  pid=27406 comm="syz.7.6022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1234.906788][T27436] bond2: entered promiscuous mode
[ 1234.919217][T27436] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1234.934787][   T30] audit: type=1400 audit(1742986107.741:6761): avc:  denied  { read } for  pid=27406 comm="syz.7.6022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1235.037897][   T30] audit: type=1400 audit(1742986107.791:6762): avc:  denied  { ioctl } for  pid=5179 comm="acpid" path="/dev/input/mouse1" dev="devtmpfs" ino=4006 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 1235.064896][ T5820] usb 4-1: new full-speed USB device number 106 using dummy_hcd
[ 1235.109471][   T30] audit: type=1400 audit(1742986107.791:6763): avc:  denied  { create } for  pid=27406 comm="syz.7.6022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1235.167798][   T30] audit: type=1400 audit(1742986107.791:6764): avc:  denied  { connect } for  pid=27406 comm="syz.7.6022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1235.214522][  T975] usb 6-1: USB disconnect, device number 17
[ 1235.262192][ T5820] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid maxpacket 512, setting to 64
[ 1235.273548][ T5820] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1235.280272][ T5820] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2dbe, bcdDevice= 0.00
[ 1235.289563][ T5820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1235.309986][ T5820] usb 4-1: config 0 descriptor??
[ 1235.317419][T27425] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1235.345870][T27503] loop6: detected capacity change from 0 to 8
[ 1235.355608][    C0] blk_print_req_error: 11 callbacks suppressed
[ 1235.355625][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1235.371007][    C0] buffer_io_error: 9 callbacks suppressed
[ 1235.371019][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1235.385912][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1235.395080][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1235.404785][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1235.413934][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1235.422012][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1235.431144][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1235.439234][    T9] usb 8-1: new high-speed USB device number 116 using dummy_hcd
[ 1235.439871][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1235.456878][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1235.466067][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1235.474454][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1235.483591][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1235.491628][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1235.500832][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1235.508856][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1235.518078][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1235.526067][T27503] ldm_validate_partition_table(): Disk read failed.
[ 1235.533071][T27507] IPVS: set_ctl: invalid protocol: 0 100.1.1.1:20000
[ 1235.534116][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1235.548893][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1235.556900][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1235.566544][T27503] Dev loop6: unable to read RDB block 0
[ 1235.573083][T27503]  loop6: unable to read partition table
[ 1235.581766][T27503] loop6: partition table beyond EOD, truncated
[ 1235.588665][T27503] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1235.589120][    T9] usb 8-1: Using ep0 maxpacket: 32
[ 1235.603958][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1235.615050][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1235.625033][    T9] usb 8-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1235.634110][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1235.644759][    T9] usb 8-1: config 0 descriptor??
[ 1235.651481][    T9] hub 8-1:0.0: USB hub found
[ 1236.057198][    T9] hub 8-1:0.0: config failed, hub doesn't have any ports! (err -19)
[ 1236.089821][ T5820] usbhid 4-1:0.0: can't add hid device: -71
[ 1236.103178][ T5820] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1236.119335][ T5820] usb 4-1: USB disconnect, device number 106
[ 1236.124708][T27519] kernel read not supported for file /eth0 (pid: 27519 comm: syz.5.6031)
[ 1236.135343][T27519] 9pnet_fd: Insufficient options for proto=fd
[ 1237.081903][    T9] usbhid 8-1:0.0: can't add hid device: -71
[ 1237.087900][    T9] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[ 1237.510338][    T9] usb 8-1: USB disconnect, device number 116
[ 1237.596541][T27553] netlink: 188 bytes leftover after parsing attributes in process `syz.3.6038'.
[ 1238.065831][T27562] ubi: mtd0 is already attached to ubi31
[ 1238.124249][T27564] 9pnet_fd: p9_fd_create_tcp (27564): problem binding to privport
[ 1238.162778][T27566] FAULT_INJECTION: forcing a failure.
[ 1238.162778][T27566] name failslab, interval 1, probability 0, space 0, times 0
[ 1238.177348][T27566] CPU: 0 UID: 0 PID: 27566 Comm: syz.6.6042 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1238.177365][T27566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1238.177371][T27566] Call Trace:
[ 1238.177375][T27566]  <TASK>
[ 1238.177380][T27566]  dump_stack_lvl+0x16c/0x1f0
[ 1238.177396][T27566]  should_fail_ex+0x512/0x640
[ 1238.177407][T27566]  ? __kmalloc_noprof+0xbf/0x510
[ 1238.177418][T27566]  ? nla_strdup+0xc6/0x150
[ 1238.177428][T27566]  should_failslab+0xc2/0x120
[ 1238.177441][T27566]  __kmalloc_noprof+0xd2/0x510
[ 1238.177453][T27566]  nla_strdup+0xc6/0x150
[ 1238.177465][T27566]  nf_tables_newtable+0xdeb/0x1b40
[ 1238.177482][T27566]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1238.177496][T27566]  ? __pfx_nf_tables_newtable+0x10/0x10
[ 1238.177513][T27566]  ? __nla_parse+0x40/0x60
[ 1238.177527][T27566]  nfnetlink_rcv_batch+0x1908/0x2350
[ 1238.177546][T27566]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[ 1238.177561][T27566]  ? find_held_lock+0x2b/0x80
[ 1238.177579][T27566]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 1238.177602][T27566]  ? __nla_parse+0x40/0x60
[ 1238.177616][T27566]  nfnetlink_rcv+0x3c1/0x430
[ 1238.177629][T27566]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1238.177646][T27566]  netlink_unicast+0x53a/0x7f0
[ 1238.177660][T27566]  ? __pfx_netlink_unicast+0x10/0x10
[ 1238.177676][T27566]  netlink_sendmsg+0x8da/0xd70
[ 1238.177694][T27566]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1238.177711][T27566]  ____sys_sendmsg+0xa8d/0xc60
[ 1238.177721][T27566]  ? copy_msghdr_from_user+0x10a/0x160
[ 1238.177734][T27566]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1238.177748][T27566]  ___sys_sendmsg+0x134/0x1d0
[ 1238.177762][T27566]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1238.177787][T27566]  __sys_sendmsg+0x16d/0x220
[ 1238.177801][T27566]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1238.177818][T27566]  ? rcu_is_watching+0x12/0xc0
[ 1238.177832][T27566]  do_syscall_64+0xcd/0x260
[ 1238.177846][T27566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1238.177857][T27566] RIP: 0033:0x7f60b4d8d169
[ 1238.177866][T27566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1238.177877][T27566] RSP: 002b:00007f60b5c53038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1238.177887][T27566] RAX: ffffffffffffffda RBX: 00007f60b4fa5fa0 RCX: 00007f60b4d8d169
[ 1238.177894][T27566] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1238.177900][T27566] RBP: 00007f60b5c53090 R08: 0000000000000000 R09: 0000000000000000
[ 1238.177907][T27566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1238.177913][T27566] R13: 0000000000000000 R14: 00007f60b4fa5fa0 R15: 00007ffe0a33cb18
[ 1238.177925][T27566]  </TASK>
[ 1238.290133][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[ 1238.300240][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[ 1238.508010][T27568] 9pnet_fd: Insufficient options for proto=fd
[ 1238.643139][T27572] netlink: 24 bytes leftover after parsing attributes in process `syz.3.6045'.
[ 1238.832019][T27585] FAULT_INJECTION: forcing a failure.
[ 1238.832019][T27585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1238.919611][T27585] CPU: 1 UID: 0 PID: 27585 Comm: syz.6.6048 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1238.919639][T27585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1238.919649][T27585] Call Trace:
[ 1238.919655][T27585]  <TASK>
[ 1238.919662][T27585]  dump_stack_lvl+0x16c/0x1f0
[ 1238.919687][T27585]  should_fail_ex+0x512/0x640
[ 1238.919706][T27585]  _copy_from_user+0x2e/0xd0
[ 1238.919724][T27585]  copy_msghdr_from_user+0x98/0x160
[ 1238.919746][T27585]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1238.919770][T27585]  ? kfree+0x252/0x4d0
[ 1238.919792][T27585]  ? __pfx___schedule+0x10/0x10
[ 1238.919808][T27585]  ? __lock_acquire+0x5ca/0x1ba0
[ 1238.919833][T27585]  ___sys_recvmsg+0xdb/0x1a0
[ 1238.919854][T27585]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1238.919883][T27585]  ? __pfx___might_resched+0x10/0x10
[ 1238.919907][T27585]  do_recvmmsg+0x2fe/0x740
[ 1238.919929][T27585]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1238.919953][T27585]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1238.919984][T27585]  ? __fget_files+0x20e/0x3c0
[ 1238.920004][T27585]  __x64_sys_recvmmsg+0x22a/0x280
[ 1238.920027][T27585]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1238.920048][T27585]  ? rcu_is_watching+0x12/0xc0
[ 1238.920070][T27585]  do_syscall_64+0xcd/0x260
[ 1238.920092][T27585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1238.920108][T27585] RIP: 0033:0x7f60b4d8d169
[ 1238.920122][T27585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1238.920139][T27585] RSP: 002b:00007f60b5c53038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1238.920156][T27585] RAX: ffffffffffffffda RBX: 00007f60b4fa5fa0 RCX: 00007f60b4d8d169
[ 1238.920168][T27585] RDX: 0000000003ffffbd RSI: 0000200000001d00 RDI: 0000000000000004
[ 1238.920178][T27585] RBP: 00007f60b5c53090 R08: 0000000000000000 R09: 0000000000000000
[ 1238.920188][T27585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1238.920198][T27585] R13: 0000000000000000 R14: 00007f60b4fa5fa0 R15: 00007ffe0a33cb18
[ 1238.920218][T27585]  </TASK>
[ 1239.130685][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1239.504672][T27598] netlink: 188 bytes leftover after parsing attributes in process `syz.4.6051'.
[ 1239.784100][T27600] FAULT_INJECTION: forcing a failure.
[ 1239.784100][T27600] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1239.829241][T27600] CPU: 1 UID: 0 PID: 27600 Comm: syz.3.6052 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1239.829269][T27600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1239.829279][T27600] Call Trace:
[ 1239.829285][T27600]  <TASK>
[ 1239.829292][T27600]  dump_stack_lvl+0x16c/0x1f0
[ 1239.829316][T27600]  should_fail_ex+0x512/0x640
[ 1239.829336][T27600]  copy_fpstate_to_sigframe+0x878/0xb10
[ 1239.829365][T27600]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[ 1239.829389][T27600]  ? __sigqueue_free+0xba/0x2a0
[ 1239.829415][T27600]  ? __sigqueue_free+0xba/0x2a0
[ 1239.829439][T27600]  ? collect_signal+0x263/0x540
[ 1239.829465][T27600]  get_sigframe+0x4a8/0x9c0
[ 1239.829489][T27600]  ? __pfx_get_sigframe+0x10/0x10
[ 1239.829512][T27600]  ? rcu_is_watching+0x12/0xc0
[ 1239.829529][T27600]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1239.829546][T27600]  ? siginfo_layout+0x1d2/0x290
[ 1239.829564][T27600]  x64_setup_rt_frame+0x12e/0xcf0
[ 1239.829590][T27600]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[ 1239.829617][T27600]  arch_do_signal_or_restart+0x5e6/0x7d0
[ 1239.829640][T27600]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1239.829661][T27600]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1239.829681][T27600]  ? __do_sys_rt_sigreturn+0x16b/0x230
[ 1239.829704][T27600]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[ 1239.829730][T27600]  syscall_exit_to_user_mode+0x150/0x2a0
[ 1239.829750][T27600]  do_syscall_64+0xda/0x260
[ 1239.829771][T27600]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1239.829787][T27600] RIP: 0033:0x7fea10f8d167
[ 1239.829801][T27600] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[ 1239.829817][T27600] RSP: 002b:00007fea11eb4038 EFLAGS: 00000246
[ 1239.829832][T27600] RAX: 0000000000000010 RBX: 00007fea111a5fa0 RCX: 00007fea10f8d169
[ 1239.829843][T27600] RDX: 0000200000000140 RSI: 0000000000002285 RDI: 0000000000000005
[ 1239.829853][T27600] RBP: 00007fea11eb4090 R08: 0000000000000000 R09: 0000000000000000
[ 1239.829863][T27600] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1239.829874][T27600] R13: 0000000000000000 R14: 00007fea111a5fa0 R15: 00007ffe904c2778
[ 1239.829893][T27600]  </TASK>
[ 1240.053884][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1240.133231][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1240.133257][   T30] audit: type=1400 audit(1742986113.061:6781): avc:  denied  { write } for  pid=27605 comm="syz.6.6054" name="uinput" dev="devtmpfs" ino=920 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1240.408251][T27610] 9pnet_fd: Insufficient options for proto=fd
[ 1240.473118][   T30] audit: type=1400 audit(1742986113.071:6782): avc:  denied  { ioctl } for  pid=27605 comm="syz.6.6054" path="/dev/uinput" dev="devtmpfs" ino=920 ioctlcmd=0x5501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[ 1240.516604][T27619] xt_CT: No such helper "syz1"
[ 1240.551377][T27607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1240.569410][T27607] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1240.585421][   T30] audit: type=1400 audit(1742986113.361:6783): avc:  denied  { bind } for  pid=27605 comm="syz.6.6054" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1240.624939][   T30] audit: type=1400 audit(1742986113.361:6784): avc:  denied  { name_bind } for  pid=27605 comm="syz.6.6054" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[ 1240.668101][   T30] audit: type=1400 audit(1742986113.361:6785): avc:  denied  { node_bind } for  pid=27605 comm="syz.6.6054" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[ 1240.693045][   T30] audit: type=1400 audit(1742986113.361:6786): avc:  denied  { write } for  pid=27605 comm="syz.6.6054" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1240.721106][   T30] audit: type=1400 audit(1742986113.361:6787): avc:  denied  { setattr } for  pid=27611 comm="syz.5.6057" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[ 1240.952661][   T30] audit: type=1400 audit(1742986113.521:6788): avc:  denied  { connect } for  pid=27605 comm="syz.6.6054" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1241.072433][T27663] FAULT_INJECTION: forcing a failure.
[ 1241.072433][T27663] name failslab, interval 1, probability 0, space 0, times 0
[ 1241.088290][T27663] CPU: 0 UID: 0 PID: 27663 Comm: syz.3.6063 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1241.088314][T27663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1241.088325][T27663] Call Trace:
[ 1241.088331][T27663]  <TASK>
[ 1241.088337][T27663]  dump_stack_lvl+0x16c/0x1f0
[ 1241.088363][T27663]  should_fail_ex+0x512/0x640
[ 1241.088379][T27663]  ? fs_reclaim_acquire+0xae/0x150
[ 1241.088404][T27663]  should_failslab+0xc2/0x120
[ 1241.088423][T27663]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1241.088446][T27663]  ? netfs_alloc_request+0x825/0xbc0
[ 1241.088471][T27663]  ? netfs_folioq_alloc+0x9e/0x3e0
[ 1241.088488][T27663]  ? do_raw_spin_unlock+0x172/0x230
[ 1241.088506][T27663]  netfs_folioq_alloc+0x9e/0x3e0
[ 1241.088524][T27663]  rolling_buffer_init+0x26/0xb0
[ 1241.088542][T27663]  netfs_create_write_req+0x10a/0x880
[ 1241.088563][T27663]  netfs_unbuffered_write_iter_locked+0x12a/0xd40
[ 1241.088593][T27663]  netfs_unbuffered_write_iter+0x414/0x6d0
[ 1241.088621][T27663]  v9fs_file_write_iter+0xbf/0x100
[ 1241.088646][T27663]  vfs_write+0x5ba/0x1180
[ 1241.088671][T27663]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[ 1241.088697][T27663]  ? __pfx___mutex_lock+0x10/0x10
[ 1241.088716][T27663]  ? __pfx_vfs_write+0x10/0x10
[ 1241.088749][T27663]  ksys_write+0x12a/0x240
[ 1241.088771][T27663]  ? __pfx_ksys_write+0x10/0x10
[ 1241.088792][T27663]  ? rcu_is_watching+0x12/0xc0
[ 1241.088813][T27663]  do_syscall_64+0xcd/0x260
[ 1241.088833][T27663]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1241.088856][T27663] RIP: 0033:0x7fea10f8d169
[ 1241.088869][T27663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1241.088885][T27663] RSP: 002b:00007fea11eb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1241.088900][T27663] RAX: ffffffffffffffda RBX: 00007fea111a5fa0 RCX: 00007fea10f8d169
[ 1241.088911][T27663] RDX: 0000000000001006 RSI: 0000200000000540 RDI: 0000000000000007
[ 1241.088920][T27663] RBP: 00007fea11eb4090 R08: 0000000000000000 R09: 0000000000000000
[ 1241.088930][T27663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1241.088940][T27663] R13: 0000000000000000 R14: 00007fea111a5fa0 R15: 00007ffe904c2778
[ 1241.088961][T27663]  </TASK>
[ 1241.373310][   T30] audit: type=1400 audit(1742986114.301:6789): avc:  denied  { ioctl } for  pid=27664 comm="syz.4.6064" path="socket:[102619]" dev="sockfs" ino=102619 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[ 1241.496135][T27684] 9pnet_fd: Insufficient options for proto=fd
[ 1241.586944][   T30] audit: type=1400 audit(1742986114.511:6790): avc:  denied  { ioctl } for  pid=27692 comm="syz.3.6073" path="socket:[102654]" dev="sockfs" ino=102654 ioctlcmd=0x48ca scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1241.619486][    T9] usb 8-1: new high-speed USB device number 117 using dummy_hcd
[ 1241.634656][T27694] IPVS: set_ctl: invalid protocol: 92 224.0.0.2:20000
[ 1241.634776][T27691] xt_CT: No such helper "syz1"
[ 1241.722601][T27702] FAULT_INJECTION: forcing a failure.
[ 1241.722601][T27702] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 1241.735968][T27702] CPU: 0 UID: 0 PID: 27702 Comm: syz.6.6074 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1241.735987][T27702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1241.735994][T27702] Call Trace:
[ 1241.735999][T27702]  <TASK>
[ 1241.736004][T27702]  dump_stack_lvl+0x16c/0x1f0
[ 1241.736021][T27702]  should_fail_ex+0x512/0x640
[ 1241.736034][T27702]  should_fail_alloc_page+0xe7/0x130
[ 1241.736054][T27702]  prepare_alloc_pages.constprop.0+0x172/0x570
[ 1241.736080][T27702]  __alloc_frozen_pages_noprof+0x18f/0x24d0
[ 1241.736102][T27702]  ? __lock_acquire+0x5ca/0x1ba0
[ 1241.736126][T27702]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1241.736141][T27702]  ? is_bpf_text_address+0x8a/0x1a0
[ 1241.736157][T27702]  ? bpf_ksym_find+0x127/0x1c0
[ 1241.736166][T27702]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1241.736179][T27702]  ? look_up_lock_class+0x59/0x150
[ 1241.736191][T27702]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1241.736208][T27702]  ? policy_nodemask+0xea/0x4e0
[ 1241.736221][T27702]  alloc_pages_mpol+0x1fb/0x540
[ 1241.736232][T27702]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1241.736244][T27702]  ? __lock_acquire+0xaa4/0x1ba0
[ 1241.736260][T27702]  folio_alloc_mpol_noprof+0x36/0x2f0
[ 1241.736274][T27702]  vma_alloc_folio_noprof+0xed/0x1e0
[ 1241.736288][T27702]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1241.736301][T27702]  ? find_held_lock+0x2b/0x80
[ 1241.736312][T27702]  ? do_wp_page+0x11a7/0x4820
[ 1241.736328][T27702]  do_wp_page+0x142c/0x4820
[ 1241.736345][T27702]  ? __pfx_do_wp_page+0x10/0x10
[ 1241.736361][T27702]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1241.736370][T27702]  ? ___pte_offset_map+0x1bc/0x540
[ 1241.736385][T27702]  __handle_mm_fault+0x1ae0/0x2a50
[ 1241.736405][T27702]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1241.736427][T27702]  ? find_vma+0xbf/0x140
[ 1241.736440][T27702]  ? __pfx_find_vma+0x10/0x10
[ 1241.736455][T27702]  handle_mm_fault+0x3fa/0xaa0
[ 1241.736466][T27702]  do_user_addr_fault+0x7a9/0x1430
[ 1241.736480][T27702]  exc_page_fault+0x5c/0xc0
[ 1241.736492][T27702]  asm_exc_page_fault+0x26/0x30
[ 1241.736502][T27702] RIP: 0010:__put_user_nocheck_4+0x3/0x10
[ 1241.736516][T27702] Code: d9 0f 01 cb 89 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[ 1241.736527][T27702] RSP: 0018:ffffc9000447f9f8 EFLAGS: 00050293
[ 1241.736537][T27702] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000200000002030
[ 1241.736543][T27702] RDX: ffff888029784880 RSI: ffffffff892df7a3 RDI: 0000000000000005
[ 1241.736555][T27702] RBP: ffffc9000447fd98 R08: 0000000000000005 R09: 0000000000000000
[ 1241.736561][T27702] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 1241.736567][T27702] R13: 0000200000002000 R14: ffffc9000447fddc R15: 0000000000000000
[ 1241.736577][T27702]  ? ____sys_recvmsg+0x2e3/0x6b0
[ 1241.736596][T27702]  ____sys_recvmsg+0x2ee/0x6b0
[ 1241.736614][T27702]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1241.736634][T27702]  ? kfree+0x252/0x4d0
[ 1241.736648][T27702]  ? __lock_acquire+0x5ca/0x1ba0
[ 1241.736664][T27702]  ___sys_recvmsg+0x114/0x1a0
[ 1241.736678][T27702]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1241.736696][T27702]  ? __pfx___might_resched+0x10/0x10
[ 1241.736712][T27702]  do_recvmmsg+0x2fe/0x740
[ 1241.736727][T27702]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1241.736742][T27702]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1241.736758][T27702]  ? __fget_files+0x20e/0x3c0
[ 1241.736769][T27702]  __x64_sys_recvmmsg+0x22a/0x280
[ 1241.736785][T27702]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1241.736804][T27702]  do_syscall_64+0xcd/0x260
[ 1241.736817][T27702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1241.736827][T27702] RIP: 0033:0x7f60b4d8d169
[ 1241.736835][T27702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1241.736845][T27702] RSP: 002b:00007f60b5c53038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1241.736854][T27702] RAX: ffffffffffffffda RBX: 00007f60b4fa5fa0 RCX: 00007f60b4d8d169
[ 1241.736861][T27702] RDX: 0000000003ffffbd RSI: 0000200000001d00 RDI: 0000000000000004
[ 1241.736867][T27702] RBP: 00007f60b5c53090 R08: 0000000000000000 R09: 0000000000000000
[ 1241.736873][T27702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1241.736879][T27702] R13: 0000000000000000 R14: 00007f60b4fa5fa0 R15: 00007ffe0a33cb18
[ 1241.736890][T27702]  </TASK>
[ 1242.239310][    T9] usb 8-1: Using ep0 maxpacket: 16
[ 1242.298737][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 77, changing to 10
[ 1242.311885][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 16384, setting to 1024
[ 1242.328614][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1242.342745][ T5820] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[ 1242.367670][    T9] usb 8-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[ 1242.377944][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1242.493356][    T9] usb 8-1: config 0 descriptor??
[ 1242.516799][ T5820] usb 4-1: device descriptor read/64, error -71
[ 1242.606676][    T9] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input132
[ 1242.767408][ T5820] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[ 1242.831557][T11873] usb 8-1: USB disconnect, device number 117
[ 1242.939443][ T5820] usb 4-1: device descriptor read/64, error -71
[ 1243.119394][ T5820] usb usb4-port1: attempt power cycle
[ 1243.207728][T27757] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1243.365632][T27757] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1243.780199][ T5820] usb 4-1: new high-speed USB device number 109 using dummy_hcd
[ 1243.868809][T27764] hfs: unable to load iocharset "io#harset"
[ 1243.872469][    T9] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[ 1243.952663][  T975] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[ 1244.008200][T27768] netlink: 44 bytes leftover after parsing attributes in process `syz.6.6085'.
[ 1244.092446][ T5820] usb 4-1: device descriptor read/8, error -71
[ 1244.379148][    T9] usb 6-1: Using ep0 maxpacket: 16
[ 1244.392640][    T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1244.402936][    T9] usb 6-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1244.413114][ T5820] usb 4-1: new high-speed USB device number 110 using dummy_hcd
[ 1244.422901][    T9] usb 6-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 1244.433594][    T9] usb 6-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1244.443578][    T9] usb 6-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 1244.455711][ T5820] usb 4-1: device descriptor read/8, error -71
[ 1244.462010][    T9] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1244.468619][    T9] usb 6-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1244.478206][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1244.490626][    T9] ums-sddr09 6-1:1.0: USB Mass Storage device detected
[ 1244.569344][ T5820] usb usb4-port1: unable to enumerate USB device
[ 1245.588954][   T30] kauditd_printk_skb: 8 callbacks suppressed
[ 1245.588971][   T30] audit: type=1400 audit(1742986118.511:6799): avc:  denied  { write } for  pid=27825 comm="syz.7.6092" name="usbmon3" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1245.622209][T27826] netlink: 40 bytes leftover after parsing attributes in process `syz.7.6092'.
[ 1245.715381][   T30] audit: type=1400 audit(1742986118.551:6800): avc:  denied  { open } for  pid=27825 comm="syz.7.6092" path="/dev/usbmon3" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1245.764523][T27816] IPv6: Can't replace route, no match found
[ 1246.261939][T27796] syz.3.6090 (27796): drop_caches: 2
[ 1246.397155][T27822] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6091'.
[ 1246.750425][T11873] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[ 1246.827700][T27853] ubi: mtd0 is already attached to ubi31
[ 1246.899214][T11873] usb 5-1: Using ep0 maxpacket: 32
[ 1246.912385][T11873] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1246.914950][    T9] ums-sddr09 6-1:1.0: probe with driver ums-sddr09 failed with error -22
[ 1247.086163][T11873] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1247.114067][T11873] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1247.133552][    T9] usb 6-1: USB disconnect, device number 18
[ 1247.217972][T27860] ubi: mtd0 is already attached to ubi31
[ 1247.432724][T11873] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1247.510637][T11873] usb 5-1: config 0 descriptor??
[ 1247.520061][T11873] hub 5-1:0.0: USB hub found
[ 1247.871226][T11873] hub 5-1:0.0: config failed, hub doesn't have any ports! (err -19)
[ 1248.510087][T11873] usbhid 5-1:0.0: can't add hid device: -71
[ 1248.522719][T11873] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1248.650468][T11873] usb 5-1: USB disconnect, device number 57
[ 1248.673104][   T30] audit: type=1400 audit(1742986121.601:6801): avc:  denied  { ioctl } for  pid=27889 comm="syz.5.6106" path="socket:[102856]" dev="sockfs" ino=102856 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1248.673910][T27890] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1249.178622][T27890] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1249.267360][T27890] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1249.277998][T27890] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1249.623308][T27909] FAULT_INJECTION: forcing a failure.
[ 1249.623308][T27909] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1249.636634][T27909] CPU: 1 UID: 0 PID: 27909 Comm: syz.4.6109 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1249.636658][T27909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1249.636668][T27909] Call Trace:
[ 1249.636673][T27909]  <TASK>
[ 1249.636679][T27909]  dump_stack_lvl+0x16c/0x1f0
[ 1249.636705][T27909]  should_fail_ex+0x512/0x640
[ 1249.636722][T27909]  _copy_from_user+0x2e/0xd0
[ 1249.636741][T27909]  restore_sigcontext+0xcb/0x6a0
[ 1249.636763][T27909]  ? __pfx_restore_sigcontext+0x10/0x10
[ 1249.636795][T27909]  ? __pfx_restore_altstack+0x10/0x10
[ 1249.636821][T27909]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1249.636838][T27909]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1249.636858][T27909]  __do_sys_rt_sigreturn+0x1bb/0x230
[ 1249.636880][T27909]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[ 1249.636908][T27909]  do_syscall_64+0xcd/0x260
[ 1249.636930][T27909]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1249.636947][T27909] RIP: 0033:0x7f80f2329359
[ 1249.636960][T27909] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[ 1249.636975][T27909] RSP: 002b:00007f80f3200340 EFLAGS: 00000206 ORIG_RAX: 000000000000000f
[ 1249.636992][T27909] RAX: ffffffffffffffda RBX: 00007f80f25a5fa0 RCX: 00007f80f2329359
[ 1249.637003][T27909] RDX: 00007f80f3200340 RSI: 00007f80f3200470 RDI: 0000000000000021
[ 1249.637013][T27909] RBP: 00007f80f3201090 R08: 0000000000000000 R09: 0000000000000000
[ 1249.637023][T27909] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[ 1249.637033][T27909] R13: 0000000000000000 R14: 00007f80f25a5fa0 R15: 00007fff58a23e48
[ 1249.637052][T27909]  </TASK>
[ 1249.838322][T27890] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1249.849929][T27890] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1250.290962][T27930] netlink: 'syz.3.6114': attribute type 10 has an invalid length.
[ 1250.664647][T27932] ubi: mtd0 is already attached to ubi31
[ 1250.705939][T27918] 9pnet_fd: Insufficient options for proto=fd
[ 1250.959305][T27890] bond0: (slave netdevsim0): Releasing backup interface
[ 1250.972496][T27890] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1250.999132][T27890] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1251.035333][T27935] FAULT_INJECTION: forcing a failure.
[ 1251.035333][T27935] name failslab, interval 1, probability 0, space 0, times 0
[ 1251.054351][T27930] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1251.059034][T27935] CPU: 1 UID: 0 PID: 27935 Comm: syz.4.6116 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1251.059055][T27935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1251.059064][T27935] Call Trace:
[ 1251.059068][T27935]  <TASK>
[ 1251.059074][T27935]  dump_stack_lvl+0x16c/0x1f0
[ 1251.059097][T27935]  should_fail_ex+0x512/0x640
[ 1251.059112][T27935]  ? fs_reclaim_acquire+0xae/0x150
[ 1251.059132][T27935]  ? p9_fcall_init+0x97/0x260
[ 1251.059146][T27935]  should_failslab+0xc2/0x120
[ 1251.059162][T27935]  __kmalloc_noprof+0xd2/0x510
[ 1251.059175][T27935]  ? rcu_is_watching+0x12/0xc0
[ 1251.059194][T27935]  p9_fcall_init+0x97/0x260
[ 1251.059209][T27935]  p9_tag_alloc+0x161/0x640
[ 1251.059225][T27935]  ? __pfx_p9_tag_alloc+0x10/0x10
[ 1251.059245][T27935]  p9_client_prepare_req+0x19b/0x4d0
[ 1251.059261][T27935]  ? __pfx_p9_client_prepare_req+0x10/0x10
[ 1251.059282][T27935]  p9_client_rpc+0x1c4/0xc50
[ 1251.059298][T27935]  ? __pfx_p9_client_rpc+0x10/0x10
[ 1251.059315][T27935]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1251.059330][T27935]  ? pcpu_alloc+0x2c8/0x350
[ 1251.059349][T27935]  ? do_raw_spin_unlock+0x172/0x230
[ 1251.059361][T27935]  ? look_up_lock_class+0x6b/0x150
[ 1251.059380][T27935]  p9_client_write+0x31e/0x670
[ 1251.059402][T27935]  ? __pfx_p9_client_write+0x10/0x10
[ 1251.059423][T27935]  v9fs_issue_write+0xe3/0x1b0
[ 1251.059444][T27935]  ? __pfx_v9fs_issue_write+0x10/0x10
[ 1251.059463][T27935]  ? netfs_advance_write+0x81f/0xc40
[ 1251.059481][T27935]  ? rcu_is_watching+0x12/0xc0
[ 1251.059496][T27935]  netfs_do_issue_write+0x92/0x110
[ 1251.059513][T27935]  netfs_end_issue_write+0x14c/0x200
[ 1251.059531][T27935]  netfs_unbuffered_write+0x4c3/0x670
[ 1251.059550][T27935]  ? __pfx_netfs_unbuffered_write+0x10/0x10
[ 1251.059567][T27935]  ? trace_netfs_folioq+0x188/0x210
[ 1251.059581][T27935]  ? __pfx_netfs_extract_user_iter+0x10/0x10
[ 1251.059602][T27935]  ? iov_iter_folio_queue+0x3e/0x1f0
[ 1251.059618][T27935]  ? rolling_buffer_init+0x8a/0xb0
[ 1251.059638][T27935]  ? netfs_create_write_req+0x511/0x880
[ 1251.059656][T27935]  netfs_unbuffered_write_iter_locked+0x808/0xd40
[ 1251.059682][T27935]  netfs_unbuffered_write_iter+0x414/0x6d0
[ 1251.059706][T27935]  v9fs_file_write_iter+0xbf/0x100
[ 1251.059727][T27935]  vfs_write+0x5ba/0x1180
[ 1251.059749][T27935]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[ 1251.059771][T27935]  ? __pfx___mutex_lock+0x10/0x10
[ 1251.059787][T27935]  ? __pfx_vfs_write+0x10/0x10
[ 1251.059819][T27935]  ksys_write+0x12a/0x240
[ 1251.059839][T27935]  ? __pfx_ksys_write+0x10/0x10
[ 1251.059858][T27935]  ? rcu_is_watching+0x12/0xc0
[ 1251.059877][T27935]  do_syscall_64+0xcd/0x260
[ 1251.059895][T27935]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1251.059910][T27935] RIP: 0033:0x7f80f238d169
[ 1251.059922][T27935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1251.059936][T27935] RSP: 002b:00007f80f3201038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1251.059951][T27935] RAX: ffffffffffffffda RBX: 00007f80f25a5fa0 RCX: 00007f80f238d169
[ 1251.059961][T27935] RDX: 0000000000001006 RSI: 0000200000000540 RDI: 0000000000000007
[ 1251.059970][T27935] RBP: 00007f80f3201090 R08: 0000000000000000 R09: 0000000000000000
[ 1251.059978][T27935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1251.059987][T27935] R13: 0000000000000000 R14: 00007f80f25a5fa0 R15: 00007fff58a23e48
[ 1251.060004][T27935]  </TASK>
[ 1251.145269][   T30] audit: type=1400 audit(1742986124.081:6802): avc:  denied  { write } for  pid=27939 comm="syz.6.6117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 1251.149485][T27930] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1251.536468][   T30] audit: type=1400 audit(1742986124.461:6803): avc:  denied  { write } for  pid=27939 comm="syz.6.6117" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1251.549323][T27890] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1251.565211][T27890] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1251.574775][T27950] FAULT_INJECTION: forcing a failure.
[ 1251.574775][T27950] name failslab, interval 1, probability 0, space 0, times 0
[ 1251.593325][T27950] CPU: 0 UID: 0 PID: 27950 Comm: syz.3.6119 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1251.593353][T27950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1251.593364][T27950] Call Trace:
[ 1251.593370][T27950]  <TASK>
[ 1251.593383][T27950]  dump_stack_lvl+0x16c/0x1f0
[ 1251.593407][T27950]  should_fail_ex+0x512/0x640
[ 1251.593423][T27950]  ? __kmalloc_noprof+0xbf/0x510
[ 1251.593441][T27950]  ? nft_trans_alloc_gfp+0x26/0x2e0
[ 1251.593457][T27950]  should_failslab+0xc2/0x120
[ 1251.593475][T27950]  __kmalloc_noprof+0xd2/0x510
[ 1251.593495][T27950]  nft_trans_alloc_gfp+0x26/0x2e0
[ 1251.593512][T27950]  nf_tables_addchain.constprop.0+0x71b/0x1ab0
[ 1251.593540][T27950]  ? __pfx_nf_tables_addchain.constprop.0+0x10/0x10
[ 1251.593560][T27950]  ? __lock_acquire+0x5ca/0x1ba0
[ 1251.593598][T27950]  ? nla_strcmp+0xff/0x130
[ 1251.593620][T27950]  ? nft_table_lookup.part.0+0x1e3/0x230
[ 1251.593639][T27950]  nf_tables_newchain+0x1ce1/0x2800
[ 1251.593660][T27950]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1251.593687][T27950]  ? __nla_validate_parse+0x5c1/0x2880
[ 1251.593710][T27950]  ? __pfx_nf_tables_newchain+0x10/0x10
[ 1251.593728][T27950]  ? __pfx___nla_validate_parse+0x10/0x10
[ 1251.593755][T27950]  ? __nla_parse+0x40/0x60
[ 1251.593777][T27950]  nfnetlink_rcv_batch+0x1908/0x2350
[ 1251.593809][T27950]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[ 1251.593846][T27950]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 1251.593883][T27950]  ? __nla_parse+0x40/0x60
[ 1251.593905][T27950]  nfnetlink_rcv+0x3c1/0x430
[ 1251.593926][T27950]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1251.593952][T27950]  netlink_unicast+0x53a/0x7f0
[ 1251.593975][T27950]  ? __pfx_netlink_unicast+0x10/0x10
[ 1251.594000][T27950]  netlink_sendmsg+0x8da/0xd70
[ 1251.594023][T27950]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1251.594049][T27950]  ____sys_sendmsg+0xa8d/0xc60
[ 1251.594065][T27950]  ? copy_msghdr_from_user+0x10a/0x160
[ 1251.594087][T27950]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1251.594110][T27950]  ___sys_sendmsg+0x134/0x1d0
[ 1251.594133][T27950]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1251.594174][T27950]  __sys_sendmsg+0x16d/0x220
[ 1251.594195][T27950]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1251.594221][T27950]  ? rcu_is_watching+0x12/0xc0
[ 1251.594244][T27950]  do_syscall_64+0xcd/0x260
[ 1251.594264][T27950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1251.594281][T27950] RIP: 0033:0x7fea10f8d169
[ 1251.594294][T27950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1251.594311][T27950] RSP: 002b:00007fea11eb4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1251.594328][T27950] RAX: ffffffffffffffda RBX: 00007fea111a5fa0 RCX: 00007fea10f8d169
[ 1251.594339][T27950] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1251.594350][T27950] RBP: 00007fea11eb4090 R08: 0000000000000000 R09: 0000000000000000
[ 1251.594360][T27950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1251.594370][T27950] R13: 0000000000000000 R14: 00007fea111a5fa0 R15: 00007ffe904c2778
[ 1251.594405][T27950]  </TASK>
[ 1251.895601][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1251.924734][T27890] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1251.934958][T27890] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1252.158665][T27957] ubi: mtd0 is already attached to ubi31
[ 1252.256804][T27890] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1252.334880][T27890] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1252.356341][T27890] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1252.369339][T27890] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1252.579267][T11873] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 1252.752781][T11873] usb 7-1: Using ep0 maxpacket: 32
[ 1252.760256][T11873] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1252.780275][T11873] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1252.802719][T11873] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1252.823154][T11873] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1252.904367][T11873] usb 7-1: config 0 descriptor??
[ 1252.966215][T11873] hub 7-1:0.0: USB hub found
[ 1253.198077][T27988] ubi: mtd0 is already attached to ubi31
[ 1253.207356][T11873] hub 7-1:0.0: config failed, hub doesn't have any ports! (err -19)
[ 1253.406574][T27993] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6126'.
[ 1253.432348][   T30] audit: type=1400 audit(1742986126.331:6804): avc:  denied  { create } for  pid=27992 comm="syz.5.6126" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1253.664284][   T30] audit: type=1400 audit(1742986126.481:6805): avc:  denied  { write } for  pid=27992 comm="syz.5.6126" name="file0" dev="tmpfs" ino=1915 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1253.696614][T27989] 9pnet_fd: Insufficient options for proto=fd
[ 1253.791698][T11873] usbhid 7-1:0.0: can't add hid device: -71
[ 1253.797927][T11873] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1253.833342][   T30] audit: type=1400 audit(1742986126.481:6806): avc:  denied  { open } for  pid=27992 comm="syz.5.6126" path="/357/file0" dev="tmpfs" ino=1915 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1253.839955][T11873] usb 7-1: USB disconnect, device number 14
[ 1253.856217][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1253.921716][T28005] netlink: 22 bytes leftover after parsing attributes in process `syz.4.6129'.
[ 1253.941740][T28005] 9p: Unknown access argument c: -22
[ 1254.320381][   T30] audit: type=1400 audit(1742986126.481:6807): avc:  denied  { ioctl } for  pid=27992 comm="syz.5.6126" path="/357/file0" dev="tmpfs" ino=1915 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1254.344710][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1254.374858][   T30] audit: type=1400 audit(1742986127.291:6808): avc:  denied  { unlink } for  pid=21272 comm="syz-executor" name="file0" dev="tmpfs" ino=1915 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1254.436433][T28010] FAULT_INJECTION: forcing a failure.
[ 1254.436433][T28010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1254.478690][T28013] input: syz1 as /devices/virtual/input/input133
[ 1254.480776][T28010] CPU: 1 UID: 0 PID: 28010 Comm: syz.5.6130 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1254.480797][T28010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1254.480806][T28010] Call Trace:
[ 1254.480811][T28010]  <TASK>
[ 1254.480817][T28010]  dump_stack_lvl+0x16c/0x1f0
[ 1254.480839][T28010]  should_fail_ex+0x512/0x640
[ 1254.480857][T28010]  copy_fpstate_to_sigframe+0x878/0xb10
[ 1254.480881][T28010]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[ 1254.480902][T28010]  ? __sigqueue_free+0xba/0x2a0
[ 1254.480925][T28010]  ? __sigqueue_free+0xba/0x2a0
[ 1254.480944][T28010]  ? collect_signal+0x263/0x540
[ 1254.480967][T28010]  get_sigframe+0x4a8/0x9c0
[ 1254.480987][T28010]  ? __pfx_get_sigframe+0x10/0x10
[ 1254.481006][T28010]  ? rcu_is_watching+0x12/0xc0
[ 1254.481022][T28010]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1254.481037][T28010]  ? siginfo_layout+0x1d2/0x290
[ 1254.481054][T28010]  x64_setup_rt_frame+0x12e/0xcf0
[ 1254.481076][T28010]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[ 1254.481099][T28010]  arch_do_signal_or_restart+0x5e6/0x7d0
[ 1254.481119][T28010]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1254.481138][T28010]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1254.481155][T28010]  ? __do_sys_rt_sigreturn+0x16b/0x230
[ 1254.481192][T28010]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[ 1254.481215][T28010]  syscall_exit_to_user_mode+0x150/0x2a0
[ 1254.481234][T28010]  do_syscall_64+0xda/0x260
[ 1254.481252][T28010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1254.481267][T28010] RIP: 0033:0x7fa59ef8d167
[ 1254.481279][T28010] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[ 1254.481293][T28010] RSP: 002b:00007fa59fe42038 EFLAGS: 00000246
[ 1254.481306][T28010] RAX: 0000000000000010 RBX: 00007fa59f1a5fa0 RCX: 00007fa59ef8d169
[ 1254.481316][T28010] RDX: 0000200000000140 RSI: 0000000000002285 RDI: 0000000000000005
[ 1254.481325][T28010] RBP: 00007fa59fe42090 R08: 0000000000000000 R09: 0000000000000000
[ 1254.481334][T28010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1254.481342][T28010] R13: 0000000000000000 R14: 00007fa59f1a5fa0 R15: 00007ffe19c4bca8
[ 1254.481359][T28010]  </TASK>
[ 1254.716283][T28031] kernel read not supported for file /eth0 (pid: 28031 comm: syz.6.6135)
[ 1254.726684][   T30] audit: type=1800 audit(1742986127.651:6809): pid=28031 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.6.6135" name="eth0" dev="mqueue" ino=98224 res=0 errno=0
[ 1254.755249][T28013] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1255.048430][T28013] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1255.151135][  T975] usb 8-1: new high-speed USB device number 118 using dummy_hcd
[ 1255.610896][   T30] audit: type=1400 audit(1742986128.541:6810): avc:  denied  { map } for  pid=28057 comm="syz.3.6139" path="pipe:[103139]" dev="pipefs" ino=103139 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1255.683858][T28067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1255.715527][   T30] audit: type=1400 audit(1742986128.601:6811): avc:  denied  { execute } for  pid=28057 comm="syz.3.6139" path="pipe:[103139]" dev="pipefs" ino=103139 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[ 1255.754092][T28055] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1255.775924][T28069] 9pnet_fd: Insufficient options for proto=fd
[ 1255.909258][T11873] usb 4-1: new high-speed USB device number 111 using dummy_hcd
[ 1255.980472][T28076] FAULT_INJECTION: forcing a failure.
[ 1255.980472][T28076] name failslab, interval 1, probability 0, space 0, times 0
[ 1255.994711][T28076] CPU: 1 UID: 0 PID: 28076 Comm: syz.4.6145 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1255.994737][T28076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1255.994747][T28076] Call Trace:
[ 1255.994752][T28076]  <TASK>
[ 1255.994759][T28076]  dump_stack_lvl+0x16c/0x1f0
[ 1255.994784][T28076]  should_fail_ex+0x512/0x640
[ 1255.994801][T28076]  should_failslab+0xc2/0x120
[ 1255.994817][T28076]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1255.994840][T28076]  ? __pfx___might_resched+0x10/0x10
[ 1255.994859][T28076]  ? __hw_addr_add_ex+0x3c9/0x7c0
[ 1255.994885][T28076]  __hw_addr_add_ex+0x3c9/0x7c0
[ 1255.994911][T28076]  ? __pfx___hw_addr_add_ex+0x10/0x10
[ 1255.994934][T28076]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 1255.994959][T28076]  dev_addr_init+0x161/0x250
[ 1255.994976][T28076]  ? __pfx_dev_addr_init+0x10/0x10
[ 1255.994994][T28076]  ? __pfx_ip6_tnl_dev_setup+0x10/0x10
[ 1255.995020][T28076]  ? __pfx_ip6_tnl_dev_setup+0x10/0x10
[ 1255.995043][T28076]  alloc_netdev_mqs+0x3ef/0x15d0
[ 1255.995068][T28076]  rtnl_create_link+0xc10/0xfa0
[ 1255.995091][T28076]  rtnl_newlink+0x14c2/0x1d40
[ 1255.995114][T28076]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1255.995135][T28076]  ? avc_has_perm_noaudit+0x149/0x3b0
[ 1255.995169][T28076]  ? find_held_lock+0x2b/0x80
[ 1255.995186][T28076]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1255.995204][T28076]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1255.995223][T28076]  ? rtnetlink_rcv_msg+0x93a/0xe90
[ 1255.995244][T28076]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1255.995264][T28076]  rtnetlink_rcv_msg+0x95b/0xe90
[ 1255.995292][T28076]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1255.995322][T28076]  netlink_rcv_skb+0x16a/0x440
[ 1255.995342][T28076]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1255.995362][T28076]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1255.995390][T28076]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1255.995411][T28076]  netlink_unicast+0x53a/0x7f0
[ 1255.995433][T28076]  ? __pfx_netlink_unicast+0x10/0x10
[ 1255.995456][T28076]  netlink_sendmsg+0x8da/0xd70
[ 1255.995478][T28076]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1255.995503][T28076]  ____sys_sendmsg+0xa8d/0xc60
[ 1255.995518][T28076]  ? copy_msghdr_from_user+0x10a/0x160
[ 1255.995537][T28076]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1255.995561][T28076]  ___sys_sendmsg+0x134/0x1d0
[ 1255.995582][T28076]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1255.995626][T28076]  __sys_sendmsg+0x16d/0x220
[ 1255.995645][T28076]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1255.995669][T28076]  ? rcu_is_watching+0x12/0xc0
[ 1255.995691][T28076]  do_syscall_64+0xcd/0x260
[ 1255.995711][T28076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1255.995727][T28076] RIP: 0033:0x7f80f238d169
[ 1255.995739][T28076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1255.995752][T28076] RSP: 002b:00007f80f3201038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1255.995763][T28076] RAX: ffffffffffffffda RBX: 00007f80f25a5fa0 RCX: 00007f80f238d169
[ 1255.995770][T28076] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1255.995776][T28076] RBP: 00007f80f3201090 R08: 0000000000000000 R09: 0000000000000000
[ 1255.995782][T28076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1255.995788][T28076] R13: 0000000000000000 R14: 00007f80f25a5fa0 R15: 00007fff58a23e48
[ 1255.995800][T28076]  </TASK>
[ 1256.470879][T11873] usb 4-1: Using ep0 maxpacket: 32
[ 1256.482715][T11873] usb 4-1: config 1 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 250, changing to 11
[ 1256.493075][T28080] netlink: 20 bytes leftover after parsing attributes in process `syz.7.6147'.
[ 1256.494132][T11873] usb 4-1: config 1 interface 0 altsetting 128 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1256.516233][T11873] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1256.536796][T11873] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1256.546007][T11873] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1256.554322][T11873] usb 4-1: Product: syz
[ 1256.558555][T11873] usb 4-1: Manufacturer: syz
[ 1256.563320][T11873] usb 4-1: SerialNumber: syz
[ 1256.624669][T28058] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1256.924046][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1256.924062][   T30] audit: type=1400 audit(1742986129.851:6817): avc:  denied  { execute } for  pid=28098 comm="syz.7.6151" path="/dev/audio" dev="devtmpfs" ino=1286 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sound_device_t tclass=chr_file permissive=1
[ 1256.989157][   T30] audit: type=1400 audit(1742986129.851:6818): avc:  denied  { read } for  pid=28098 comm="syz.7.6151" name="mouse0" dev="devtmpfs" ino=1042 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1257.026860][   T30] audit: type=1400 audit(1742986129.851:6819): avc:  denied  { open } for  pid=28098 comm="syz.7.6151" path="/dev/input/mouse0" dev="devtmpfs" ino=1042 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1257.054680][   T30] audit: type=1400 audit(1742986129.851:6820): avc:  denied  { ioctl } for  pid=28098 comm="syz.7.6151" path="/dev/input/mouse0" dev="devtmpfs" ino=1042 ioctlcmd=0x5005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1257.080806][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1257.119353][T11873] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[ 1257.234344][T28103] FAULT_INJECTION: forcing a failure.
[ 1257.234344][T28103] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1257.234807][T11873] usb 4-1: USB disconnect, device number 111
[ 1257.381363][   T30] audit: type=1400 audit(1742986129.881:6821): avc:  denied  { create } for  pid=28098 comm="syz.7.6151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[ 1257.381404][   T30] audit: type=1400 audit(1742986130.121:6822): avc:  denied  { read } for  pid=28101 comm="syz.6.6154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1257.389097][T28103] CPU: 1 UID: 0 PID: 28103 Comm: syz.7.6153 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1257.389123][T28103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1257.389133][T28103] Call Trace:
[ 1257.389138][T28103]  <TASK>
[ 1257.389145][T28103]  dump_stack_lvl+0x16c/0x1f0
[ 1257.389169][T28103]  should_fail_ex+0x512/0x640
[ 1257.389187][T28103]  _copy_to_user+0x32/0xd0
[ 1257.389205][T28103]  copy_siginfo_to_user+0x27/0xc0
[ 1257.389228][T28103]  x64_setup_rt_frame+0x811/0xcf0
[ 1257.389249][T28103]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[ 1257.389268][T28103]  arch_do_signal_or_restart+0x5e6/0x7d0
[ 1257.389283][T28103]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1257.389297][T28103]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1257.389310][T28103]  ? __do_sys_rt_sigreturn+0x16b/0x230
[ 1257.389325][T28103]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[ 1257.389341][T28103]  syscall_exit_to_user_mode+0x150/0x2a0
[ 1257.389355][T28103]  do_syscall_64+0xda/0x260
[ 1257.389368][T28103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1257.389379][T28103] RIP: 0033:0x7f62d6d8d167
[ 1257.389388][T28103] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[ 1257.389399][T28103] RSP: 002b:00007f62d7be5038 EFLAGS: 00000246
[ 1257.389408][T28103] RAX: 0000000000000010 RBX: 00007f62d6fa5fa0 RCX: 00007f62d6d8d169
[ 1257.389417][T28103] RDX: 0000200000000140 RSI: 0000000000002285 RDI: 0000000000000005
[ 1257.389428][T28103] RBP: 00007f62d7be5090 R08: 0000000000000000 R09: 0000000000000000
[ 1257.389437][T28103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1257.389446][T28103] R13: 0000000000000000 R14: 00007f62d6fa5fa0 R15: 00007ffc8db35d58
[ 1257.389463][T28103]  </TASK>
[ 1257.422961][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1257.704547][T28120] 9pnet_fd: Insufficient options for proto=fd
[ 1258.865619][T28137] hfs: unable to load iocharset "io#harset"
[ 1259.180807][T28155] FAULT_INJECTION: forcing a failure.
[ 1259.180807][T28155] name failslab, interval 1, probability 0, space 0, times 0
[ 1259.196946][T28155] CPU: 0 UID: 0 PID: 28155 Comm: syz.7.6166 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1259.196972][T28155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1259.196983][T28155] Call Trace:
[ 1259.196989][T28155]  <TASK>
[ 1259.196995][T28155]  dump_stack_lvl+0x16c/0x1f0
[ 1259.197020][T28155]  should_fail_ex+0x512/0x640
[ 1259.197036][T28155]  ? fs_reclaim_acquire+0xae/0x150
[ 1259.197061][T28155]  ? p9_fcall_init+0x97/0x260
[ 1259.197077][T28155]  should_failslab+0xc2/0x120
[ 1259.197094][T28155]  __kmalloc_noprof+0xd2/0x510
[ 1259.197110][T28155]  ? rcu_is_watching+0x12/0xc0
[ 1259.197131][T28155]  p9_fcall_init+0x97/0x260
[ 1259.197148][T28155]  p9_tag_alloc+0x202/0x640
[ 1259.197166][T28155]  ? __pfx_p9_tag_alloc+0x10/0x10
[ 1259.197181][T28155]  ? __pfx_stack_trace_save+0x10/0x10
[ 1259.197206][T28155]  p9_client_prepare_req+0x19b/0x4d0
[ 1259.197224][T28155]  ? __pfx_p9_client_prepare_req+0x10/0x10
[ 1259.197248][T28155]  p9_client_rpc+0x1c4/0xc50
[ 1259.197266][T28155]  ? __pfx_p9_client_rpc+0x10/0x10
[ 1259.197282][T28155]  ? __lock_acquire+0xaa4/0x1ba0
[ 1259.197316][T28155]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1259.197331][T28155]  ? look_up_lock_class+0x6b/0x150
[ 1259.197354][T28155]  p9_client_write+0x31e/0x670
[ 1259.197380][T28155]  ? __pfx_p9_client_write+0x10/0x10
[ 1259.197405][T28155]  v9fs_issue_write+0xe3/0x1b0
[ 1259.197430][T28155]  ? __pfx_v9fs_issue_write+0x10/0x10
[ 1259.197452][T28155]  ? netfs_advance_write+0x81f/0xc40
[ 1259.197474][T28155]  ? rcu_is_watching+0x12/0xc0
[ 1259.197492][T28155]  netfs_do_issue_write+0x92/0x110
[ 1259.197512][T28155]  netfs_end_issue_write+0x14c/0x200
[ 1259.197532][T28155]  netfs_unbuffered_write+0x4c3/0x670
[ 1259.197554][T28155]  ? __pfx_netfs_unbuffered_write+0x10/0x10
[ 1259.197573][T28155]  ? trace_netfs_folioq+0x188/0x210
[ 1259.197589][T28155]  ? __pfx_netfs_extract_user_iter+0x10/0x10
[ 1259.197612][T28155]  ? iov_iter_folio_queue+0x3e/0x1f0
[ 1259.197631][T28155]  ? rolling_buffer_init+0x8a/0xb0
[ 1259.197648][T28155]  ? netfs_create_write_req+0x511/0x880
[ 1259.197669][T28155]  netfs_unbuffered_write_iter_locked+0x808/0xd40
[ 1259.197698][T28155]  netfs_unbuffered_write_iter+0x414/0x6d0
[ 1259.197726][T28155]  v9fs_file_write_iter+0xbf/0x100
[ 1259.197751][T28155]  vfs_write+0x5ba/0x1180
[ 1259.197777][T28155]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[ 1259.197802][T28155]  ? __pfx___mutex_lock+0x10/0x10
[ 1259.197823][T28155]  ? __pfx_vfs_write+0x10/0x10
[ 1259.197858][T28155]  ksys_write+0x12a/0x240
[ 1259.197882][T28155]  ? __pfx_ksys_write+0x10/0x10
[ 1259.197905][T28155]  ? rcu_is_watching+0x12/0xc0
[ 1259.197926][T28155]  do_syscall_64+0xcd/0x260
[ 1259.197948][T28155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1259.197964][T28155] RIP: 0033:0x7f62d6d8d169
[ 1259.197982][T28155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1259.197998][T28155] RSP: 002b:00007f62d7be5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1259.198015][T28155] RAX: ffffffffffffffda RBX: 00007f62d6fa5fa0 RCX: 00007f62d6d8d169
[ 1259.198026][T28155] RDX: 0000000000001006 RSI: 0000200000000540 RDI: 0000000000000007
[ 1259.198036][T28155] RBP: 00007f62d7be5090 R08: 0000000000000000 R09: 0000000000000000
[ 1259.198046][T28155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1259.198055][T28155] R13: 0000000000000000 R14: 00007f62d6fa5fa0 R15: 00007ffc8db35d58
[ 1259.198075][T28155]  </TASK>
[ 1259.529463][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1259.683169][    T9] usb 4-1: new high-speed USB device number 112 using dummy_hcd
[ 1259.716601][   T30] audit: type=1400 audit(1742986132.631:6823): avc:  denied  { ioctl } for  pid=28157 comm="syz.6.6167" path="socket:[103368]" dev="sockfs" ino=103368 ioctlcmd=0x7459 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1259.990620][    T9] usb 4-1: Using ep0 maxpacket: 8
[ 1260.024115][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1260.083046][    T9] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1260.104357][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1260.282509][    T9] usb 4-1: config 0 descriptor??
[ 1260.305168][    T9] iowarrior 4-1:0.0: no interrupt-in endpoint found
[ 1261.049438][    T9] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[ 1261.061509][T28179] tmpfs: Bad value for 'huge'
[ 1261.178657][T19177] usb 4-1: USB disconnect, device number 112
[ 1261.310060][    T9] usb 6-1: config 3 has an invalid interface number: 168 but max is 0
[ 1261.323171][    T9] usb 6-1: config 3 has no interface number 0
[ 1261.329712][    T9] usb 6-1: config 3 interface 168 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[ 1261.492231][T28189] tmpfs: Bad value for 'huge'
[ 1261.583055][    T9] usb 6-1: config 3 interface 168 altsetting 0 endpoint 0x81 has invalid maxpacket 30768, setting to 1024
[ 1261.606180][    T9] usb 6-1: config 3 interface 168 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[ 1261.629085][    T9] usb 6-1: New USB device found, idVendor=06cd, idProduct=0135, bcdDevice=a8.a4
[ 1261.638260][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1261.652841][T28171] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1261.945512][T28171] IPv6: addrconf: prefix option has invalid lifetime
[ 1261.956354][T28171] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1261.992776][T28171] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1262.008834][    T9] usb 6-1: string descriptor 0 read error: -71
[ 1262.030281][    T9] keyspan 6-1:3.168: Keyspan 2 port adapter converter detected
[ 1262.038007][    T9] keyspan 6-1:3.168: found no endpoint descriptor for endpoint 1
[ 1262.198007][    T9] keyspan 6-1:3.168: found no endpoint descriptor for endpoint 84
[ 1262.210446][    T9] keyspan 6-1:3.168: found no endpoint descriptor for endpoint 2
[ 1262.228603][    T9] usb 6-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[ 1262.274178][T28218] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6177'.
[ 1262.736089][    T9] keyspan 6-1:3.168: found no endpoint descriptor for endpoint 88
[ 1262.744045][    T9] keyspan 6-1:3.168: found no endpoint descriptor for endpoint 6
[ 1262.752537][    T9] usb 6-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[ 1262.763151][    T9] usb 6-1: USB disconnect, device number 19
[ 1262.771254][    T9] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[ 1262.791762][T28219] hfs: unable to load iocharset "io#harset"
[ 1262.792392][    T9] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[ 1262.812794][    T9] keyspan 6-1:3.168: device disconnected
[ 1262.899279][ T5823] Bluetooth: hci4: unexpected Set CIG Parameters response data
[ 1262.908638][ T5823] Bluetooth: hci4: unexpected event for opcode 0x2062
[ 1262.952433][T19177] usb 4-1: new high-speed USB device number 113 using dummy_hcd
[ 1263.274239][T19177] usb 4-1: Using ep0 maxpacket: 16
[ 1263.286223][T19177] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1263.298364][T19177] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1263.310887][T19177] usb 4-1: Product: syz
[ 1263.315075][T19177] usb 4-1: Manufacturer: syz
[ 1263.320281][T19177] usb 4-1: SerialNumber: syz
[ 1263.334780][T19177] usb 4-1: config 0 descriptor??
[ 1263.343726][T19177] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[ 1263.365833][T19177] usb 4-1: Detected FT232H
[ 1263.439875][T28259] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1263.507239][T28258] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1264.040238][T19177] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1264.078857][T19177] ftdi_sio 4-1:0.0: GPIO initialisation failed: -5
[ 1264.097090][T19177] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1264.101708][   T30] audit: type=1400 audit(1742986137.021:6824): avc:  denied  { getopt } for  pid=28267 comm="syz.7.6186" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 1264.302565][T28209] hfs: unable to load iocharset "io#harset"
[ 1264.309448][T19177] usb 4-1: USB disconnect, device number 113
[ 1264.317914][T19177] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1264.336987][T19177] ftdi_sio 4-1:0.0: device disconnected
[ 1264.345040][   T30] audit: type=1400 audit(1742986137.281:6825): avc:  denied  { create } for  pid=28276 comm="syz.6.6187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[ 1264.397331][   T30] audit: type=1400 audit(1742986137.321:6826): avc:  denied  { sys_admin } for  pid=28276 comm="syz.6.6187" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[ 1264.688936][T28300] FAULT_INJECTION: forcing a failure.
[ 1264.688936][T28300] name failslab, interval 1, probability 0, space 0, times 0
[ 1264.733703][T28300] CPU: 0 UID: 0 PID: 28300 Comm: syz.4.6189 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1264.733733][T28300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1264.733743][T28300] Call Trace:
[ 1264.733749][T28300]  <TASK>
[ 1264.733756][T28300]  dump_stack_lvl+0x16c/0x1f0
[ 1264.733781][T28300]  should_fail_ex+0x512/0x640
[ 1264.733798][T28300]  ? fs_reclaim_acquire+0xae/0x150
[ 1264.733824][T28300]  should_failslab+0xc2/0x120
[ 1264.733843][T28300]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 1264.733859][T28300]  ? stack_depot_save_flags+0x29/0x9c0
[ 1264.733876][T28300]  ? p9_tag_alloc+0x9c/0x640
[ 1264.733897][T28300]  p9_tag_alloc+0x9c/0x640
[ 1264.733913][T28300]  ? kasan_record_aux_stack+0xb8/0xd0
[ 1264.733937][T28300]  ? __pfx_p9_tag_alloc+0x10/0x10
[ 1264.733953][T28300]  ? netfs_end_issue_write+0x14c/0x200
[ 1264.733974][T28300]  ? netfs_unbuffered_write+0x4c3/0x670
[ 1264.733993][T28300]  ? netfs_unbuffered_write_iter_locked+0x808/0xd40
[ 1264.734020][T28300]  ? netfs_unbuffered_write_iter+0x414/0x6d0
[ 1264.734044][T28300]  ? v9fs_file_write_iter+0xbf/0x100
[ 1264.734069][T28300]  ? vfs_write+0x5ba/0x1180
[ 1264.734092][T28300]  ? ksys_write+0x12a/0x240
[ 1264.734122][T28300]  ? do_syscall_64+0xcd/0x260
[ 1264.734141][T28300]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1264.734163][T28300]  p9_client_prepare_req+0x19b/0x4d0
[ 1264.734182][T28300]  ? __pfx_p9_client_prepare_req+0x10/0x10
[ 1264.734207][T28300]  p9_client_rpc+0x1c4/0xc50
[ 1264.734226][T28300]  ? __pfx_p9_client_rpc+0x10/0x10
[ 1264.734244][T28300]  ? __call_rcu_common.constprop.0+0x3e5/0x9f0
[ 1264.734269][T28300]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1264.734293][T28300]  ? kmem_cache_free+0x173/0x4d0
[ 1264.734317][T28300]  ? p9_req_put+0x1c6/0x250
[ 1264.734339][T28300]  p9_client_write+0x31e/0x670
[ 1264.734364][T28300]  ? __pfx_p9_client_write+0x10/0x10
[ 1264.734389][T28300]  v9fs_issue_write+0xe3/0x1b0
[ 1264.734413][T28300]  ? __pfx_v9fs_issue_write+0x10/0x10
[ 1264.734435][T28300]  ? netfs_advance_write+0x81f/0xc40
[ 1264.734455][T28300]  ? rcu_is_watching+0x12/0xc0
[ 1264.734474][T28300]  netfs_do_issue_write+0x92/0x110
[ 1264.734494][T28300]  netfs_end_issue_write+0x14c/0x200
[ 1264.734515][T28300]  netfs_unbuffered_write+0x4c3/0x670
[ 1264.734538][T28300]  ? __pfx_netfs_unbuffered_write+0x10/0x10
[ 1264.734558][T28300]  ? trace_netfs_folioq+0x188/0x210
[ 1264.734575][T28300]  ? __pfx_netfs_extract_user_iter+0x10/0x10
[ 1264.734599][T28300]  ? iov_iter_folio_queue+0x3e/0x1f0
[ 1264.734619][T28300]  ? rolling_buffer_init+0x8a/0xb0
[ 1264.734636][T28300]  ? netfs_create_write_req+0x511/0x880
[ 1264.734658][T28300]  netfs_unbuffered_write_iter_locked+0x808/0xd40
[ 1264.734688][T28300]  netfs_unbuffered_write_iter+0x414/0x6d0
[ 1264.734716][T28300]  v9fs_file_write_iter+0xbf/0x100
[ 1264.734741][T28300]  vfs_write+0x5ba/0x1180
[ 1264.734765][T28300]  ? __pfx_v9fs_file_write_iter+0x10/0x10
[ 1264.734791][T28300]  ? __pfx___mutex_lock+0x10/0x10
[ 1264.734810][T28300]  ? __pfx_vfs_write+0x10/0x10
[ 1264.734846][T28300]  ksys_write+0x12a/0x240
[ 1264.734870][T28300]  ? __pfx_ksys_write+0x10/0x10
[ 1264.734893][T28300]  ? rcu_is_watching+0x12/0xc0
[ 1264.734915][T28300]  do_syscall_64+0xcd/0x260
[ 1264.734936][T28300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1264.734953][T28300] RIP: 0033:0x7f80f238d169
[ 1264.734967][T28300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1264.734983][T28300] RSP: 002b:00007f80f3201038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1264.735001][T28300] RAX: ffffffffffffffda RBX: 00007f80f25a5fa0 RCX: 00007f80f238d169
[ 1264.735013][T28300] RDX: 0000000000001006 RSI: 0000200000000540 RDI: 0000000000000007
[ 1264.735024][T28300] RBP: 00007f80f3201090 R08: 0000000000000000 R09: 0000000000000000
[ 1264.735034][T28300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1264.735044][T28300] R13: 0000000000000000 R14: 00007f80f25a5fa0 R15: 00007fff58a23e48
[ 1264.735064][T28300]  </TASK>
[ 1264.735574][T17895] ==================================================================
[ 1264.939469][   T30] audit: type=1400 audit(1742986137.721:6827): avc:  denied  { ioctl } for  pid=28299 comm="syz.6.6188" path="socket:[104391]" dev="sockfs" ino=104391 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1264.942819][T17895] BUG: KASAN: slab-out-of-bounds in iov_iter_revert+0x443/0x5a0
[ 1265.157971][T17895] Read of size 4 at addr ffff888028fc24f8 by task kworker/u8:18/17895
[ 1265.166107][T17895] 
[ 1265.168414][T17895] CPU: 0 UID: 0 PID: 17895 Comm: kworker/u8:18 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1265.168433][T17895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1265.168443][T17895] Workqueue: events_unbound netfs_write_collection_worker
[ 1265.168464][T17895] Call Trace:
[ 1265.168468][T17895]  <TASK>
[ 1265.168474][T17895]  dump_stack_lvl+0x116/0x1f0
[ 1265.168492][T17895]  print_report+0xc3/0x670
[ 1265.168506][T17895]  ? __virt_addr_valid+0x5e/0x590
[ 1265.168523][T17895]  ? __phys_addr+0xc6/0x150
[ 1265.168540][T17895]  ? iov_iter_revert+0x443/0x5a0
[ 1265.168555][T17895]  kasan_report+0xe0/0x110
[ 1265.168569][T17895]  ? iov_iter_revert+0x443/0x5a0
[ 1265.168584][T17895]  iov_iter_revert+0x443/0x5a0
[ 1265.168598][T17895]  netfs_retry_writes+0x166d/0x1a50
[ 1265.168615][T17895]  ? sched_clock_cpu+0x6c/0x530
[ 1265.168633][T17895]  ? __lock_acquire+0xaa4/0x1ba0
[ 1265.168651][T17895]  ? __pfx_netfs_retry_writes+0x10/0x10
[ 1265.168666][T17895]  ? find_held_lock+0x2b/0x80
[ 1265.168680][T17895]  ? register_lock_class+0x41/0x4c0
[ 1265.168697][T17895]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1265.168710][T17895]  netfs_write_collection_worker+0x23fd/0x3830
[ 1265.168730][T17895]  process_one_work+0x9cc/0x1b70
[ 1265.168746][T17895]  ? __pfx_netfs_write_collection_worker+0x10/0x10
[ 1265.168762][T17895]  ? __pfx_process_one_work+0x10/0x10
[ 1265.168776][T17895]  ? assign_work+0x1a0/0x250
[ 1265.168788][T17895]  worker_thread+0x6c1/0xef0
[ 1265.168803][T17895]  ? __pfx_worker_thread+0x10/0x10
[ 1265.168816][T17895]  kthread+0x3a4/0x760
[ 1265.168827][T17895]  ? __pfx_kthread+0x10/0x10
[ 1265.168838][T17895]  ? __pfx_kthread+0x10/0x10
[ 1265.168848][T17895]  ? __pfx_kthread+0x10/0x10
[ 1265.168858][T17895]  ? __pfx_kthread+0x10/0x10
[ 1265.168869][T17895]  ? rcu_is_watching+0x12/0xc0
[ 1265.168883][T17895]  ? __pfx_kthread+0x10/0x10
[ 1265.168894][T17895]  ret_from_fork+0x45/0x80
[ 1265.168907][T17895]  ? __pfx_kthread+0x10/0x10
[ 1265.168918][T17895]  ret_from_fork_asm+0x1a/0x30
[ 1265.168939][T17895]  </TASK>
[ 1265.168944][T17895] 
[ 1265.364216][T17895] Allocated by task 28299:
[ 1265.368623][T17895]  kasan_save_stack+0x33/0x60
[ 1265.373296][T17895]  kasan_save_track+0x14/0x30
[ 1265.377957][T17895]  __kasan_kmalloc+0xaa/0xb0
[ 1265.382533][T17895]  __kmalloc_node_track_caller_noprof+0x221/0x510
[ 1265.388928][T17895]  kmemdup_noprof+0x29/0x60
[ 1265.393416][T17895]  sidtab_sid2str_get+0x17a/0x680
[ 1265.398421][T17895]  sidtab_entry_to_string+0x33/0x110
[ 1265.403690][T17895]  security_sid_to_context_core+0x35c/0x640
[ 1265.409567][T17895]  selinux_inode_init_security+0x460/0x660
[ 1265.415358][T17895]  security_inode_init_security+0x1e5/0x390
[ 1265.421231][T17895]  shmem_symlink+0x134/0x780
[ 1265.425801][T17895]  vfs_symlink+0x400/0x680
[ 1265.430199][T17895]  do_symlinkat+0x261/0x310
[ 1265.434679][T17895]  __x64_sys_symlinkat+0x93/0xc0
[ 1265.439596][T17895]  do_syscall_64+0xcd/0x260
[ 1265.444080][T17895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1265.449950][T17895] 
[ 1265.452252][T17895] Freed by task 28299:
[ 1265.456295][T17895]  kasan_save_stack+0x33/0x60
[ 1265.460948][T17895]  kasan_save_track+0x14/0x30
[ 1265.465612][T17895]  kasan_save_free_info+0x3b/0x60
[ 1265.470617][T17895]  __kasan_slab_free+0x51/0x70
[ 1265.475359][T17895]  kfree+0x2b6/0x4d0
[ 1265.479248][T17895]  security_inode_init_security+0x2c3/0x390
[ 1265.485138][T17895]  shmem_symlink+0x134/0x780
[ 1265.489727][T17895]  vfs_symlink+0x400/0x680
[ 1265.494135][T17895]  do_symlinkat+0x261/0x310
[ 1265.498619][T17895]  __x64_sys_symlinkat+0x93/0xc0
[ 1265.503540][T17895]  do_syscall_64+0xcd/0x260
[ 1265.508024][T17895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1265.513895][T17895] 
[ 1265.516200][T17895] The buggy address belongs to the object at ffff888028fc24c0
[ 1265.516200][T17895]  which belongs to the cache kmalloc-32 of size 32
[ 1265.530056][T17895] The buggy address is located 24 bytes to the right of
[ 1265.530056][T17895]  allocated 32-byte region [ffff888028fc24c0, ffff888028fc24e0)
[ 1265.544522][T17895] 
[ 1265.546824][T17895] The buggy address belongs to the physical page:
[ 1265.553208][T17895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28fc2
[ 1265.561963][T17895] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[ 1265.569057][T17895] page_type: f5(slab)
[ 1265.573021][T17895] raw: 00fff00000000000 ffff88801b441780 dead000000000100 dead000000000122
[ 1265.581588][T17895] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000
[ 1265.590147][T17895] page dumped because: kasan: bad access detected
[ 1265.596534][T17895] page_owner tracks the page as allocated
[ 1265.602225][T17895] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52800(GFP_NOWAIT|__GFP_NORETRY|__GFP_COMP), pid 1756, tgid 1756 (kworker/u8:1), ts 7671480764, free_ts 7250051062
[ 1265.620174][T17895]  post_alloc_hook+0x181/0x1b0
[ 1265.624927][T17895]  get_page_from_freelist+0x10c4/0x34c0
[ 1265.630450][T17895]  __alloc_frozen_pages_noprof+0x223/0x24d0
[ 1265.636321][T17895]  alloc_pages_mpol+0x1fb/0x540
[ 1265.641151][T17895]  new_slab+0x23c/0x330
[ 1265.645292][T17895]  ___slab_alloc+0xd9c/0x1940
[ 1265.649969][T17895]  __slab_alloc.constprop.0+0x56/0xb0
[ 1265.655324][T17895]  __kmalloc_cache_noprof+0xfb/0x3e0
[ 1265.660594][T17895]  kmem_cache_free+0x148/0x4d0
[ 1265.665344][T17895]  __fput_deferred+0x2d5/0x370
[ 1265.670088][T17895]  fput_close+0x1a5/0x1e0
[ 1265.674401][T17895]  path_openat+0xf22/0x2d40
[ 1265.678881][T17895]  do_filp_open+0x20b/0x470
[ 1265.683362][T17895]  do_open_execat+0xf9/0x450
[ 1265.687938][T17895]  alloc_bprm+0x2d/0xdd0
[ 1265.692165][T17895]  kernel_execve+0xb0/0x3b0
[ 1265.696652][T17895] page last free pid 972 tgid 972 stack trace:
[ 1265.702780][T17895]  free_frozen_pages+0x6d8/0xf40
[ 1265.707703][T17895]  vfree+0x176/0x960
[ 1265.711581][T17895]  delayed_vfree_work+0x56/0x70
[ 1265.716414][T17895]  process_one_work+0x9cc/0x1b70
[ 1265.721331][T17895]  worker_thread+0x6c1/0xef0
[ 1265.725918][T17895]  kthread+0x3a4/0x760
[ 1265.729966][T17895]  ret_from_fork+0x45/0x80
[ 1265.734362][T17895]  ret_from_fork_asm+0x1a/0x30
[ 1265.739113][T17895] 
[ 1265.741418][T17895] Memory state around the buggy address:
[ 1265.747024][T17895]  ffff888028fc2380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 1265.755062][T17895]  ffff888028fc2400: 00 00 00 00 fc fc fc fc 00 00 00 fc fc fc fc fc
[ 1265.763101][T17895] >ffff888028fc2480: 00 00 04 fc fc fc fc fc fa fb fb fb fc fc fc fc
[ 1265.771137][T17895]                                                                 ^
[ 1265.779089][T17895]  ffff888028fc2500: 00 00 00 00 fc fc fc fc fa fb fb fb fc fc fc fc
[ 1265.787129][T17895]  ffff888028fc2580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc
[ 1265.795169][T17895] ==================================================================
[ 1265.851394][T28302] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(9)
[ 1265.858006][T28302] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1265.896489][T17895] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[ 1265.903720][T17895] CPU: 0 UID: 0 PID: 17895 Comm: kworker/u8:18 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(full) 
[ 1265.915702][T17895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 1265.925773][T17895] Workqueue: events_unbound netfs_write_collection_worker
[ 1265.932897][T17895] Call Trace:
[ 1265.936171][T17895]  <TASK>
[ 1265.939121][T17895]  dump_stack_lvl+0x3d/0x1f0
[ 1265.943750][T17895]  panic+0x71c/0x800
[ 1265.947684][T17895]  ? __pfx_panic+0x10/0x10
[ 1265.952128][T17895]  ? mark_held_locks+0x49/0x80
[ 1265.956894][T17895]  ? preempt_schedule_thunk+0x16/0x30
[ 1265.962292][T17895]  ? iov_iter_revert+0x443/0x5a0
[ 1265.967217][T17895]  ? preempt_schedule_common+0x44/0xc0
[ 1265.972660][T17895]  ? check_panic_on_warn+0x1f/0xb0
[ 1265.977760][T17895]  ? iov_iter_revert+0x443/0x5a0
[ 1265.982680][T17895]  check_panic_on_warn+0xab/0xb0
[ 1265.987603][T17895]  end_report+0x107/0x170
[ 1265.991913][T17895]  kasan_report+0xee/0x110
[ 1265.996320][T17895]  ? iov_iter_revert+0x443/0x5a0
[ 1266.001241][T17895]  iov_iter_revert+0x443/0x5a0
[ 1266.005987][T17895]  netfs_retry_writes+0x166d/0x1a50
[ 1266.011172][T17895]  ? sched_clock_cpu+0x6c/0x530
[ 1266.016006][T17895]  ? __lock_acquire+0xaa4/0x1ba0
[ 1266.020928][T17895]  ? __pfx_netfs_retry_writes+0x10/0x10
[ 1266.026478][T17895]  ? find_held_lock+0x2b/0x80
[ 1266.031156][T17895]  ? register_lock_class+0x41/0x4c0
[ 1266.036360][T17895]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1266.041372][T17895]  netfs_write_collection_worker+0x23fd/0x3830
[ 1266.047521][T17895]  process_one_work+0x9cc/0x1b70
[ 1266.052444][T17895]  ? __pfx_netfs_write_collection_worker+0x10/0x10
[ 1266.058929][T17895]  ? __pfx_process_one_work+0x10/0x10
[ 1266.064285][T17895]  ? assign_work+0x1a0/0x250
[ 1266.068853][T17895]  worker_thread+0x6c1/0xef0
[ 1266.073437][T17895]  ? __pfx_worker_thread+0x10/0x10
[ 1266.078526][T17895]  kthread+0x3a4/0x760
[ 1266.082573][T17895]  ? __pfx_kthread+0x10/0x10
[ 1266.087139][T17895]  ? __pfx_kthread+0x10/0x10
[ 1266.091706][T17895]  ? __pfx_kthread+0x10/0x10
[ 1266.096274][T17895]  ? __pfx_kthread+0x10/0x10
[ 1266.100843][T17895]  ? rcu_is_watching+0x12/0xc0
[ 1266.105587][T17895]  ? __pfx_kthread+0x10/0x10
[ 1266.110156][T17895]  ret_from_fork+0x45/0x80
[ 1266.114551][T17895]  ? __pfx_kthread+0x10/0x10
[ 1266.119119][T17895]  ret_from_fork_asm+0x1a/0x30
[ 1266.123873][T17895]  </TASK>
[ 1266.127081][T17895] Kernel Offset: disabled
[ 1266.131383][T17895] Rebooting in 86400 seconds..