last executing test programs:

1m27.474846181s ago: executing program 3 (id=280):
accept$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x24040084)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="5c00000002060108000000000000000000000000050005000a000000050001000700000005000400000000000900020073797a310000000015000300686173683a69702c706f72742c6e65740000ffffa888078008"], 0x5c}}, 0x20084884)

1m27.472958912s ago: executing program 3 (id=281):
memfd_create(&(0x7f0000000440)='y\x105\xfb\xf7u\x00\x00\x00\x80\x00\x00\x00\x00X\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc9Z\x82@\xb1=\xc4\xb6=\xed\xec\x8d\xa2lI\xffK\xfd\xbc6\x90{s\xebr=/]d;\xc4VE\xdb\t\xc0\xe1\xcc\x0e\xf6+\x16\xc2\x17\xe0\f%n\xb3u\xa2~\x86,\xdek\x05\xda\xf5\xb6!\xfc\xdbl\x96\xedm\xd9nf\x00\x00\x00M\x1c\a\x81\x1d\xa24\x8e\xe8\xf3\x9e\\\x17*Ip\xbf1\xd4\x0f\xcc\x1e\x85A\x85\tH\xc2\xe6X\xc7\xc5\v\x1cZ56Buj\x81G\xca5\xed\xda\xd9{|\x18gY\x06\x9a\xa1\x04\xbd\x85\xbaq\xb1\xaduR\f\x01\xc65\xe7\x81K\xbf\xab\xc1hUd\xb7\x8b^\x06\xdbZ\xa4>\x1dg5\x1bFFs\x1c\xf5\a\xef\x97\xa5|\x01\x9e\x13\x1e\x8a\xecY!JW\xb3\x1a\xc4\x9d\xc1\xf5\xdcU3\xee\x8ddz\x00a\x95oKc\xd6\xf4/\x9a\x9c6c\x98\bxz\x04\xf7\xecj\x99\xc1=\x01Q\xb2\xdfR\xd5\x17\x9a=\xf3s\xbc\xac\"7\xb8Z\xa4\x04\xf9\xf8\x86\x8f\xb3\x89\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\xa8\x9aJ\xc6\x03\xb4\x9b\x14\xb1+\xa1\x93\xeb/\xd3tq\x98\xd3L\x1a\xfc\xb14i_aFlb\xa3h0\xee.?\x90h\xc9\xc9m\xe1C\xe1\xa9\xf5\xf6\vf', 0x2) (async)
socket$inet_mptcp(0x2, 0x1, 0x106) (async)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}) (async)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r2) (async)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') (async)
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0) (async, rerun: 64)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0) (rerun: 64)
r3 = socket$netlink(0x10, 0x3, 0x0) (async, rerun: 32)
r4 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="01000000000000001c0012800b0001006d616373656300000c00028005000f000200000008000500", @ANYRES32=r3], 0x44}}, 0x40000)

1m27.39825337s ago: executing program 3 (id=282):
r0 = open(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f0000000080)={{@hyper}, 0x1b, 0x3, 0x4, 0x6, 0x10000, 0x67, 0x9, 0x7}) (async, rerun: 32)
ioctl$HIDIOCGREPORTINFO(r0, 0xc00c4809, &(0x7f00000000c0)={0x2, 0x1, 0x40}) (async, rerun: 32)
read$hiddev(r0, &(0x7f0000000100)=""/108, 0x6c) (async)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000200)={0x1, 0x1, 0x1000, 0x10, &(0x7f0000000180)="ecb5ce6eb5e53937877768e0ac56861d", 0x33, 0x0, &(0x7f00000001c0)="73eba3a2f15fbb1c76b0741aae9104123e8a6cf59ffecc57d464c023af791d3edad71ab99839befbcb74686c70658c6e790560"}) (async)
readlinkat(r0, &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000300)=""/145, 0x91) (async, rerun: 64)
setxattr$trusted_overlay_redirect(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000440), &(0x7f0000000480)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x74, 0x3) (async, rerun: 64)
ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000500)=<r1=>0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(0xffffffffffffffff, 0x5000943f, &(0x7f0000000540)={{r0}, r1, 0x6, @unused=[0x3, 0x0, 0x7, 0xe71d], @name="849e9c2518cf302418c392e4aa35e5cdd0bba113e6157765855af79a510e3e66f985ae922ea58409249cf03d0a8a618f957a0e98ad534eb89ab16f76aa6efda8b8d9c700df7dac16977b0599105cc5a0141b0eda7b4a242d6f6c3219d0bde689e025aee4700ee1140ddafa94c17caf99d1bb9d5b9e24fa99067a0f5ec81f75686a190cd1dc83a0f383ac8a40e61fa366ffef11816f001a775011a0d9c5f3a9ed7b86234d0e9efff792c07c1e63aa83ab6aabdc24561feefd76ebd626a9e4b9337c04d3900c6c92956ebb735cf86503a77289a11bc98539c89330ea01c2b356bb1ba129610647689584d2b75b9cb354b923ce40a382623131f81b40c81a100ef1af9e2cd171aa9c33abd5e3f8bfeb0bfa027558ef4841c0d8002fbcb02d35bd1fe58a5595dd9b3204d19d88a3b3d17df4c25a4e6884353d523f4b9c8b6d202a97b984e45aeeb6a091342d0ad113d235b5e7a38a59238775f9a5ec90615ee0f5744512f244c6f19c40b937d79c5694cdd43686110dc89c5d0425d7c37ef8ed3a96cd712be4ce7bc9436f4f4d3671652d3da779e75ab37ce6165b1e6b78b479dce2038e4b80581789a6cf567ea0b8265f2a0c6484c684bd1707f64b595cb554ba6f603919910a90567574decc837c2f01d92eaf77bf34af5df1508b3124d0131495ab85c72c87bf243895ea044ec2e562d0d95a7c007cc0dfa254809e2bc30924b945924846042dc022c0614b2774dd35d5b04043139a98d285dc88885a4f918377cefcce84bdb28616954c299a006ac360b88f366d6fd4b5098b6ad2dc60b9efc59a807ca6ccdead227836e9280df88691e49d474f03f544fda7cb0010348f86b95383c9a22954ab8ebd37d13a9743aec630e626d85a3d57219ab0d229aa94fac759e51940b24da581a11515cd08597dcf11dc09d9371d3364f4dec5f8a46e0ee6166e7ac6d860927d9160b77bd57a1af1fe1169c7ca7c44f912026f4f5e9faf4050ba49f4d466d224e1f1df1ad864ee8b2afd94b8b604295cef843d94a2f2986bf23a815442d5a2e19edacc174373791384bd07372da236754936c3ca416bd3de56fda88a9f7bb87262d19f02d547b48e6421b69f65f22a370e9787f40b2e11b1da84d150802c2d414050e581c05338f5006f179809f77b19477f4eec4e5626df01e1f03cb5d76a3adc43c56e90b4731394db24fe08fe0fa63eb9fe04391ce93530106eb9f99f28efd28ac4bffb3f89882fab7211e4ea2cacbd79e8ff7055629350867b03748c4229bf235385fb2789bc22a84d9e76ef9fe4cd3da083ee33f13653f537f890d8af6891ffb0d9cbda24f589a1c89d4e4d5a386a22c2165bcaee5f04f0562fb966bdfe30ea9ec6e32c73e6c662c81290316af7fca570d80812fabbfc56e26233804798ab3dbbaef9d02f3fe4da9535d129ebfdff0953819020567da2d03e5f4eb74805cbc8d77cf0a195e043dac32c48b683aebebc2d545690b614c87eb3c130bb679f15da1a04240c073f60524305ffde1d7dcc7274b695d4e8e47bc89c9f572e3011044cce10d2b026ff397ee26cfd957abebb7b6f8977b56db8a5dc21282bc821d0078ae073e26ef2997674240851cc2505785be513517eb65784fd2f30c46a01c2f8e714e86933b51b2286f3ead82996ce949100b33febed233d9e4e1a7c2312171bb666ae7b74c5d5d49b443aedd4d55634910fe468519377795244f2f1f9db17703b5d5a5909911f462ac8b06d108857ae0313485bddf3cccbe0a27a5f35b30b0c1273783185e20b98062f1a7f66e43c7771355f1d07b646ad5fa16d9564a77c5eb68528fbab11558e0b9708dc93b05b073b18351ba0e1e69a8dce97921adb65a09dd706b9451be1125c366ac559185723536ebdf7bc78fa7ae2a786daa2bfbc579989b82a0ee86da28200c9428da37947c716107ba58f7dfde20881e8b507dd8f5a7d45d02c43d2da5c7c871a56ff2f688f7eeba1f320cc1e47c4a4347e0d66565edda5668974b7c79c9539283f84484147d3623e9013b7fd13c3a9c2426473115a009067b2fe81ff619c56188cca51d01aba9fca64aaf5e542543eda16c4a8e1f8510b24f2dac223eb6428dc1da69991583acdafbc9de1a5c12e3c3db03a477b01890f70e49a1574197e186aff1a8049ad9561ac23bc3601cffebff32ecf753b284b013941fd40e876fcefbbef9c119f20cde1f2ea0a1645e43b506f9991e045a602fb618f86a848639f5fc9fd12d80a1075df19b4011737f4bf69ea0df2c494de01688d27fb5cd50f1779afc69fbec5aa1a1ad9818b8a3de0e24e808a926f421e4406b11185d357c00e51376b64c599bdafd4d587400c508e1dac4382f515098294a3f8a932811f614dc48252fbdad8ca14727a4f6ef080643bed68585088941057a613658f4c35e080c13e3c011fee81e47845d56ba45e2189c81f395cd1dbb18d9d0ebdfe206a0a4aa60bff1c3d04c60ca28adb4a5ec0531c2993dddf9f80a640a40165d8c06899ac0666d37eced97bb5c9fa5d08d7b4c233fa3c7d163537af5c11d572f990d14609ec94c98504074b0db453cdb976932c68ede996070c4dfc7b26eb840950410d95a861f8f13fe459ef5dd9555b5188eadeff947d091fea7d89a764fcc0991d660e3ed0ce496a36ca3e1f70446ea9bc767cacdd5642fd754ad215c5ebd61a96d5e8bfe130e69aab5a5360a692f720602657a16c13d1056370c46819f068526886f8e3055bd91868783f8b6070a4ad63c6e72866420e537361833f8162bc1073802d7d7a0bd29850ab20d34ba3e28c2f3e616977451a917a6cc6b5a489a74600daa8a41e1f68c4615a9c2f902f891c682eae7f241865729be16c732cff9312fb568d4468172521e654087f34141cd6d42c426f49ca469028d90c1d7cf9df073851194b8606cee74ff24f27758068dfd22684e403587166fc595631a72d90dc62f854440b8f30996488ca2be38865ae126f49d2599c3f6d416d695f42746bd06b060348feaffd52cd80de36cb2032c1681c26026d9f44849281cb78616d85561fb866379c7968e21e422cc5ffd0011bfed226585973112c40ae56b5ef2d3a4083ff85219f7febdb15d94fde1c1a08a04627f0e2f0f8206df76ae1cdb35ccd79bc7a4097ee0500d4fd8d7c5cc00cedf9f056cfad080d7b14b694b2d2e4d1763a4d3d8f99d5db0bb34e2a409b3ce495f8d51e86eb2613357247f5fd94d9c3b0a97eb5f331d120f23d3db053e6c29bef13763643f59db9a0ba313efa1ce5c46151b654ed80ac4bea35110c5151f3e89d3e29c2193884e3d8a998dd8f5ee474a1d2e91dcc8fe31f95762c09fbe10df18c50307e21e721eb2eb13fa52ccc90bc49ce48bf76b0a5d76a19e8f73663bd4a4b1f929e003fc515e435022991b4a8c4b103077209bacbf2a44bcf9f361e461ae4188288a54fcea486b5df9969174908214229947a87504ab2f5862f0b300b4a7fc22b61ff1a9ea89ed5599f81b3daddb426065566c0b139625637358a5111210589f039271ded3003761fd0a24247972783ced915b1deefa8276f0af55864dcf2d660a5dffcaca6e16f2313925a8ba536fe7ecd018c47ff2c9dea86805d047d70137066dd5973e073659fc0efd4487eab6294a3b4be016f51f065521146bfc751909018be64c6c6dc65a1d7c1f5db9b2e9e18d1663857eda83903350d1f8d6e910900989df0a849913057987c28e0a00387a7bdc38aff470c1505482561e0ac921dfa8a2fc07aec6893f2f514b35c9d528470abe9874694fc34275251073510a383298c560c133d58a0a426d1dd4bd6f74610d7ccb1dfff3eeb3da9c44da0afb734b17366d32490b7f463ef8f4da4761aeac92eaafdc99cfb6c5638d54cd40c9e1d422d57d460f5bef4d703aeebbf977725415770c397561321b94b96a11248b22655f5326e24ef1be9d5c5bfe4869f1d76d6e6c67e7b9782f64872f1af7593457d266eb0f184676c2308cb5434b9d2f72c8eb0fdcb5f74b471f21c1db0e136789cb86451bdcb7c8407851724f61835019ece20b29340d2792a8fe273fed9719303bd9fbd8c4c8c5fef2f01cae6e33e1710bff4c96e119a87cfe1ab7e3ec3d0b47abeeab260439f013e5300650a2642fe4872e70bdc0b65217aa04447089bfadb7b478ae46e6b1f3d9512b7b0357cd6e28da1f51c3a2ba8b385aaa008decfd82727c432beee9c0eb07d916a755409e97dfff328230cab8ea9a0eb9a534d98f095ad88ca6e7012aed1fd95e8ec7d118510a58f4be822c704418e940e22f406a3affaade7a63f681d0bf2ba2263e0aa338bdcbad07c83b9d7e5a219e1f5ca2f056248d7d50065271a6ddb95c926cb8c29ba4cd28d2f622be7bda459931d6555bf5be865b5cdebfc63ead342955e654709b94775ce162fac74a4f3127a7089d30a0c6243ae1c5e3921419d3d223cfea3106f11d1be2b048c782a4a76b05fcf64535187769d4e3c4f84002790d080c7bd6f32481e72a9b3cf948f6790654724d178d38e61304cd1a2e7cac352623922a3c998f34cadc23b5c135941cb1fd73ea30ee0e3253ee6c484bdd90b1e26c9e87ed35fcee587bcbe35a824b6c6b6cc56019b07788923e89ef914229c95004db0eaea7506597251b5040fe2f950e6f0228db5093932e658fb6020a5e5b565eb6ecafde9c0d17a98863ea609499b7f70039061673d4f21a4a01371cb4891a92e9a414af02b7782d3c9012286c4136b16fbd72b46fc792a618f58e9db95a7087edcfccde49c3fd67965411084a31fd83770aefa2f0f3ca83c3a1fc85d79b8d25ff629f080e2480a2c97f6bb1889102fd1b292e98d968082b0b06cf89c3316cae418a15b80e0387469adb103f6f343ae8062fd350bebad6f307530539c157eb55b5f5ad316a1ae13c38da41c1259a5c560139436cd55920a3a0ec8bb0388429505ba7cbb1ea0d7efadf75f0b8cbab79d658cb8324d1db998e7ff5d37e777b62bc0f29900e47a5f95fff3031a8fc2e0dc08e8aac666bc903de1bcd442a5f4b1001c6df96f42ab2f4e2183a313a54f86bd43bb46f125aef290683595ee249ab411d379ed0e605b65722d502fbd12b7e2e5f6c78ad7f879f5e5f3e577d3201bad00e82780e7d1d648614d2893997770a4c9fc847facc79284e616e1824d023fc682b9e1a439d6e9e0b92bf612046a775aae9d8efc8b3958b8496f54b16496ae5337fa5edc4c356023afe4db972a9df6c6333039d8fc44e695056065109bd73889a213c86cb77c81b9c39fdce9d447ae8fef3e2e6967365a4fcb72fdaee5ba507be2c4042403489f14be0fc687f2057a38a164690ece43953d252cfc7c60321d8b386422fbeb7b6b90624bb794ec9f77dcfd50926b6c8e45aaac67a2dbcddde1241affacb243b9b26953793dd02d847014883fbf7bda5368e91612a5417d1fc4754fa5c18ea5c00b35ae4e9edeb9a4ea508068d515f586ea7e4d112665515aa7b82f95e1b2ffdd52eb479bf7f55acd70029d2276dc8a2103bda05dad48387f2dd59038c782696c990c1d6c55888c979ebe368549430c76260a855a3e67de4cfc208948ded9edb7b0da8b1270773829aa196932d28a2349af8a843f3cc573bf45fe45102d07bc9983bd0e6aa275953ef611c013c1c29bc7b829f6febea5474eff80efe6671fe94a7f647c6369b9c76fca7f4d9456edb29ac922c56e7bbf23251b"}) (async, rerun: 32)
ioctl$TIOCSBRK(r0, 0x5427) (async, rerun: 32)
r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000001540), 0x80080, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000001580)={0x41000, 0x0, 0x1})
mknodat$null(r2, &(0x7f00000015c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x103) (async)
quotactl_fd$Q_SYNC(r2, 0xffffffff80000101, 0x0, 0x0)
ioctl$BTRFS_IOC_QGROUP_LIMIT(r0, 0x8030942b, &(0x7f0000001640)={0xb991, {0x0, 0x98, 0x8, 0x7, 0x2}}) (async, rerun: 32)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001680), 0x8000) (rerun: 32)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f00000016c0)={0xffffffffffffffff, 0x3, 0x6, 0x1, 0xc8})
ioctl$XFS_IOC_BULKSTAT(r2, 0x8040587f, &(0x7f0000001a00)={{0xb85f, 0x0, 0x5, 0x6, 0xb899}, &(0x7f0000001700)=[{}, {}, {}, {}]})
ioctl$SNDRV_TIMER_IOCTL_TRIGGER(r0, 0x54a6) (async)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000001ac0), r2)
sendmsg$DEVLINK_CMD_PORT_GET(r2, &(0x7f0000001bc0)={&(0x7f0000001a80)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001b80)={&(0x7f0000001b00)={0x60, r4, 0x100, 0x70bd26, 0x25dfdbff, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000}, 0x4)
r5 = syz_open_dev$usbmon(&(0x7f0000001c00), 0x6, 0x4c000) (async)
newfstatat(0xffffffffffffff9c, &(0x7f0000001c40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001cc0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x6000)
quotactl_fd$Q_QUOTAON(r5, 0xffffffff80000200, r6, &(0x7f0000001d40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async)
ioctl$sock_SIOCGSKNS(r2, 0x894c, &(0x7f0000001dc0)=0x9d2) (async)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, &(0x7f0000001e00)=0x2)
ioctl$CDROM_TIMED_MEDIA_CHANGE(r2, 0x5396, &(0x7f0000001e40)={0x1, 0x1}) (async)
write$cgroup_subtree(r0, &(0x7f0000001e80)={[{0x2d, 'rlimit'}, {0x2d, 'pids'}, {0x2d, 'cpu'}, {0x2d, 'cpuacct'}, {0x2b, 'perf_event'}, {0x2b, 'hugetlb'}]}, 0x31)
ioctl$FIDEDUPERANGE(r3, 0xc0189436, &(0x7f0000001ec0)={0x6, 0x3, 0x1, 0x0, 0x0, [{{r3}, 0x7}]}) (async)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

1m27.350940592s ago: executing program 3 (id=283):
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
write$FUSE_NOTIFY_RESEND(r0, &(0x7f00000000c0)={0x14}, 0xffffffffffffff7b)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYRES8], 0x14}, 0x1, 0x0, 0x0, 0x1882}, 0x4048091)
mkdir(&(0x7f0000000080)='./file1\x00', 0x100)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000140)='./file1\x00')
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r3=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280), &(0x7f0000000180), 0x0, 0x0, 0x0, 0x0, r3})
getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x15, 0x0, &(0x7f0000000100))
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = fsopen(&(0x7f0000000240)='zonefs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r5, 0x5, &(0x7f0000000180)='\xaal\xd0\x16Z\x1a&\x1aM\x82\x06G\xc4Fd', 0x0, r4)
write$tun(r4, &(0x7f0000000380)=ANY=[], 0xfdef)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x2)
r7 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r7, r7)
setpgid(0x0, r7)
fchdir(r6)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', 0x0, 0x8, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r8, 0xffffffff80000800, 0x0, &(0x7f0000000340)={0xb, 0x3, 0xa000200000a95a, 0x3, 0x3, 0xfffffffffffff9ee, 0x5e96, 0x800000000000001, 0x60})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000019c0)=ANY=[@ANYBLOB="200000002e00090027bd70000000000004"], 0x20}, 0x1, 0x0, 0x0, 0x42804}, 0x0)

1m27.20917958s ago: executing program 3 (id=288):
gettid()
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000100)={'team0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4, r2}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x2000a804)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r2], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0)
preadv(r4, &(0x7f0000000280)=[{&(0x7f0000000080)=""/122, 0x7a}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_PANTHOR_TILER_HEAP_CREATE(0xffffffffffffffff, 0xc028644b, &(0x7f0000000300)={0x0, 0xd, 0x3c0000, 0x800, 0x1, <r5=>0x0, 0x100000001, 0x80000001})
ioctl$DRM_IOCTL_PANTHOR_TILER_HEAP_DESTROY(r4, 0xc008644c, &(0x7f0000000340)={r5})
r6 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_LOOPBACK(r6, 0x65, 0x3, &(0x7f0000000280), &(0x7f00000002c0)=0x4)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syz_tun\x00', 0x2000})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="2800000003080101000000050000030500030011001664a1f36fdbbc7d7a300000000033138762d23739945c5a602ad696f9a8749d3be280132fc1ee2ea9dd56c87329588cd2f3d601043202a1b64b3bc9ceaebd17e5266ace2412b97f18522531941b4eeb73235a106e8463b6e5314b4f1fd3701802f7287b50cfa499a9dd96ef07291e39e577c293f9b11342ea9c5ee756e67e36bea60679f31c2a27d509a8d4c4db5a2089ce09a1ee31ec0255cdf355c6a41710d237c4f8c41485a12b90416bc6f00d6b114502a4262a82be25ce99c01b35c968ee70dfdc0383056a25c359"], 0x28}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010000030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a31000000005000000000000100000308000b400000000028000480240001800b0001007470726f7879000014000280080003400000001108000140000000000c0003400000000000000003140000001100010000000000000000000700000a"], 0xc4}}, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x141, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x4b564d06}]})
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r10, 0x4068aea3, &(0x7f0000000180)={0xbe, 0x0, 0x1})
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_SET_MSRS(r10, 0xc008ae88, &(0x7f0000000040)={0x10000000000000cf, 0x0, [{}]})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r11 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r11, &(0x7f0000000100)='\x00', 0x1)
r12 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r12, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {}, {0x0, 0x0, 0x11}}, [@policy_type={0xa, 0x10, {0x521be6ad4a8be5e0}}]}, 0xc4}}, 0x0)

1m26.851419076s ago: executing program 3 (id=296):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000005700)=@vmx={0x0, 0x0, 0x2080, {}, {"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300"}})

1m26.817153399s ago: executing program 32 (id=296):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000005700)=@vmx={0x0, 0x0, 0x2080, {}, {"0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300"}})

2.110560557s ago: executing program 2 (id=1348):
ioctl$XFS_IOC_FD_TO_HANDLE(0xffffffffffffffff, 0xc038586a, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, &(0x7f0000000000)=',\x00', 0x200, &(0x7f0000000100)={@align=0x7, {0x8, 0x3, 0x9, 0xffffffffffffffff}}, 0xb, &(0x7f0000000140)={@_ha_fsid}, &(0x7f0000000280)=0x3})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r0, 0x0, 0xe9, 0x9c, &(0x7f0000000300)="e80a22592362e578172388d6e9fec23a78efadba51e90243d0fdac8439a677cd1e72080c175c547241f9d76892139e74f9004838d07a685a2186381b6a1e0328fd03d8a161d24a815aeb009ec3a9fa783f11c28e9a5bd7e9d77021602ce6634d866f64f114a58264b75228097e1fa2561c71123f9a4cd71e82168382324da0ea0ebe16f42e20481ffcb4a2efd0e7c59db517de3d0fd748d409e3c65d4145afb757f05c100df09454d68cefe7775cf423b0c01757290f15eff9d918896744e4a04ddbf968387484d67dcc40a233442e34fb3dba32302ef19f7a03b66728379b8d5550e2926575db8edc", &(0x7f0000000400)=""/156, 0x8, 0x0, 0x8, 0x11, &(0x7f0000000540)="7c7e794b282be4ce", &(0x7f0000000580)="4d9f59a0e15261196398be792a25f3fe1a", 0x1, 0x0, 0xe67f}, 0x50)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f00000004c0)="460f3266430f71f3002e0f01cf0f01cb36450f68f76645dc26b9800000c00f3235002000000f30c7442400a5000000c744240256000000ff1c240fc7baffffffffc4e3fd0030f5", 0x47}], 0x1, 0x70, &(0x7f0000000200)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x81a00000c}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt(r3, 0xff, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000071004300000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e2e01d50bc3347475750472719cc516fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba70000000000000000000000000200"/173], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
syz_usb_connect(0x5, 0x2d, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0x3)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0x1}, "02"}}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x21}, 0x94)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x801a01, 0x0)
ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246)
writev(r6, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

1.570972824s ago: executing program 2 (id=1351):
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be521634e250fb5b", 0x10}, {&(0x7f0000002400)="a18d55b6456bac655039b6a674900d579347393e35fdeed1fa8f68a4b05addbeeb0fbefbde6bcf26771ea0fdc771a23b3fb0462475833a25704ba4e839ef72c08766edbf2dafc979b1d9652f1c53fb2e2103f0a9f761bea9623c0673bd281cfce139ddb9aaa0c712059e85784fcd6fd8d48f99fc8147ef98dcc988d989d4c301", 0x80}], 0x2, 0x0, 0x0, 0x8000}], 0x1, 0x0)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000001400)=""/4096, 0x1000}], 0x1}, 0x0)

1.57070715s ago: executing program 4 (id=1352):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, r0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x10, 0x0, 0x25dfdbfc, 0x2fffffffc}, 0xc)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
timer_create(0x2, 0x0, &(0x7f0000bbdffc))

1.570500807s ago: executing program 2 (id=1353):
timer_create(0x1, &(0x7f00000000c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x9f9, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x3, 0x20002f7})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
open(&(0x7f0000000000)='./file0\x00', 0x4142, 0xba)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000004200)={0x50, 0x0, r3, {0x7, 0x29, 0x2, 0x80000}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f00000042c0)="0000000000000000000000000000000000000000000000000000000000000000000000001f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000eeffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x20, 0x0, 0x0, {0x0, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)

1.470680991s ago: executing program 4 (id=1354):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020200000d0000000000000000000000030006000000000002000000ac1414bb000000000000000002000100000000000000000000000000030005000000000002000000ac1414aa000000000000000001001500000000000100140000000000010016"], 0x68}, 0x1, 0x7}, 0x0)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r1)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00')
mount(&(0x7f0000000000), &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)

1.34303683s ago: executing program 4 (id=1355):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8800)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f7f"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 21)

1.34284794s ago: executing program 0 (id=1356):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000005700)=@vmx={0x0, 0x0, 0x2080, {}, {"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300"}})

1.336934041s ago: executing program 1 (id=1357):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x1, 0x1, 0x6000, 0x2000, &(0x7f0000fa2000/0x2000)=nil})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x26e8, 0x2, 0xffff1000, 0x2000, &(0x7f0000ffd000/0x2000)=nil}) (async, rerun: 64)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000100)={0x1, 0x0, 0x5000, 0x2000, &(0x7f0000fa2000/0x2000)=nil}) (async, rerun: 64)
r2 = syz_open_dev$loop(&(0x7f0000000280), 0x80010a, 0x1cb600) (async)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/reserved_size', 0x82803, 0x3e) (async)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="74817c9e08000000909cccbc87f289614d5e8a2bee000000000000733d64642c7266", @ANYRESHEX=r4, @ANYRESDEC]) (async)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, r5, 0x1}, 0x14}}, 0x0)
ioctl$BLKFLSBUF(r2, 0x1261, &(0x7f0000000040)=0x800) (async)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000080)={r3, 0xffffffff, {0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x13, 0x14, "faf98317e5a1149989fc8dbe43ea6acc9663a2503dc3bd3fe37d58328bbad0099cebf225f5d69098c8b534464c512bdd8a0f1901000100", "32d8cc263d9e234b02000000000000004a6783cdd3dfe7800b2d7b6aa54cc5001fcaed1e831fa79a000000020000000000000400", "6704dae4901802c4dae4162e43ac61b7ad3300", [0x7, 0x6]}})

1.173093051s ago: executing program 4 (id=1358):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000600)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'team_slave_0\x00', &(0x7f0000001ac0)=@ethtool_cmd={0x2c, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x800, 0x9, 0x0, 0x0, 0xffffffff, [0x2]}})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r3, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x14, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNIMAP(r4, 0x4b66, &(0x7f0000000100)={0x400000000000027d, &(0x7f0000000000)=[{}]})
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r5 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2c, 0x25dfdbfb, {0x60, 0x0, 0x0, r7, {}, {0xffe0, 0xa}, {0xfff3, 0xe}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x6}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000d5}, 0xc010)
sendmsg$inet(r3, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='tmpfs\x00', 0x16, 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x84022, &(0x7f0000000100)={[{@nr_inodes={'nr_inodes', 0x3d, [0x67]}}]})
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x74, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0x7}, {}, {0x7, 0xe}}, [@filter_kind_options=@f_fw={{0x7}, {0xffffffffffffff48, 0x2, [@TCA_FW_ACT={0x3c, 0x4, [@m_vlan={0x38, 0x1, 0x0, 0x0, {{0x9}, {0xc, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x6a64}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0x6, 0x8}}]}, 0x74}, 0x1, 0x0, 0x0, 0x80}, 0x24000880)
openat$cdrom(0xffffffffffffff9c, &(0x7f00000000c0), 0x440, 0x0)

1.088799067s ago: executing program 1 (id=1359):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0xc03, 0x0)
ioctl$XFS_IOC_FD_TO_HANDLE(r0, 0xc038586a, &(0x7f00000002c0)={<r1=>r0, &(0x7f0000000000)=',\x00', 0x200, &(0x7f0000000100)={@align=0x7, {0x8, 0x3, 0x9, 0xffffffffffffffff}}, 0xb, &(0x7f0000000140)={@_ha_fsid}, &(0x7f0000000280)=0x3})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r1, 0x0, 0xe9, 0x9c, &(0x7f0000000300)="e80a22592362e578172388d6e9fec23a78efadba51e90243d0fdac8439a677cd1e72080c175c547241f9d76892139e74f9004838d07a685a2186381b6a1e0328fd03d8a161d24a815aeb009ec3a9fa783f11c28e9a5bd7e9d77021602ce6634d866f64f114a58264b75228097e1fa2561c71123f9a4cd71e82168382324da0ea0ebe16f42e20481ffcb4a2efd0e7c59db517de3d0fd748d409e3c65d4145afb757f05c100df09454d68cefe7775cf423b0c01757290f15eff9d918896744e4a04ddbf968387484d67dcc40a233442e34fb3dba32302ef19f7a03b66728379b8d5550e2926575db8edc", &(0x7f0000000400)=""/156, 0x8, 0x0, 0x8, 0x11, &(0x7f0000000540)="7c7e794b282be4ce", &(0x7f0000000580)="4d9f59a0e15261196398be792a25f3fe1a", 0x1, 0x0, 0xe67f}, 0x50)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f00000004c0)="460f3266430f71f3002e0f01cf0f01cb36450f68f76645dc26b9800000c00f3235002000000f30c7442400a5000000c744240256000000ff1c240fc7baffffffffc4e3fd0030f5", 0x47}], 0x1, 0x70, &(0x7f0000000200)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x81a00000c}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt(r4, 0xff, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000071004300000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e2e01d50bc3347475750472719cc516fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba70000000000000000000000000200"/173], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
syz_usb_connect(0x5, 0x2d, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080)=0x3)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0x1}, "02"}}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x21}, 0x94)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x801a01, 0x0)
ioctl$EVIOCGPROP(r7, 0x40047438, &(0x7f0000000180)=""/246)
writev(r7, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

1.088322997s ago: executing program 0 (id=1360):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, r0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfc, 0x2ffffffff}, 0xc)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
timer_create(0x2, 0x0, &(0x7f0000bbdffc)) (fail_nth: 17)

1.028971228s ago: executing program 0 (id=1361):
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f00000000c0)=0xffffffffffffffff, 0x4)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = socket$kcm(0x21, 0x2, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_rdma(0x10, 0x3, 0x14)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(r3, 0xc02064b6, &(0x7f00000001c0)={0x0, 0x0, <r4=>0x0, 0x0, 0x0, 0x8, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_DIRTYFB(r3, 0xc01864b1, &(0x7f0000000240)={r4, 0x0, 0xc, 0x1, &(0x7f0000000200)=[{0x0, 0x7, 0x0, 0x8}]})
mq_notify(r3, &(0x7f0000000000)={0x110c230000, 0x3, 0x2})
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a80)=ANY=[@ANYBLOB="140000001000010000050000000000000000000a88000000000a010100000000000000000a00000008000240000000010c00044000000000000000030c00044000000000000000031f0006006cdcbf1cfe826d48bf25307caf3c613751de9e05155995167f1ba4000c00044000000000000000020900010073797a3100090000040006000900010073797a31000000000900010073797a30000000002c000000030a010300000000000000000a0000000900030073797a31000000000900010073797a300000000028000000000a010400000000000000000a0000000900010073797a3000000000080002"], 0x104}}, 0x0)
getsockopt$sock_int(r1, 0x1, 0x12, 0x0, &(0x7f00000002c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0xffb0}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xd, 0x9, 0x0, 0x0, 0xffffff13}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x9}, {0x7, 0x0, 0x0, 0x8, 0x0, 0x0, 0xfffffdff}, {}, {}, {0x4, 0x0, 0x7}, {0x18, 0x2, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x7, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

960.990937ms ago: executing program 0 (id=1362):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8800)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)
r3 = openat$panthor(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f0000002140)={0x2020, 0x0, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
syz_fuse_handle_req(r4, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x0, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0xffffffff, 0x120, 0x2000, 0xa8, r5, r6, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r8=>0xffffffffffffffff}, 0x2, 0x2}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r7, &(0x7f0000000680)={0x15, 0x110, 0xfa00, {r8, 0x0, 0x0, 0x30, 0x0, @in={0x1b, 0x0, @local}, @ib={0x1b, 0x0, 0x0, {"00000000000000000000000000000001"}, 0x0, 0x0, 0x3ff}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r7, &(0x7f0000000400)={0x13, 0x10, 0xfa00, {&(0x7f0000000200), r8, 0x2}}, 0x18)
ioctl$DRM_IOCTL_GET_CLIENT(r3, 0xc0286405, &(0x7f0000000280)={0xcc22, 0x7f, {0xffffffffffffffff}, {r5}, 0xe8a, 0x6})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000580)="0f20408fc978cbeb0fc718b805000000b9fa0000000f01c10f20e035080000000f22e00f01c966bad104b800000000ef360f01cf66baf80cb8d459a08cef66bafc0c66b8620066ef9adbbd00006f00", 0x4f}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f7f"], 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000024000/0x18000)=nil, &(0x7f00000001c0)=[@text64={0x40, &(0x7f00000000c0)="c442b907920e000000f3440f001a66baf80cb8745be985ef66bafc0ced67263e0fc79c79000000000f21aef22665420f01df8f4978804eee67410f01cb26420f0051030f2201", 0x46}], 0x1, 0x5b, &(0x7f0000000200)=[@efer={0x2, 0x2800}], 0x1)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

640.497682ms ago: executing program 2 (id=1363):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010400000000000000000500fffe0900010073797a30000000002c000000030a01020000120000000000050000000900010073797a30000000000900030073797a3200000000e4040000060a010400000000000000000500000008000b40000000000900010073797a300000000008000940000000020c0005800800014000000000c4000740ab487b1b512f33a8dbd67a8b35f2405127f309901ea13e31d5810f85eae8f528c938c24abb1b1abbda2e7fa6e0758629bb09ed64a8ba5b2ef3c3591fd06d7e10d93c0857ecac854ac51ad69639d98adb2c1464e444cc1a6a2e7ee244622433b51f58606b063f4938101a7e764c957eba2e913b2ac10435471fa769740a1275cb467e5264b71bc8727fc12e9aba46e4a8abf3dda91e0da608d6a0a35573d5524fb25451cc23051887de4df85c8e771260c4943e78905aa1e7493027366ed1bea0d8030480480001800800010066776400"], 0x558}}, 0x40)

640.202436ms ago: executing program 2 (id=1364):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x82)
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000880), 0x88800, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000400)={0x5dc3, <r2=>r0, 0x1})
mmap(&(0x7f00002cb000/0x3000)=nil, 0x3000, 0x1000002, 0x810, r2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xf, 0x4, 0x8, 0x9}, 0x48)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000a40)={@map=r3, 0x4, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0}, 0x40)
syz_clone3(&(0x7f0000000c40)={0x400101000, 0x0, 0x0, &(0x7f0000000480), {0x17}, 0x0, 0x0, 0x0, 0x0}, 0x58)
prctl$PR_GET_IO_FLUSHER(0x3a)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x1c5ed000)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x101400, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='fdinfo/3\x00')
read$FUSE(r4, &(0x7f0000004100)={0x2020}, 0x2020)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000040)="708d3ca6244e2ff7598b9a2fe1ed13fe6f012e2c8360424e0a2ed420959b400c49fd7b0b68121c3cd35dd0f5e52bb79af090ce7e0b1d2c5627e77018ae2929d01006376fa6715ffa984bd633c86707211c31620269e314da14e00a643ae87886db8123f56d3d8a5002853ba3e6869d3b60888118457bf7496538507f", 0x7c}, {&(0x7f0000000100)="623c1b9773de411c262a3d67607aedc33a8dc7ea6b45af9b090cc28ac4d3dc85e785a0d77ffb4b6b095d2fe61f7c4269a400507b884d5ea906b7c4579abf63540572fd7efcb0a53c54aa6020af4317c71bfbb4408d9cadfb55e3d3a253e40255a5ea0eb0c3abaeba2960698dc3527862b85fefed2e6b1bc9d42b5b02c763cf7fd2a3bf008a856423b8dbd78a8cca7889efc6615cb6f30e3996defc115fa76c2d00c967c5b527f2f58f4d197bc0da3651a28cf93582fd42e7e2ca81a198467ed0545397b3af647d2fe1d71faf406a3b588ce17d873612391147be7efe28b3f3ca04ea165f8d5b254c7e0b2e7aa68f7f6c264a", 0xf2}, {&(0x7f0000000780)="566370a65e78adb3a9c3ed88782cccad7cdb77f79228d74a33509885191c5bda838440c82159cbd11abd79a88d608d50fe415023afd28f031bd2617142d666d8d340e7abe09f4b26ae7a7a6ea4c799e5a933601d0f408a8ac312acb970894d02fb1805ae253be82b55f04c893fae8a793cd2c4b8921112c59a081105ed04e1080ec70d0ee7f73eb28dd6e0b498fd7e7e1066491c2bf709d82f01a264cda3efb5e2052d8e894808e404d777686e9e5b7ef1843b74656f0053cd7da657a4fd8af9b68881cd5ce38c4ce29cedf88aa0457aa68f7e20fe664aa9a38a3fd9912afa7a39a96408211c12e8c203b7c81a1e23ac8441306ad258addf15c6f2", 0xfb}, {&(0x7f0000000300)="42e2ed9d7341addf4f1041d08cb524c607d20d73a044032f", 0x18}, {&(0x7f0000000200)="605ede1846abd7caa9319fde024086735c20a88c508c024ce27ed913f78d943821de96daef63f634131c6504b937caec94593df365ccd4155d90e9301c4331ad4cb5dbf625e0df61a07cc6555fbfe99bb575e9d507fc2c43183e30eb8d9b6218192ada51291acf28d8dcd17b1dd5e6a220f096a5c584dc547ad06b3ece17bbf4f67ae0051485ccdcba6c01e08291c83b830615614ca09f5a1f5ad7eea9f74cfbccf3721dae2cf72bedda1e4807c2e5562223906654c135a771b2e237eaa7dfc544554de778cfb0966f63a97c002dad79225ce29991b47fde5c613fdfaca9", 0xde}, {&(0x7f0000000440)="f27d2a76d517babdd80f67e4b7544c42c7bba2ccce6ad4e32cc07129a02946937218ae5a490515f5556bc5a5c7b511aeb5b175cce0b632e8772628a1b7e0e3da947f348cf50f54fa8b08bf8e", 0x4c}, {&(0x7f00000004c0)="0326c9ac3a7dbe1b819227937e60c74959baa3395d6123378503ef62decfecf59bd52e07c2d35dbbd8970fef2ca9f23a333b8f0631e27fb084e05f8ab65fb62091c2b83ade7a181079fb8ba40a21f1b80492326d0c9e571c3b25b10a89f5c6356f641fa89ffa2e003dd77b416b0d54dbe83d769fae4e9cb760ce7f12d7d44d3c47553221a72769", 0x87}, {&(0x7f0000000580)="6c305acd5ded67281195475cd0fdb5809ad9759c34b5a6f9ee4a66f6e017df8c8fa186d95caf1c862a86884797850cebea88e790adb5d8b4611c85f5c79cf5323e7e683885d2f2996bb92cc584f356b089a4fe7582c6338bfcb9f4d4ef94941653d10f4f6b3f508846db6f462fb9b802ac25d17705ae789403214ac00be06cc8fc9506f03407793e2ce1ef1d6b5c8fd94007e38fa297d50fdf6a40306f96d8ca071ed171ad", 0x1c}, {&(0x7f0000000640)="ee74b2999e06ec78761130b31c4f5adcc7e092332e622e5ef356174a97d7fe279da79ed4af2c2dde0045dbd50e851141859839e1b3b4ac2555ce4ebaa312eb4a5a44897f5bcf7d042cdb0154a90a51d1137e9cda92b4f590ba0dae3aed666722a65b3b765041a7c1218a06406f7dddfdced61924b04ace20be", 0x79}], 0x9, 0x7, 0x77)
ioctl$sock_inet_SIOCRTMSG(r2, 0x890d, &(0x7f0000000380)={0x0, {0x2, 0x4e20, @remote}, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e20, @multicast1}, 0x10, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)='veth0_to_team\x00', 0x0, 0x5, 0xee6})

537.953014ms ago: executing program 1 (id=1365):
socket$igmp6(0xa, 0x3, 0x2)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
syz_emit_ethernet(0x8e, &(0x7f00000005c0)=ANY=[@ANYBLOB="9fbbbbbbbbbbaaaaaaaaaaaa86dd60f4adf700582c0420010000000000000000000000000001ff0200000000000000000000000000013a00000000000000020090780000000468cd85b50007840020010000000000000000000300000002fe8000000000000000000000000000bbaad25a7f302d4579b298392ccf95e1e48f10658b1a1c7edc1ffd13d9ccbf356d97f95f7bbb4e4e4f3dc775c145fe604b15e3301ecaddacd2a541f49a44de22b38b963993c789788a307cb853a6c33341534a92857e1f5c196215b54b19db003a2979416c38f5af58fe22b0d119f712d3f80f"], 0x0)

536.318738ms ago: executing program 1 (id=1366):
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000300)={0xa, 0x2, 0xfffffffc, @empty, 0x80000001}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket$kcm(0x11, 0xa, 0x300)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f, 0x9}}, 0x20)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000300)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="6000000010001fff03000000fdfffeff00000000", @ANYRES32=0x0, @ANYBLOB="0000000040cc0300380012800b00010067656e657665000028000280140007000000000000001100000000000000000105000c0000000000050009000100000008000a00", @ANYRES32=r3, @ANYBLOB="2f6469150156d2da0585b8d0f30a4913aef4c98ae16f491602c597a16275e4953fa0576c4832f23ef4acfb54e99be1ef74089881c016bf3b9f2eb77219a4aae579ffdfb199bbd2f8ea45b0c179aeb07d60f8df33ccca0b46da50366cb113d9d78da15305faa201eed731c28e5846700823ad1ea0577be1c3ff3096bf21f5f75f60c7e4fbd0"], 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

401.029279ms ago: executing program 1 (id=1367):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$l2tp(0x2, 0x2, 0x73)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x28, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x2}]}, @NFT_MSG_NEWCHAIN={0x48, 0x3, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xffff}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8}, @NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x98}, 0x1, 0x0, 0x0, 0x2000c091}, 0x800)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffffffd}]})
sysinfo(&(0x7f0000000000)=""/196)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r4, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x1, 0x400000, 0x12, "3eccd8fd0000000000000010000000040100"})
r5 = dup2(r1, r3)
r6 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
write$fb(r6, &(0x7f0000000000)="0aa06542f1c7481ad05437c9e0425cb6a9dfd45c2f6e6de29e3689bf7ed58a652195950768465b55704cb0bbed6a0ac5ba437025b9dbf3b1b274a5cceb00bffba6d0449ea7a0d3ed7e0ac2b0b853e97f160fded16033a8ec7f7e9071c722676605", 0xffffff18)
r7 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
setsockopt$ax25_int(r7, 0x101, 0x7, &(0x7f0000000040)=0x1ff, 0x4)
setsockopt$ax25_int(r7, 0x101, 0x1, &(0x7f0000000400), 0x4)
close_range(r5, 0xffffffffffffffff, 0x0)
shutdown(r0, 0x1)
setsockopt$inet_opts(r0, 0x0, 0xd, 0x0, 0x5e)

400.797844ms ago: executing program 2 (id=1368):
syz_usb_connect(0x3, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010102d1a05e20cd0c0201c489010223010902120001085440010904"], &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x2, 0x40402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f00000005c0)={&(0x7f0000000580)=[{0x1900, 0x9000, 0x0, 0x0}], 0x1})

179.835085ms ago: executing program 4 (id=1369):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x13, r0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfc, 0x2ffffffff}, 0xc)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e23, 0x400, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3b}}}, 0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0xffff}, 0x19)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYRESHEX], 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x24044054)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
r2 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61123c00000000006113500000000000bf200000000000000400000008ffffffbd03010000000000cf280000000000006916000000000000bf67000000000000170600000fff07006706000002000000070600000ee60000bf050000000000001f650000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070500000419311f2d4301000000000095000000000000000500000000000000950000000000000032ed3c5be95e76b67754bb12dc8c27df8ecf264e0f84f9f17d3c30e3c72fe9755ba08554bb4f2278af6d71d79a5e12810a089dc1d4681d295c45a674f888a08034b7dd399703d6c4f633a9a4f16d0a3e1282ee45a010fb94fa9de56c9d8a814261bdb94a6538b89dc6c60bf70d742a81b72bab8395fa64810b5b1bfd3782519518c51231422bb8fab4d4d897db2c544c0ec50b8eac8c63d2b1cd06a39702bd547f5ebaa6954f01cef3c9bacec15e2e3b2bd352e93a22adfe8efe33ff2f8ee5476d4ef7a6f0c4704403b9bad2b648e90fff24f69a5ef05f5408ea197ed09a9510ee6063229de2984abdd46ea3ec78e3127002ed37c2564b8f8a621483fb2a5ff221e0d831d64759d17b8c59d0f2b0727f6b7958fb5b939af4be5e55a95f8c6d785a91c7c3f0c17ae7f9ac5ff05f5ecddf0cef90d50e763be96496661c749e21ab63a1f50b30a65a9027ba357bf8c614497ee59b68bf6a5d45c81c567e347d54574164bbea3e7b7f8a13cce7014137f250370b8a70ae3eaf6d6f17759c3886871e97d063b7f26eed3226bb0b9ee6320a2b02fea7a06a0e37182adf4b1be6f29358d4f5dfec405bde000000000000000000000000000000902e647cc5962eccaad64429335f3ce2a10ce72da82875427c1d16db24dca08487ba41a3fb337f8432d8176a515229e32ee11a1dd23dac038f989eafdd67f60b63f7be4d1bf325b57335b9973c73bfa89517a98b1fc15f8a2713718feb01059d8b570a0000e3b2a93bd745a74f9bf7f7abc5d15d56331055cc0820c5c9d676d92557c4e47cfbe27f91f0eb18e21dfdab3c84ec11377fbbfd1e000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
ioctl$sock_ifreq(r2, 0x8942, &(0x7f00000014c0)={'ip6tnl0\x00', @ifru_names='vlan0\x00'})
timer_create(0x2, 0x0, &(0x7f0000bbdffc))

61.099254ms ago: executing program 0 (id=1370):
r0 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x1000006, 0x1010, r0, 0x80)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CREATE(r0, 0xc02054a5, &(0x7f0000000080)={0x0, <r2=>r1, 'id0\x00'})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x2d)
pread64(r2, &(0x7f0000000100)=""/228, 0xe4, 0x2cb2427b)
ioctl$XFS_IOC_READLINK_BY_HANDLE(r2, 0xc038586c, &(0x7f0000000300)={r1, &(0x7f0000000200)='/selinux/mls\x00', 0x800000, &(0x7f0000000240)={@_ha_fsid={[0xbcb, 0x7fff]}, {0xc, 0x6, 0xab93, 0x1}}, 0x10000, &(0x7f0000000280), &(0x7f00000002c0)=0xa})
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000340)={<r3=>0x0})
ioctl$DRM_IOCTL_UNLOCK(r0, 0x4008642b, &(0x7f0000000380)={r3, 0x1})
ioctl$sock_netrom_SIOCADDRT(r2, 0x890b, &(0x7f00000003c0)={0x1, @bcast, @bpq0, 0x3, 'syz0\x00', @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x0, 0x1, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f0000000440)={0x40002011})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000540)={'erspan0\x00', &(0x7f00000004c0)={'gretap0\x00', <r4=>0x0, 0x0, 0x80, 0x0, 0x0, {{0x18, 0x4, 0x3, 0x5, 0x60, 0x68, 0x0, 0x3, 0x2f, 0x0, @broadcast, @remote, {[@ra={0x94, 0x4, 0x1}, @end, @rr={0x7, 0x1b, 0x82, [@dev={0xac, 0x14, 0x14, 0x41}, @empty, @empty, @multicast1, @broadcast, @empty]}, @timestamp={0x44, 0x8, 0x60, 0x0, 0xe, [0x8]}, @cipso={0x86, 0x1e, 0x0, [{0x2, 0x9, "72f61b74c2a024"}, {0x7, 0xb, "c5d810869b06acdc00"}, {0x7, 0x4, "7382"}]}, @ra={0x94, 0x4, 0x1}]}}}}})
sendmsg$nl_route(r2, &(0x7f0000000600)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@RTM_GETMDB={0x18, 0x56, 0x2, 0x70bd26, 0x25dfdbfd, {0x7, r4}, ["", "", "", "", ""]}, 0x18}, 0x1, 0x0, 0x0, 0x200c8841}, 0x0)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000680), r2)
sendmsg$DEVLINK_CMD_TRAP_GET(r2, &(0x7f00000007c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000780)={&(0x7f00000006c0)={0x8c, r5, 0x2, 0x70bd28, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x40}, 0x40040)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r6, 0x0, 0x61, &(0x7f0000000800)={'filter\x00', 0xce, "7b3ec721c06107d5668578fb7b397ceb7a61e0baaf25cbad25fd3c980e96834e8abed4d0db55544ffb4ff3882dc6149816a4993b63492c957c534ab9870be39759ad9fe216e29527c418a8d7d8cbef9643a0e31ea9b2f9b0f1725814ebdf1f69b0e280eb76ee474eddc7e893e6a7f7504c54f2d13502fadb69295d40c07234436e8c79dad531fa3b5c1b6176e10e109a55b6ee762ef7d943161f26c272e2c92610ce8ad3338c202c1611ea32352794c23663342764306c2c97436a40a72aeb39d5fc2d539d75e3a9c3cf8915d1ee"}, &(0x7f0000000900)=0xf2)
r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000980), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r0, &(0x7f0000000a40)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000a00)={&(0x7f00000009c0)={0x1c, r7, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e24}]}, 0x1c}, 0x1, 0x0, 0x0, 0x883}, 0xc804)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000a80)={0x0, 0x6, 0x8080000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000ac0)={0x5, [0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0]}, &(0x7f0000000b00)=0x18)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000b40)={r8, 0x0, 0x30}, &(0x7f0000000b80)=0xc)
ioctl$DRM_IOCTL_PANTHOR_VM_CREATE(r0, 0xc0106441, &(0x7f0000000bc0)={0x0, 0x0, 0x2})
ioctl$FS_IOC_READ_VERITY_METADATA(r6, 0xc0286687, &(0x7f0000000d00)={0x1, 0x4, 0xd3, &(0x7f0000000c00)=""/211})
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000d40)={r9, 0x7fff}, &(0x7f0000000d80)=0x8)
ioctl$VIDIOC_S_OUTPUT(r2, 0xc004562f, &(0x7f0000000dc0)=0xad33)
sendmsg$L2TP_CMD_SESSION_DELETE(r2, &(0x7f0000000f00)={&(0x7f0000000e00)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000ec0)={&(0x7f0000000e40)={0x44, r7, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@L2TP_ATTR_MRU={0x6, 0x1d, 0x2}, @L2TP_ATTR_FD={0x8, 0x17, @udp6}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x6}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0xc}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_SESSION_ID={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x4040080}, 0x20000012)
r10 = syz_open_dev$video(&(0x7f0000000f40), 0x1, 0x40100)
ioctl$VIDIOC_DV_TIMINGS_CAP(r10, 0xc0905664, &(0x7f0000000f80)={0x0, 0x0, '\x00', @bt={0x6, 0x131a, 0x6, 0x80000000, 0x694f, 0x82e2, 0x14}})
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f0000001280)=[{&(0x7f0000001040)=""/116, 0x74}, {&(0x7f00000010c0)=""/249, 0xf9}, {&(0x7f00000011c0)=""/183, 0xb7}], 0x3)

60.536834ms ago: executing program 0 (id=1371):
syz_usb_ep_write$ath9k_ep1(0xffffffffffffffff, 0x82, 0xa8, &(0x7f0000000040)=ANY=[@ANYBLOB="6b0ee0b3d4"])
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd69010000001406fffe800000000000000000000039fe8000000000000000000000000000aa4e224e24000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="51c2"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.idle_time\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00db6072000001ea89de2b4410000e60080b8785d960000100000000000000000000000000000000000527000", "2809e8dbe108598948224ad44afac11d875397bdb22d0000b420a1a93c5240f45f819ef6167d3d458dd4992861ac00000000000000000000000300", "f4bd000000801900000000000000000000000000000000000000000100", [0x0, 0x2000000000001]}})

422.199µs ago: executing program 4 (id=1372):
syz_usb_connect(0x3, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010102d1a05e20cd0c0201c489010223010902120001085440010904"], &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
syz_usb_connect$midi(0x2, 0xd8, &(0x7f0000000080)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x1430, 0x474b, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc6, 0x1, 0x1, 0x9, 0xe0, 0x7, "", {{{0x9, 0x4, 0x0, 0x0, 0x6, 0x1, 0x3, 0x20, 0x8, [@midi_in_jack={0x6, 0x24, 0x2, 0x0, 0xf1, 0xc}, @midi_in_jack={0x6, 0x24, 0x2, 0x3, 0x8, 0x25}, @midi_in_jack={0x6, 0x24, 0x2, 0x3, 0x6, 0xe}, @midi_out_jack={0x11, 0x24, 0x3, 0x0, 0x3, 0x5, [{0x9, 0x1}, {0x5, 0x1}, {0xf, 0x7}, {0x0, 0xea}, {0x1, 0x2}], 0x9}, @ms_header={0x7, 0x24, 0x1, 0x5, 0x7}, @ms_header={0x7, 0x24, 0x1, 0x7fff, 0x7}], [{{0x9, 0x5, 0x80, 0x1, 0x20, 0x2, 0xe, 0x36, {0x7, 0x25, 0x1, 0x3, "f0977a"}}}, {{0x9, 0x5, 0x2, 0x10, 0x200, 0x3, 0x24, 0xa, {0x8, 0x25, 0x1, 0x4, "1d1c5abe"}}}, {{0x9, 0x5, 0x6, 0x10, 0x10, 0x1, 0x6, 0xb, {0xd, 0x25, 0x1, 0x9, "5e35dc8da775012bac"}}}, {{0x9, 0x5, 0xc, 0x2, 0x200, 0x5, 0x0, 0x6, {0x11, 0x25, 0x1, 0xd, "853f4b758e228332a3ce333310"}}}, {{0x9, 0x5, 0x80, 0x0, 0x200, 0x2, 0x9, 0xdb, {0xd, 0x25, 0x1, 0x9, "3d8f9d0b2531040acd"}}}, {{0x9, 0x5, 0x3, 0xc, 0x20, 0x8, 0x2, 0x3, {0x13, 0x25, 0x1, 0xf, "3c1e8235fa68281492a976b6395146"}}}]}}}}}]}}, &(0x7f0000000840)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x250, 0x1, 0xff, 0x81, 0x8, 0x6}, 0x6b, &(0x7f00000001c0)={0x5, 0xf, 0x6b, 0x6, [@ss_container_id={0x14, 0x10, 0x4, 0x6, "cdb38408b1208f93c4baf8d291c2ca50"}, @wireless={0xb, 0x10, 0x1, 0x8, 0x8b, 0x7, 0x2, 0x2, 0x7}, @ssp_cap={0x1c, 0x10, 0xa, 0xf, 0x4, 0x101, 0xf000, 0x5, [0x0, 0x3f0f, 0xf, 0xff00]}, @ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "223cdc9b7f6c35dd2c986c7bf10ca741"}, @ss_container_id={0x14, 0x10, 0x4, 0x7, "e2b7b9eb9f50475b52cfbe934667a016"}]}, 0x9, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x44b}}, {0x78, &(0x7f0000000280)=@string={0x78, 0x3, "0a4d0fe0ba935249681ecb08c4c5845314aded40c9c5d64abe330b7464da5cd9c558fa32e8f93031fedbecdb9272a2731154d84be808dc6e9ccb0e6e643ce81b9d8b002de57a083663e5266887c9ca239b191ab401d613d6c9f400aa5087a6eba86bd3466900a6591016301f7e6418dc8d247d6dae47"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x40f}}, {0x9f, &(0x7f00000003c0)=@string={0x9f, 0x3, "409c8c24f44d554bdfbec4b616d1e2f582adc594243945d3bf26d9273e17730598dc25686d05c016e7b2406c9e03e43fce98c54d963b2378dea18ae86a08b29b76736aa99c9c86997912a8e539aa4b617d7fe4540ab8648239ff1e51f65702d15577598ee55418c8be3274633323873368eb92c85e16efc82cf7bc5c7d7c07cf8ba8af9c6a10cad49a919e5c62315390532a1449d249d6e85bb4958e04"}}, {0xae, &(0x7f0000000480)=@string={0xae, 0x3, "1fe398f8095a0dfbaeb6fd38e0d9cd9d810646ff35f4d8424bc18ebdbffc73836a1ec507baae5af44bfd02480e4da196cebf9521fdbc7afc22b8de8bfc6e57c30b2314b598593ffb8a91f6d9e3092aa0cdaf9214380386cc6a70c4899f13ee742d2657d100c694d0c32d69d04c4db16e4883c2497888d2bf5819fac57df34d93b0136a8d701d5e1cf48cab47c893952ba0df60409683e037f63e5a38b56c087fa7e61f982ed5ac54f40964b9"}}, {0x4, &(0x7f0000000540)=@lang_id={0x4}}, {0xd1, &(0x7f0000000600)=@string={0xd1, 0x3, "dd07c3f3c44e12f3f3bf55553a86be65b31d3a1a537c96133a8440a09dc1b7a0df93ba15580d2a02887fe86bb2a7c7fc88da89926a855c950e1fc81bf8863d0e2a23d7066da9994c11588bda0e436ebb7b0b9790300d7146d70ecf9d9ad5a59f4bd4310390f0d68111f08d8039bf319e853b33951b7f2204269c890d9cc04cf7bcbeea54b9aea9525b5d81516112df891c8782c1e83d329fa95b978dd1f95f73cc64b46064eecf9f3c045d89c7dfc41214ef615edc13389af3ec395d3602c66eccd50335ff16856dd74ede54c28cf9"}}, {0xcd, &(0x7f0000000700)=@string={0xcd, 0x3, "21e31d60970e019587274057641d086d7c3396ef3367db95a086ba50adb300b65b5736c5daea762dee5e5af686be4fc1ff0dbefa7130a6a21aceaaa2ee9bcb7a0995310875a185ea7a74cb9124daf661586aef9bab17a9a80ea282cd8792d427b45bf169d020453501edca3fda296471fc7237f80b818a71b7940cd7883cccbc4017f4faca903de0e5c7a8f1f57a29e987880f429b4e685d82efed6d5e7e499537b47709eafc8255df50aefacb7df890129786f290cf4c2678ac8b20914d5c47b6ea013aa68671cb23abe9"}}, {0x4, &(0x7f0000000800)=@lang_id={0x4, 0x3, 0x43e}}]})
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x2, 0x40402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f00000005c0)={&(0x7f0000000580)=[{0x3, 0x9000, 0x0, 0x0}], 0x1})

0s ago: executing program 1 (id=1373):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0xc03, 0x0)
ioctl$XFS_IOC_FD_TO_HANDLE(r0, 0xc038586a, &(0x7f00000002c0)={<r1=>r0, &(0x7f0000000000)=',\x00', 0x200, &(0x7f0000000100)={@align=0x7, {0x8, 0x3, 0x9, 0xffffffffffffffff}}, 0xb, &(0x7f0000000140)={@_ha_fsid}, &(0x7f0000000280)=0x3})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r1, 0x0, 0xe9, 0x9c, &(0x7f0000000300)="e80a22592362e578172388d6e9fec23a78efadba51e90243d0fdac8439a677cd1e72080c175c547241f9d76892139e74f9004838d07a685a2186381b6a1e0328fd03d8a161d24a815aeb009ec3a9fa783f11c28e9a5bd7e9d77021602ce6634d866f64f114a58264b75228097e1fa2561c71123f9a4cd71e82168382324da0ea0ebe16f42e20481ffcb4a2efd0e7c59db517de3d0fd748d409e3c65d4145afb757f05c100df09454d68cefe7775cf423b0c01757290f15eff9d918896744e4a04ddbf968387484d67dcc40a233442e34fb3dba32302ef19f7a03b66728379b8d5550e2926575db8edc", &(0x7f0000000400)=""/156, 0x8, 0x0, 0x8, 0x11, &(0x7f0000000540)="7c7e794b282be4ce", &(0x7f0000000580)="4d9f59a0e15261196398be792a25f3fe1a", 0x1, 0x0, 0xe67f}, 0x50)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x5)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f00000004c0)="460f3266430f71f3002e0f01cf0f01cb36450f68f76645dc26b9800000c00f3235002000000f30c7442400a5000000c744240256000000ff1c240fc7baffffffffc4e3fd0030f5", 0x47}], 0x1, 0x70, &(0x7f0000000200)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x81a00000c}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt(r4, 0xff, 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="b400000000000000791048000000000071004300000000009500000000000000db74589d4b38cc306ac390649f72dea0e50e2317db042855d6c74ff3493c7e31e3f6c643155a8e2e01d50bc3347475750472719cc516fa14b769e7f385ba72c60242263c05ddab05e37efe81b8bffc35cdf2ac0d93263ff755d611c4cca1684b1470af6a83366aa430ad2d700b186da622d6fba70000000000000000000000000200"/173], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
syz_usb_connect(0x5, 0x2d, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080)=0x3)
syz_emit_vhci(&(0x7f0000000280)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0x1}, "02"}}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x21}, 0x94)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x801a01, 0x0)
ioctl$EVIOCGPROP(r7, 0x40047438, &(0x7f0000000180)=""/246)
writev(r7, &(0x7f0000000440)=[{&(0x7f0000000280)="c021", 0x1700}], 0x1)

kernel console output (not intermixed with test programs):

000000
[  154.675336][ T9594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  154.675346][ T9594] R13: 00007f2bc1616038 R14: 00007f2bc1615fa0 R15: 00007ffc0b0e13a8
[  154.675376][ T9594]  </TASK>
[  154.843580][ T6198] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  155.001352][ T6198] usb 7-1: Using ep0 maxpacket: 32
[  155.008307][ T6198] usb 7-1: unable to get BOS descriptor or descriptor too short
[  155.015209][ T6198] usb 7-1: string descriptor 0 read error: -22
[  155.017982][ T6198] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  155.022140][ T6198] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  155.036858][ T6198] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  155.040211][ T6198] dw2102: su3000_power_ctrl: 1, initialized 0
[  155.043011][ T6198] dvb-usb: bulk message failed: -22 (2/0)
[  155.050510][ T6198] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  155.055455][ T6198] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  155.059051][ T6198] usb 7-1: media controller created
[  155.061333][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  155.063802][ T6198] dw2102: i2c transfer failed.
[  155.065832][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  155.068256][ T6198] dw2102: i2c transfer failed.
[  155.070346][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  155.073491][ T6198] dw2102: i2c transfer failed.
[  155.075468][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  155.077828][ T6198] dw2102: i2c transfer failed.
[  155.079804][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  155.082329][ T6198] dw2102: i2c transfer failed.
[  155.084313][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  155.086340][ T6198] dw2102: i2c transfer failed.
[  155.088059][ T6198] dvb-usb: MAC address: 02:02:02:02:02:02
[  155.095869][ T9603] __nla_validate_parse: 4 callbacks suppressed
[  155.095885][ T9603] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1126'.
[  155.100092][ T6198] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  155.103468][ T9603] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1126'.
[  155.112919][ T9603] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1126'.
[  155.118650][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  155.122401][ T6198] dw2102: command 0x0e transfer failed.
[  155.124668][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  155.126868][ T6198] dw2102: command 0x0e transfer failed.
[  155.221186][ T9606] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  155.257306][ T9608] netlink: 'syz.0.1128': attribute type 1 has an invalid length.
[  155.285517][ T9608] 8021q: adding VLAN 0 to HW filter on device bond12
[  155.299851][ T9608] bond12: (slave geneve12): making interface the new active one
[  155.304144][ T9608] bond12: (slave geneve12): Enslaving as an active interface with an up link
[  155.393202][   T40] audit: type=1400 audit(1776645341.464:1237): avc:  denied  { bind } for  pid=9613 comm="syz.0.1130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  155.402692][   T40] audit: type=1400 audit(1776645341.464:1238): avc:  denied  { name_bind } for  pid=9613 comm="syz.0.1130" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  155.415319][   T40] audit: type=1400 audit(1776645341.464:1239): avc:  denied  { node_bind } for  pid=9613 comm="syz.0.1130" saddr=172.20.20.43 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  155.461562][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  155.463433][ T6198] dw2102: command 0x0e transfer failed.
[  155.465347][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  155.467174][ T6198] dw2102: command 0x0e transfer failed.
[  155.469067][ T6198] dvb-usb: bulk message failed: -22 (1/0)
[  155.470942][ T6198] dw2102: command 0x51 transfer failed.
[  155.491734][ T6198] DVB: Unable to find symbol ds3000_attach()
[  155.493737][ T6198] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  155.561316][ T6198] rc_core: IR keymap rc-su3000 not found
[  155.563127][ T6198] Registered IR keymap rc-empty
[  155.565344][ T6198] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  155.570856][ T6198] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input25
[  155.576255][ T6198] dvb-usb: schedule remote query interval to 150 msecs.
[  155.579253][ T6198] dw2102: su3000_power_ctrl: 0, initialized 1
[  155.582407][ T6198] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  155.591404][ T6198] usb 7-1: USB disconnect, device number 15
[  155.603579][ T9621] blk_print_req_error: 138 callbacks suppressed
[  155.603597][ T9621] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.611715][ T9621] buffer_io_error: 138 callbacks suppressed
[  155.611732][ T9621] Buffer I/O error on dev nbd0, logical block 0, async page read
[  155.618336][ T6198] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  155.624884][ T9621] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.628882][ T9621] Buffer I/O error on dev nbd0, logical block 1, async page read
[  155.634086][ T9621] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.638132][ T9621] Buffer I/O error on dev nbd0, logical block 2, async page read
[  155.641745][ T9621] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.649626][ T9621] Buffer I/O error on dev nbd0, logical block 3, async page read
[  155.653399][ T9621] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.657203][ T9621] Buffer I/O error on dev nbd0, logical block 0, async page read
[  155.660845][ T9621] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.664973][ T9621] Buffer I/O error on dev nbd0, logical block 1, async page read
[  155.668434][ T9621] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.672435][ T9621] Buffer I/O error on dev nbd0, logical block 2, async page read
[  155.675875][ T9621] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.679712][ T9621] Buffer I/O error on dev nbd0, logical block 3, async page read
[  155.683268][ T9621] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.687097][ T9621] Buffer I/O error on dev nbd0, logical block 0, async page read
[  155.690630][ T9621] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  155.694868][ T9621] Buffer I/O error on dev nbd0, logical block 1, async page read
[  155.700978][ T9621] ldm_validate_partition_table(): Disk read failed.
[  155.706367][ T9621] Dev nbd0: unable to read RDB block 0
[  155.713439][ T9621]  nbd0: unable to read partition table
[  155.717131][ T9621] befs: (nbd0): unable to read superblock
[  155.806506][ T9624] syzkaller0: entered promiscuous mode
[  155.808392][ T9624] syzkaller0: entered allmulticast mode
[  155.816610][ T9624] tc action pedit offset 128 out of bounds
[  156.110877][ T5304] Bluetooth: hci1: Malformed MSFT vendor event: 0x02
[  156.549804][   T40] audit: type=1400 audit(1776645342.614:1240): avc:  denied  { create } for  pid=9639 comm="syz.0.1139" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  156.802323][ T9744] kvm: kvm [9743]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00
[  156.806981][ T9744] kvm: kvm [9743]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00
[  156.961383][ T6198] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  157.026085][ T9750] FAULT_INJECTION: forcing a failure.
[  157.026085][ T9750] name failslab, interval 1, probability 0, space 0, times 0
[  157.031680][ T9750] CPU: 0 UID: 0 PID: 9750 Comm: syz.0.1142 Not tainted syzkaller #0 PREEMPT(full) 
[  157.031703][ T9750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  157.031714][ T9750] Call Trace:
[  157.031720][ T9750]  <TASK>
[  157.031727][ T9750]  dump_stack_lvl+0x100/0x190
[  157.031753][ T9750]  should_fail_ex.cold+0x5/0xa
[  157.031803][ T9750]  should_failslab+0xc2/0x120
[  157.031821][ T9750]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  157.031847][ T9750]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  157.031872][ T9750]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  157.031898][ T9750]  mmu_topup_memory_caches+0x25/0x170
[  157.031923][ T9750]  kvm_mmu_load+0xd6/0x23e0
[  157.031945][ T9750]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  157.031972][ T9750]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  157.032003][ T9750]  ? __pfx_kvm_mmu_load+0x10/0x10
[  157.032024][ T9750]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  157.032044][ T9750]  ? kvm_check_and_inject_events+0x961/0x1070
[  157.032068][ T9750]  ? record_steal_time+0x3d0/0xbc0
[  157.032088][ T9750]  vcpu_run+0x39f4/0x5ca0
[  157.032120][ T9750]  ? __pfx_vcpu_run+0x10/0x10
[  157.032152][ T9750]  ? rcu_is_watching+0x12/0xc0
[  157.032181][ T9750]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  157.032204][ T9750]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  157.032236][ T9750]  kvm_vcpu_ioctl+0x730/0x1720
[  157.032256][ T9750]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  157.032274][ T9750]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  157.032297][ T9750]  ? do_vfs_ioctl+0x226/0x13e0
[  157.032314][ T9750]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  157.032330][ T9750]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  157.032358][ T9750]  ? __fget_files+0x215/0x3d0
[  157.032383][ T9750]  ? hook_file_ioctl_common+0x149/0x410
[  157.032411][ T9750]  ? selinux_file_ioctl+0x13b/0x290
[  157.032427][ T9750]  ? selinux_file_ioctl+0xb6/0x290
[  157.032446][ T9750]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  157.032465][ T9750]  __x64_sys_ioctl+0x18e/0x210
[  157.032484][ T9750]  do_syscall_64+0x10b/0xf80
[  157.032499][ T9750]  ? clear_bhb_loop+0x40/0x90
[  157.032521][ T9750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  157.032538][ T9750] RIP: 0033:0x7f4fc6b9c819
[  157.032553][ T9750] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  157.032569][ T9750] RSP: 002b:00007f4fc79a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  157.032586][ T9750] RAX: ffffffffffffffda RBX: 00007f4fc6e15fa0 RCX: 00007f4fc6b9c819
[  157.032597][ T9750] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  157.032607][ T9750] RBP: 00007f4fc79a4090 R08: 0000000000000000 R09: 0000000000000000
[  157.032616][ T9750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  157.032626][ T9750] R13: 00007f4fc6e16038 R14: 00007f4fc6e15fa0 R15: 00007ffcd3e24bc8
[  157.032650][ T9750]  </TASK>
[  157.152078][ T6198] usb 7-1: Using ep0 maxpacket: 32
[  157.167582][ T6198] usb 7-1: unable to get BOS descriptor or descriptor too short
[  157.174949][ T6198] usb 7-1: string descriptor 0 read error: -22
[  157.177896][ T6198] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  157.181975][ T6198] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  157.195084][ T6198] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  157.198748][ T6198] dw2102: su3000_power_ctrl: 1, initialized 0
[  157.201229][ T6198] dvb-usb: bulk message failed: -22 (2/0)
[  157.209721][ T6198] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  157.216760][ T6198] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  157.220493][ T6198] usb 7-1: media controller created
[  157.223069][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  157.225734][ T6198] dw2102: i2c transfer failed.
[  157.227801][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  157.230223][ T6198] dw2102: i2c transfer failed.
[  157.232639][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  157.235093][ T6198] dw2102: i2c transfer failed.
[  157.237111][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  157.241861][ T6198] dw2102: i2c transfer failed.
[  157.244120][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  157.246606][ T6198] dw2102: i2c transfer failed.
[  157.248693][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  157.251098][ T6198] dw2102: i2c transfer failed.
[  157.253241][ T6198] dvb-usb: MAC address: 02:02:02:02:02:02
[  157.269890][ T6198] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  157.289113][ T9759] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1145'.
[  157.293548][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  157.293566][ T6198] dw2102: command 0x0e transfer failed.
[  157.293590][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  157.293601][ T6198] dw2102: command 0x0e transfer failed.
[  157.305955][ T9759] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1145'.
[  157.318329][ T9756] overlay: ./bus is not a directory
[  157.320792][ T9759] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1145'.
[  157.417232][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  157.417247][   T40] audit: type=1400 audit(1776645599.487:1244): avc:  denied  { sqpoll } for  pid=9764 comm="syz.4.1147" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  157.471378][ T9768] netlink: 'syz.4.1148': attribute type 1 has an invalid length.
[  157.507116][ T9768] 8021q: adding VLAN 0 to HW filter on device bond12
[  157.526334][ T9768] bond12: (slave geneve9): making interface the new active one
[  157.531414][ T9768] bond12: (slave geneve9): Enslaving as an active interface with an up link
[  157.545021][ T5304] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  157.593718][   T40] audit: type=1400 audit(1776645599.667:1245): avc:  denied  { ioctl } for  pid=9774 comm="syz.4.1151" path="socket:[39472]" dev="sockfs" ino=39472 ioctlcmd=0x943c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  157.612723][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  157.617100][ T6198] dw2102: command 0x0e transfer failed.
[  157.619596][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  157.623143][ T6198] dw2102: command 0x0e transfer failed.
[  157.627953][ T6198] dvb-usb: bulk message failed: -22 (1/0)
[  157.632415][ T6198] dw2102: command 0x51 transfer failed.
[  157.744103][ T6198] DVB: Unable to find symbol ds3000_attach()
[  157.747232][ T6198] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  157.802881][ T9785] tmpfs: Bad value for 'mpol'
[  157.821790][ T6198] rc_core: IR keymap rc-su3000 not found
[  157.824550][ T6198] Registered IR keymap rc-empty
[  157.830703][ T6198] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  157.843286][ T6198] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input26
[  157.862737][ T6198] dvb-usb: schedule remote query interval to 150 msecs.
[  157.866178][ T6198] dw2102: su3000_power_ctrl: 0, initialized 1
[  157.868683][ T6198] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  157.882902][ T6198] usb 7-1: USB disconnect, device number 16
[  157.888454][   T40] audit: type=1400 audit(1776645599.957:1246): avc:  denied  { write } for  pid=9784 comm="syz.4.1153" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  157.896509][   T40] audit: type=1400 audit(1776645599.957:1247): avc:  denied  { open } for  pid=9784 comm="syz.4.1153" path="/205/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  157.904198][   T40] audit: type=1400 audit(1776645599.957:1248): avc:  denied  { ioctl } for  pid=9784 comm="syz.4.1153" path="/205/file0/file0" dev="fuse" ino=64 ioctlcmd=0x4d0e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=chr_file permissive=1
[  157.918184][   T40] audit: type=1400 audit(1776645599.987:1249): avc:  denied  { execute_no_trans } for  pid=9786 comm="syz.1.1154" path=2F6D656D66643AA39F6EB4645204693502ACCEE1889D5B4038D7CE1F2039497F151D933DB5E75C274CE6D28EBC294A7454447181CF81BAE531F522C8103EC95C85174CBFCF91DF4DF3025E542A202864656C6574656429 dev="hugetlbfs" ino=40414 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  157.974201][ T6198] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  157.985178][   T40] audit: type=1400 audit(1776645600.057:1250): avc:  denied  { connect } for  pid=9791 comm="syz.1.1156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  158.023261][   T40] audit: type=1400 audit(1776645600.097:1251): avc:  denied  { write } for  pid=9795 comm="syz.1.1158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  158.068585][ T9801] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  158.171976][ T9806] FAULT_INJECTION: forcing a failure.
[  158.171976][ T9806] name failslab, interval 1, probability 0, space 0, times 0
[  158.177724][ T9806] CPU: 1 UID: 0 PID: 9806 Comm: syz.4.1160 Not tainted syzkaller #0 PREEMPT(full) 
[  158.177747][ T9806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  158.177758][ T9806] Call Trace:
[  158.177764][ T9806]  <TASK>
[  158.177771][ T9806]  dump_stack_lvl+0x100/0x190
[  158.177905][ T9806]  should_fail_ex.cold+0x5/0xa
[  158.177975][ T9806]  should_failslab+0xc2/0x120
[  158.178050][ T9806]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  158.178148][ T9806]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  158.178226][ T9806]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  158.178253][ T9806]  mmu_topup_memory_caches+0x25/0x170
[  158.178333][ T9806]  kvm_mmu_load+0xd6/0x23e0
[  158.178356][ T9806]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  158.178455][ T9806]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  158.178486][ T9806]  ? __pfx_kvm_mmu_load+0x10/0x10
[  158.178507][ T9806]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  158.178527][ T9806]  ? kvm_check_and_inject_events+0x961/0x1070
[  158.178553][ T9806]  ? record_steal_time+0x3d0/0xbc0
[  158.178573][ T9806]  vcpu_run+0x39f4/0x5ca0
[  158.178607][ T9806]  ? __pfx_vcpu_run+0x10/0x10
[  158.178639][ T9806]  ? rcu_is_watching+0x12/0xc0
[  158.178715][ T9806]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  158.178739][ T9806]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  158.178770][ T9806]  kvm_vcpu_ioctl+0x730/0x1720
[  158.178790][ T9806]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  158.178809][ T9806]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  158.178878][ T9806]  ? do_vfs_ioctl+0x226/0x13e0
[  158.178946][ T9806]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  158.178963][ T9806]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  158.179059][ T9806]  ? __fget_files+0x215/0x3d0
[  158.179130][ T9806]  ? hook_file_ioctl_common+0x149/0x410
[  158.179159][ T9806]  ? selinux_file_ioctl+0x13b/0x290
[  158.179176][ T9806]  ? selinux_file_ioctl+0xb6/0x290
[  158.179195][ T9806]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  158.179214][ T9806]  __x64_sys_ioctl+0x18e/0x210
[  158.179233][ T9806]  do_syscall_64+0x10b/0xf80
[  158.179303][ T9806]  ? clear_bhb_loop+0x40/0x90
[  158.179325][ T9806]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.179342][ T9806] RIP: 0033:0x7f2bc139c819
[  158.179358][ T9806] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  158.179375][ T9806] RSP: 002b:00007f2bc2343028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  158.179445][ T9806] RAX: ffffffffffffffda RBX: 00007f2bc1615fa0 RCX: 00007f2bc139c819
[  158.179456][ T9806] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  158.179469][ T9806] RBP: 00007f2bc2343090 R08: 0000000000000000 R09: 0000000000000000
[  158.179479][ T9806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  158.179488][ T9806] R13: 00007f2bc1616038 R14: 00007f2bc1615fa0 R15: 00007ffc0b0e13a8
[  158.179513][ T9806]  </TASK>
[  158.419326][ T9816] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1163'.
[  158.430219][ T9816] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1163'.
[  158.434146][ T9816] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1163'.
[  158.664431][ T9924] netlink: 'syz.0.1166': attribute type 1 has an invalid length.
[  158.690593][ T9924] 8021q: adding VLAN 0 to HW filter on device bond13
[  158.707993][ T9924] bond13: (slave geneve13): making interface the new active one
[  158.711676][   T54] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[  158.716764][ T9924] bond13: (slave geneve13): Enslaving as an active interface with an up link
[  158.882082][   T54] usb 9-1: Using ep0 maxpacket: 32
[  158.885889][   T54] usb 9-1: unable to get BOS descriptor or descriptor too short
[  158.895210][   T54] usb 9-1: string descriptor 0 read error: -22
[  158.898406][   T54] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  158.903386][   T54] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  158.924286][   T54] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  158.927277][   T54] dw2102: su3000_power_ctrl: 1, initialized 0
[  158.929251][   T54] dvb-usb: bulk message failed: -22 (2/0)
[  158.938313][   T54] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  158.944557][   T54] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  158.948156][   T54] usb 9-1: media controller created
[  158.949846][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  158.952085][   T54] dw2102: i2c transfer failed.
[  158.958164][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  158.960040][   T54] dw2102: i2c transfer failed.
[  158.963594][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  158.965924][   T54] dw2102: i2c transfer failed.
[  158.967928][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  158.970246][   T54] dw2102: i2c transfer failed.
[  158.972264][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  158.974581][   T54] dw2102: i2c transfer failed.
[  158.976517][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  158.978852][   T54] dw2102: i2c transfer failed.
[  158.980651][   T54] dvb-usb: MAC address: 02:02:02:02:02:02
[  158.995294][   T54] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  159.008205][   T54] dvb-usb: bulk message failed: -22 (3/0)
[  159.011936][   T54] dw2102: command 0x0e transfer failed.
[  159.014313][   T54] dvb-usb: bulk message failed: -22 (3/0)
[  159.016719][   T54] dw2102: command 0x0e transfer failed.
[  159.075753][ T5304] Bluetooth: hci0: Malformed MSFT vendor event: 0x02
[  159.151655][T10042] netlink: 188 bytes leftover after parsing attributes in process `syz.2.1172'.
[  159.321447][   T54] dvb-usb: bulk message failed: -22 (3/0)
[  159.323409][   T54] dw2102: command 0x0e transfer failed.
[  159.325352][  T853] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  159.329334][   T54] dvb-usb: bulk message failed: -22 (3/0)
[  159.331351][   T54] dw2102: command 0x0e transfer failed.
[  159.333420][   T54] dvb-usb: bulk message failed: -22 (1/0)
[  159.335313][   T54] dw2102: command 0x51 transfer failed.
[  159.356422][   T54] DVB: Unable to find symbol ds3000_attach()
[  159.358341][   T54] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  159.411639][   T54] rc_core: IR keymap rc-su3000 not found
[  159.413675][   T54] Registered IR keymap rc-empty
[  159.416321][   T54] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0
[  159.420565][   T54] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0/input27
[  159.425337][   T54] dvb-usb: schedule remote query interval to 150 msecs.
[  159.427645][   T54] dw2102: su3000_power_ctrl: 0, initialized 1
[  159.429634][   T54] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  159.433967][   T54] usb 9-1: USB disconnect, device number 15
[  159.453550][   T54] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  159.502906][  T853] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  159.506485][  T853] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  159.509862][  T853] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.516934][  T853] usb 5-1: config 0 descriptor??
[  159.538660][T10047] ubi: mtd0 is already attached to ubi31
[  159.797075][T10057] FAULT_INJECTION: forcing a failure.
[  159.797075][T10057] name failslab, interval 1, probability 0, space 0, times 0
[  159.801849][T10057] CPU: 0 UID: 0 PID: 10057 Comm: syz.1.1176 Not tainted syzkaller #0 PREEMPT(full) 
[  159.801864][T10057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  159.801872][T10057] Call Trace:
[  159.801932][T10057]  <TASK>
[  159.801937][T10057]  dump_stack_lvl+0x100/0x190
[  159.802016][T10057]  should_fail_ex.cold+0x5/0xa
[  159.802121][T10057]  should_failslab+0xc2/0x120
[  159.802192][T10057]  __kvmalloc_node_noprof+0xfa/0xa00
[  159.802271][T10057]  ? __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  159.802364][T10057]  __kvm_mmu_topup_memory_cache+0x455/0x5f0
[  159.802378][T10057]  ? find_held_lock+0x2b/0x80
[  159.802443][T10057]  mmu_topup_memory_caches+0x25/0x170
[  159.802505][T10057]  kvm_mmu_load+0xd6/0x23e0
[  159.802520][T10057]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  159.802580][T10057]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  159.802600][T10057]  ? __pfx_kvm_mmu_load+0x10/0x10
[  159.802613][T10057]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  159.802626][T10057]  ? kvm_check_and_inject_events+0x961/0x1070
[  159.802642][T10057]  ? record_steal_time+0x3d0/0xbc0
[  159.802655][T10057]  vcpu_run+0x39f4/0x5ca0
[  159.802675][T10057]  ? __pfx_vcpu_run+0x10/0x10
[  159.802695][T10057]  ? rcu_is_watching+0x12/0xc0
[  159.802757][T10057]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  159.802773][T10057]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  159.802792][T10057]  kvm_vcpu_ioctl+0x730/0x1720
[  159.802805][T10057]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  159.802817][T10057]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  159.802896][T10057]  ? do_vfs_ioctl+0x226/0x13e0
[  159.802954][T10057]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  159.802964][T10057]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  159.803031][T10057]  ? __fget_files+0x215/0x3d0
[  159.803078][T10057]  ? hook_file_ioctl_common+0x149/0x410
[  159.803098][T10057]  ? selinux_file_ioctl+0x13b/0x290
[  159.803109][T10057]  ? selinux_file_ioctl+0xb6/0x290
[  159.803120][T10057]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  159.803132][T10057]  __x64_sys_ioctl+0x18e/0x210
[  159.803144][T10057]  do_syscall_64+0x10b/0xf80
[  159.803202][T10057]  ? clear_bhb_loop+0x40/0x90
[  159.803216][T10057]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.803228][T10057] RIP: 0033:0x7fd7f819c819
[  159.803237][T10057] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  159.803248][T10057] RSP: 002b:00007fd7f9137028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  159.803303][T10057] RAX: ffffffffffffffda RBX: 00007fd7f8415fa0 RCX: 00007fd7f819c819
[  159.803310][T10057] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  159.803316][T10057] RBP: 00007fd7f9137090 R08: 0000000000000000 R09: 0000000000000000
[  159.803323][T10057] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  159.803332][T10057] R13: 00007fd7f8416038 R14: 00007fd7f8415fa0 R15: 00007ffcd97be438
[  159.803346][T10057]  </TASK>
[  159.847789][T10062] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  159.863965][   T40] audit: type=1400 audit(1776645601.937:1252): avc:  denied  { connect } for  pid=10061 comm="syz.2.1179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  159.925808][   T40] audit: type=1400 audit(1776645601.987:1253): avc:  denied  { write } for  pid=10039 comm="syz.0.1171" name="uinput" dev="devtmpfs" ino=943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  159.940439][  T853] usbhid 5-1:0.0: can't add hid device: -71
[  159.943212][  T853] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  159.948833][  T853] usb 5-1: USB disconnect, device number 14
[  160.028307][T10068] netlink: 'syz.1.1181': attribute type 1 has an invalid length.
[  160.043513][T10068] 8021q: adding VLAN 0 to HW filter on device bond13
[  160.060967][T10068] bond13: (slave geneve13): making interface the new active one
[  160.066492][T10068] bond13: (slave geneve13): Enslaving as an active interface with an up link
[  160.184896][ T5304] Bluetooth: hci0: Malformed MSFT vendor event: 0x02
[  160.723341][T10089] __nla_validate_parse: 4 callbacks suppressed
[  160.723355][T10089] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1187'.
[  160.821305][T10192] loop9: detected capacity change from 0 to 7
[  160.841404][T10192] Dev loop9: unable to read RDB block 7
[  160.844026][T10192]  loop9: unable to read partition table
[  160.846896][T10192] loop9: partition table beyond EOD, truncated
[  160.851342][T10192] loop_reread_partitions: partition scan of loop9 (úùƒå¡™‰üg¾CêjÌ–ã¢P=×!MX‹ºÐ	œëÜ%õ«`Éæ�˜Èµ4FLQkÝŠ5) failed (rc=-5)
[  161.033461][T10305] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  161.039324][T10305] qnx6: wrong signature (magic) in superblock #1.
[  161.042869][T10305] qnx6: unable to read the first superblock
[  161.102444][   T10] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[  161.163206][  T843] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  161.251434][   T10] usb 9-1: Using ep0 maxpacket: 32
[  161.256302][   T10] usb 9-1: unable to get BOS descriptor or descriptor too short
[  161.264690][   T10] usb 9-1: string descriptor 0 read error: -22
[  161.267823][   T10] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  161.271874][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  161.289507][   T10] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  161.293216][ T6034] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  161.313820][   T10] dw2102: su3000_power_ctrl: 1, initialized 0
[  161.316744][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  161.323798][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  161.328606][   T10] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  161.333919][  T843] usb 6-1: Using ep0 maxpacket: 32
[  161.337249][   T10] usb 9-1: media controller created
[  161.341832][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  161.344680][   T10] dw2102: i2c transfer failed.
[  161.346934][  T843] usb 6-1: unable to get BOS descriptor or descriptor too short
[  161.349769][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  161.355237][   T10] dw2102: i2c transfer failed.
[  161.356935][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  161.358928][   T10] dw2102: i2c transfer failed.
[  161.360600][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  161.362637][   T10] dw2102: i2c transfer failed.
[  161.364539][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  161.366530][   T10] dw2102: i2c transfer failed.
[  161.368228][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  161.370182][   T10] dw2102: i2c transfer failed.
[  161.371901][   T10] dvb-usb: MAC address: 02:02:02:02:02:02
[  161.374830][  T843] usb 6-1: string descriptor 0 read error: -22
[  161.376914][  T843] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  161.379796][  T843] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  161.386950][  T843] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  161.397428][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  161.400674][  T843] dw2102: su3000_power_ctrl: 1, initialized 0
[  161.402745][  T843] dvb-usb: bulk message failed: -22 (2/0)
[  161.415697][  T843] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  161.422413][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  161.424254][   T10] dw2102: command 0x0e transfer failed.
[  161.426243][  T843] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  161.429012][  T843] usb 6-1: media controller created
[  161.430849][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  161.432831][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  161.434645][   T10] dw2102: command 0x0e transfer failed.
[  161.436464][  T843] dw2102: i2c transfer failed.
[  161.438005][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  161.439870][  T843] dw2102: i2c transfer failed.
[  161.441487][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  161.443372][  T843] dw2102: i2c transfer failed.
[  161.444929][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  161.446896][  T843] dw2102: i2c transfer failed.
[  161.448474][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  161.450314][  T843] dw2102: i2c transfer failed.
[  161.452367][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  161.455135][  T843] dw2102: i2c transfer failed.
[  161.456748][  T843] dvb-usb: MAC address: 02:02:02:02:02:02
[  161.466090][  T843] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  161.479058][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  161.480915][  T843] dw2102: command 0x0e transfer failed.
[  161.482940][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  161.484968][  T843] dw2102: command 0x0e transfer failed.
[  161.491446][ T6034] usb 7-1: Using ep0 maxpacket: 32
[  161.495686][ T6034] usb 7-1: unable to get BOS descriptor or descriptor too short
[  161.501093][ T6034] usb 7-1: string descriptor 0 read error: -22
[  161.503398][ T6034] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  161.506261][ T6034] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  161.515205][ T6034] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  161.517833][ T6034] dw2102: su3000_power_ctrl: 1, initialized 0
[  161.519789][ T6034] dvb-usb: bulk message failed: -22 (2/0)
[  161.523133][ T6034] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  161.527433][ T6034] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  161.530120][ T6034] usb 7-1: media controller created
[  161.532106][ T6034] dvb-usb: bulk message failed: -22 (6/0)
[  161.533908][ T6034] dw2102: i2c transfer failed.
[  161.535430][ T6034] dvb-usb: bulk message failed: -22 (6/0)
[  161.537261][ T6034] dw2102: i2c transfer failed.
[  161.538804][ T6034] dvb-usb: bulk message failed: -22 (6/0)
[  161.540607][ T6034] dw2102: i2c transfer failed.
[  161.542192][ T6034] dvb-usb: bulk message failed: -22 (6/0)
[  161.544003][ T6034] dw2102: i2c transfer failed.
[  161.545526][ T6034] dvb-usb: bulk message failed: -22 (6/0)
[  161.547333][ T6034] dw2102: i2c transfer failed.
[  161.549001][ T6034] dvb-usb: bulk message failed: -22 (6/0)
[  161.550782][ T6034] dw2102: i2c transfer failed.
[  161.552398][ T6034] dvb-usb: MAC address: 02:02:02:02:02:02
[  161.563432][ T6034] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  161.573073][ T6034] dvb-usb: bulk message failed: -22 (3/0)
[  161.574936][ T6034] dw2102: command 0x0e transfer failed.
[  161.576814][ T5304] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  161.579690][ T6034] dvb-usb: bulk message failed: -22 (3/0)
[  161.581684][ T6034] dw2102: command 0x0e transfer failed.
[  161.586815][T10266] FAULT_INJECTION: forcing a failure.
[  161.586815][T10266] name failslab, interval 1, probability 0, space 0, times 0
[  161.593303][T10266] CPU: 3 UID: 0 PID: 10266 Comm: syz.1.1191 Not tainted syzkaller #0 PREEMPT(full) 
[  161.593326][T10266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  161.593337][T10266] Call Trace:
[  161.593344][T10266]  <TASK>
[  161.593351][T10266]  dump_stack_lvl+0x100/0x190
[  161.593385][T10266]  should_fail_ex.cold+0x5/0xa
[  161.593412][T10266]  ? tomoyo_realpath_from_path+0xb6/0x690
[  161.593433][T10266]  should_failslab+0xc2/0x120
[  161.593452][T10266]  __kmalloc_noprof+0xe0/0x850
[  161.593477][T10266]  ? kfree+0x1dd/0x6c0
[  161.593503][T10266]  tomoyo_realpath_from_path+0xb6/0x690
[  161.593529][T10266]  tomoyo_path_number_perm+0x23c/0x580
[  161.593558][T10266]  ? tomoyo_path_number_perm+0x22e/0x580
[  161.593588][T10266]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  161.593642][T10266]  ? find_held_lock+0x2b/0x80
[  161.593659][T10266]  ? __fget_files+0x215/0x3d0
[  161.593680][T10266]  ? hook_file_ioctl_common+0x149/0x410
[  161.593702][T10266]  ? __fget_files+0x215/0x3d0
[  161.593728][T10266]  ? __fget_files+0x21f/0x3d0
[  161.593754][T10266]  security_file_ioctl+0xd3/0x230
[  161.593843][T10266]  __x64_sys_ioctl+0xb7/0x210
[  161.593863][T10266]  do_syscall_64+0x10b/0xf80
[  161.593880][T10266]  ? clear_bhb_loop+0x40/0x90
[  161.593903][T10266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  161.593922][T10266] RIP: 0033:0x7fd7f819c819
[  161.593938][T10266] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  161.593955][T10266] RSP: 002b:00007fd7f9137028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  161.593974][T10266] RAX: ffffffffffffffda RBX: 00007fd7f8415fa0 RCX: 00007fd7f819c819
[  161.593987][T10266] RDX: 00002000000005c0 RSI: 0000000000000707 RDI: 0000000000000004
[  161.593998][T10266] RBP: 00007fd7f9137090 R08: 0000000000000000 R09: 0000000000000000
[  161.594008][T10266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  161.594018][T10266] R13: 00007fd7f8416038 R14: 00007fd7f8415fa0 R15: 00007ffcd97be438
[  161.594043][T10266]  </TASK>
[  161.594051][T10266] ERROR: Out of memory at tomoyo_realpath_from_path.
[  161.741347][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  161.743272][   T10] dw2102: command 0x0e transfer failed.
[  161.745090][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  161.746983][   T10] dw2102: command 0x0e transfer failed.
[  161.748843][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  161.750679][   T10] dw2102: command 0x51 transfer failed.
[  161.752775][T10197] dvb-usb: bulk message failed: -22 (3/0)
[  161.755178][T10197] dw2102: i2c transfer failed.
[  161.764057][T10266] dvb-usb: bulk message failed: -22 (3/0)
[  161.765965][T10266] dw2102: i2c transfer failed.
[  161.767653][T10305] dvb-usb: bulk message failed: -22 (3/0)
[  161.769588][T10305] dw2102: i2c transfer failed.
[  161.785765][   T10] DVB: Unable to find symbol ds3000_attach()
[  161.787766][   T10] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  161.793846][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  161.795741][  T843] dw2102: command 0x0e transfer failed.
[  161.797551][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  161.799342][  T843] dw2102: command 0x0e transfer failed.
[  161.801104][  T843] dvb-usb: bulk message failed: -22 (1/0)
[  161.803951][  T843] dw2102: command 0x51 transfer failed.
[  161.821850][  T843] DVB: Unable to find symbol ds3000_attach()
[  161.823847][  T843] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  161.841591][   T10] rc_core: IR keymap rc-su3000 not found
[  161.843548][   T10] Registered IR keymap rc-empty
[  161.846756][   T10] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0
[  161.851137][   T10] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0/input29
[  161.867256][   T10] dvb-usb: schedule remote query interval to 150 msecs.
[  161.870241][   T10] dw2102: su3000_power_ctrl: 0, initialized 1
[  161.878164][   T10] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  161.882052][  T843] rc_core: IR keymap rc-su3000 not found
[  161.886437][  T843] Registered IR keymap rc-empty
[  161.888441][   T10] usb 9-1: USB disconnect, device number 16
[  161.890887][  T843] rc rc1: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc1
[  161.896096][ T6034] dvb-usb: bulk message failed: -22 (3/0)
[  161.900180][  T843] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc1/input30
[  161.905171][ T6034] dw2102: command 0x0e transfer failed.
[  161.906979][ T6034] dvb-usb: bulk message failed: -22 (3/0)
[  161.908916][ T6034] dw2102: command 0x0e transfer failed.
[  161.910738][ T6034] dvb-usb: bulk message failed: -22 (1/0)
[  161.913596][ T6034] dw2102: command 0x51 transfer failed.
[  161.921007][  T843] dvb-usb: schedule remote query interval to 150 msecs.
[  161.929713][  T843] dw2102: su3000_power_ctrl: 0, initialized 1
[  161.933367][  T843] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  161.946303][ T6034] DVB: Unable to find symbol ds3000_attach()
[  161.948339][ T6034] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  161.951175][  T843] usb 6-1: USB disconnect, device number 11
[  161.954366][   T10] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  161.996103][  T843] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  162.021362][ T6034] rc_core: IR keymap rc-su3000 not found
[  162.023159][ T6034] Registered IR keymap rc-empty
[  162.025881][ T6034] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  162.030739][ T6034] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input31
[  162.035617][ T6034] dvb-usb: schedule remote query interval to 150 msecs.
[  162.037885][ T6034] dw2102: su3000_power_ctrl: 0, initialized 1
[  162.039822][ T6034] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  162.044995][ T6034] usb 7-1: USB disconnect, device number 17
[  162.063708][ T6034] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  162.109037][T10329] input: syz1 as /devices/virtual/input/input32
[  162.199222][T10330] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1197'.
[  162.203180][T10331] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1197'.
[  162.336759][T10336] FAULT_INJECTION: forcing a failure.
[  162.336759][T10336] name failslab, interval 1, probability 0, space 0, times 0
[  162.343180][T10336] CPU: 1 UID: 0 PID: 10336 Comm: syz.2.1199 Not tainted syzkaller #0 PREEMPT(full) 
[  162.343203][T10336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  162.343213][T10336] Call Trace:
[  162.343219][T10336]  <TASK>
[  162.343226][T10336]  dump_stack_lvl+0x100/0x190
[  162.343251][T10336]  should_fail_ex.cold+0x5/0xa
[  162.343277][T10336]  should_failslab+0xc2/0x120
[  162.343296][T10336]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  162.343327][T10336]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  162.343352][T10336]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  162.343378][T10336]  mmu_topup_memory_caches+0x25/0x170
[  162.343403][T10336]  kvm_mmu_load+0xd6/0x23e0
[  162.343426][T10336]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  162.343454][T10336]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  162.343500][T10336]  ? __pfx_kvm_mmu_load+0x10/0x10
[  162.343522][T10336]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  162.343543][T10336]  ? kvm_check_and_inject_events+0x961/0x1070
[  162.343567][T10336]  ? record_steal_time+0x3d0/0xbc0
[  162.343588][T10336]  vcpu_run+0x39f4/0x5ca0
[  162.343622][T10336]  ? __pfx_vcpu_run+0x10/0x10
[  162.343654][T10336]  ? rcu_is_watching+0x12/0xc0
[  162.343684][T10336]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  162.343708][T10336]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  162.343739][T10336]  kvm_vcpu_ioctl+0x730/0x1720
[  162.343783][T10336]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  162.343801][T10336]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  162.343823][T10336]  ? do_vfs_ioctl+0x226/0x13e0
[  162.343841][T10336]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  162.343858][T10336]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  162.343885][T10336]  ? __fget_files+0x215/0x3d0
[  162.343905][T10336]  ? hook_file_ioctl_common+0x149/0x410
[  162.343934][T10336]  ? selinux_file_ioctl+0x13b/0x290
[  162.343950][T10336]  ? selinux_file_ioctl+0xb6/0x290
[  162.343969][T10336]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  162.343988][T10336]  __x64_sys_ioctl+0x18e/0x210
[  162.344007][T10336]  do_syscall_64+0x10b/0xf80
[  162.344024][T10336]  ? clear_bhb_loop+0x40/0x90
[  162.344045][T10336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.344063][T10336] RIP: 0033:0x7f28c939c819
[  162.344077][T10336] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  162.344093][T10336] RSP: 002b:00007f28ca307028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  162.344111][T10336] RAX: ffffffffffffffda RBX: 00007f28c9615fa0 RCX: 00007f28c939c819
[  162.344122][T10336] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  162.344132][T10336] RBP: 00007f28ca307090 R08: 0000000000000000 R09: 0000000000000000
[  162.344143][T10336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  162.344152][T10336] R13: 00007f28c9616038 R14: 00007f28c9615fa0 R15: 00007ffdfc56f4d8
[  162.344177][T10336]  </TASK>
[  162.474411][T10343] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1201'.
[  162.479586][T10343] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1201'.
[  162.485561][T10343] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1201'.
[  162.531052][T10345] netlink: 'syz.4.1202': attribute type 1 has an invalid length.
[  162.557546][T10345] 8021q: adding VLAN 0 to HW filter on device bond13
[  162.580545][T10345] bond13: (slave geneve10): making interface the new active one
[  162.586088][T10345] bond13: (slave geneve10): Enslaving as an active interface with an up link
[  162.687904][T10349] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1203'.
[  162.714482][T10354] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  162.727078][ T5304] Bluetooth: hci1: Malformed MSFT vendor event: 0x02
[  163.216094][   T40] kauditd_printk_skb: 3 callbacks suppressed
[  163.216111][   T40] audit: type=1400 audit(1776645605.287:1257): avc:  denied  { write } for  pid=10466 comm="syz.0.1209" name="001" dev="devtmpfs" ino=758 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  163.265739][T10470] ubi: mtd0 is already attached to ubi31
[  163.312249][T10472] ip6t_REJECT: ECHOREPLY is not supported
[  163.595584][   T40] audit: type=1400 audit(1776645605.667:1258): avc:  denied  { setopt } for  pid=10486 comm="syz.1.1217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  163.604999][   T40] audit: type=1400 audit(1776645605.677:1259): avc:  denied  { read } for  pid=10486 comm="syz.1.1217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  163.646791][T10487] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1217'.
[  163.651802][T10487] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1217'.
[  163.659730][T10487] geneve14: entered promiscuous mode
[  163.704029][ T5304] Bluetooth: hci0: Malformed MSFT vendor event: 0x02
[  163.811354][   T34] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[  163.961348][   T34] usb 9-1: Using ep0 maxpacket: 32
[  163.965295][   T34] usb 9-1: unable to get BOS descriptor or descriptor too short
[  163.972828][   T34] usb 9-1: string descriptor 0 read error: -22
[  163.975316][   T34] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  163.978925][   T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  163.988153][   T34] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  163.991574][   T34] dw2102: su3000_power_ctrl: 1, initialized 0
[  163.994087][   T34] dvb-usb: bulk message failed: -22 (2/0)
[  163.997861][   T34] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  164.002309][   T34] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  164.005760][   T34] usb 9-1: media controller created
[  164.007888][   T34] dvb-usb: bulk message failed: -22 (6/0)
[  164.010274][   T34] dw2102: i2c transfer failed.
[  164.012738][   T34] dvb-usb: bulk message failed: -22 (6/0)
[  164.015387][   T34] dw2102: i2c transfer failed.
[  164.017400][   T34] dvb-usb: bulk message failed: -22 (6/0)
[  164.019515][   T34] dw2102: i2c transfer failed.
[  164.021381][   T34] dvb-usb: bulk message failed: -22 (6/0)
[  164.023665][   T34] dw2102: i2c transfer failed.
[  164.025630][   T34] dvb-usb: bulk message failed: -22 (6/0)
[  164.027806][   T34] dw2102: i2c transfer failed.
[  164.029494][   T34] dvb-usb: bulk message failed: -22 (6/0)
[  164.032037][   T34] dw2102: i2c transfer failed.
[  164.033975][   T34] dvb-usb: MAC address: 02:02:02:02:02:02
[  164.045456][   T34] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  164.058294][   T34] dvb-usb: bulk message failed: -22 (3/0)
[  164.062430][   T34] dw2102: command 0x0e transfer failed.
[  164.067363][   T34] dvb-usb: bulk message failed: -22 (3/0)
[  164.069337][   T34] dw2102: command 0x0e transfer failed.
[  164.255830][T10499] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1222'.
[  164.286904][   T40] audit: type=1400 audit(1776645606.357:1260): avc:  denied  { mount } for  pid=10500 comm="syz.2.1224" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  164.306554][T10504] netlink: 'syz.1.1223': attribute type 1 has an invalid length.
[  164.332766][T10504] 8021q: adding VLAN 0 to HW filter on device bond14
[  164.346227][T10504] bond14: (slave geneve15): making interface the new active one
[  164.350764][T10504] bond14: (slave geneve15): Enslaving as an active interface with an up link
[  164.363665][ T6198] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  164.381326][   T34] dvb-usb: bulk message failed: -22 (3/0)
[  164.383393][   T34] dw2102: command 0x0e transfer failed.
[  164.385641][   T34] dvb-usb: bulk message failed: -22 (3/0)
[  164.387972][   T34] dw2102: command 0x0e transfer failed.
[  164.390285][   T34] dvb-usb: bulk message failed: -22 (1/0)
[  164.392668][   T34] dw2102: command 0x51 transfer failed.
[  164.395411][T10483] dvb-usb: bulk message failed: -22 (3/0)
[  164.397906][T10483] dw2102: i2c transfer failed.
[  164.405809][T10509] FAULT_INJECTION: forcing a failure.
[  164.405809][T10509] name failslab, interval 1, probability 0, space 0, times 0
[  164.409876][T10509] CPU: 1 UID: 0 PID: 10509 Comm: syz.1.1226 Not tainted syzkaller #0 PREEMPT(full) 
[  164.409891][T10509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  164.409898][T10509] Call Trace:
[  164.409903][T10509]  <TASK>
[  164.409907][T10509]  dump_stack_lvl+0x100/0x190
[  164.409925][T10509]  should_fail_ex.cold+0x5/0xa
[  164.409942][T10509]  should_failslab+0xc2/0x120
[  164.409954][T10509]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  164.409971][T10509]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  164.409987][T10509]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  164.410003][T10509]  mmu_topup_memory_caches+0x25/0x170
[  164.410020][T10509]  kvm_mmu_load+0xd6/0x23e0
[  164.410035][T10509]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  164.410054][T10509]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  164.410074][T10509]  ? __pfx_kvm_mmu_load+0x10/0x10
[  164.410087][T10509]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  164.410100][T10509]  ? kvm_check_and_inject_events+0x961/0x1070
[  164.410115][T10509]  ? record_steal_time+0x3d0/0xbc0
[  164.410128][T10509]  vcpu_run+0x39f4/0x5ca0
[  164.410148][T10509]  ? __pfx_vcpu_run+0x10/0x10
[  164.410168][T10509]  ? rcu_is_watching+0x12/0xc0
[  164.410187][T10509]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  164.410203][T10509]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  164.410222][T10509]  kvm_vcpu_ioctl+0x730/0x1720
[  164.410235][T10509]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  164.410246][T10509]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  164.410260][T10509]  ? do_vfs_ioctl+0x226/0x13e0
[  164.410271][T10509]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  164.410281][T10509]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  164.410298][T10509]  ? __fget_files+0x215/0x3d0
[  164.410310][T10509]  ? hook_file_ioctl_common+0x149/0x410
[  164.410332][T10509]  ? selinux_file_ioctl+0x13b/0x290
[  164.410343][T10509]  ? selinux_file_ioctl+0xb6/0x290
[  164.410354][T10509]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  164.410366][T10509]  __x64_sys_ioctl+0x18e/0x210
[  164.410377][T10509]  do_syscall_64+0x10b/0xf80
[  164.410388][T10509]  ? clear_bhb_loop+0x40/0x90
[  164.410401][T10509]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.410413][T10509] RIP: 0033:0x7fd7f819c819
[  164.410422][T10509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  164.410433][T10509] RSP: 002b:00007fd7f9137028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  164.410444][T10509] RAX: ffffffffffffffda RBX: 00007fd7f8415fa0 RCX: 00007fd7f819c819
[  164.410451][T10509] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  164.410457][T10509] RBP: 00007fd7f9137090 R08: 0000000000000000 R09: 0000000000000000
[  164.410463][T10509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  164.410480][T10509] R13: 00007fd7f8416038 R14: 00007fd7f8415fa0 R15: 00007ffcd97be438
[  164.410495][T10509]  </TASK>
[  164.414284][T10512] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  164.418362][   T34] DVB: Unable to find symbol ds3000_attach()
[  164.526449][   T34] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  164.581549][   T34] rc_core: IR keymap rc-su3000 not found
[  164.584084][   T34] Registered IR keymap rc-empty
[  164.589944][   T34] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0
[  164.596437][   T34] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0/input33
[  164.601375][ T6198] usb 5-1: Using ep0 maxpacket: 32
[  164.605947][ T6198] usb 5-1: unable to get BOS descriptor or descriptor too short
[  164.610169][   T34] dvb-usb: schedule remote query interval to 150 msecs.
[  164.613460][   T34] dw2102: su3000_power_ctrl: 0, initialized 1
[  164.616064][   T34] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  164.621845][ T6198] usb 5-1: string descriptor 0 read error: -22
[  164.624226][ T6198] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  164.628096][ T6198] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  164.632363][   T34] usb 9-1: USB disconnect, device number 17
[  164.653432][ T6198] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  164.656821][ T6198] dw2102: su3000_power_ctrl: 1, initialized 0
[  164.661472][ T6198] dvb-usb: bulk message failed: -22 (2/0)
[  164.667655][ T6198] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  164.674141][ T6198] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  164.681938][ T6198] usb 5-1: media controller created
[  164.687146][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  164.689155][ T6198] dw2102: i2c transfer failed.
[  164.695437][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  164.697455][ T6198] dw2102: i2c transfer failed.
[  164.703900][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  164.705900][ T6198] dw2102: i2c transfer failed.
[  164.708378][   T34] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  164.711552][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  164.713456][ T6198] dw2102: i2c transfer failed.
[  164.717915][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  164.719815][ T6198] dw2102: i2c transfer failed.
[  164.721462][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  164.723391][ T6198] dw2102: i2c transfer failed.
[  164.724939][ T6198] dvb-usb: MAC address: 02:02:02:02:02:02
[  164.732476][ T6198] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  164.743143][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  164.745035][ T6198] dw2102: command 0x0e transfer failed.
[  164.747077][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  164.748998][ T6198] dw2102: command 0x0e transfer failed.
[  164.786146][   T40] audit: type=1400 audit(1776645606.857:1261): avc:  denied  { connect } for  pid=10522 comm="syz.1.1229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  164.792400][   T40] audit: type=1400 audit(1776645606.867:1262): avc:  denied  { shutdown } for  pid=10522 comm="syz.1.1229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  164.798630][   T40] audit: type=1400 audit(1776645606.867:1263): avc:  denied  { create } for  pid=10522 comm="syz.1.1229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  164.849505][   T40] audit: type=1400 audit(1776645606.917:1264): avc:  denied  { setattr } for  pid=10524 comm="syz.1.1230" name="sr0" dev="devtmpfs" ino=726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:removable_device_t tclass=blk_file permissive=1
[  164.857960][T10492] FAULT_INJECTION: forcing a failure.
[  164.857960][T10492] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.863478][T10492] CPU: 2 UID: 0 PID: 10492 Comm: syz.0.1219 Not tainted syzkaller #0 PREEMPT(full) 
[  164.863494][T10492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  164.863500][T10492] Call Trace:
[  164.863505][T10492]  <TASK>
[  164.863509][T10492]  dump_stack_lvl+0x100/0x190
[  164.863528][T10492]  should_fail_ex.cold+0x5/0xa
[  164.863544][T10492]  _copy_from_user+0x2e/0xd0
[  164.863630][T10492]  kstrtouint_from_user+0xd6/0x1d0
[  164.863647][T10492]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  164.863662][T10492]  ? __lock_acquire+0x4a5/0x2630
[  164.863679][T10492]  ? lock_acquire+0x1b1/0x370
[  164.863694][T10492]  proc_fail_nth_write+0x83/0x220
[  164.863810][T10492]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  164.863825][T10492]  vfs_write+0x2aa/0x1070
[  164.863838][T10492]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  164.863850][T10492]  ? __pfx_vfs_write+0x10/0x10
[  164.863861][T10492]  ? __fget_files+0x215/0x3d0
[  164.863877][T10492]  ? __fget_files+0x21f/0x3d0
[  164.863894][T10492]  ksys_write+0x12a/0x250
[  164.863904][T10492]  ? __pfx_ksys_write+0x10/0x10
[  164.863916][T10492]  ? rcu_is_watching+0x12/0xc0
[  164.863935][T10492]  do_syscall_64+0x10b/0xf80
[  164.863946][T10492]  ? clear_bhb_loop+0x40/0x90
[  164.863959][T10492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.863970][T10492] RIP: 0033:0x7f4fc6b5d04e
[  164.863980][T10492] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  164.863991][T10492] RSP: 002b:00007f4fc79a3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  164.864002][T10492] RAX: ffffffffffffffda RBX: 00007f4fc79a46c0 RCX: 00007f4fc6b5d04e
[  164.864008][T10492] RDX: 0000000000000001 RSI: 00007f4fc79a40a0 RDI: 0000000000000004
[  164.864015][T10492] RBP: 00007f4fc79a4090 R08: 0000000000000000 R09: 0000000000000000
[  164.864021][T10492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.864027][T10492] R13: 00007f4fc6e16038 R14: 00007f4fc6e15fa0 R15: 00007ffcd3e24bc8
[  164.864040][T10492]  </TASK>
[  165.047651][ T5304] Bluetooth: hci0: Malformed MSFT vendor event: 0x02
[  165.067980][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  165.071667][ T6198] dw2102: command 0x0e transfer failed.
[  165.074494][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  165.076983][ T6198] dw2102: command 0x0e transfer failed.
[  165.079317][ T6198] dvb-usb: bulk message failed: -22 (1/0)
[  165.082515][ T6198] dw2102: command 0x51 transfer failed.
[  165.113616][ T6198] DVB: Unable to find symbol ds3000_attach()
[  165.116305][ T6198] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  165.164300][ T6198] rc_core: IR keymap rc-su3000 not found
[  165.166775][ T6198] Registered IR keymap rc-empty
[  165.172323][ T6198] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0
[  165.180866][ T6198] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input34
[  165.187161][ T6198] dvb-usb: schedule remote query interval to 150 msecs.
[  165.189413][ T6198] dw2102: su3000_power_ctrl: 0, initialized 1
[  165.191578][ T6198] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  165.198821][ T6198] usb 5-1: USB disconnect, device number 15
[  165.209181][   T40] audit: type=1326 audit(1776645607.277:1265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10541 comm="syz.0.1235" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fc6b9c819 code=0x50000
[  165.217131][   T40] audit: type=1326 audit(1776645607.277:1266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10541 comm="syz.0.1235" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4fc6b9c819 code=0x50000
[  165.221471][ T6198] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  165.521388][  T843] usb 7-1: new low-speed USB device number 18 using dummy_hcd
[  165.671353][  T843] usb 7-1: Invalid ep0 maxpacket: 32
[  165.801512][  T843] usb 7-1: new low-speed USB device number 19 using dummy_hcd
[  165.885772][T10557] __nla_validate_parse: 2 callbacks suppressed
[  165.885788][T10557] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1240'.
[  165.892915][T10557] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1240'.
[  165.897083][T10557] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1240'.
[  165.951526][  T843] usb 7-1: Invalid ep0 maxpacket: 32
[  165.951862][  T843] usb usb7-port1: attempt power cycle
[  166.025396][T10559] kvm: emulating exchange as write
[  166.140674][T10563] netlink: 'syz.1.1242': attribute type 1 has an invalid length.
[  166.189230][T10563] 8021q: adding VLAN 0 to HW filter on device bond15
[  166.200586][T10565] bond15: (slave geneve16): making interface the new active one
[  166.206695][T10565] bond15: (slave geneve16): Enslaving as an active interface with an up link
[  166.248518][T10567] FAULT_INJECTION: forcing a failure.
[  166.248518][T10567] name failslab, interval 1, probability 0, space 0, times 0
[  166.254090][T10567] CPU: 2 UID: 0 PID: 10567 Comm: syz.4.1243 Not tainted syzkaller #0 PREEMPT(full) 
[  166.254105][T10567] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  166.254112][T10567] Call Trace:
[  166.254116][T10567]  <TASK>
[  166.254120][T10567]  dump_stack_lvl+0x100/0x190
[  166.254138][T10567]  should_fail_ex.cold+0x5/0xa
[  166.254155][T10567]  should_failslab+0xc2/0x120
[  166.254168][T10567]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  166.254184][T10567]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  166.254200][T10567]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  166.254217][T10567]  mmu_topup_memory_caches+0x25/0x170
[  166.254233][T10567]  kvm_mmu_load+0xd6/0x23e0
[  166.254248][T10567]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  166.254266][T10567]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  166.254286][T10567]  ? __pfx_kvm_mmu_load+0x10/0x10
[  166.254300][T10567]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  166.254314][T10567]  ? kvm_check_and_inject_events+0x961/0x1070
[  166.254330][T10567]  ? record_steal_time+0x3d0/0xbc0
[  166.254343][T10567]  vcpu_run+0x39f4/0x5ca0
[  166.254364][T10567]  ? __pfx_vcpu_run+0x10/0x10
[  166.254384][T10567]  ? rcu_is_watching+0x12/0xc0
[  166.254403][T10567]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  166.254419][T10567]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  166.254439][T10567]  kvm_vcpu_ioctl+0x730/0x1720
[  166.254452][T10567]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.254464][T10567]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  166.254478][T10567]  ? do_vfs_ioctl+0x226/0x13e0
[  166.254490][T10567]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  166.254501][T10567]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  166.254518][T10567]  ? __fget_files+0x215/0x3d0
[  166.254531][T10567]  ? hook_file_ioctl_common+0x149/0x410
[  166.254549][T10567]  ? selinux_file_ioctl+0x13b/0x290
[  166.254560][T10567]  ? selinux_file_ioctl+0xb6/0x290
[  166.254572][T10567]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  166.254584][T10567]  __x64_sys_ioctl+0x18e/0x210
[  166.254596][T10567]  do_syscall_64+0x10b/0xf80
[  166.254606][T10567]  ? clear_bhb_loop+0x40/0x90
[  166.254620][T10567]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  166.254632][T10567] RIP: 0033:0x7f2bc139c819
[  166.254642][T10567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  166.254653][T10567] RSP: 002b:00007f2bc2343028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  166.254664][T10567] RAX: ffffffffffffffda RBX: 00007f2bc1615fa0 RCX: 00007f2bc139c819
[  166.254671][T10567] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  166.254678][T10567] RBP: 00007f2bc2343090 R08: 0000000000000000 R09: 0000000000000000
[  166.254684][T10567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  166.254691][T10567] R13: 00007f2bc1616038 R14: 00007f2bc1615fa0 R15: 00007ffc0b0e13a8
[  166.254704][T10567]  </TASK>
[  166.291991][  T843] usb 7-1: new low-speed USB device number 20 using dummy_hcd
[  166.299853][T10571] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  166.322009][  T843] usb 7-1: Invalid ep0 maxpacket: 32
[  166.430536][T10572] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1244'.
[  166.451378][  T843] usb 7-1: new low-speed USB device number 21 using dummy_hcd
[  166.472014][  T843] usb 7-1: Invalid ep0 maxpacket: 32
[  166.474047][  T843] usb usb7-port1: unable to enumerate USB device
[  166.623549][ T5304] Bluetooth: hci3: Malformed MSFT vendor event: 0x02
[  167.211237][T10582] xt_recent: hitcount (134217728) is larger than allowed maximum (65535)
[  167.274837][T10584] mkiss: ax0: crc mode is auto.
[  167.284243][T10584] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1249'.
[  167.492490][T10591] kvm: Disabled LAPIC found during irq injection
[  167.591338][  T853] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  167.751361][  T853] usb 6-1: Using ep0 maxpacket: 32
[  167.759581][  T853] usb 6-1: unable to get BOS descriptor or descriptor too short
[  167.769325][  T853] usb 6-1: string descriptor 0 read error: -22
[  167.771493][  T853] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  167.774664][  T853] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  167.787682][  T853] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  167.790396][  T853] dw2102: su3000_power_ctrl: 1, initialized 0
[  167.792806][  T853] dvb-usb: bulk message failed: -22 (2/0)
[  167.797781][  T853] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  167.810400][  T853] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  167.813798][  T853] usb 6-1: media controller created
[  167.816540][  T853] dvb-usb: bulk message failed: -22 (6/0)
[  167.818753][  T853] dw2102: i2c transfer failed.
[  167.820365][  T853] dvb-usb: bulk message failed: -22 (6/0)
[  167.822490][  T853] dw2102: i2c transfer failed.
[  167.824081][  T853] dvb-usb: bulk message failed: -22 (6/0)
[  167.825905][  T853] dw2102: i2c transfer failed.
[  167.827422][  T853] dvb-usb: bulk message failed: -22 (6/0)
[  167.829281][  T853] dw2102: i2c transfer failed.
[  167.830792][  T853] dvb-usb: bulk message failed: -22 (6/0)
[  167.833252][  T853] dw2102: i2c transfer failed.
[  167.834913][  T853] dvb-usb: bulk message failed: -22 (6/0)
[  167.836779][  T853] dw2102: i2c transfer failed.
[  167.838287][  T853] dvb-usb: MAC address: 02:02:02:02:02:02
[  167.848966][  T853] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  167.863738][  T853] dvb-usb: bulk message failed: -22 (3/0)
[  167.865597][  T853] dw2102: command 0x0e transfer failed.
[  167.867388][  T853] dvb-usb: bulk message failed: -22 (3/0)
[  167.869246][  T853] dw2102: command 0x0e transfer failed.
[  168.102272][T10602] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  168.159683][T10603] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1255'.
[  168.171456][  T853] dvb-usb: bulk message failed: -22 (3/0)
[  168.174092][  T853] dw2102: command 0x0e transfer failed.
[  168.176249][  T853] dvb-usb: bulk message failed: -22 (3/0)
[  168.178501][  T853] dw2102: command 0x0e transfer failed.
[  168.180514][  T853] dvb-usb: bulk message failed: -22 (1/0)
[  168.182832][  T853] dw2102: command 0x51 transfer failed.
[  168.184813][T10589] dvb-usb: bulk message failed: -22 (3/0)
[  168.186707][T10589] dw2102: i2c transfer failed.
[  168.208520][  T853] DVB: Unable to find symbol ds3000_attach()
[  168.210645][  T853] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  168.247388][T10607] ufs: You didn't specify the type of your ufs filesystem
[  168.247388][T10607] 
[  168.247388][T10607] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  168.247388][T10607] 
[  168.247388][T10607] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  168.259241][T10607] ufs: ufstype=old is supported read-only
[  168.262808][T10607] ufs: ufs_fill_super(): bad magic number
[  168.291495][  T853] rc_core: IR keymap rc-su3000 not found
[  168.293478][  T853] Registered IR keymap rc-empty
[  168.295648][  T853] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0
[  168.305986][  T853] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input35
[  168.311493][  T853] dvb-usb: schedule remote query interval to 150 msecs.
[  168.313800][  T853] dw2102: su3000_power_ctrl: 0, initialized 1
[  168.316008][  T853] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  168.322034][  T853] usb 6-1: USB disconnect, device number 12
[  168.351405][  T853] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  168.360984][T10614] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1259'.
[  168.364536][T10614] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1259'.
[  168.367865][T10614] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1259'.
[  168.369537][ T5304] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  168.418823][T10617] macvlan0: entered promiscuous mode
[  168.721751][T10624] netlink: 'syz.1.1262': attribute type 1 has an invalid length.
[  168.739973][T10624] 8021q: adding VLAN 0 to HW filter on device bond16
[  168.752221][T10624] bond16: (slave geneve17): making interface the new active one
[  168.756085][T10624] bond16: (slave geneve17): Enslaving as an active interface with an up link
[  168.796129][   T40] kauditd_printk_skb: 27721 callbacks suppressed
[  168.796146][   T40] audit: type=1400 audit(1776645610.867:28988): avc:  denied  { shutdown } for  pid=10626 comm="syz.1.1263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  168.850471][   T40] audit: type=1400 audit(1776645610.917:28989): avc:  denied  { accept } for  pid=10626 comm="syz.1.1263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  168.906709][T10630] FAULT_INJECTION: forcing a failure.
[  168.906709][T10630] name failslab, interval 1, probability 0, space 0, times 0
[  168.912132][T10630] CPU: 3 UID: 0 PID: 10630 Comm: syz.1.1264 Not tainted syzkaller #0 PREEMPT(full) 
[  168.912154][T10630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  168.912164][T10630] Call Trace:
[  168.912170][T10630]  <TASK>
[  168.912177][T10630]  dump_stack_lvl+0x100/0x190
[  168.912216][T10630]  should_fail_ex.cold+0x5/0xa
[  168.912240][T10630]  should_failslab+0xc2/0x120
[  168.912258][T10630]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  168.912282][T10630]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  168.912311][T10630]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  168.912335][T10630]  mmu_topup_memory_caches+0x25/0x170
[  168.912359][T10630]  kvm_mmu_load+0xd6/0x23e0
[  168.912381][T10630]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  168.912408][T10630]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  168.912437][T10630]  ? __pfx_kvm_mmu_load+0x10/0x10
[  168.912454][T10630]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  168.912473][T10630]  ? kvm_check_and_inject_events+0x961/0x1070
[  168.912497][T10630]  ? record_steal_time+0x3d0/0xbc0
[  168.912516][T10630]  vcpu_run+0x39f4/0x5ca0
[  168.912548][T10630]  ? __pfx_vcpu_run+0x10/0x10
[  168.912576][T10630]  ? rcu_is_watching+0x12/0xc0
[  168.912605][T10630]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  168.912628][T10630]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  168.912658][T10630]  kvm_vcpu_ioctl+0x730/0x1720
[  168.912676][T10630]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  168.912692][T10630]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  168.912714][T10630]  ? do_vfs_ioctl+0x226/0x13e0
[  168.912732][T10630]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  168.912749][T10630]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  168.912776][T10630]  ? __fget_files+0x215/0x3d0
[  168.912794][T10630]  ? hook_file_ioctl_common+0x149/0x410
[  168.912821][T10630]  ? selinux_file_ioctl+0x13b/0x290
[  168.912837][T10630]  ? selinux_file_ioctl+0xb6/0x290
[  168.912855][T10630]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  168.912874][T10630]  __x64_sys_ioctl+0x18e/0x210
[  168.912892][T10630]  do_syscall_64+0x10b/0xf80
[  168.912907][T10630]  ? clear_bhb_loop+0x40/0x90
[  168.912928][T10630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.912945][T10630] RIP: 0033:0x7fd7f819c819
[  168.912960][T10630] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  168.912976][T10630] RSP: 002b:00007fd7f9137028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  168.912993][T10630] RAX: ffffffffffffffda RBX: 00007fd7f8415fa0 RCX: 00007fd7f819c819
[  168.913005][T10630] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  168.913014][T10630] RBP: 00007fd7f9137090 R08: 0000000000000000 R09: 0000000000000000
[  168.913023][T10630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  168.913031][T10630] R13: 00007fd7f8416038 R14: 00007fd7f8415fa0 R15: 00007ffcd97be438
[  168.913054][T10630]  </TASK>
[  169.144291][   T40] audit: type=1400 audit(1776645611.207:28990): avc:  denied  { map } for  pid=10636 comm="syz.0.1267" path="socket:[42397]" dev="sockfs" ino=42397 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  169.152931][   T40] audit: type=1400 audit(1776645611.207:28991): avc:  denied  { accept } for  pid=10636 comm="syz.0.1267" path="socket:[42397]" dev="sockfs" ino=42397 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  169.518216][  T843] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  169.576533][ T5304] Bluetooth: hci1: Malformed MSFT vendor event: 0x02
[  169.610305][T10768] blk_print_req_error: 55 callbacks suppressed
[  169.610319][T10768] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.616754][T10768] buffer_io_error: 54 callbacks suppressed
[  169.616764][T10768] Buffer I/O error on dev nbd0, logical block 0, async page read
[  169.618695][T10761] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  169.624033][T10768] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.627398][T10768] Buffer I/O error on dev nbd0, logical block 1, async page read
[  169.630031][T10768] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.638112][T10768] Buffer I/O error on dev nbd0, logical block 2, async page read
[  169.640699][T10768] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.643797][T10768] Buffer I/O error on dev nbd0, logical block 3, async page read
[  169.646761][T10768] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.649614][T10768] Buffer I/O error on dev nbd0, logical block 0, async page read
[  169.652459][T10768] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.655819][T10768] Buffer I/O error on dev nbd0, logical block 1, async page read
[  169.658494][T10768] I/O error, dev nbd0, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.661989][T10768] Buffer I/O error on dev nbd0, logical block 2, async page read
[  169.664572][T10768] I/O error, dev nbd0, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.667430][T10768] Buffer I/O error on dev nbd0, logical block 3, async page read
[  169.669965][T10768] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.673477][T10768] Buffer I/O error on dev nbd0, logical block 0, async page read
[  169.676110][T10768] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  169.678960][T10768] Buffer I/O error on dev nbd0, logical block 1, async page read
[  169.682639][T10770] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1275'.
[  169.684759][T10768] ldm_validate_partition_table(): Disk read failed.
[  169.689462][T10768] Dev nbd0: unable to read RDB block 0
[  169.695145][T10768]  nbd0: unable to read partition table
[  169.697746][T10768] JFS: discard option not supported on device
[  169.703503][T10768] Mount JFS Failure: -5
[  169.721345][  T843] usb 6-1: Using ep0 maxpacket: 32
[  169.727000][  T843] usb 6-1: unable to get BOS descriptor or descriptor too short
[  169.733611][  T843] usb 6-1: string descriptor 0 read error: -22
[  169.735790][  T843] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  169.738633][  T843] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  169.759543][  T843] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  169.763263][  T843] dw2102: su3000_power_ctrl: 1, initialized 0
[  169.765720][  T843] dvb-usb: bulk message failed: -22 (2/0)
[  169.773221][  T843] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  169.777458][  T843] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  169.781003][  T843] usb 6-1: media controller created
[  169.783446][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  169.785730][  T843] dw2102: i2c transfer failed.
[  169.787850][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  169.790181][  T843] dw2102: i2c transfer failed.
[  169.791930][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  169.794047][  T843] dw2102: i2c transfer failed.
[  169.794049][T10769] hpfs: hpfs_map_sector(): read error
[  169.795957][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  169.795985][  T843] dw2102: i2c transfer failed.
[  169.795992][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  169.795998][  T843] dw2102: i2c transfer failed.
[  169.796004][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  169.809018][  T843] dw2102: i2c transfer failed.
[  169.810810][  T843] dvb-usb: MAC address: 02:02:02:02:02:02
[  169.823825][  T843] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  169.839213][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  169.841727][  T843] dw2102: command 0x0e transfer failed.
[  169.843700][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  169.845494][  T843] dw2102: command 0x0e transfer failed.
[  170.161403][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  170.163900][  T843] dw2102: command 0x0e transfer failed.
[  170.166010][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  170.168497][  T843] dw2102: command 0x0e transfer failed.
[  170.170963][  T843] dvb-usb: bulk message failed: -22 (1/0)
[  170.173404][  T843] dw2102: command 0x51 transfer failed.
[  170.175831][T10650] dvb-usb: bulk message failed: -22 (3/0)
[  170.176601][T10774] netlink: 'syz.2.1279': attribute type 1 has an invalid length.
[  170.182041][T10650] dw2102: i2c transfer failed.
[  170.202538][  T843] DVB: Unable to find symbol ds3000_attach()
[  170.205482][  T843] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  170.206341][T10774] 8021q: adding VLAN 0 to HW filter on device bond15
[  170.225169][T10774] bond15: (slave geneve14): making interface the new active one
[  170.228894][T10774] bond15: (slave geneve14): Enslaving as an active interface with an up link
[  170.251731][ T6198] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  170.263362][  T843] rc_core: IR keymap rc-su3000 not found
[  170.265899][  T843] Registered IR keymap rc-empty
[  170.269260][  T843] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0
[  170.275318][  T843] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input36
[  170.282939][  T843] dvb-usb: schedule remote query interval to 150 msecs.
[  170.288326][  T843] dw2102: su3000_power_ctrl: 0, initialized 1
[  170.290965][  T843] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  170.310472][  T843] usb 6-1: USB disconnect, device number 13
[  170.340914][  T843] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  170.366902][T10785] FAULT_INJECTION: forcing a failure.
[  170.366902][T10785] name failslab, interval 1, probability 0, space 0, times 0
[  170.373439][T10785] CPU: 3 UID: 0 PID: 10785 Comm: syz.2.1282 Not tainted syzkaller #0 PREEMPT(full) 
[  170.373461][T10785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  170.373470][T10785] Call Trace:
[  170.373477][T10785]  <TASK>
[  170.373483][T10785]  dump_stack_lvl+0x100/0x190
[  170.373577][T10785]  should_fail_ex.cold+0x5/0xa
[  170.373687][T10785]  should_failslab+0xc2/0x120
[  170.373757][T10785]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  170.373835][T10785]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  170.373904][T10785]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  170.373927][T10785]  mmu_topup_memory_caches+0x25/0x170
[  170.374000][T10785]  kvm_mmu_load+0xd6/0x23e0
[  170.374025][T10785]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  170.374106][T10785]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  170.374133][T10785]  ? __pfx_kvm_mmu_load+0x10/0x10
[  170.374151][T10785]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  170.374170][T10785]  ? kvm_check_and_inject_events+0x961/0x1070
[  170.374192][T10785]  ? record_steal_time+0x3d0/0xbc0
[  170.374211][T10785]  vcpu_run+0x39f4/0x5ca0
[  170.374240][T10785]  ? __pfx_vcpu_run+0x10/0x10
[  170.374268][T10785]  ? rcu_is_watching+0x12/0xc0
[  170.374348][T10785]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  170.374369][T10785]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  170.374419][T10785]  kvm_vcpu_ioctl+0x730/0x1720
[  170.374438][T10785]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  170.374455][T10785]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  170.374531][T10785]  ? do_vfs_ioctl+0x226/0x13e0
[  170.374621][T10785]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  170.374636][T10785]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  170.374714][T10785]  ? __fget_files+0x215/0x3d0
[  170.374780][T10785]  ? hook_file_ioctl_common+0x149/0x410
[  170.374806][T10785]  ? selinux_file_ioctl+0x13b/0x290
[  170.374821][T10785]  ? selinux_file_ioctl+0xb6/0x290
[  170.374839][T10785]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  170.374855][T10785]  __x64_sys_ioctl+0x18e/0x210
[  170.374872][T10785]  do_syscall_64+0x10b/0xf80
[  170.374945][T10785]  ? clear_bhb_loop+0x40/0x90
[  170.374965][T10785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  170.374981][T10785] RIP: 0033:0x7f28c939c819
[  170.374994][T10785] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  170.375009][T10785] RSP: 002b:00007f28ca307028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  170.375080][T10785] RAX: ffffffffffffffda RBX: 00007f28c9615fa0 RCX: 00007f28c939c819
[  170.375089][T10785] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  170.375098][T10785] RBP: 00007f28ca307090 R08: 0000000000000000 R09: 0000000000000000
[  170.375107][T10785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  170.375116][T10785] R13: 00007f28c9616038 R14: 00007f28c9615fa0 R15: 00007ffdfc56f4d8
[  170.375137][T10785]  </TASK>
[  170.399464][   T40] audit: type=1400 audit(1776645612.457:28992): avc:  denied  { getopt } for  pid=10787 comm="syz.4.1283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  170.424301][ T6198] usb 5-1: Using ep0 maxpacket: 32
[  170.483841][ T6198] usb 5-1: unable to get BOS descriptor or descriptor too short
[  170.489589][ T6198] usb 5-1: string descriptor 0 read error: -22
[  170.491873][ T6198] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  170.494894][ T6198] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  170.504168][ T6198] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  170.506966][ T6198] dw2102: su3000_power_ctrl: 1, initialized 0
[  170.508992][ T6198] dvb-usb: bulk message failed: -22 (2/0)
[  170.514083][ T6198] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  170.517646][ T6198] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  170.520387][ T6198] usb 5-1: media controller created
[  170.522212][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  170.524082][ T6198] dw2102: i2c transfer failed.
[  170.525710][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  170.527590][ T6198] dw2102: i2c transfer failed.
[  170.529270][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  170.531095][ T6198] dw2102: i2c transfer failed.
[  170.533111][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  170.535089][ T6198] dw2102: i2c transfer failed.
[  170.536551][   T40] audit: type=1400 audit(1776645612.607:28993): avc:  denied  { getopt } for  pid=10790 comm="syz.2.1284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  170.536696][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  170.544787][ T6198] dw2102: i2c transfer failed.
[  170.546433][ T6198] dvb-usb: bulk message failed: -22 (6/0)
[  170.548310][ T6198] dw2102: i2c transfer failed.
[  170.549903][ T6198] dvb-usb: MAC address: 02:02:02:02:02:02
[  170.561051][ T6198] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  170.573880][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  170.575945][ T6198] dw2102: command 0x0e transfer failed.
[  170.577797][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  170.579883][ T6198] dw2102: command 0x0e transfer failed.
[  170.719983][   T40] audit: type=1400 audit(1776645612.787:28994): avc:  denied  { write } for  pid=10795 comm="syz.1.1286" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  170.800273][ T5304] Bluetooth: hci1: Malformed MSFT vendor event: 0x02
[  170.891325][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  170.893388][ T6198] dw2102: command 0x0e transfer failed.
[  170.895264][ T6198] dvb-usb: bulk message failed: -22 (3/0)
[  170.897266][ T6198] dw2102: command 0x0e transfer failed.
[  170.899114][ T6198] dvb-usb: bulk message failed: -22 (1/0)
[  170.901109][ T6198] dw2102: command 0x51 transfer failed.
[  170.922852][ T6198] DVB: Unable to find symbol ds3000_attach()
[  170.924949][ T6198] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  170.971814][ T6198] rc_core: IR keymap rc-su3000 not found
[  170.973686][ T6198] Registered IR keymap rc-empty
[  170.977822][ T6198] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0
[  170.982432][ T6198] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.0/usb5/5-1/rc/rc0/input37
[  170.987301][ T6198] dvb-usb: schedule remote query interval to 150 msecs.
[  170.989746][ T6198] dw2102: su3000_power_ctrl: 0, initialized 1
[  170.992045][ T6198] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  171.007048][ T6198] usb 5-1: USB disconnect, device number 16
[  171.026916][ T6198] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  171.405094][   T40] audit: type=1400 audit(1776645613.477:28995): avc:  denied  { write } for  pid=10808 comm="syz.0.1290" name="sg0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  171.410458][T10816] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1292'.
[  171.415099][   T40] audit: type=1400 audit(1776645613.477:28996): avc:  denied  { read append } for  pid=10808 comm="syz.0.1290" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  171.416826][T10816] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1292'.
[  171.426418][   T40] audit: type=1400 audit(1776645613.477:28997): avc:  denied  { open } for  pid=10808 comm="syz.0.1290" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  171.428906][T10816] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1292'.
[  171.474330][T10823] netlink: 'syz.2.1294': attribute type 1 has an invalid length.
[  171.478977][   T13] nci: nci_rsp_packet: unknown rsp opcode 0x3f
[  171.498008][T10823] 8021q: adding VLAN 0 to HW filter on device bond16
[  171.518780][T10823] bond16: (slave geneve15): making interface the new active one
[  171.522456][T10823] bond16: (slave geneve15): Enslaving as an active interface with an up link
[  171.613787][T10834] i2c i2c-1: Frontend requested software zigzag, but didn't set the frequency step size
[  171.682354][T10839] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  171.686777][T10840] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  171.691184][T10840] FAULT_INJECTION: forcing a failure.
[  171.691184][T10840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  171.698248][T10840] CPU: 0 UID: 0 PID: 10840 Comm: syz.1.1298 Not tainted syzkaller #0 PREEMPT(full) 
[  171.698286][T10840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  171.698296][T10840] Call Trace:
[  171.698302][T10840]  <TASK>
[  171.698313][T10840]  dump_stack_lvl+0x100/0x190
[  171.698338][T10840]  should_fail_ex.cold+0x5/0xa
[  171.698369][T10840]  _copy_from_user+0x2e/0xd0
[  171.698458][T10840]  copy_msghdr_from_user+0x9f/0x4f0
[  171.698544][T10840]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  171.698576][T10840]  ___sys_sendmsg+0x106/0x1e0
[  171.698599][T10840]  ? __pfx____sys_sendmsg+0x10/0x10
[  171.698645][T10840]  __sys_sendmsg+0x170/0x220
[  171.698664][T10840]  ? __pfx___sys_sendmsg+0x10/0x10
[  171.698689][T10840]  ? rcu_is_watching+0x12/0xc0
[  171.698716][T10840]  do_syscall_64+0x10b/0xf80
[  171.698754][T10840]  ? clear_bhb_loop+0x40/0x90
[  171.698774][T10840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.698790][T10840] RIP: 0033:0x7fd7f819c819
[  171.698804][T10840] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  171.698819][T10840] RSP: 002b:00007fd7f9116028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  171.698836][T10840] RAX: ffffffffffffffda RBX: 00007fd7f8416090 RCX: 00007fd7f819c819
[  171.698846][T10840] RDX: 0000000000000000 RSI: 00002000000015c0 RDI: 0000000000000007
[  171.698855][T10840] RBP: 00007fd7f9116090 R08: 0000000000000000 R09: 0000000000000000
[  171.698865][T10840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  171.698874][T10840] R13: 00007fd7f8416128 R14: 00007fd7f8416090 R15: 00007ffcd97be438
[  171.698895][T10840]  </TASK>
[  171.699878][T10840] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1298'.
[  171.782960][T10841] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1297'.
[  171.826225][T10844] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1300'.
[  171.992051][ T5304] Bluetooth: hci3: Malformed MSFT vendor event: 0x02
[  172.666312][T10849] FAULT_INJECTION: forcing a failure.
[  172.666312][T10849] name failslab, interval 1, probability 0, space 0, times 0
[  172.670614][T10849] CPU: 2 UID: 0 PID: 10849 Comm: syz.2.1302 Not tainted syzkaller #0 PREEMPT(full) 
[  172.670629][T10849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  172.670636][T10849] Call Trace:
[  172.670691][T10849]  <TASK>
[  172.670695][T10849]  dump_stack_lvl+0x100/0x190
[  172.670798][T10849]  should_fail_ex.cold+0x5/0xa
[  172.670939][T10849]  should_failslab+0xc2/0x120
[  172.671024][T10849]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  172.671084][T10849]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  172.671144][T10849]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  172.671160][T10849]  mmu_topup_memory_caches+0x25/0x170
[  172.671222][T10849]  kvm_mmu_load+0xd6/0x23e0
[  172.671236][T10849]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  172.671291][T10849]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  172.671311][T10849]  ? __pfx_kvm_mmu_load+0x10/0x10
[  172.671329][T10849]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  172.671342][T10849]  ? kvm_check_and_inject_events+0x961/0x1070
[  172.671358][T10849]  ? record_steal_time+0x3d0/0xbc0
[  172.671371][T10849]  vcpu_run+0x39f4/0x5ca0
[  172.671392][T10849]  ? __pfx_vcpu_run+0x10/0x10
[  172.671411][T10849]  ? rcu_is_watching+0x12/0xc0
[  172.671469][T10849]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  172.671484][T10849]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  172.671503][T10849]  kvm_vcpu_ioctl+0x730/0x1720
[  172.671516][T10849]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  172.671528][T10849]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  172.671587][T10849]  ? do_vfs_ioctl+0x226/0x13e0
[  172.671640][T10849]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  172.671650][T10849]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  172.671753][T10849]  ? __fget_files+0x215/0x3d0
[  172.671805][T10849]  ? hook_file_ioctl_common+0x149/0x410
[  172.671824][T10849]  ? selinux_file_ioctl+0x13b/0x290
[  172.671834][T10849]  ? selinux_file_ioctl+0xb6/0x290
[  172.671846][T10849]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  172.671857][T10849]  __x64_sys_ioctl+0x18e/0x210
[  172.671869][T10849]  do_syscall_64+0x10b/0xf80
[  172.671918][T10849]  ? clear_bhb_loop+0x40/0x90
[  172.671933][T10849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  172.671944][T10849] RIP: 0033:0x7f28c939c819
[  172.671955][T10849] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  172.671966][T10849] RSP: 002b:00007f28ca307028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  172.672062][T10849] RAX: ffffffffffffffda RBX: 00007f28c9615fa0 RCX: 00007f28c939c819
[  172.672071][T10849] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  172.672077][T10849] RBP: 00007f28ca307090 R08: 0000000000000000 R09: 0000000000000000
[  172.672083][T10849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  172.672089][T10849] R13: 00007f28c9616038 R14: 00007f28c9615fa0 R15: 00007ffdfc56f4d8
[  172.672103][T10849]  </TASK>
[  172.747249][T10852] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  173.161709][   T10] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  173.234768][T10868] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  173.311486][  T843] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  173.313962][   T10] usb 7-1: Using ep0 maxpacket: 32
[  173.318258][   T10] usb 7-1: unable to get BOS descriptor or descriptor too short
[  173.327690][   T10] usb 7-1: string descriptor 0 read error: -22
[  173.329927][   T10] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  173.334206][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  173.346432][   T10] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  173.349094][   T10] dw2102: su3000_power_ctrl: 1, initialized 0
[  173.351043][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  173.357725][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  173.361566][   T10] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  173.364304][   T10] usb 7-1: media controller created
[  173.366060][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  173.367903][   T10] dw2102: i2c transfer failed.
[  173.369432][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  173.371870][   T10] dw2102: i2c transfer failed.
[  173.373430][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  173.375268][   T10] dw2102: i2c transfer failed.
[  173.376833][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  173.378765][   T10] dw2102: i2c transfer failed.
[  173.380337][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  173.382585][   T10] dw2102: i2c transfer failed.
[  173.384151][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  173.386062][   T10] dw2102: i2c transfer failed.
[  173.387743][   T10] dvb-usb: MAC address: 02:02:02:02:02:02
[  173.398698][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  173.413232][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  173.415169][   T10] dw2102: command 0x0e transfer failed.
[  173.417029][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  173.418795][   T10] dw2102: command 0x0e transfer failed.
[  173.461487][  T843] usb 6-1: Using ep0 maxpacket: 32
[  173.464745][  T843] usb 6-1: unable to get BOS descriptor or descriptor too short
[  173.470261][  T843] usb 6-1: string descriptor 0 read error: -22
[  173.472377][  T843] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  173.475476][  T843] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  173.484740][  T843] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  173.487367][  T843] dw2102: su3000_power_ctrl: 1, initialized 0
[  173.489356][  T843] dvb-usb: bulk message failed: -22 (2/0)
[  173.494676][  T843] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  173.498030][  T843] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  173.500716][  T843] usb 6-1: media controller created
[  173.503105][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  173.504966][  T843] dw2102: i2c transfer failed.
[  173.506508][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  173.508355][  T843] dw2102: i2c transfer failed.
[  173.509876][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  173.511814][  T843] dw2102: i2c transfer failed.
[  173.513347][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  173.515139][  T843] dw2102: i2c transfer failed.
[  173.516673][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  173.518475][  T843] dw2102: i2c transfer failed.
[  173.520037][  T843] dvb-usb: bulk message failed: -22 (6/0)
[  173.521956][  T843] dw2102: i2c transfer failed.
[  173.523462][  T843] dvb-usb: MAC address: 02:02:02:02:02:02
[  173.530805][  T843] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  173.542194][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  173.544217][  T843] dw2102: command 0x0e transfer failed.
[  173.546288][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  173.548171][  T843] dw2102: command 0x0e transfer failed.
[  173.620817][T10881] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  173.624346][T10881] UDF-fs: Scanning with blocksize 2048 failed
[  173.627937][T10881] UDF-fs: warning (device sr0): udf_load_vrs: No VRS found
[  173.631056][T10881] UDF-fs: Scanning with blocksize 4096 failed
[  173.731392][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  173.733499][   T10] dw2102: command 0x0e transfer failed.
[  173.735347][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  173.737218][   T10] dw2102: command 0x0e transfer failed.
[  173.739012][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  173.740847][   T10] dw2102: command 0x51 transfer failed.
[  173.743870][T10866] dvb-usb: bulk message failed: -22 (3/0)
[  173.746207][T10866] dw2102: i2c transfer failed.
[  173.775228][   T10] DVB: Unable to find symbol ds3000_attach()
[  173.777223][   T10] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  173.821468][   T10] rc_core: IR keymap rc-su3000 not found
[  173.823466][   T10] Registered IR keymap rc-empty
[  173.825857][   T10] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0
[  173.831132][   T10] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.2/usb7/7-1/rc/rc0/input38
[  173.837912][   T10] dvb-usb: schedule remote query interval to 150 msecs.
[  173.840926][   T10] dw2102: su3000_power_ctrl: 0, initialized 1
[  173.850657][   T10] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  173.854965][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  173.857269][  T843] dw2102: command 0x0e transfer failed.
[  173.862511][   T10] usb 7-1: USB disconnect, device number 22
[  173.865602][  T843] dvb-usb: bulk message failed: -22 (3/0)
[  173.867845][  T843] dw2102: command 0x0e transfer failed.
[  173.875020][  T843] dvb-usb: bulk message failed: -22 (1/0)
[  173.876896][  T843] dw2102: command 0x51 transfer failed.
[  173.895897][   T10] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  173.909328][  T843] DVB: Unable to find symbol ds3000_attach()
[  173.912531][  T843] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  173.961445][  T843] rc_core: IR keymap rc-su3000 not found
[  173.963919][  T843] Registered IR keymap rc-empty
[  173.968695][  T843] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0
[  173.976216][  T843] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.1/usb6/6-1/rc/rc0/input39
[  173.982528][  T843] dvb-usb: schedule remote query interval to 150 msecs.
[  173.985464][  T843] dw2102: su3000_power_ctrl: 0, initialized 1
[  173.987982][  T843] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  173.994357][  T843] usb 6-1: USB disconnect, device number 14
[  174.022027][  T843] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  174.092370][   T40] kauditd_printk_skb: 4 callbacks suppressed
[  174.092381][   T40] audit: type=1400 audit(1776645616.167:29002): avc:  denied  { getopt } for  pid=10886 comm="syz.2.1314" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  174.183235][ T5304] Bluetooth: hci1: Malformed MSFT vendor event: 0x02
[  174.351411][T10809] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  174.621994][T11005] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1320'.
[  174.626699][T11005] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1320'.
[  174.636703][T11004] netlink: 'syz.1.1321': attribute type 1 has an invalid length.
[  174.712736][T11004] 8021q: adding VLAN 0 to HW filter on device bond17
[  174.730219][T11009] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  174.738062][T11011] bond17: (slave geneve18): making interface the new active one
[  174.752835][T11011] bond17: (slave geneve18): Enslaving as an active interface with an up link
[  174.862646][   T40] audit: type=1404 audit(1776645616.937:29003): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  174.870006][   T40] audit: type=1400 audit(1776645616.937:29004): avc:  denied  { read write } for  pid=5950 comm="syz-executor" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[  174.883404][   T40] audit: type=1404 audit(1776645616.957:29005): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  174.887823][T11025] loop2: detected capacity change from 0 to 7
[  174.888624][   T40] audit: type=1400 audit(1776645616.957:29006): avc:  denied  { read } for  pid=11024 comm="syz.2.1327" name="loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  174.892914][T11025] Dev loop2: unable to read RDB block 7
[  174.896492][T11023] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  174.897904][   T40] audit: type=1400 audit(1776645616.957:29007): avc:  denied  { open } for  pid=11024 comm="syz.2.1327" path="/dev/loop2" dev="devtmpfs" ino=660 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  174.899647][T11025]  loop2: unable to read partition table
[  174.901973][   T40] audit: type=1400 audit(1776645616.957:29008): avc:  denied  { ioctl } for  pid=11024 comm="syz.2.1327" path="/dev/loop2" dev="devtmpfs" ino=660 ioctlcmd=0x4c0a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  174.910135][T11025] loop2: partition table beyond EOD, truncated
[  174.921948][T11025] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑච) failed (rc=-5)
[  174.951775][   T40] audit: type=1400 audit(1776645617.017:29009): avc:  denied  { write } for  pid=5951 comm="syz-executor" name="loop0" dev="devtmpfs" ino=658 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  174.969592][   T40] audit: type=1400 audit(1776645617.037:29010): avc:  denied  { read append } for  pid=11027 comm="syz.0.1328" name="card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  174.977959][   T40] audit: type=1400 audit(1776645617.047:29011): avc:  denied  { open } for  pid=11027 comm="syz.0.1328" path="/dev/dri/card1" dev="devtmpfs" ino=636 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  175.037306][T11030] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1329'.
[  175.196069][T11032] FAULT_INJECTION: forcing a failure.
[  175.196069][T11032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  175.201661][T11032] CPU: 0 UID: 0 PID: 11032 Comm: syz.0.1330 Not tainted syzkaller #0 PREEMPT(full) 
[  175.201677][T11032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  175.201683][T11032] Call Trace:
[  175.201689][T11032]  <TASK>
[  175.201693][T11032]  dump_stack_lvl+0x100/0x190
[  175.201856][T11032]  should_fail_ex.cold+0x5/0xa
[  175.201983][T11032]  _copy_to_user+0x32/0xd0
[  175.202053][T11032]  simple_read_from_buffer+0xcb/0x170
[  175.202109][T11032]  proc_fail_nth_read+0x1af/0x230
[  175.202197][T11032]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  175.202216][T11032]  ? rw_verify_area+0xce/0x6d0
[  175.202309][T11032]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  175.202327][T11032]  vfs_read+0x1e4/0xb30
[  175.202340][T11032]  ? __pfx_vfs_read+0x10/0x10
[  175.202350][T11032]  ? __fget_files+0x215/0x3d0
[  175.202367][T11032]  ? __fget_files+0x21f/0x3d0
[  175.202383][T11032]  ksys_read+0x12a/0x250
[  175.202393][T11032]  ? __pfx_ksys_read+0x10/0x10
[  175.202405][T11032]  ? rcu_is_watching+0x12/0xc0
[  175.202521][T11032]  do_syscall_64+0x10b/0xf80
[  175.202587][T11032]  ? clear_bhb_loop+0x40/0x90
[  175.202601][T11032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.202613][T11032] RIP: 0033:0x7f4fc6b5d04e
[  175.202622][T11032] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  175.202632][T11032] RSP: 002b:00007f4fc79a3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  175.202753][T11032] RAX: ffffffffffffffda RBX: 00007f4fc79a46c0 RCX: 00007f4fc6b5d04e
[  175.202760][T11032] RDX: 000000000000000f RSI: 00007f4fc79a40a0 RDI: 000000000000000c
[  175.202767][T11032] RBP: 00007f4fc79a4090 R08: 0000000000000000 R09: 0000000000000000
[  175.202773][T11032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  175.202779][T11032] R13: 00007f4fc6e16038 R14: 00007f4fc6e15fa0 R15: 00007ffcd3e24bc8
[  175.202792][T11032]  </TASK>
[  175.502891][ T5304] Bluetooth: hci1: Malformed MSFT vendor event: 0x02
[  175.562250][T11142] FAULT_INJECTION: forcing a failure.
[  175.562250][T11142] name failslab, interval 1, probability 0, space 0, times 0
[  175.566354][T11142] CPU: 1 UID: 0 PID: 11142 Comm: syz.0.1334 Not tainted syzkaller #0 PREEMPT(full) 
[  175.566369][T11142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  175.566375][T11142] Call Trace:
[  175.566380][T11142]  <TASK>
[  175.566384][T11142]  dump_stack_lvl+0x100/0x190
[  175.566402][T11142]  should_fail_ex.cold+0x5/0xa
[  175.566418][T11142]  should_failslab+0xc2/0x120
[  175.566520][T11142]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  175.566591][T11142]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  175.566656][T11142]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  175.566672][T11142]  mmu_topup_memory_caches+0x25/0x170
[  175.566751][T11142]  kvm_mmu_load+0xd6/0x23e0
[  175.566766][T11142]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  175.566855][T11142]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  175.566874][T11142]  ? __pfx_kvm_mmu_load+0x10/0x10
[  175.566887][T11142]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  175.566899][T11142]  ? kvm_check_and_inject_events+0x961/0x1070
[  175.566915][T11142]  ? record_steal_time+0x3d0/0xbc0
[  175.566928][T11142]  vcpu_run+0x39f4/0x5ca0
[  175.566949][T11142]  ? __pfx_vcpu_run+0x10/0x10
[  175.566968][T11142]  ? rcu_is_watching+0x12/0xc0
[  175.566988][T11142]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  175.567007][T11142]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  175.567027][T11142]  kvm_vcpu_ioctl+0x730/0x1720
[  175.567039][T11142]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  175.567051][T11142]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  175.567147][T11142]  ? do_vfs_ioctl+0x226/0x13e0
[  175.567158][T11142]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  175.567168][T11142]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  175.567219][T11142]  ? __fget_files+0x215/0x3d0
[  175.567231][T11142]  ? hook_file_ioctl_common+0x149/0x410
[  175.567249][T11142]  ? selinux_file_ioctl+0x13b/0x290
[  175.567260][T11142]  ? selinux_file_ioctl+0xb6/0x290
[  175.567271][T11142]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  175.567283][T11142]  __x64_sys_ioctl+0x18e/0x210
[  175.567294][T11142]  do_syscall_64+0x10b/0xf80
[  175.567305][T11142]  ? clear_bhb_loop+0x40/0x90
[  175.567319][T11142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.567330][T11142] RIP: 0033:0x7f4fc6b9c819
[  175.567341][T11142] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  175.567352][T11142] RSP: 002b:00007f4fc79a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  175.567363][T11142] RAX: ffffffffffffffda RBX: 00007f4fc6e15fa0 RCX: 00007f4fc6b9c819
[  175.567370][T11142] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  175.567376][T11142] RBP: 00007f4fc79a4090 R08: 0000000000000000 R09: 0000000000000000
[  175.567382][T11142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  175.567388][T11142] R13: 00007f4fc6e16038 R14: 00007f4fc6e15fa0 R15: 00007ffcd3e24bc8
[  175.567402][T11142]  </TASK>
[  176.001437][ T1040] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[  176.143997][T11159] binder: 11157:11159 ioctl c0306201 200000000640 returned -22
[  176.172203][ T1040] usb 9-1: Using ep0 maxpacket: 32
[  176.175859][ T1040] usb 9-1: unable to get BOS descriptor or descriptor too short
[  176.185439][ T1040] usb 9-1: string descriptor 0 read error: -22
[  176.187812][ T1040] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  176.190756][ T1040] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  176.203600][ T1040] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  176.206390][ T1040] dw2102: su3000_power_ctrl: 1, initialized 0
[  176.208361][ T1040] dvb-usb: bulk message failed: -22 (2/0)
[  176.211660][  T853] usb 6-1: new full-speed USB device number 15 using dummy_hcd
[  176.213407][ T1040] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  176.218435][ T1040] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  176.222196][ T1040] usb 9-1: media controller created
[  176.224163][ T1040] dvb-usb: bulk message failed: -22 (6/0)
[  176.226025][ T1040] dw2102: i2c transfer failed.
[  176.227582][ T1040] dvb-usb: bulk message failed: -22 (6/0)
[  176.229493][ T1040] dw2102: i2c transfer failed.
[  176.233198][ T1040] dvb-usb: bulk message failed: -22 (6/0)
[  176.235288][ T1040] dw2102: i2c transfer failed.
[  176.237357][ T1040] dvb-usb: bulk message failed: -22 (6/0)
[  176.239759][ T1040] dw2102: i2c transfer failed.
[  176.243058][ T1040] dvb-usb: bulk message failed: -22 (6/0)
[  176.245609][ T1040] dw2102: i2c transfer failed.
[  176.247677][ T1040] dvb-usb: bulk message failed: -22 (6/0)
[  176.250154][ T1040] dw2102: i2c transfer failed.
[  176.252274][ T1040] dvb-usb: MAC address: 02:02:02:02:02:02
[  176.264917][ T1040] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  176.285761][ T1040] dvb-usb: bulk message failed: -22 (3/0)
[  176.288785][ T1040] dw2102: command 0x0e transfer failed.
[  176.290897][ T1040] dvb-usb: bulk message failed: -22 (3/0)
[  176.293191][ T1040] dw2102: command 0x0e transfer failed.
[  176.373756][  T853] usb 6-1: unable to get BOS descriptor or descriptor too short
[  176.377796][  T853] usb 6-1: not running at top speed; connect to a high speed hub
[  176.386586][  T853] usb 6-1: string descriptor 0 read error: -22
[  176.389458][  T853] usb 6-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  176.393471][  T853] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  176.402534][T11165] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1343'.
[  176.405247][  T853] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  176.411942][  T853] dw2102: su3000_power_ctrl: 1, initialized 0
[  176.414631][  T853] dvb-usb: bulk message failed: -22 (2/0)
[  176.421186][  T853] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  176.432141][  T853] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 error while loading driver (-19)
[  176.495637][T11171] netlink: 'syz.0.1346': attribute type 1 has an invalid length.
[  176.533613][T11171] 8021q: adding VLAN 0 to HW filter on device bond14
[  176.545887][T11171] bond14: (slave geneve14): making interface the new active one
[  176.549586][T11171] bond14: (slave geneve14): Enslaving as an active interface with an up link
[  176.575482][ T5304] Bluetooth: hci1: Malformed MSFT vendor event: 0x02
[  176.596703][T11181] __nla_validate_parse: 1 callbacks suppressed
[  176.596714][T11181] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1349'.
[  176.602914][ T1040] dvb-usb: bulk message failed: -22 (3/0)
[  176.602926][ T1040] dw2102: command 0x0e transfer failed.
[  176.602932][ T1040] dvb-usb: bulk message failed: -22 (3/0)
[  176.602939][ T1040] dw2102: command 0x0e transfer failed.
[  176.602944][ T1040] dvb-usb: bulk message failed: -22 (1/0)
[  176.602951][ T1040] dw2102: command 0x51 transfer failed.
[  176.602987][T11149] dvb-usb: bulk message failed: -22 (3/0)
[  176.603024][T11149] dw2102: i2c transfer failed.
[  176.627803][ T1040] DVB: Unable to find symbol ds3000_attach()
[  176.632837][ T1040] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  176.672862][T11154] tmpfs: Unknown parameter 'TÒhÎe…erleave'
[  176.676785][  T853] usb 6-1: USB disconnect, device number 15
[  176.682864][ T1040] rc_core: IR keymap rc-su3000 not found
[  176.685773][ T1040] Registered IR keymap rc-empty
[  176.689645][ T1040] rc rc0: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0
[  176.698307][ T1040] input: Terratec Cinergy S2 USB HD Rev.3 as /devices/platform/dummy_hcd.4/usb9/9-1/rc/rc0/input40
[  176.703853][ T1040] dvb-usb: schedule remote query interval to 150 msecs.
[  176.711466][ T1040] dw2102: su3000_power_ctrl: 0, initialized 1
[  176.720609][ T1040] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully initialized and connected.
[  176.728225][T11186] loop2: detected capacity change from 0 to 7
[  176.729213][ T1040] usb 9-1: USB disconnect, device number 18
[  176.730937][T11186] Dev loop2: unable to read RDB block 7
[  176.736081][T11186]  loop2: unable to read partition table
[  176.738102][T11186] loop2: partition table beyond EOD, truncated
[  176.740283][T11186] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑච) failed (rc=-5)
[  176.769840][ T1040] dvb-usb: Terratec Cinergy S2 USB HD Rev.3 successfully deinitialized and disconnected.
[  177.283107][T11198] FAULT_INJECTION: forcing a failure.
[  177.283107][T11198] name failslab, interval 1, probability 0, space 0, times 0
[  177.293822][T11198] CPU: 1 UID: 0 PID: 11198 Comm: syz.4.1355 Not tainted syzkaller #0 PREEMPT(full) 
[  177.293838][T11198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  177.293844][T11198] Call Trace:
[  177.293849][T11198]  <TASK>
[  177.293853][T11198]  dump_stack_lvl+0x100/0x190
[  177.293871][T11198]  should_fail_ex.cold+0x5/0xa
[  177.293888][T11198]  should_failslab+0xc2/0x120
[  177.293900][T11198]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  177.293917][T11198]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  177.293933][T11198]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  177.293949][T11198]  mmu_topup_memory_caches+0x25/0x170
[  177.293966][T11198]  kvm_mmu_load+0xd6/0x23e0
[  177.293980][T11198]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  177.293998][T11198]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  177.294018][T11198]  ? __pfx_kvm_mmu_load+0x10/0x10
[  177.294031][T11198]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  177.294044][T11198]  ? kvm_check_and_inject_events+0x961/0x1070
[  177.294059][T11198]  ? record_steal_time+0x3d0/0xbc0
[  177.294071][T11198]  vcpu_run+0x39f4/0x5ca0
[  177.294093][T11198]  ? __pfx_vcpu_run+0x10/0x10
[  177.294112][T11198]  ? rcu_is_watching+0x12/0xc0
[  177.294132][T11198]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  177.294147][T11198]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  177.294167][T11198]  kvm_vcpu_ioctl+0x730/0x1720
[  177.294179][T11198]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  177.294191][T11198]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  177.294205][T11198]  ? do_vfs_ioctl+0x226/0x13e0
[  177.294216][T11198]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  177.294226][T11198]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  177.294242][T11198]  ? __fget_files+0x215/0x3d0
[  177.294255][T11198]  ? hook_file_ioctl_common+0x149/0x410
[  177.294272][T11198]  ? selinux_file_ioctl+0x13b/0x290
[  177.294283][T11198]  ? selinux_file_ioctl+0xb6/0x290
[  177.294294][T11198]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  177.294310][T11198]  __x64_sys_ioctl+0x18e/0x210
[  177.294322][T11198]  do_syscall_64+0x10b/0xf80
[  177.294332][T11198]  ? clear_bhb_loop+0x40/0x90
[  177.294346][T11198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  177.294357][T11198] RIP: 0033:0x7f2bc139c819
[  177.294367][T11198] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  177.294378][T11198] RSP: 002b:00007f2bc2343028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  177.294389][T11198] RAX: ffffffffffffffda RBX: 00007f2bc1615fa0 RCX: 00007f2bc139c819
[  177.294396][T11198] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  177.294402][T11198] RBP: 00007f2bc2343090 R08: 0000000000000000 R09: 0000000000000000
[  177.294408][T11198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  177.294414][T11198] R13: 00007f2bc1616038 R14: 00007f2bc1615fa0 R15: 00007ffc0b0e13a8
[  177.294427][T11198]  </TASK>
[  177.609135][ T5304] Bluetooth: hci0: Malformed MSFT vendor event: 0x02
[  177.654242][T11216] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  177.717934][T11218] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1358'.
[  178.037163][T11225] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1363'.
[  178.040981][T11225] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1363'.
[  178.046411][T11225] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1363'.
[  178.203829][T11231] netlink: 'syz.1.1366': attribute type 1 has an invalid length.
[  178.217228][T11231] 8021q: adding VLAN 0 to HW filter on device bond18
[  178.243318][T11231] bond18: (slave geneve19): making interface the new active one
[  178.249236][T11231] bond18: (slave geneve19): Enslaving as an active interface with an up link
[  178.573767][   T10] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[  178.673535][T11245] loop2: detected capacity change from 0 to 7
[  178.679545][T11245] Dev loop2: unable to read RDB block 7
[  178.685782][T11245]  loop2: unable to read partition table
[  178.688512][T11245] loop2: partition table beyond EOD, truncated
[  178.693731][T11245] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑච) failed (rc=-5)
[  178.719214][ T5304] Bluetooth: hci0: Malformed MSFT vendor event: 0x02
[  178.721436][   T10] usb 7-1: Using ep0 maxpacket: 32
[  178.726154][   T10] usb 7-1: unable to get BOS descriptor or descriptor too short
[  178.733877][   T10] usb 7-1: string descriptor 0 read error: -22
[  178.736736][   T10] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  178.740538][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  178.754603][   T10] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  178.758143][   T10] dw2102: su3000_power_ctrl: 1, initialized 0
[  178.762409][   T10] dvb-usb: bulk message failed: -22 (2/0)
[  178.767453][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  178.772171][   T10] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  178.775788][   T10] usb 7-1: media controller created
[  178.777995][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  178.780389][   T10] dw2102: i2c transfer failed.
[  178.782613][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  178.785088][   T10] dw2102: i2c transfer failed.
[  178.787145][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  178.789444][   T10] dw2102: i2c transfer failed.
[  178.791847][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  178.794173][   T10] dw2102: i2c transfer failed.
[  178.796176][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  178.798610][   T10] dw2102: i2c transfer failed.
[  178.800623][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  178.803607][   T10] dw2102: i2c transfer failed.
[  178.805705][   T10] dvb-usb: MAC address: 02:02:02:02:02:02
[  178.817740][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  178.834083][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  178.836579][   T10] dw2102: command 0x0e transfer failed.
[  178.838986][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  178.841618][   T10] dw2102: command 0x0e transfer failed.
[  178.931499][   T54] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[  179.111411][   T54] usb 9-1: Using ep0 maxpacket: 32
[  179.115006][   T54] usb 9-1: unable to get BOS descriptor or descriptor too short
[  179.120731][   T54] usb 9-1: string descriptor 0 read error: -22
[  179.123200][   T54] usb 9-1: New USB device found, idVendor=0ccd, idProduct=0102, bcdDevice=89.c4
[  179.126100][   T54] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  179.136236][   T54] dvb-usb: found a 'Terratec Cinergy S2 USB HD Rev.3' in warm state.
[  179.139109][   T54] dw2102: su3000_power_ctrl: 1, initialized 0
[  179.141061][   T54] dvb-usb: bulk message failed: -22 (2/0)
[  179.144936][   T54] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  179.148238][   T54] dvbdev: DVB: registering new adapter (Terratec Cinergy S2 USB HD Rev.3)
[  179.150811][   T54] usb 9-1: media controller created
[  179.151860][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  179.152547][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  179.155000][   T10] dw2102: command 0x0e transfer failed.
[  179.156729][   T54] dw2102: i2c transfer failed.
[  179.156743][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  179.156752][   T54] dw2102: i2c transfer failed.
[  179.156758][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  179.156765][   T54] dw2102: i2c transfer failed.
[  179.156772][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  179.159150][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  179.160643][   T54] dw2102: i2c transfer failed.
[  179.160655][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  179.163174][   T10] dw2102: command 0x0e transfer failed.
[  179.164771][   T54] dw2102: i2c transfer failed.
[  179.164782][   T54] dvb-usb: bulk message failed: -22 (6/0)
[  179.164790][   T54] dw2102: i2c transfer failed.
[  179.167326][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  179.169249][   T54] dvb-usb: MAC address: 02:02:02:02:02:02
[  179.176739][   T54] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  179.178043][   T10] dw2102: command 0x51 transfer failed.
[  179.201601][T11237] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN NOPTI
[  179.205838][T11237] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]
[  179.208875][T11237] CPU: 3 UID: 0 PID: 11237 Comm: syz.2.1368 Not tainted syzkaller #0 PREEMPT(full) 
[  179.212149][T11237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  179.215686][T11237] RIP: 0010:su3000_i2c_transfer+0x607/0xd90
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  179.220086][T11237] Code: 6d 02 fa 48 8d 7b 08 48 89 f8 48 c1 e8 03 42 80 3c 20 00 0f 85 23 06 00 00 48 8b 5b 08 48 89 d8 48 89 da 48 c1 e8 03 83 e2 07 <42> 0f b6 04 20 38 d0 7f 08 84 c0 0f 85 f4 05 00 00 48 8b 44 24 10
[  179.221673][   T40] kauditd_printk_skb: 96 callbacks suppressed
[  179.221687][   T40] audit: type=1400 audit(1776645621.287:29108): avc:  denied  { write } for  pid=5934 comm="syz-executor" path="pipe:[5640]" dev="pipefs" ino=5640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
[  179.224319][   T54] dvb-usb: bulk message failed: -22 (3/0)
[  179.224333][   T54] dw2102: command 0x0e transfer failed.
[  179.224341][   T54] dvb-usb: bulk message failed: -22 (3/0)
[  179.224351][   T54] dw2102: command 0x0e transfer failed.
[  179.227450][T11237] RSP: 0018:ffffc90003497c10 EFLAGS: 00010246
[  179.227464][T11237] RAX: 0000000000000002 RBX: 0000000000000010 RCX: ffffc9000c001000
[  179.227472][T11237] RDX: 0000000000000000 RSI: ffffffff88070be0 RDI: ffff88805d018a08
[  179.227479][T11237] RBP: 0000000000001900 R08: 0000000000000003 R09: 0000000000001a00
[  179.227487][T11237] R10: 0000000000001900 R11: 0000000000000000 R12: dffffc0000000000
[  179.227494][T11237] R13: ffff88802b78e202 R14: 0000000000000000 R15: ffff88802b78e200
[  179.227503][T11237] FS:  00007f28ca3076c0(0000) GS:ffff8880d65e7000(0000) knlGS:0000000000000000
[  179.268168][T11237] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  179.270588][T11237] CR2: 000000110c376383 CR3: 000000011d5dc000 CR4: 0000000000352ef0
[  179.273529][T11237] Call Trace:
[  179.274778][T11237]  <TASK>
[  179.275896][T11237]  __i2c_transfer+0x5e9/0x1780
[  179.277748][T11237]  ? __pfx___i2c_transfer+0x10/0x10
[  179.279686][T11237]  ? rt_mutex_slowtrylock+0x93/0x100
[  179.281626][T11237]  i2c_transfer+0x15f/0x380
[  179.283310][T11237]  i2cdev_ioctl_rdwr+0x3ec/0x700
[  179.285120][T11237]  i2cdev_ioctl+0x19d/0x830
[  179.286820][T11237]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  179.288739][T11237]  ? selinux_file_ioctl+0x13b/0x290
[  179.290657][T11237]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  179.292609][T11237]  __x64_sys_ioctl+0x18e/0x210
[  179.294353][T11237]  do_syscall_64+0x10b/0xf80
[  179.296039][T11237]  ? clear_bhb_loop+0x40/0x90
[  179.297752][T11237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.299889][T11237] RIP: 0033:0x7f28c939c819
[  179.301534][T11237] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  179.308351][T11237] RSP: 002b:00007f28ca307028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  179.311320][T11237] RAX: ffffffffffffffda RBX: 00007f28c9615fa0 RCX: 00007f28c939c819
[  179.314178][T11237] RDX: 00002000000005c0 RSI: 0000000000000707 RDI: 0000000000000004
[  179.317070][T11237] RBP: 00007f28c9432c91 R08: 0000000000000000 R09: 0000000000000000
[  179.319945][T11237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  179.322828][T11237] R13: 00007f28c9616038 R14: 00007f28c9615fa0 R15: 00007ffdfc56f4d8
[  179.325683][T11237]  </TASK>
[  179.326856][T11237] Modules linked in:
[  179.329500][T11237] ---[ end trace 0000000000000000 ]---
[  179.333897][   T10] DVB: Unable to find symbol ds3000_attach()
[  179.341212][   T10] dvb-usb: no frontend was attached by 'Terratec Cinergy S2 USB HD Rev.3'
[  179.342184][   T40] audit: type=1400 audit(1776645621.407:29109): avc:  denied  { read } for  pid=5335 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  179.344041][T11237] RIP: 0010:su3000_i2c_transfer+0x607/0xd90
[  179.344085][T11237] Code: 6d 02 fa 48 8d 7b 08 48 89 f8 48 c1 e8 03 42 80 3c 20 00 0f 85 23 06 00 00 48 8b 5b 08 48 89 d8 48 89 da 48 c1 e8 03 83 e2 07 <42> 0f b6 04 20 38 d0 7f 08 84 c0 0f 85 f4 05 00 00 48 8b 44 24 10
[  179.344108][T11237] RSP: 0018:ffffc90003497c10 EFLAGS: 00010246
[  179.344126][T11237] RAX: 0000000000000002 RBX: 0000000000000010 RCX: ffffc9000c001000
[  179.344141][T11237] RDX: 0000000000000000 RSI: ffffffff88070be0 RDI: ffff88805d018a08
[  179.344157][T11237] RBP: 0000000000001900 R08: 0000000000000003 R09: 0000000000001a00
[  179.344170][T11237] R10: 0000000000001900 R11: 0000000000000000 R12: dffffc0000000000
[  179.344184][T11237] R13: ffff88802b78e202 R14: 0000000000000000 R15: ffff88802b78e200
[  179.344196][T11237] FS:  00007f28ca3076c0(0000) GS:ffff8880d64e7000(0000) knlGS:0000000000000000
[  179.344236][T11237] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  179.344261][T11237] CR2: 00007f4fc7947e20 CR3: 000000011d5dc000 CR4: 0000000000352ef0
[  179.344278][T11237] Kernel panic - not syncing: Fatal exception
[  180.439408][T11237] Shutting down cpus with NMI
[  180.440062][T11237] Kernel Offset: disabled