last executing test programs:

4m3.8122745s ago: executing program 0 (id=56):
openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r3, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0006}]})
io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, &(0x7f0000000040)={0x7}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x2, 0xf, &(0x7f0000000000), 0x18)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x9, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58)
r6 = syz_io_uring_setup(0x50f, &(0x7f0000000380)={0x0, 0x2e41, 0x0, 0x4, 0x306}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x2, r5, 0x0})
io_uring_enter(r6, 0x3516, 0xc2de, 0x8, 0x0, 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0xcf, 0x4d9, 0xa04a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x4, [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x5, 0x5, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x40, 0xf3}}}}}]}}]}}, 0x0)

3m54.051176429s ago: executing program 0 (id=73):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f00000005c0)=@base={0x6, 0x4, 0x1ff, 0x5c, 0x4, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0xfffffffe}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
syz_clone(0x0, 0x0, 0x9, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x50)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_disconnect(0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
mlockall(0x7)
munlockall()
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
writev(r5, &(0x7f0000000100)=[{&(0x7f0000000400)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000200000000000006040000000000f93132", 0x39}], 0x1)

3m51.203420204s ago: executing program 0 (id=75):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000180)="420fc7bc4898580000640f01c50f01c566baf80cb864c95782ef66bafc0cec67670f1b0166b8fb008ec046d9c3c442b90a2c81c442812852fcc744240012000000c74424020b000000ff1c24", 0x4c}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000240)={[0x5836, 0x8, 0x7, 0x4000000000000e51, 0xfffffffffffffffe, 0x5479, 0x1035, 0x200000000006, 0x0, 0x32a, 0xfffffffffffffffe, 0xffffffff, 0xbf4, 0xfff, 0x8000000000005, 0x800000068], 0x2000, 0x80cd4})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x200008c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002000)=""/102400, 0x19000)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x3f, @broadcast}}, 0x80, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
close(r5)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x1, 0x2}, 0x28)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3m50.074121068s ago: executing program 0 (id=77):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
recvmsg(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/67, 0x43}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="48040000", @ANYRES16=r3, @ANYBLOB="01e5c300000000fb04003b1c210008000300", @ANYRES32=r2, @ANYBLOB="2c0433005000de295b3acba52ee4080211000001505050505050"], 0x448}}, 0x0)

3m49.428181459s ago: executing program 0 (id=80):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x1b, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0xa, 0x1, 0x7c5e}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000600)=[0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000640)=[{0x4, 0x5, 0xa, 0xb}, {0x2, 0x5, 0x6, 0x7}, {0x5, 0x4, 0xc}], 0x10, 0x3}, 0x94)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010076000014000280180001004241544d414e5f56"], 0xfd12}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x80800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

3m48.997263174s ago: executing program 0 (id=83):
openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r3, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0006}]})
io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, &(0x7f0000000040)={0x7}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x2, 0xf, &(0x7f0000000000), 0x18)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x9, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58)
r6 = syz_io_uring_setup(0x50f, &(0x7f0000000380)={0x0, 0x2e41, 0x0, 0x4, 0x306}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x2, r5, 0x0})
io_uring_enter(r6, 0x3516, 0xc2de, 0x8, 0x0, 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0xcf, 0x4d9, 0xa04a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x4, [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x5, 0x5, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x40, 0xf3}}}}}]}}]}}, 0x0)

3m33.457348366s ago: executing program 32 (id=83):
openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r3, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b71ef288563"], 0xffdd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0006}]})
io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, &(0x7f0000000040)={0x7}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x2, 0xf, &(0x7f0000000000), 0x18)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x9, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58)
r6 = syz_io_uring_setup(0x50f, &(0x7f0000000380)={0x0, 0x2e41, 0x0, 0x4, 0x306}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x2, r5, 0x0})
io_uring_enter(r6, 0x3516, 0xc2de, 0x8, 0x0, 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0xcf, 0x4d9, 0xa04a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x4, [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x5, 0x5, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x40, 0xf3}}}}}]}}]}}, 0x0)

2m42.997972099s ago: executing program 1 (id=201):
add_key$keyring(0x0, &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x48)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x18010)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
memfd_create(0x0, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$sndpcmp(0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a3a0000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a310000000054000000050a01020000000000000000010020000c00024000000000000000010900010073797a31000000002000048014"], 0xf0}}, 0x0)
ioprio_set$uid(0x3, 0xee00, 0x4007)
socket$inet(0x2, 0x1, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGKBDIACR(r2, 0x4b4b, 0x0)
r3 = bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[], 0x0, 0x64, 0x0, 0x0, 0x6, 0x10000, @value=r3}, 0x28)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000200), 0x4)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000240)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000500a8000600200006400461c1d67f6f94007134cf6efb8000a007a290457f0189b31627287ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a15a8b16f14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f211ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941c6a0501148", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x24080000)
fsopen(&(0x7f00000001c0)='bpf\x00', 0x0)
r5 = shmget(0x1, 0x4000, 0x2, &(0x7f0000ffb000/0x4000)=nil)
shmat(r5, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x18, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)

2m42.430780248s ago: executing program 1 (id=205):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
close(0x3)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r1, &(0x7f00000004c0)={{0x6, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x4}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}]}, 0x48)
listen(r1, 0x80)
accept$netrom(r1, 0x0, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000840)=@newsa={0xfc, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in=@local, 0x4d4, 0x3c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0x2}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc, 0x1}, 0x70bd2a, 0x3504, 0xa, 0x1, 0x0, 0x3c}, [@sec_ctx={0xc, 0x8, {0x8, 0x8, 0x1}}]}, 0xfc}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

2m41.193739625s ago: executing program 1 (id=208):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x3, &(0x7f0000000180)=0x27)
r1 = openat$kvm(0xffffff9c, &(0x7f0000000000), 0x40080, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x800, 0x0, 0x3, 0x9}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000007, 0x2172, 0xffffffffffffffff, 0xffffc000)
openat$kvm(0xffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000001f80)={&(0x7f0000001d00)=@qipcrtr={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0x80, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000080)={0x50, 0x0, r5, {0x7, 0x29, 0x9, 0xffffffff9080edc4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x9}}, 0x50)
getgroups(0x5, &(0x7f0000000380)=[0xee01, 0xee00, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff])
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000003c0)={{0x1, 0x1, 0x18, <r7=>r2, {r6}}, './file0\x00'})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x3, 0x0, 0x18000000, 0x0, 0xb47, 0x9, 0x80000001, 0x80000001, 0x3}, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000040), 0x3)
openat$cgroup_ro(r7, 0x0, 0x26e1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
socket$inet(0x2, 0x3, 0x1000)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB="4000000010000d042abd700000000000000000002fbb4ec302966dcbb43494e50b7e79e5c541bfc32fdde8e991e958b70eef49c1a9f41181c09b15ff2292a0c3d6835d3ba7b511e3f1ed42b33189a6b8c83f0b3625ea16c955657e135102fededde4bf7101132a04282dc4a4fb9572db812185f393ac33b9a474e853b3946aaf9865a3cb04f034529fa34e533052cfbfccf8fb936e8ed730ec63d588ee3f00c0b18f25813efb2f4a808cadb58b901f35d874a33768b72bc9f9599be4f45bd04ebe57e57d815e55d671e819e5354ff90d837f9758adad423cf828facdf6646a9ef68590ed9360326a95dd340bf1b15f9e455105e6cdfe511942ac300342555d5a75d815ee94bcfaec7c119f44507e3a2d8f0528fb7e936d76c76163684f34475fa0f7238f177d9f615e49b195bbd09c6f4910ac", @ANYRES32=0x0, @ANYBLOB="21120000000000002000128008000100736974001400028006000d000500000008000300ac1414aa"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r8 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r8, 0x4048aec9, &(0x7f0000000740)={0x3, 0x0, @ioapic={0x0, 0x4, 0x0, 0x0, 0x0, [{0xff, 0xfd}, {0x0, 0x4}, {0x0, 0x0, 0x10}, {0x8, 0x2, 0x0, '\x00', 0x1}, {0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, '\x00', 0xe}, {}, {0x0, 0x0, 0x0, '\x00', 0x1}, {0x0, 0x0, 0xd7}, {0x0, 0x0, 0x0, '\x00', 0x1}, {0x0, 0x0, 0x0, '\x00', 0x1}, {}, {0x0, 0x2, 0x1, '\x00', 0x3}, {0xad, 0x0, 0x6}, {}, {0x6}, {0x5, 0x0, 0xfe, '\x00', 0xfd}, {0x0, 0xfe}, {0x20, 0x0, 0x0, '\x00', 0x2}, {}, {0x0, 0x0, 0x5}, {}, {0x7f, 0x10}, {0x0, 0xfd}]}})

2m38.666446849s ago: executing program 1 (id=217):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x123301, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb101e, 0x0)
umount2(&(0x7f0000000180)='./file0/../file0\x00', 0x4)
ioctl$SNAPSHOT_PREF_IMAGE_SIZE(r0, 0x3312, 0x374b)

2m36.724976324s ago: executing program 1 (id=220):
add_key$keyring(0x0, &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x48)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x18010)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
memfd_create(0x0, 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$sndpcmp(0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a3a0000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a310000000054000000050a01020000000000000000010020000c00024000000000000000010900010073797a31000000002000048014"], 0xf0}}, 0x0)
ioprio_set$uid(0x3, 0xee00, 0x4007)
socket$inet(0x2, 0x1, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDGKBDIACR(r2, 0x4b4b, 0x0)
r3 = bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000480)=ANY=[], &(0x7f0000000500)=""/177, 0x64, 0xb1, 0x0, 0x6, 0x10000, @value=r3}, 0x28)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000200), 0x4)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000240)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000500a8000600200006400461c1d67f6f94007134cf6efb8000a007a290457f0189b31627287ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a15a8b16f14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f211ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941c6a0501148", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x24080000)
fsopen(0x0, 0x0)
r5 = shmget(0x1, 0x4000, 0x2, &(0x7f0000ffb000/0x4000)=nil)
shmat(r5, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x18, 0x0, 0x0, &(0x7f00000000c0)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)

2m36.369843045s ago: executing program 1 (id=222):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x60880, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00'})
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000580)=""/174, 0xff56)

2m35.979767153s ago: executing program 33 (id=222):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x60880, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00'})
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000000580)=""/174, 0xff56)

20.533618998s ago: executing program 4 (id=611):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mprotect(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x9)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './bus'}}, {@workdir={'workdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
mount$afs(0x0, &(0x7f0000000900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x21050, 0x0)
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
socket$inet6_tcp(0xa, 0x1, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r0, &(0x7f0000000140)={0x18, 0x2, {0x1, @loopback}}, 0x1e)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
ioctl$TIOCGPTPEER(r1, 0xc0184d16, 0x200000000005)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x13, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x29, '\x00', 0x0, @fallback=0x1b, r1, 0x0, 0x0, 0xffffffffffffff44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, 0x0, 0x0)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000300)=ANY=[], 0x8dd)
close(0x3)
r6 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r6, 0x11b, 0x3, &(0x7f00000001c0)=0x2, 0x4)

20.371910332s ago: executing program 4 (id=612):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000019140), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
r3 = getpgid(0xffffffffffffffff)
sched_setattr(r3, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x2, 0xb, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x2, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000900000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70300098c000010850000001b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
pread64(r5, &(0x7f0000000080)=""/102356, 0x18fd4, 0x200)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, 0xffffffffffffffff, &(0x7f0000019080)={0xc0000000})
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000900)={'bridge0\x00', @random="000000000100"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0xd)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x89a1, &(0x7f0000000900)={'bridge0\x00', @broadcast})
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="05000000040000000600000004"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYBLOB='\a\x00'/18, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000100000000000"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000190c0)='tlb_flush\x00'}, 0x18)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000080)={0x28, 0x4, r8, 0x0, &(0x7f00008e2000/0x1000)=nil, 0x1000, 0x6})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0), 0x2, 0x9}}, 0x20)
socket$pppoe(0x18, 0x1, 0x0)
r9 = syz_open_dev$mouse(&(0x7f0000000100), 0x8, 0x10001)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_CLIENT(r9, 0xc0bc5351, &(0x7f0000000280)={0x5, 0x0, 'client0\x00', 0x4, "6590b8b96657f2d7", "f942727e3606fc07fc462f0f1e4cf82de734c722ea48701b7d44c92267ab5864", 0x400})

18.423469714s ago: executing program 4 (id=621):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050001000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x10, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x2000002, 0xe, 0x0, &(0x7f00000004c0)="df034affffffffffff0000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x4c)
syz_usb_connect(0x2, 0x64, &(0x7f0000000000)=ANY=[@ANYBLOB="12011003834a6b2099040d10a2840102030109025200010c2440070904b800018c8c02010900000000000000020924030203030201a60d2408010700bc5affd3dc187508240806050005f9072408020600030924030605030303070905032b3b"], &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0})

16.065523423s ago: executing program 4 (id=631):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$BTRFS_IOC_SPACE_INFO(r0, 0xc0109414, &(0x7f0000000640)={0x82, 0x800, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='timerslack_ns\x00')
read$FUSE(r2, &(0x7f0000003c00)={0x2020}, 0x2020)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000300)=@abs, 0x6e)
socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f0000003b80)=[{{&(0x7f0000000380)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000400)=""/219, 0xdb}, {&(0x7f0000000500)=""/212, 0xd4}, {&(0x7f0000002740)=""/120, 0x78}, {&(0x7f00000027c0)=""/176, 0xb0}], 0x4, &(0x7f0000002880)=""/248, 0xf8}, 0x6}, {{&(0x7f0000002980)=@phonet, 0x80, &(0x7f00000002c0)=[{&(0x7f0000002a00)=""/144, 0x90}, {&(0x7f0000002ac0)=""/4096, 0x1000}], 0x2, &(0x7f0000003ac0)=""/148, 0x94}, 0x5}], 0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r4, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="00000000000000000900000a000000000000e89c", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28, @ANYRES16], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x1f, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1d, 0x0, 0x0, 0x0, 0x81}, [@map_val={0x18, 0xe0ee10efc69b948b, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0x2}]}, &(0x7f0000000ac0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200ebfb}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r5}, 0xc)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
ftruncate(r3, 0x9)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
r6 = ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x8000})
lseek(r6, 0x1000000000931f, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0x1, 0x100000005, 0x0, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r8 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r8, r7, &(0x7f00000000c0)=0x58, 0x5)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0000000001010400000000141a000002000000240001801400018008000100e000000108000200640101000c00028005000100000000001800028014000180080001000000000008000200ac1e00010800074000000001040010803e1fff6f6777a33a88fa72b6af6af88c5595edee1a56c9f043379b57d679a25b8f54"], 0x5c}}, 0x0)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x6}, 0x1c)

14.658193473s ago: executing program 2 (id=636):
socket$nl_route(0x10, 0x3, 0x0)
gettid()
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
socket$inet6(0xa, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4)
pipe(&(0x7f0000000440))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x6a855000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_io_uring_setup(0x4d5, &(0x7f0000000480)={0x0, 0x404525, 0x80, 0x2, 0x12d}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000640)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x28, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d15, 0x0, @fd_index, 0x0, 0x0, 0x1, 0x1})
io_uring_enter(r2, 0x22d0, 0x20, 0x0, 0x0, 0x0)

14.638369762s ago: executing program 4 (id=637):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x5, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
r3 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r3, &(0x7f0000000300)={0xa, 0x4e22, 0x2, @private1, 0x5}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000200)=[{&(0x7f0000000140)="480000001400190d09004beafd0d8c560a84476080ffe0064e200000590000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7e5ed5e00000000000000", 0x48}], 0x1)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x9, 0x8001, 0x0, 0x9, 0x0, 0x1, 0xfa11, 0xfdffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, 0x0, 0x0)
epoll_create1(0x0)
syz_emit_ethernet(0x22, &(0x7f0000000140)=ANY=[], 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, 0x0, r5, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x2000000000000022, 0x0, 0x0)
sendto$inet6(r6, &(0x7f0000000340), 0x0, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000000)='illinois', 0x51)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000140)={0x0, 0x0, 0x76, 0x6031})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(0xffffffffffffffff, 0xc040564a, &(0x7f00000002c0)={0x1, 0x0, 0x1009, 0x80000001, 0x3, 0x9, 0xfffffffc, 0x1})
shutdown(r6, 0x1)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)

12.537117935s ago: executing program 4 (id=642):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_devices(r3, &(0x7f0000000840)=ANY=[@ANYBLOB="1e0308004d6b"], 0xffdd)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x7, 0x0, 0x7fff0006}]})
io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, &(0x7f0000000040)={0x7}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x0, 0x2, 0xf, &(0x7f0000000000), 0x18)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x9, 0x0, 0x0)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'stdrng\x00'}, 0x58)
r6 = syz_io_uring_setup(0x50f, &(0x7f0000000380)={0x0, 0x2e41, 0x0, 0x4, 0x306}, &(0x7f0000000340)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000040)=0xffefffdc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x2, r5, 0x0})
io_uring_enter(r6, 0x3516, 0xc2de, 0x8, 0x0, 0x0)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0xcf, 0x4d9, 0xa04a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x4, [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x5, 0x5, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x40, 0xf3}}}}}]}}]}}, 0x0)

11.028040094s ago: executing program 2 (id=643):
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r0 = syz_kvm_add_vcpu$x86(0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000000)=[@code={0xa, 0x58, {"0f7831440f08420fc7a8740000003626470f00505866b879000f00d0c4c2253a9a00000080b9800000c00f3235000800000f30c481a5dea5ce10000026643664660fc73047dbd1"}}, @wr_drn={0x6e, 0x20, {0x4, 0x2}}, @set_irq_handler={0xbe, 0x20, {0x59}}, @code={0xa, 0x41, {"0f22a6c442858e70f2f341f4470f01d1f20f0866baa000ec420f353665460f01cb8f296093970030000066b881008ec0"}}, @out_dx={0xaa, 0x28, {0xc662, 0x0, 0x7fffffff}}, @uexit={0x0, 0x18, 0xd575}, @set_irq_handler={0xbe, 0x20, {0x4b}}, @wrmsr={0x1e, 0x20, {0x9e2, 0x10000}}, @wrmsr={0x1e, 0x20, {0x300, 0x100}}, @cpuid={0x14, 0x18, {0x2, 0xfffffffc}}], 0x191})
ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f0000000200)={[0x800, 0x1ff, 0x800, 0xfdf9, 0x4, 0x6, 0xa0f7, 0x702a, 0x373, 0x1, 0xd, 0x0, 0xffffffa8, 0x6, 0x7, 0x3, 0x3, 0xb77, 0x2, 0x7, 0x3, 0x80, 0x2, 0x7f, 0x4, 0x7, 0x1065068d, 0x10000, 0x100, 0x8, 0x8001, 0xfff, 0xb, 0x1, 0x10, 0x9, 0x9, 0x1, 0x7f, 0xa95, 0x4, 0xfffffff4, 0x2, 0x3ff, 0x6, 0x8, 0x4, 0xd, 0xff, 0x4, 0x8, 0x3, 0x4, 0x8, 0x7, 0x8, 0x8a9, 0x6, 0x1000, 0x7, 0x5, 0x6, 0x7, 0x2e3, 0x6, 0x3, 0x7f, 0x40, 0x1, 0x0, 0x7f11cc2, 0x5, 0xc, 0x4, 0x3, 0x0, 0x32fbc034, 0x9, 0xc, 0x0, 0x401, 0xd0f5, 0x2, 0x3, 0x1, 0x9, 0x9, 0x5, 0x3, 0x0, 0xfffffffe, 0x78, 0x3, 0x29b, 0xffffffd9, 0x9, 0x8, 0x6, 0x8, 0x1, 0x1, 0x2, 0x100, 0x6, 0x7fff, 0x8, 0x4, 0xa, 0x0, 0x4ff, 0xfffffff9, 0x101, 0x800, 0x80, 0xfff, 0x2, 0x4, 0x0, 0xffff, 0x100, 0x6, 0x80000001, 0x9, 0x4, 0x0, 0x5, 0x400, 0x50, 0x7, 0x2, 0x2, 0xeec, 0xfffffffb, 0x0, 0xd8fa, 0x9e5, 0xfffffffb, 0x1000, 0x0, 0xfff, 0xff, 0xb131, 0xfffffffe, 0x4, 0x1200000, 0x9, 0x47fc, 0x1b9a, 0x400, 0xb, 0x0, 0xdecf, 0x8, 0xa3, 0x395b, 0x400, 0x7, 0x9, 0xf, 0x1, 0x2, 0xc, 0x9, 0x1, 0xffffffff, 0x3, 0xcbe, 0x1, 0x6, 0x5, 0x7, 0x4, 0x3, 0xf0, 0x9, 0xff, 0x7, 0xffffffff, 0x3, 0x4, 0xfb1, 0x0, 0x400, 0x4, 0x1d65, 0x29b, 0x9, 0xae5, 0x4, 0xfffffff9, 0xc, 0xad, 0x0, 0x8, 0x400, 0x8000, 0xa37f, 0x65, 0x10000, 0xffffff81, 0x101, 0xf, 0x5, 0x5000, 0x390, 0x9e8, 0x9, 0x1, 0x1, 0x2, 0x2, 0x1, 0x200, 0x6, 0x4, 0x8, 0x4, 0x9b2, 0x0, 0xb7, 0x2, 0x72e4e072, 0x7, 0x9, 0x7, 0x1, 0x3, 0x7, 0x8, 0x1e4, 0x40, 0xd, 0x234, 0x5, 0x5, 0xd, 0x1, 0x1, 0x80000001, 0x3, 0x8, 0xf4b, 0x4, 0x2, 0x2, 0x9, 0x9, 0x5, 0x0, 0x0, 0xfe, 0xfffffff7, 0x3, 0x2, 0x5, 0x4, 0xc, 0x9, 0x6, 0x9, 0xe, 0x200, 0x7, 0x1, 0x6, 0xffffff26, 0x9, 0x1, 0x0, 0x4, 0x3e40000, 0x3, 0x4, 0x6, 0x3, 0xe, 0xd, 0x7, 0x200, 0x5, 0x1, 0x10000, 0xfff, 0x7, 0x7, 0x2, 0x3ff, 0x4, 0x1, 0x1, 0x2, 0x118c, 0x3, 0x41, 0x81, 0x9, 0x3ff, 0x3, 0x200, 0xc, 0x4, 0x800, 0xfffffff9, 0x6, 0x42e59bca, 0xc0000000, 0x1000, 0x10, 0x1a2, 0xf, 0x8, 0xadeb, 0xfff, 0x3, 0x6, 0x0, 0x4, 0x0, 0x4, 0x2d2b96fe, 0xb, 0x99e, 0x45, 0x7fff, 0xfffffff8, 0x6, 0x7, 0x1000, 0x6, 0x5, 0x401, 0x10, 0x73, 0x5, 0x6, 0xf5, 0x3, 0x5, 0x3, 0x1, 0x40, 0xfffffff6, 0x5, 0x5, 0x717, 0x401, 0x3ff, 0x878, 0x5, 0x5, 0x6, 0xd2c, 0xa7, 0x5, 0x8, 0x7fff, 0xffff, 0x8, 0xf, 0x770ac712, 0x5, 0x8, 0x25, 0x4, 0x7f, 0x400, 0x7, 0x3, 0x4, 0x5, 0xfffffbff, 0x445, 0xd40c, 0x40, 0x3, 0x3ff, 0x9, 0x9, 0x6, 0x8, 0x6, 0xb5f3, 0x7ff, 0x7, 0x81, 0x8, 0x0, 0x5, 0x1, 0x4, 0x1, 0x6687, 0xa, 0x4, 0xd, 0x7fffffff, 0x1, 0x3, 0x0, 0x6, 0x9467, 0x8, 0x5, 0x4, 0xd9, 0x1, 0x1, 0xa, 0x6, 0x1, 0x3ff, 0xd, 0x2c, 0x16c0000, 0x516d446d, 0x10000, 0x7, 0x1, 0x3b, 0x5, 0x2, 0x2, 0x4, 0x9, 0x1ff, 0x9, 0x9, 0x80000001, 0x4, 0x7, 0xffffffff, 0x8000, 0x6, 0x7fff, 0xcb3e, 0x3, 0x2, 0xfffffff7, 0x8a9, 0x9, 0x0, 0x0, 0x6, 0x101, 0xd8000000, 0x7, 0x9, 0x9, 0x5, 0x61f, 0x1, 0x54f5, 0x5, 0x8, 0x5212, 0x200, 0x8, 0x0, 0xb312, 0x6, 0x6bbb, 0x2, 0x9, 0x5, 0x0, 0x10000, 0x800, 0x8, 0x100, 0x3, 0xbff8, 0x7ff, 0x8000, 0x9, 0x5, 0x1, 0x4120, 0xfffffffb, 0x1, 0x0, 0x0, 0x0, 0x3af4b518, 0x5, 0xec, 0x17e, 0xdac, 0x8, 0x39c, 0x0, 0x5cb, 0x9, 0x2, 0x8, 0x2, 0x8, 0x7fffffff, 0x1, 0x5, 0xcc7, 0x2, 0x0, 0x1fe00, 0x4bb3, 0x60000000, 0x7, 0x4, 0x3, 0x7, 0x2, 0x8001, 0x73, 0xfffffffa, 0x5, 0x6, 0xf, 0x7fff, 0x5, 0x10, 0xf1eb, 0xdc42, 0x2, 0x9, 0x1, 0xfc, 0x5, 0x10, 0x8, 0x7, 0x4, 0x5, 0x4, 0x5, 0xffffffef, 0x8001, 0x13, 0x6, 0x5, 0x6, 0x652, 0x81, 0x122e, 0x9, 0x1, 0x2, 0x6, 0x4, 0x401, 0xb4, 0x1, 0x101, 0xe, 0x7, 0xab6, 0xb9, 0x0, 0x100, 0x1, 0x9, 0x84ff, 0xfffffffb, 0x9, 0x4aa00000, 0x4, 0x7, 0x401, 0x1, 0xe, 0x4d, 0x8, 0x81, 0x9, 0x3, 0x3ff, 0x5, 0x0, 0x7, 0x4, 0xb, 0x5, 0x5, 0x88e, 0x0, 0xfffffff3, 0x9, 0x1, 0x5b39, 0x4, 0x7, 0x6, 0x1e16, 0x7, 0x0, 0xffff, 0x5, 0x6, 0x1ff, 0x4, 0x2, 0x200, 0x1, 0x80, 0x1ff, 0x0, 0x0, 0x7f, 0x1, 0x84, 0x8, 0x3, 0x5e5, 0x9, 0xa8, 0x6, 0x8, 0x80, 0x200, 0x1, 0x5, 0x4, 0x1, 0x6, 0x4ab6, 0x6, 0x7, 0x8063, 0x4, 0x3, 0x9, 0x2, 0x5, 0x4, 0x2d, 0x3, 0x1, 0x3, 0xfffffff8, 0x8, 0x6, 0x1, 0x5, 0x5, 0x43, 0xeb, 0xa2, 0xfffffff7, 0x3, 0x800, 0x1, 0x9, 0x400, 0x7, 0x1000, 0x8, 0x6, 0x7, 0x4, 0x10, 0x6, 0x7, 0x7ff, 0x8, 0x3, 0x401, 0x5, 0xd8d, 0xb18, 0xfffffeff, 0xfc5, 0x7, 0x7fc0, 0x1, 0xfffffff8, 0x4, 0x1, 0x3, 0x0, 0x1, 0x8, 0xfffffffb, 0x1, 0x5, 0x8f92, 0xf, 0x8, 0x9, 0x401, 0x1, 0x4f4, 0x2, 0xf, 0x1, 0xa, 0x6, 0x7, 0x3, 0x4, 0x4, 0x2, 0xe3f, 0x3, 0x3, 0xb, 0x4, 0x2, 0x2, 0xffffffff, 0x8, 0x2, 0x11, 0x1000, 0xff, 0x9, 0x1, 0x401, 0x8, 0x2, 0x9, 0x10001, 0x674, 0x6, 0xa964, 0x0, 0x8, 0x40, 0x3, 0xc, 0x8, 0xcf4b, 0x7, 0x71, 0x0, 0x1, 0x4, 0x1d, 0xfffffffb, 0xfffffc00, 0xfffffff9, 0x3c3, 0x59, 0x6, 0xbb, 0xd, 0x3, 0x800, 0x7, 0x100, 0x7, 0x3, 0x1, 0x0, 0xb1a, 0x6, 0xfffffffb, 0x0, 0x4, 0x1, 0x2, 0x10001, 0x9, 0x6, 0x4, 0x7, 0x3, 0xa, 0x3, 0xffffffff, 0x2, 0x0, 0x5, 0xf76, 0x10000, 0x4, 0x5, 0x7, 0xff000000, 0x5347b8de, 0x2, 0x6, 0x0, 0x80000001, 0x1ff, 0x8, 0x0, 0x1, 0x401, 0xb39, 0x5, 0x1, 0xfffffffd, 0x9, 0x8, 0x2, 0x27, 0x80000000, 0x4, 0x2b, 0x2, 0x9, 0x32, 0xc, 0x6, 0xddc, 0x800, 0x5, 0xa, 0x9, 0x8, 0x6, 0x5, 0x3, 0xf9, 0x4, 0x0, 0x1, 0xbad5, 0xb24, 0x7, 0x5, 0x5, 0x6, 0x7, 0x9d9, 0xe7, 0xfff, 0x6, 0x6, 0x4, 0x8, 0x400, 0xfffffffe, 0xe6, 0x9, 0x7f, 0x7c8, 0x31d, 0x0, 0x9, 0x0, 0x7, 0x5, 0x367, 0x80000001, 0x0, 0x0, 0x1, 0xfffffffc, 0x81, 0x80000001, 0xa148, 0x3f, 0x804f, 0x10000, 0x1, 0x1000, 0x8, 0x800, 0x7, 0x5e, 0x7, 0x3, 0x8, 0x3e5, 0x5, 0x9aed, 0x95, 0x2, 0x5, 0xb, 0x10, 0xd, 0x4, 0x3, 0x784, 0x400, 0xe, 0x6, 0x5, 0x4, 0x1, 0x81, 0x3ff, 0x3, 0x9, 0x80000001, 0x7ff, 0x9, 0x5, 0xfffffc00, 0x4, 0x2, 0x0, 0xa, 0x2, 0x7, 0x3, 0x31, 0x4, 0x1d2, 0xf6, 0x3, 0x7, 0x6, 0x3, 0xe, 0x8, 0x1000, 0x0, 0x6, 0x5, 0x5, 0x9, 0xffff0000, 0x5, 0x7fffffff, 0x7ff, 0x5, 0x3, 0x7, 0x6, 0x6, 0x81, 0x2, 0x10000, 0x817d, 0x4c78, 0x3, 0xce, 0x3, 0x3, 0x401, 0x5, 0x6, 0xfffffd56, 0x4, 0x9, 0x8, 0x0, 0x4, 0x9, 0x9, 0xb, 0x1, 0x6e5f, 0xb13c, 0xe, 0x1, 0x9, 0x2, 0x8571, 0x8, 0x6, 0x8001, 0x3, 0x992, 0x7, 0x533, 0x0, 0x5, 0x8, 0xa0000000, 0x4, 0xd88, 0x7, 0x2, 0x2, 0x5, 0x3, 0x9e, 0x7, 0x7, 0x581, 0x1, 0xfffffffc, 0x576532ab, 0x1, 0x8c000000, 0x1, 0x1f89, 0x3, 0x9, 0xd, 0x6, 0x2, 0x7, 0xd5, 0x1, 0x0, 0x0, 0x5ee, 0x40000000, 0x0, 0x7, 0x5, 0x8, 0x4, 0x6, 0x2, 0xfffffffc, 0x0, 0x3, 0x6, 0x3b548ee5, 0x9, 0x9, 0x7, 0x2, 0x5, 0x8, 0x40, 0x40, 0xab, 0x8, 0x6, 0x3, 0x2, 0xbce, 0x1, 0x800, 0xfffffff9, 0x1, 0x6, 0xfffff800, 0x400]})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000001200), r1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000001280)={0x4, &(0x7f0000001240)=[{0x9, 0xe, 0x7, 0x7}, {0x20, 0x0, 0x2, 0x8}, {0x54c, 0x8, 0xe, 0x100}, {0x1000, 0x8, 0x7, 0x3}]})
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000001300), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r1, &(0x7f00000013c0)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001380)={&(0x7f0000001340)={0x34, r2, 0x800, 0x70bd25, 0x25dfdbfd, {{}, {}, {0x18, 0x17, {0x17, 0x9, @udp='udp:syz1\x00'}}}, [""]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x10000)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001440), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001480)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f00000015c0)={&(0x7f0000001400), 0xc, &(0x7f0000001580)={&(0x7f00000014c0)={0xa4, r3, 0x200, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x6}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x7}, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x4}], @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1280}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}], @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x6}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xf24710d0}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1ab}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x152}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x235}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x994}]]}, 0xa4}, 0x1, 0x0, 0x0, 0x200048c0}, 0x20000000)
r5 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000001600), 0x2, 0x0)
ioctl$VIDIOC_QUERYSTD(r5, 0x8008563f, &(0x7f0000001640))
ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r0, 0x8008f511, &(0x7f0000001680))
io_uring_register$IORING_REGISTER_ENABLE_RINGS(0xffffffffffffffff, 0xc, 0x0, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000016c0)=<r6=>0x0)
ptrace$ARCH_MAP_VDSO_X32(0x1e, r6, 0x8e, 0x2001)
r7 = syz_clone(0x41002400, &(0x7f0000002800)="631c353bf0f5918d692c0135cc258322111ce5f17e2efddacc5336f64233d4c5a441271704bebb615885253fb06025b48d85e80ad97ab8b34929a55d73eb2b601021c77e18834932a8184ed77ccd2b6b2985f2473fffbc3b1d4de5c67fe765e06102c4e4ac6a3b03a08b0c73f5cf6b207b117ba82a879d0dec", 0x79, &(0x7f0000002880), &(0x7f00000028c0), &(0x7f0000002900)="c36367986e39b187a7aad6ce975d1be56cbd53a285c1e675f2183e01ccc9765213b0230d1a992fddd273d7b63bcd0d2ad70820fa5c1709d752edb837c867d0047df6e028b5565f9fb06049732cb3bde17593cbf63cb837b5a569efe42c3d10ad6322c5d153eb365b4ce2b47275d65f10d6bd3072261b9bf52ae4fec702b73ba6856e266e14cda5f077c8d335ac6f69b4dc6d8628df150ef753a9a0f39c627b8c660c4beb6ab63a4f7ef892171f38a9deee73a5ea5d100ab8c5d7a08ed284e29edc476ec30dc41e2b1e6d9f3782945b952323914db49f4ab1f70728b91524df2383a95736f57538df4f3a8363b77a79422b79ea8d0ed60f3eef11ed3ec8987881889d5d3e5b4508b8295dc1bb77f4620f06ed511537d99530efa7c8fab68357ede1214ad9acfec19757bee1f93882bd2ff997906d133d9943027771845afbec4df72be04a35ef31da1ddafe1a5c958100d47a25c9a824b48d98f37fa909632de8bb8cd0b9d327ae753854b74091d5962fd1153e9334abf3a2f5cd54916570c6f0a7b4ebb2e9a53fc49de63b1094db26cf4ad771d89f4d4a074b3e4ed9ee3c761a3015402225f27f4c9d8286bad36bacd0bad45f3e9ebc5d5cfff1d7f7d4ae37e68e3464e744bb9ad94829360de49ecf468eb76384498b6aba00aace4adff452cbdc6a750ab1d1d486a2ec98b622412615f0a92c7a47125a295d7d375e300ab170845f4eb0324ffd2743aecc4e964ebdb831e8c312cce12d1291a4167404a09abf83f118b22558a1144873f0fba2cfd22e69ae4db60231f108d6577a1c16866783aee1fc71ce15027ef06db27525e6085f42c79700c5466ada05a4780c06f45244643b1294035aac5b386fc2170624489aa50e2e567ab99da08d7656840a0827aadff422582d6389c515cc838f5f739a9df8c7af47caf27d92b2561e037765e0a4c52b00262effecfa6794b17a8dab1debadfc0c7cda5ca825b58c66b3f7e41810f37fa5b32ad417aa3fb3634dcd34bf0ea4bea78a02e0b0c5bd47f038c5204454b4b5257851ee7ce282d3df7bb948a82f3963935520bfc9272f43e034199ecd8c223b9496308161d922f0945796d9e99fe42a4aabc03d08c3ffe33d9fd279ec9900a0acd0d6ea0d4c8031db98096036bde3143fcd52700a981b712c061f82f255d7c1e4422b3a11404359ba329790c893fc996e0a47de54f18fddab7b0d9e6790fda006f346cefe9437c660ef0169035832b6514a6e998b9b02016a789a5d1129bcf0e7da543c51f55f6f6f8e06c737204170613696c7a78b3d8751de8b4bc092c9d811e436fbcd9a6cb1707b99f866b41febf5a94be28c85eee73dbadebb94d9787eb5dfa489d2e0796dcdf8888e13e9263113da5f1d760d779345c9bd942566c28f70903042a54eacf9578513ecef8e2b268dc4c59cf5c721d0adceb73063d9457985b848a00c66aab6fdb39fc56f8761817a32538ede61cbfae76905cec077d448118e675b1751ec35f1223da2bf7b506325f55c41a40df74f7cba8d5c2b1228591ff19e26f7ad84b3284f474697e3fe043b2b5586646ebe7bb7eb3c48014cf34b49a15a450597a05c2c42c9ca569979c0b3d2d474e090384d3b65909b29864a4b6877a20fadd30ff3fd0c486d8b7bd809a6ea0c4544274cd98c86146e4ae6023de1304c984597f9effc76c494ab035960d9d72aa1d5d23fe4bd776feb3dcaf03180f803f73ec5f4b0fe44df26563ae7a6d43099412a6057cff1d701af38f2dd498a413ee8e38cdafb23a43c58321d2d71d63a83add457a4cafcceebf390b5ba2b4cbbc4b2965d5cd24b3b7ad51b10d551f56015f0c5c2f21169f497b7d662070635a4076b391d142f47b59ec4dc64357bd3146f1720d599dd6db64281f6743075db77e4d82427e1d7ca3603368b6476bbae3fb0674e26f065e841ed15d3ba1f939b6cadb760875f52d24ec425e8e5773df70ade6208057bddfbffbbb663563a269189bde1c161c113e544c5c6590d9b8a18bae8ada7c8453cfa1d8f3ac2633cbc4cd1251d868881070b2316dc0247807148280ea08ad574a46b09152c25a8a460541fa529350d989fd3bfe073437080417bee918f9340c75e2998a1f150122acf81296cea3689cfc65ef89e38d07a623f802008e57420132cd9aeeffdebfcf63f560d3650484009144696c751a8afa1afd4979e513784449a8d2af60fae938f8b3199e9e7d03f2fbf0af183aaa1fc941ae194c27e78b1b159f8054ac32b9ff3a60c04561466cccef06381a23210219bbe3aa113d9a045f88fa58266660fd0defb74f6e0bdcdf9dded1888075d9c343b99c5eefa8b182b8246bcd81c849dbc2d89cc5e66f5b4f53a6c0038a17b31b3b95f1bedcb62efb8b03dcd73a0f0d98166ba7bb6e1df5a2c7c6e8b4163261ec16878e8a2588a8b440339f2486c1829f593ca12a36d14382a31a0e735d46bc69e695732289386b96d5ad404635b09fa8ebbe9b91efe3e62a234c46b71052d6d281cd0ba8d6eb11282635b4d7266e91fd2b7446fccb84e7d6d1010a39e429b00455dcf1681ae0b228724c78bb681041c98e122a7d88fdc162c3442de6d514c49963a64bbcbdb1447270f21960ba1bb9d7f461e5b1f7da60a53acd4fd355e7de15910cae18fb12a6c0a97cabf4e7433e7cb4de779ff54aa37fd1843ca20578277e521d45c89e6a57fbf0a46e2b03fdebfa43b713ecd5934a92c5acafb5a9df8e9d237009d3b7587ca4dd2a82242ba97f0622995d6ffc6f089d18f7b73d1a92b554f3d15fa2c1e30064a9164b0795636e03d5503e49559b911eb96d587b76e54fda0338ad5f1067619b3082c9fa3ec37c100c5fae1ef0a54e77b814018c92ab4179518d4a3a1cba507a8de2ee1faacc891aae568a2dfaaf43994896e7f644e6931a043006d7d6d4323f1127c19b8cb6743a4a5b1eebcaae419bb26f8866c29c5759dda5d113967221ddd8b5edb7f5ea15e7465bb8d27b6119d17ee6d193543713500bec63e6405f1c71e7f8683ed324979d79867d817e0fa6b761fde6187a01ce3897a227f17508b2e7c97a56ec02f06160670536e4571b7e4af7f1438655be1db54be1c05014bd2e55a8653cf461ec897dd794405f450dc54993e3629c574cbb98b206437e9d96636816035fdda37b8fb334bb10bdae9eb29e338aaecb7d6f36a1cd71bf1df2071e5943153aea43b0b112b29ffe83be7ba6b531f0965401e1deb7b5fe1e8ad52f90c98b94fb3b9ba03367d50948b848025d283176a704421ca8af922cd0afb6a36383cce7bb7ec7c785ec46a56a3da91a66d5492f9b2ed239106adfcd7da82426452748f2a5ce17523533086937b0f78cac552a2f7cfe1adcbca7b451f49fbd9c99400733bdf801f6343ed442e93f7b2825fd82e2225c688338ed7a7afe8862302818f3daa94e28cbdb5c5ab22fa0ff466b863bf7612bf0d799d506a2c1f495ab9def3d0161fd921f96021721a3c83a85625922e84892dc3ff21a8a75ad3b61fbde6eb64fd849ef85c9607739a638b9311634ec52a55555cae9e1d08a73af28069ab34291a5b2c969697a58d15e84b13c99e405e2dae4b9c25de492cc73b5ec2b2073dfc424b1fd80f80151135e0ae9ddbca9c132d205de5105373924ac0a9b5877064e8c7e4c77a0207dffc066264b47b21cf12563326417918914e3f47a951ab5a7681329c9e25e492cca7ddc7e4d729dfd3b4a8f486968cb96c04293547b57f73a38083f27baa3e75b0e3e8fff3f0125d1d6ff39f2ee9500387eeb1ab003ad674715448daf02eccd83389966c926b3cbea888c416bea7015a8f22bd5b6231114443c19bf671606cee030cf754d55bf7d0cd61e94c634a57f91ee7b17e41746f75a418b172bc773dd7ba0f8072b3b18a3305cac58525bbdce61129f3b2b417c28dfbf433eb855c72b50f7176edacaa64182b486280b60d71ea56c29317341df92325932e73cc133402578d31bb8b3a164b45732507c0eb929ba07a481fba15d35d2ad111075716e1449f259e25a995de6aa80ed47fbbbbe51edefaeee583d599105323c0fa6e3152a44291377b2f64bcff7a7fe673bbbc105ff1ad8f8a1adde3c299226861ae8acc0a09008faeb66d87028a0ef1c813453537987deee3692a294f2c9927e01ba647156edd928c3da6a82a066a0736fd823579d40b6318aef7bdb04dd3e4a58ce2fb31e1229ecdd32cf663e63b907ca33c2be7332355f32d9eeff7440940696bc78e443e4d7aa831c3d347a3c63d77fbef05147e6af70795b6321a71b05fa711e370a192332302a61ad0264d7107f2f8fef9c3203b90bf47658958e841683ba2b06e935d70fe16bf8b428b52a91c5b37cc34dcaab261e7db492102af43f8c3001d82990f3bded4b3cc7822235527676306b4ff4c476091a513401294c36a011551538bacf4e339f94d74d96e80d10c9794109bd00acc953de16bfafbbccb064bca3c2671278e3e28f5a880d6c642c646bfdd409d53c139633dddebeb51f2b943154d14339ee05297e54cf96282cc4d2195bfd964ae243cdde9011fac3906a55be1140121b2d347efd8d79065f5c76b3c199b68360b58e582539f9ae46a2d0c27e1b2dccb1b2249e440fc0d6737a96e52bccb1533f0f97be30738449ceca02ea5c7c8399e15d68a72d274daa235c71d4f123effc44f8f8534b75f14e8e868785364ecfccf188f661a3f3656b9d28dcc86f9a98d7b0eef3f8b2e00e6a4031bd9d374a4efec2a241599657d26cc74c81e7edc0493c202ed92ec755a74165640acc3d5bbc370c2350c3b0a2b6c5bf643210e873ca94d400c1756f370996d9cf49e1fcb96682901c658cf532db16e20c48cf1de66dda0b9474853fb53d351e7cd9adc27037c653c796ace42a785fabfd1ad7428342c0f2184632831f59f1c237c3b7f743a016a9b2953a099e87b9e92acc2616c4106aeb13ced25d39a70b3ce5776f50824a468c6b90e530a562aa9d53241515c194a59b9ff8c740d9028a68e17c5159ad139f3c57c36228b323fafa3229db0da419d45012d84822f83c2ae87db53ff4b431f22621c63b22a1a464f79650bb57f4b201f250bbd0509377a5ffa3cf993153de8daf6b720035f76a4ade27b16c8d8892359e331bacbcb7feed72b1cd902ee7d96c7e60593acbc9ba7e61d4938aabd99dbff01827d71c46314adc432e5d17d1a9a1a4b57cba2987ec3438af82c6b54a7401a8ae9a1a1f156dcf567e3c4a9747775187e8efa15cc1e7628784f30a090264fc3c5ce1e7e0f553b4965c0e6ffc7b3e120f25b7eb19d0a6420ee2f13cf8f100a0b363066350c93e3376998f88d9e92b22e3cef64e3cd547136f6949d35d249c1f82aff1d4b30f6417c9b8e75579e714de93a0c9771c007f2aa73db395ad47435e817015a2023aade78b6497d7fc5db634f18491d5d59bfe9b875f2176d9bb37a2a7a489fb652c5ffb07c858ced675b163c426ef0fd01169eb209698fb55e2b71d8d3719b283ca313904d1021de911227382f6ea38c40a622239e496bec40ee41e6566b394b0cd084904e959c9c97b968f38f689cbca71b1de63b90b9df7b0a95a9098be2faa37f23c65e63cba10f43936b3fa082061e172351be8562a1ad073a7705107a6f6f4034cc682512065c549712f8d10929a97bb0328c86cf6d3c7001222c09b17121367801158c4fde66f7390cd18f00ba62bd0204fbf68ad6f37c326c7585426036a0a559039070c5394eaefe7295ce60f2b6f1014d49039e8bca806e6e9e35c8675f231627af5aad94d6ded1")
r8 = openat$cgroup(0xffffffffffffffff, &(0x7f0000003940)='syz0\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000003980)={0x800, &(0x7f0000001700), &(0x7f0000001740), &(0x7f0000001780), {0x2b}, &(0x7f00000017c0)=""/34, 0x22, &(0x7f0000001800)=""/4096, &(0x7f0000003900)=[r6, r7, r6, r6, r6], 0x5, {r8}}, 0x58)
r9 = syz_socket_connect_nvme_tcp()
sendto$inet_nvme_of_msg(r9, &(0x7f0000003a80)={@icresp={{0x1, 0x0, 0x80, 0xc0, 0x72}, 0x0, 0x0, 0x3, 0xdbab}, @val=&(0x7f0000003a00)="71472c0542752ca42a339d779df96b4e860def4f6d9888511f44cf207c99bd370b16265216a0cfcf9f375399947543ce8cbd29756572574d88d68b4d79f8ac4af0"}, 0x88, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_CONNECT(r1, &(0x7f0000003cc0)={&(0x7f0000003b40)={0x10, 0x0, 0x0, 0x40008000}, 0xc, &(0x7f0000003c80)={&(0x7f0000003b80)={0xe8, 0x0, 0x2, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x400, 0x1, 0x1, 0x0, {0x47, 0x6, 0x0, 0x6, 0x0, 0x1, 0x1, 0x1}, 0x400, 0x1000, 0x2}}, @NL80211_ATTR_IE={0x60, 0x2a, [@sec_chan_ofs={0x3e, 0x1}, @gcr_ga={0xbd, 0x6, @broadcast}, @perr={0x84, 0x4f, {0xfe, 0x5, [{{}, @broadcast, 0x400, @void, 0x6}, {{0x0, 0x1}, @device_b, 0x5, @value, 0x3}, {{0x0, 0x1}, @broadcast, 0x3, @value, 0x19}, {{}, @broadcast, 0x4, @void, 0x2f}, {{}, @device_a, 0x9, @void, 0x3b}]}}]}, @NL80211_ATTR_HT_CAPABILITY_MASK={0x1e, 0x94, {0x800, 0x1, 0x2, 0x0, {0x10, 0x8, 0x0, 0xa, 0x0, 0x0, 0x0, 0x1, 0x1}, 0x6, 0x699c, 0x81}}, @NL80211_ATTR_PREV_BSSID={0xa, 0x4f, @random="8af0d2a994f3"}, @NL80211_ATTR_BSS_SELECT={0x1c, 0xe3, 0x0, 0x1, {0x18, 0x0, [@NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0xda}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}]}}]}, 0xe8}}, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r10, 0x11a, 0x1, &(0x7f0000003d00)=@gcm_128={{0x304}, "596b4e652cd031e9", "997bbe9f5200db711b19c48fc19122ae", "8a65d75f", "7bd281d61496af4a"}, 0x28)
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x5)
r11 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000003d40), 0x400000, 0x0)
ioctl$SNAPSHOT_FREE_SWAP_PAGES(r11, 0x3309)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000003f40)={&(0x7f0000003d80)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000003f00)={&(0x7f0000003dc0)=@gettaction={0x138, 0x32, 0x8, 0x70bd25, 0x25dfdbff, {}, [@action_gd=@TCA_ACT_TAB={0x4c, 0x1, [{0xc, 0xe, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x800}}, {0x10, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0x10, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'vlan\x00'}}, {0xc, 0x0, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}]}, @action_gd=@TCA_ACT_TAB={0x24, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x100}}, {0x14, 0x19, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x2}, @action_gd=@TCA_ACT_TAB={0x84, 0x1, [{0xc, 0x11, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7906}}, {0xc, 0x5, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffff3d2}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x9}}, {0x10, 0x1c, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc}]}, 0x138}, 0x1, 0x0, 0x0, 0x840}, 0x10)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, &(0x7f0000004040)={&(0x7f0000003f80)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000004000)={&(0x7f0000003fc0)={0x2c, 0x1407, 0x20, 0x70bd2c, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_NAME={0x9, 0x2, 'syz1\x00'}, @RDMA_NLDEV_ATTR_DEV_DIM={0x5, 0x54, 0x1}, @RDMA_NLDEV_NET_NS_FD={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0x8080)

10.230538552s ago: executing program 2 (id=645):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r5, &(0x7f0000000540)="676fb1e5d747c954889f7e913270f25cf26eb256141f3218583694ba7b132dde6a6d683820e18d00d0c723f8ea2f883d51c2be23df456f24e6e5210c5f04cd2b798f794738284c922386e5775ad770e6156f527723a9011f19440aa21e10bbd817b71dcb275d0e0bfcfa049afe46e825d379dfbdaa3b552de50a15b3b5819087ac", &(0x7f00000000c0)=@udp6=r4, 0x2}, 0x20)
ppoll(&(0x7f0000000240)=[{r4, 0xa218}], 0x1, 0x0, 0x0, 0x0)
rename(0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x6, 0x0, @val=@iter={0x0}}, 0x20)
landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)

9.171803776s ago: executing program 2 (id=650):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r1, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, 0x8, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x810}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(0xffffffffffffffff, 0x408c5333, &(0x7f0000000140)={0x8, 0x3ff, 0x1, 'queue1\x00', 0x6})
rt_tgsigqueueinfo(0x0, 0x0, 0x3a, &(0x7f0000000100)={0x7, 0x1, 0x9c1b})
r2 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080), 0x40040, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000240), 0x8100)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000140)={0xfffffffffffffffc, 0x1, 0x2})
r6 = openat$uhid(0xffffffffffffff9c, &(0x7f000000a700), 0x802, 0x0)
write$UHID_INPUT2(r6, &(0x7f00000002c0)=ANY=[@ANYBLOB="0c0000000000e1b01a039601cf40ee5d4c6a788a4d76c3ade41caf241d9307a17e4ffa9369986cfb01799931a18780cec4c8d1fa0f7e6d55e7072faf81eec7c341dcc0d7b399c58ef8a842157e3e2ca4ebba84562240aa6f1f1fc90fbd806558e19c2ffbc0afc36f870eb7effe0068c9c7ed1194b752597d07a89593ad76b9899828e70e815de527d41a38dcb136048980cef11b008cccd03b3d74fd1aca0e90a2761beb30ebb428379a4f162523d7ef26a4eeda27f6"], 0x6)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRESHEX, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32, @ANYBLOB="b6ed416886c54494d28f0227e7fa49bdf90e5e856157ebdfb17ead5b5f549e31e5d5948f5f4bdbb96ca0588b38b84aeced2c8da5f418c68f0f"], 0x48)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
add_key(&(0x7f0000000140)='encrypted\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="1c0000002100090002000000ff080040", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x844)
ioctl$KVM_IOEVENTFD(r4, 0x4040ae79, &(0x7f0000000280)={0x278100003e6, 0x1, 0x1, 0xffffffffffffffff, 0x2})

9.169253339s ago: executing program 6 (id=651):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000040)='c:::\x00', 0x0)
r1 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2, 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f0000000340), 0x0, 0x0)
read$msr(r2, &(0x7f0000048040)=""/102392, 0x18ff8)
tkill(r1, 0xb)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, 0x0, 0xc000)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r5, &(0x7f0000000180)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @bcast, @bcast]}, 0x48)

9.155886008s ago: executing program 3 (id=652):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x79, 0x11, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xd0, 0x1, [{{0x9, 0x4, 0x0, 0x1, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0xdc7, 0x80, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x5}}}}}]}}]}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, &(0x7f0000000040)={0x0, 0x12, 0x5, {0x5, 0xd, '\b\t\x00'}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)

9.116814879s ago: executing program 2 (id=653):
socket$nl_route(0x10, 0x3, 0x0)
gettid()
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
socket$inet6(0xa, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4)
pipe(&(0x7f0000000440))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x6a855000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_io_uring_setup(0x4d5, &(0x7f0000000480)={0x0, 0x404525, 0x80, 0x2, 0x12d}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000640)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x28, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d15, 0x0, @fd_index, 0x0, 0x0, 0x1, 0x1})
io_uring_enter(r2, 0x22d0, 0x20, 0x0, 0x0, 0x0)

8.712250577s ago: executing program 6 (id=655):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
fstatfs(r3, &(0x7f0000000440)=""/174)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000400)={0x1f, 0x1}, 0x6)
getsockname(r5, 0x0, &(0x7f00000002c0))
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r4, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x14, r6, 0x100, 0x70bd28, 0x25dfdbfb, {{}, {@void, @void}}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x24000041)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r7, &(0x7f0000000080)={0xa, 0x0, 0x400000, @local, 0x80000}, 0x1c)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x200000, 0x3}, 0x10)
r9 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r9, 0x10f, 0x87, &(0x7f00000001c0)={0x42, 0x3}, 0x10)
r10 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r10, 0xc0d05605, &(0x7f00000002c0)={0x2, @vbi={0x4, 0x5, 0x5, 0x47504a4d, [0x200, 0x7], [0x4f, 0x6], 0x1}})
sendmsg$AUDIT_LIST_RULES(r7, &(0x7f00000005c0)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000580)={&(0x7f0000000540)={0x10, 0x3f5, 0x10, 0x70bd2a, 0x25dfdbfe, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x4004080}, 0x880)

7.629243229s ago: executing program 6 (id=657):
r0 = gettid()
timer_create(0x1, 0x0, &(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x3, 0x3ed6, 0x400000000000005, r0})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0) (fail_nth: 2)

7.337763075s ago: executing program 5 (id=658):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x13, 0x4, &(0x7f00000005c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
socket(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x60}]}, &(0x7f0000000080)='syzkaller\x00', 0x4}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='.\x00', &(0x7f0000000000)='iso9660\x00', 0x401, 0x0)

7.337550108s ago: executing program 6 (id=659):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1, 0x0, 0x0, 0x1}, 0x4080)

7.095990472s ago: executing program 6 (id=660):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000300)={r5, &(0x7f0000000540)="676fb1e5d747c954889f7e913270f25cf26eb256141f3218583694ba7b132dde6a6d683820e18d00d0c723f8ea2f883d51c2be23df456f24e6e5210c5f04cd2b798f794738284c922386e5775ad770e6156f527723a9011f19440aa21e10bbd817b71dcb275d0e0bfcfa049afe46e825d379dfbdaa3b552de50a15b3b5819087ac", &(0x7f00000000c0)=@udp6=r4, 0x2}, 0x20)
ppoll(&(0x7f0000000240)=[{r4, 0xa218}], 0x1, 0x0, 0x0, 0x0)
rename(0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff, 0x6, 0x0, @val=@iter={0x0}}, 0x20)
landlock_create_ruleset(&(0x7f00000002c0)={0x7f6e}, 0x18, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)

6.287014821s ago: executing program 2 (id=661):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="1201000000000040f30455070000000000010902240040b10904ed65d27c96efcc8d1300010300010074b378e907daaf3abef484b06c0001220500000000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f00000006c0)=@raw=[@cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}, @generic={0x1, 0x1, 0x6, 0x8001, 0x4}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @generic={0xd, 0xf, 0x1, 0x0, 0x2ca}], &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)
syz_usb_connect(0x0, 0x5a, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000ec13b2106d04f308280b0102030109024800010000000009046900000e0100002b4101", @ANYRESHEX=0x0, @ANYRES64=r2], 0x0)
r3 = syz_io_uring_setup(0x6947, &(0x7f00000001c0)={0x0, 0x5eae, 0x75800ecdd7e9b0fa, 0x0, 0x209, 0x0, r2}, &(0x7f0000000080), &(0x7f0000000240))
r4 = syz_io_uring_setup(0x1158, &(0x7f0000000000)={0x0, 0x7332, 0x1, 0x0, 0x15e, 0x0, r3}, &(0x7f0000000180), &(0x7f0000000280))
io_uring_setup(0x66f8, &(0x7f0000000100)={0x0, 0xab4, 0x800, 0x2, 0x2f5, 0x0, r4})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$SEG6(&(0x7f0000002040), r5)
sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f0000002140)={0x0, 0x0, &(0x7f0000002100)={&(0x7f0000000780)=ANY=[@ANYBLOB="300000008c41f077a5e31d161988cf2a0a52cc8c9f75a0c9f33dfe7a47828eee63a4807527ae48bf0fcaaf99e13dc3bbbd6a3ea0f96c191fa85da324cc848c2358bc97bb0542f3c7b6054c722f4f341ff3887f03950f5986747b5c9985d92c70d4b5", @ANYRES16=r6, @ANYBLOB="010029bd7000fddbdf250100000008000300070000000400040005000500030000000500060001000000"], 0x30}, 0x1, 0x0, 0x0, 0x882}, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
recvmmsg(r7, &(0x7f00000067c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002bc0)=""/224, 0xe0}, 0x7}], 0x1, 0x40002000, 0x0)
r8 = landlock_create_ruleset(&(0x7f0000000000)={0x10, 0x0, 0x3}, 0x18, 0x0)
landlock_restrict_self(r8, 0x0)
ioctl$EXT4_IOC_GETFSUUID(r1, 0x8008662c, &(0x7f00000000c0))
pselect6(0x40, &(0x7f0000000440)={0x8000, 0x80, 0x2, 0x5, 0x2, 0x8, 0x4, 0xf}, &(0x7f0000000480)={0x9, 0x2, 0x874, 0x0, 0x4, 0x9, 0x6, 0x100000000}, &(0x7f00000004c0)={0xdb, 0xca, 0x400, 0x6, 0xfffffffffffffff9, 0x5, 0x1, 0xffffffffffff21ed}, &(0x7f0000000500), &(0x7f0000000580)={&(0x7f0000000540)={[0x5]}, 0x8})
bind$unix(r2, &(0x7f0000000700)=@file={0x1, './file0\x00'}, 0x6e)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(r7, 0x8982, &(0x7f00000005c0))
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
listen(0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(r1, 0x0, 0x15)
sysfs$2(0x2, 0xddb, &(0x7f0000000380)=""/175)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x9, "9bc81b90"}]}}, 0x0}, 0x0)
r9 = syz_open_dev$hidraw(&(0x7f0000000280), 0x82, 0x2)
ioctl$HIDIOCGFEATURE(r9, 0xc0404807, &(0x7f0000000600)={0x9, "3aff9e1654601adf50a5951a7b6b88f178355cc6ee6d6c4dfa10d60cc21f0fca2568cafb861063be47da730bd28c0e87ce4b5bd40348324bce271027b7bc4f07"})

6.117089712s ago: executing program 6 (id=662):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='loginuid\x00')
socket$key(0xf, 0x3, 0x2)
write$sysctl(r1, &(0x7f0000000180)='3\x00', 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='sys_enter\x00', r3}, 0x18)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r3, 0x40189429, &(0x7f0000000280)={0x0, 0x3, 0x8000000000000001})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r1)
mount$cgroup(0x0, &(0x7f0000001180)='.\x00', &(0x7f00000000c0), 0x10012, &(0x7f00000011c0)={[{@name={'name', 0x3d, 'blk-\xe5Mio'}}, {@name={'name', 0x3d, 'm'}}]})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
sendmsg$NL80211_CMD_GET_INTERFACE(r0, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="00022bbd7000fbdbdf250500000008000300", @ANYRES32=r7, @ANYBLOB="471d2c57a334ae57307f7c42c1a77862c8564222fc40e17616903848510617213f4fbd9b00804e98411390dbe3b8525fe81663e18c4115e2458d26db93e8bd305285243f"], 0x1c}, 0x1, 0x0, 0x0, 0x11}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@ipv4_newrule={0x30, 0x20, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@FRA_TUN_ID={0xc, 0xc, 0x1, 0x0, 0xe0e}, @FRA_GENERIC_POLICY=@FRA_FWMASK={0x8, 0x10, 0xb}]}, 0x30}, 0x1, 0x0, 0x0, 0x48090}, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000200)={0x30, 0x5, 0x0, {0x0, 0x3, 0x1000, 0xd}}, 0x30)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r9 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r9, 0x83, 0x10, &(0x7f0000000080)=@ready={0x0, 0x0, 0x8, "0af2c997", {0x1, 0x100, 0x1000, 0x5, 0x4}})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, r0, 0x26d9c4cd, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x1}, 0x50)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="e57bbb107b9295700d1d52fc8f4d26c88c1712d14457b34a50f91494c08ece6517acd487374cbc0823f69959c9dd1a1969ab8acf7a0b5748f2568d7a978f3e8220f643850c34816b20b7ab0600e0aa863fa456b21d2409d7bbf9a2fa433b4deedaf752a951f3fae9b11ab080dbb58ae045a9977e1aca0637befc692f435b01cccf80949f5d625b5d3d2635ac", @ANYRES16=r8, @ANYBLOB="01002cbd7000fedbdf250300000004000180"], 0x18}}, 0x4000)

6.080384841s ago: executing program 3 (id=663):
syz_emit_ethernet(0x9e, &(0x7f0000000040)={@random="89b72ae666f6", @empty, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "000001", 0x68, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x2, 0x0, 0x1, 0x3, [{0x3, 0xb, "000000000000000000000000000099d148cfd188a51d4567308bc7121826ee2080907e117a9477f485b6d0b7f17735f6a647a789ef4a4870b5ae70538b0ac753c0237453c9078a39a29e948f3241b70de03327c75cff"}]}}}}}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x101000, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000000)={0x400000000000030d})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x121400, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x10000000000000cf, 0x0, [{}]})
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x70bd2a, 0x25dfdbff, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@multicast1, 0xffff, 0x0, 0x4e22, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x1000000, 0x2b}, @in6=@private0, {0x5a, 0xb400, 0x2, 0xfeffff7f00000001, 0x0, 0x60000}, {0x0, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0)
r5 = syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x146fa3)
r6 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r7 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x28a02, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000080)=0x3)
close_range(r7, 0xffffffffffffffff, 0x0)
r8 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r8, 0x0)
write(r6, &(0x7f00000000c0)="2cd889f035a53e14f3d5ac5a", 0xc)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x54, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r9, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x8], 0x0, 0x0, 0x1}}, 0x40)
ioctl$BLKRASET(r5, 0x1262, &(0x7f0000000000)=0x4453)
syz_emit_ethernet(0x9e, &(0x7f0000000040)={@random="89b72ae666f6", @empty, @void, {@ipv6={0x86dd, @icmpv6={0x7, 0x6, "000001", 0x68, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x2, 0x0}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0xff, 0x2, 0x0, 0x1, 0x3, [{0x3, 0xb, "000000000000000000000000000099d148cfd188a51d4567308bc7121826ee2080907e117a9477f485b6d0b7f17735f6a647a789ef4a4870b5ae70538b0ac753c0237453c9078a39a29e948f3241b70de03327c75cff"}]}}}}}}, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x101000, 0x0) (async)
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000000)={0x400000000000030d}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000540), 0x121400, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$KVM_SET_MSRS(r3, 0xc008ae88, &(0x7f0000000040)={0x10000000000000cf, 0x0, [{}]}) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x1a, 0x7, 0x70bd2a, 0x25dfdbff, {{@in6=@dev={0xfe, 0x80, '\x00', 0x1b}, @in=@multicast1, 0xffff, 0x0, 0x4e22, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x1000000, 0x2b}, @in6=@private0, {0x5a, 0xb400, 0x2, 0xfeffff7f00000001, 0x0, 0x60000}, {0x0, 0x200000, 0x7, 0xfffffffffffffffd}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0) (async)
syz_open_dev$loop(&(0x7f0000000240), 0x7, 0x146fa3) (async)
creat(&(0x7f00000002c0)='./file0\x00', 0x0) (async)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x28a02, 0x0) (async)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000080)=0x3) (async)
close_range(r7, 0xffffffffffffffff, 0x0) (async)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) (async)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r8, 0x0) (async)
write(r6, &(0x7f00000000c0)="2cd889f035a53e14f3d5ac5a", 0xc) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x54, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r9, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x8], 0x0, 0x0, 0x1}}, 0x40) (async)
ioctl$BLKRASET(r5, 0x1262, &(0x7f0000000000)=0x4453) (async)

5.905482918s ago: executing program 5 (id=664):
semctl$SETVAL(0x0, 0x2, 0x10, &(0x7f0000008340)=0x3)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x2, 0x3b, &(0x7f0000000000)=ANY=[@ANYBLOB="12010102a39ab910b80c0bc9ae0d01020301090229000101f8400405050009050c021000050001072501", @ANYRES8=r0], &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0})

5.40990191s ago: executing program 3 (id=665):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={0x2c, r1, 0x6419aa27cadae9f1, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_STA_WME={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4811}, 0x4890) (fail_nth: 4)

4.62068081s ago: executing program 3 (id=666):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0xe, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000000000000000000000000000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
timer_settime(0x0, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r5, 0x0, 0x0)
listen(r5, 0x3)

3.789902174s ago: executing program 3 (id=667):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000380)=ANY=[@ANYRES16=0x0], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0) (async)
syz_usb_control_io$hid(r0, &(0x7f0000000200)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0)
syz_usb_connect(0x3, 0x7d9, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xd8, 0xf5, 0xfa, 0x20, 0x10c4, 0xf91, 0xa122, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x7c7, 0x2, 0x4, 0x24, 0x50, 0x2, [{{0x9, 0x4, 0xdd, 0x6, 0x6, 0xa6, 0x16, 0x17, 0x6, [@cdc_ecm={{0xb, 0x24, 0x6, 0x0, 0x0, "b3f08edb29bb"}, {0x5, 0x24, 0x0, 0x3}, {0xd, 0x24, 0xf, 0x1, 0x0, 0x9, 0x2, 0x4}, [@mdlm={0x15, 0x24, 0x12, 0x4000}, @obex={0x5, 0x24, 0x15, 0x1}, @mdlm_detail={0xaa, 0x24, 0x13, 0x3, "3f66e1e3c138b2d5d6bbbcc8a48a85a993ac4dad06f9061b25ef9a781e8d75ca2c85f29653cc004ea6db1ca0c1d1a2c7ff515443a1cc4d0fd2f61177905ecf8415e225c89585c4aef63e0c881cdaa5a40e4ab09e3c22c3f9ee9a4fed853179871ecc324fe5c75f47daafb9b0031b2eeb9ea0a0dd919fae0a6900cdfdfe5b641d0e1bb5e8a9060e02b881f35b100f04dcae91fd7d2987e692f27fc2a04cedf7b741c47629fc62"}, @ncm={0x6, 0x24, 0x1a, 0x6, 0x3c}]}], [{{0x9, 0x5, 0xe, 0x0, 0x400, 0x5, 0x0, 0xb}}, {{0x9, 0x5, 0x6, 0x3, 0x0, 0x80, 0x5, 0x7, [@generic={0xff, 0x9, "9e288466d25114b8c317afaacf5ab2ac4f0d27c7183edf63c2b193acfd224d69499103f59459556dec8d2abf1515384db07e3660de30f01186166f94002249b5407f5a99fca17509a58d685e35d7386cfbc5ea47aff862be4eaa6f541b802a9df68f38b5f382b1765f4fe0fa90eb32e023700f680656ec513e056d25f6f58382bff6c81ed971e7579792e178a1024d3c46c32635306ad896b992edbaf13f67999c75dfe9513e7cc68a78446030e826c1984bba936bde9b2c72adadbb42e717d07bdc19e588d34bd2108f98bbb33ceaa7b7d37fb290ffc9de49a8f554cfd8beb95c2d56b5600c2d793937071f8e5d393a9bed7776626a46d5e933af8592"}]}}, {{0x9, 0x5, 0xf, 0x10, 0x470, 0x9, 0x40, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0xf7, 0x4}]}}, {{0x9, 0x5, 0x1, 0x1, 0x3ff, 0xe, 0x5, 0x29, [@generic={0xac, 0x24, "f87ca2e541774e5dec8187ff8db02ad7f9b451905ab1c7c3439355b5073faf37406b6d79b8a90d26c6fc3284cfaf520b107da403438bf61403618737c4cc6f82b704e556aa9345f7476d9b48056b96870d87cb124e8a4de19621397ca916e4e43769e12c458065ba4aec6038c7dac3a003a58cdaa5727d56bf50abdceff7024e03e4bafeae311bf19371f9608882eef052933bad4004dfaf880fac8a24bd0d8d0e7b72d7f70c61eb3aa9"}]}}, {{0x9, 0x5, 0x2, 0x10, 0x40, 0x5, 0x9, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x7, 0x9}]}}, {{0x9, 0x5, 0x1, 0x8, 0x400, 0x1, 0x0, 0x3}}]}}, {{0x9, 0x4, 0x8, 0x6, 0xf, 0xb5, 0xf2, 0x79, 0x6, [@cdc_ecm={{0x6, 0x24, 0x6, 0x0, 0x0, "e4"}, {0x5, 0x24, 0x0, 0xad67}, {0xd, 0x24, 0xf, 0x1, 0xb9, 0xc, 0x6, 0xfd}, [@ncm={0x6, 0x24, 0x1a, 0x3, 0x2a}, @network_terminal={0x7, 0x24, 0xa, 0x80, 0x4, 0xf, 0x2}, @dmm={0x7, 0x24, 0x14, 0xb7b, 0x5}]}], [{{0x9, 0x5, 0xc, 0x8, 0x3ff, 0x8, 0x7, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x6, 0xffff}, @generic={0x9c, 0x5, "1942b32cbdb3f3f461891dc541e86883ecf77f04ecc56fad9058601f0b0b92ab484b92f17dc7bc09f878d73292ededc06dee47110002c6c0df6d87177f747096643bba284aaea300148331cab81b72fa6d074c51d966756768617837447746ac6d2471840a8e0add620c9a198ea98f154f35e115b12b3788d76303c7b65f062f1c1dfa1ba3f8a0ed701d8b3cf35eae978ffde856112903a7aa63"}]}}, {{0x9, 0x5, 0x3, 0x10, 0x3ff, 0x9, 0x8b, 0x21, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0x30, 0xfffd}, @generic={0x69, 0x21, "63b90b1f414abac837a947b46cb20d4aaf28158035c1025619dbc17b068baab54577938b5735c4ed83f9e50792a4d661b04f75c21e8a7b6e11e8d78f73b6658218b98096dc5492c7c1414b508cf8659338f32a44a27fa9fc1e640c385f6a172d3ff2eef0fac80e"}]}}, {{0x9, 0x5, 0xa, 0x4, 0x3ff, 0x1, 0x8, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x8, 0x10}, @uac_iso={0x7, 0x25, 0x1, 0x1, 0x3, 0x4}]}}, {{0x9, 0x5, 0x4, 0x10, 0x10, 0x5, 0x8, 0x5, [@generic={0xb9, 0x4, "bd500551088784a9a6c8c875e46f40f8dec08356657fff0116715cf3633c3abbd97bec262ba768a2ecc9254307f81dcad63cf5cd3b03eaff42be10814676695a24236efcae307e1ea1edf8a00c7145e1ffdd76cbb542ef19da12ab5cae36388043a656bd05d7bf3643111caecd8efa25cee00e54ba9e2110d4f286c9d731bb1b19641fce95bd04f0370fab5c24e97a993be71bdfba56dea1cf124f0789057db43130472371ae40740cbece3a246a677cc8921a0e2c5955"}, @generic={0x4c, 0x1, "4babb3db5596e8f6a0e7cbf32b994b804a8c8031ad7d8a7fa13fabadec160890ecd2dce61dcc2be48954cb4469d2c6dfeb42b6627a1b5a149b5656e4b53850dfc046e4e49c40a2b046bc"}]}}, {{0x9, 0x5, 0xf, 0x3, 0x400, 0x4, 0x8, 0x5, [@generic={0x6d, 0x10, "8f560f0735dba8499878621f0617397bc60e991822217280a09e74c8b0d3e7eabe2d23097641fbf336b987a1989f15fcf84c7685b4149ab80237e60f6321cd4ea511cf8e51a9427beef358026cfbd5dc7c150e38fa5700b29b467e95850b10ddb6ea82e250fc65d42c5677"}, @uac_iso={0x7, 0x25, 0x1, 0x81, 0xe, 0x691}]}}, {{0x9, 0x5, 0x1, 0x10, 0x218, 0xd, 0x8, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x7}]}}, {{0x9, 0x5, 0x7, 0x8, 0x8, 0x0, 0x2, 0x4}}, {{0x9, 0x5, 0xa12d3bfc7aa72eb9, 0x0, 0x8, 0x7, 0x4, 0x1}}, {{0x9, 0x5, 0xd, 0x8, 0x10, 0x8, 0xb, 0x1, [@generic={0xc, 0x7, "67a43f828732ca9f87ba"}, @uac_iso={0x7, 0x25, 0x1, 0x80, 0x6, 0x7f}]}}, {{0x9, 0x5, 0xf, 0x1, 0x200, 0x1a, 0xf8, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x1, 0xab, 0x3}, @generic={0xa1, 0x21, "cb62fb9ce9a6051c61df4f69330b260ed762d75f4c9f2507dcc0af025c16504f23249a71082e49e39cfa882b1684edcd0c74b4eda02dbc7e48b909491bcfb278d5580cb9f0dd7e8330a31fd8c722869e7270486863a1808a0adea5a3c3384ebc0509b2d1980fbf9b07003731bb27d4e10288125e0e9eae628bca186493dc71a390ccadf36e2f140751525c340f95195566d60bd547660a6a76bebfab975249"}]}}, {{0x9, 0x5, 0x7, 0x0, 0x10, 0x32, 0x9d, 0x81, [@uac_iso={0x7, 0x25, 0x1, 0x4, 0x0, 0x504}]}}, {{0x9, 0x5, 0x1, 0x0, 0x10, 0x2, 0x40, 0x10, [@uac_iso={0x7, 0x25, 0x1, 0x81, 0x1, 0x2}, @generic={0xb2, 0x1, "70b62fd9a67ee617ee45f96e691a8759bccf59079d7ae9e06a109a536df7d8e7d48b133d927a4725cc30e230bb941b57ace3d2fc68fe139855a6d9557126408670f43d5e8d516279c1265d382caf554f06bf434116c2a65195cdbbe123360d2e96af2d9b3acc9d3582270b55618bce310b4f6264f63570baaeba23bca3ebe1cc195501f56a8fbdbafc4bfed8d57410d520050cd1f1380843ba8a69d179226996a822a0a624838f41fb72bf3f79844c96"}]}}, {{0x9, 0x5, 0x5, 0xc, 0x3ff, 0x1c, 0x6, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x83, 0x0, 0x1000}]}}, {{0x9, 0x5, 0xa, 0x0, 0x10, 0x5, 0x40, 0x80}}, {{0x9, 0x5, 0x9, 0x0, 0x20, 0x7, 0x5, 0xd}}]}}]}}]}}, 0x0)

2.269909428s ago: executing program 5 (id=668):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa07, &(0x7f00000002c0)={{&(0x7f0000c9b000/0x1000)=nil, 0x1000}, 0xf, 0x2})

2.069245583s ago: executing program 5 (id=669):
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
mount(0x0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000034700)=""/102400, 0x19000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140ffff"], 0x84}, 0x1, 0x0, 0x0, 0x24004050}, 0x20000044)
syz_emit_ethernet(0x4a, &(0x7f0000000980)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x600, 0x3, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}}}}}}}, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000080)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) (fail_nth: 3)

1.056349792s ago: executing program 5 (id=670):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x1b, 0x0, &(0x7f0000000300)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000540)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000580)={0x2, 0xa, 0x1, 0x7c5e}, 0x10, 0x0, 0x0, 0x3, &(0x7f0000000600)=[0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000640)=[{0x4, 0x5, 0xa, 0xb}, {0x2, 0x5, 0x6, 0x7}, {0x5, 0x4, 0xc}], 0x10, 0x3}, 0x94)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000002480)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}, {0x0}], 0x2}}], 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b00010076000014000280180001004241544d414e5f56"], 0xfd12}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x80800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

381.770205ms ago: executing program 3 (id=671):
socket$nl_route(0x10, 0x3, 0x0)
gettid()
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
socket$inet6(0xa, 0x2, 0x0)
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4)
pipe(&(0x7f0000000440))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x6a855000)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_io_uring_setup(0x4d5, &(0x7f0000000480)={0x0, 0x404525, 0x80, 0x2, 0x12d}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000640)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffff8, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x28, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d15, 0x0, @fd_index, 0x0, 0x0, 0x1, 0x1})
io_uring_enter(r2, 0x22d0, 0x20, 0x0, 0x0, 0x0)

0s ago: executing program 5 (id=672):
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f00000002c0)={0x1, 0x5}, 0x2)
write$USERIO_CMD_REGISTER(r0, &(0x7f00000000c0), 0x2)
read(r0, &(0x7f00000001c0)=""/93, 0x5d)

kernel console output (not intermixed with test programs):

1.775155][ T5815] Bluetooth: hci1: command 0x0406 tx timeout
[  241.840708][   T48] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  241.920879][ T5815] Bluetooth: hci3: command 0x0406 tx timeout
[  242.000777][ T5815] Bluetooth: hci0: command 0x0c1a tx timeout
[  242.231061][   T48] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  242.276402][   T48] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.308855][   T48] usb 5-1: config 0 descriptor??
[  242.320802][ T5815] Bluetooth: hci2: command 0x0c1a tx timeout
[  242.368290][ T7652] block device autoloading is deprecated and will be removed.
[  242.388164][   T30] audit: type=1400 audit(1762883172.843:364): avc:  denied  { map } for  pid=7657 comm="syz.3.336" path="socket:[18760]" dev="sockfs" ino=18760 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  242.413503][   T30] audit: type=1400 audit(1762883172.843:365): avc:  denied  { read accept } for  pid=7657 comm="syz.3.336" path="socket:[18760]" dev="sockfs" ino=18760 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  242.592500][   T30] audit: type=1400 audit(1762883172.843:366): avc:  denied  { setopt } for  pid=7657 comm="syz.3.336" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  243.051044][   T48] ath6kl: Unsupported hardware version: 0x0
[  243.062125][ T7665] xt_TCPMSS: Only works on TCP SYN packets
[  243.099413][   T48] ath6kl: Failed to init ath6kl core: -22
[  243.108521][   T30] audit: type=1400 audit(1762883173.563:367): avc:  denied  { mount } for  pid=7661 comm="syz.2.337" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  243.139621][   T48] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -22
[  243.263404][ T5892] usb 5-1: USB disconnect, device number 15
[  243.655620][ T7674] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  244.057817][   T30] audit: type=1400 audit(1762883174.513:368): avc:  denied  { connect } for  pid=7662 comm="syz.3.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  244.115074][ T5815] Bluetooth: hci0: command 0x0c1a tx timeout
[  244.130703][   T30] audit: type=1400 audit(1762883174.543:369): avc:  denied  { write } for  pid=7662 comm="syz.3.338" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  244.492553][ T5815] Bluetooth: hci2: command 0x0c1a tx timeout
[  244.590664][ T5892] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  245.166396][ T5892] usb 7-1: config 8 has an invalid interface number: 223 but max is 0
[  245.215926][ T5892] usb 7-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  245.246135][ T5892] usb 7-1: config 8 has no interface number 0
[  245.297408][ T5892] usb 7-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d
[  245.313476][ T5892] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.472370][ T5892] usb 7-1: Product: syz
[  245.480859][ T5892] usb 7-1: Manufacturer: syz
[  245.486287][ T5892] usb 7-1: SerialNumber: syz
[  245.887877][ T7697] FAULT_INJECTION: forcing a failure.
[  245.887877][ T7697] name failslab, interval 1, probability 0, space 0, times 0
[  245.900665][ T7697] CPU: 0 UID: 0 PID: 7697 Comm: syz.2.345 Not tainted syzkaller #0 PREEMPT(full) 
[  245.900693][ T7697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  245.900705][ T7697] Call Trace:
[  245.900712][ T7697]  <TASK>
[  245.900720][ T7697]  dump_stack_lvl+0x16c/0x1f0
[  245.900754][ T7697]  should_fail_ex+0x512/0x640
[  245.900778][ T7697]  ? __kmalloc_cache_node_noprof+0x62/0x7a0
[  245.900804][ T7697]  should_failslab+0xc2/0x120
[  245.900828][ T7697]  __kmalloc_cache_node_noprof+0x75/0x7a0
[  245.900848][ T7697]  ? __pfx_css_rstat_updated+0x10/0x10
[  245.900876][ T7697]  ? __get_vm_area_node+0x101/0x330
[  245.900906][ T7697]  ? __get_vm_area_node+0x101/0x330
[  245.900928][ T7697]  __get_vm_area_node+0x101/0x330
[  245.900956][ T7697]  __vmalloc_node_range_noprof+0x271/0x1480
[  245.900982][ T7697]  ? kernel_clone+0xfc/0x930
[  245.901017][ T7697]  ? kernel_clone+0xfc/0x930
[  245.901043][ T7697]  ? rcu_is_watching+0x12/0xc0
[  245.901070][ T7697]  ? lockdep_hardirqs_on+0x7c/0x110
[  245.901102][ T7697]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  245.901134][ T7697]  ? memcpy_and_pad+0x46/0x90
[  245.901164][ T7697]  ? kernel_clone+0xfc/0x930
[  245.901188][ T7697]  __vmalloc_node_noprof+0xad/0xf0
[  245.901213][ T7697]  ? kernel_clone+0xfc/0x930
[  245.901241][ T7697]  copy_process+0x2c77/0x76a0
[  245.901265][ T7697]  ? rcu_is_watching+0x12/0xc0
[  245.901290][ T7697]  ? irqentry_exit+0x3b/0x90
[  245.901307][ T7697]  ? lockdep_hardirqs_on+0x7c/0x110
[  245.901347][ T7697]  ? __pfx_copy_process+0x10/0x10
[  245.901373][ T7697]  ? finish_task_switch.isra.0+0x22a/0xc10
[  245.901400][ T7697]  ? finish_task_switch.isra.0+0x221/0xc10
[  245.901426][ T7697]  ? rcu_is_watching+0x12/0xc0
[  245.901456][ T7697]  kernel_clone+0xfc/0x930
[  245.901485][ T7697]  ? __pfx_kernel_clone+0x10/0x10
[  245.901521][ T7697]  ? __pfx___schedule+0x10/0x10
[  245.901553][ T7697]  __do_sys_clone+0xce/0x120
[  245.901579][ T7697]  ? __pfx___do_sys_clone+0x10/0x10
[  245.901606][ T7697]  ? __pfx___schedule+0x10/0x10
[  245.901649][ T7697]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  245.901686][ T7697]  do_syscall_64+0xcd/0xfa0
[  245.901708][ T7697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  245.901729][ T7697] RIP: 0033:0x7fa46418f6c9
[  245.901745][ T7697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  245.901764][ T7697] RSP: 002b:00007fa46505dfe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[  245.901784][ T7697] RAX: ffffffffffffffda RBX: 00007fa4643e6180 RCX: 00007fa46418f6c9
[  245.901798][ T7697] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000090242480
[  245.901810][ T7697] RBP: 00007fa46505e090 R08: 0000000000000000 R09: 0000000000000000
[  245.901823][ T7697] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  245.901835][ T7697] R13: 00007fa4643e6218 R14: 00007fa4643e6180 R15: 00007fff98cf1728
[  245.901864][ T7697]  </TASK>
[  246.185647][ T7697] syz.2.345: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  246.201192][ T7697] CPU: 0 UID: 0 PID: 7697 Comm: syz.2.345 Not tainted syzkaller #0 PREEMPT(full) 
[  246.201219][ T7697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  246.201236][ T7697] Call Trace:
[  246.201243][ T7697]  <TASK>
[  246.201250][ T7697]  dump_stack_lvl+0x16c/0x1f0
[  246.201283][ T7697]  warn_alloc+0x248/0x3a0
[  246.201314][ T7697]  ? __pfx_warn_alloc+0x10/0x10
[  246.201339][ T7697]  ? kasan_quarantine_reduce+0x1b9/0x1e0
[  246.201369][ T7697]  ? __kasan_kmalloc+0x8a/0xb0
[  246.201389][ T7697]  ? __get_vm_area_node+0x208/0x330
[  246.201419][ T7697]  __vmalloc_node_range_noprof+0xaf5/0x1480
[  246.201453][ T7697]  ? kernel_clone+0xfc/0x930
[  246.201480][ T7697]  ? rcu_is_watching+0x12/0xc0
[  246.201506][ T7697]  ? lockdep_hardirqs_on+0x7c/0x110
[  246.201537][ T7697]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  246.201569][ T7697]  ? memcpy_and_pad+0x46/0x90
[  246.201598][ T7697]  ? kernel_clone+0xfc/0x930
[  246.201622][ T7697]  __vmalloc_node_noprof+0xad/0xf0
[  246.201652][ T7697]  ? kernel_clone+0xfc/0x930
[  246.201677][ T7697]  copy_process+0x2c77/0x76a0
[  246.201697][ T7697]  ? rcu_is_watching+0x12/0xc0
[  246.201717][ T7697]  ? irqentry_exit+0x3b/0x90
[  246.201733][ T7697]  ? lockdep_hardirqs_on+0x7c/0x110
[  246.201768][ T7697]  ? __pfx_copy_process+0x10/0x10
[  246.201795][ T7697]  ? finish_task_switch.isra.0+0x22a/0xc10
[  246.201822][ T7697]  ? finish_task_switch.isra.0+0x221/0xc10
[  246.201849][ T7697]  ? rcu_is_watching+0x12/0xc0
[  246.201878][ T7697]  kernel_clone+0xfc/0x930
[  246.201907][ T7697]  ? __pfx_kernel_clone+0x10/0x10
[  246.201941][ T7697]  ? __pfx___schedule+0x10/0x10
[  246.201978][ T7697]  __do_sys_clone+0xce/0x120
[  246.202004][ T7697]  ? __pfx___do_sys_clone+0x10/0x10
[  246.202029][ T7697]  ? __pfx___schedule+0x10/0x10
[  246.202073][ T7697]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  246.202105][ T7697]  do_syscall_64+0xcd/0xfa0
[  246.202126][ T7697]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.202147][ T7697] RIP: 0033:0x7fa46418f6c9
[  246.202163][ T7697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.202182][ T7697] RSP: 002b:00007fa46505dfe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[  246.202202][ T7697] RAX: ffffffffffffffda RBX: 00007fa4643e6180 RCX: 00007fa46418f6c9
[  246.202216][ T7697] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000090242480
[  246.202228][ T7697] RBP: 00007fa46505e090 R08: 0000000000000000 R09: 0000000000000000
[  246.202241][ T7697] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  246.202253][ T7697] R13: 00007fa4643e6218 R14: 00007fa4643e6180 R15: 00007fff98cf1728
[  246.202282][ T7697]  </TASK>
[  246.202289][ T7697] Mem-Info:
[  246.468030][ T7697] active_anon:17258 inactive_anon:0 isolated_anon:0
[  246.468030][ T7697]  active_file:17521 inactive_file:41091 isolated_file:0
[  246.468030][ T7697]  unevictable:768 dirty:343 writeback:0
[  246.468030][ T7697]  slab_reclaimable:12108 slab_unreclaimable:99030
[  246.468030][ T7697]  mapped:39077 shmem:7087 pagetables:1478
[  246.468030][ T7697]  sec_pagetables:0 bounce:0
[  246.468030][ T7697]  kernel_misc_reclaimable:0
[  246.468030][ T7697]  free:1288357 free_pcp:18133 free_cma:0
[  246.514579][ T7697] Node 0 active_anon:69032kB inactive_anon:0kB active_file:70080kB inactive_file:164160kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:156304kB dirty:1372kB writeback:0kB shmem:26812kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12872kB pagetables:5768kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  246.546505][ T7697] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  246.576819][ T7697] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  246.607337][ T7697] lowmem_reserve[]: 0 2485 2487 2487 2487
[  246.613095][ T7697] Node 0 DMA32 free:1247368kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:69032kB inactive_anon:0kB active_file:70080kB inactive_file:164160kB unevictable:1536kB writepending:1372kB zspages:0kB present:3129332kB managed:2544860kB mlocked:0kB bounce:0kB free_pcp:49212kB local_pcp:30560kB free_cma:0kB
[  246.646466][ T7697] lowmem_reserve[]: 0 0 1 1 1
[  246.651165][ T7697] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  246.680688][ T7697] lowmem_reserve[]: 0 0 0 0 0
[  246.685359][ T7697] Node 1 Normal free:3890700kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:23776kB local_pcp:8736kB free_cma:0kB
[  246.718388][ T7697] lowmem_reserve[]: 0 0 0 0 0
[  246.723113][ T7697] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  246.735687][ T7697] Node 0 DMA32: 612*4kB (UM) 168*8kB (UME) 4*16kB (U) 2*32kB (U) 166*64kB (UME) 245*128kB (ME) 153*256kB (ME) 44*512kB (M) 25*1024kB (UME) 4*2048kB (ME) 270*4096kB (M) = 1247312kB
[  246.753503][ T7697] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  246.764927][ T7697] Node 1 Normal: 154*4kB (UME) 39*8kB (UME) 46*16kB (UME) 114*32kB (UME) 44*64kB (UME) 9*128kB (UME) 6*256kB (UME) 2*512kB (UE) 2*1024kB (UM) 1*2048kB (E) 946*4096kB (M) = 3890752kB
[  246.783279][ T7697] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  246.792852][ T7697] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  246.803620][ T7697] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  246.813175][ T7697] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  246.822461][ T7697] 65695 total pagecache pages
[  246.827102][ T7697] 0 pages in swap cache
[  246.831272][ T7697] Free swap  = 124996kB
[  246.835391][ T7697] Total swap = 124996kB
[  246.839510][ T7697] 2097051 pages RAM
[  246.843570][ T7697] 0 pages HighMem/MovableOnly
[  246.848280][ T7697] 428746 pages reserved
[  246.852431][ T7697] 0 pages cma reserved
[  247.306978][ T7702] netlink: 12 bytes leftover after parsing attributes in process `syz.2.348'.
[  247.680769][  T890] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  247.771500][   T24] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  247.841950][  T890] usb 5-1: Using ep0 maxpacket: 8
[  247.850657][  T890] usb 5-1: config 0 has no interfaces?
[  247.895305][  T890] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  247.907538][  T890] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.960888][  T890] usb 5-1: config 0 descriptor??
[  247.980652][   T24] usb 4-1: Using ep0 maxpacket: 32
[  248.332296][   T24] usb 4-1: config 0 has an invalid descriptor of length 168, skipping remainder of the config
[  248.690848][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  248.764292][   T24] usb 4-1: New USB device found, idVendor=0421, idProduct=00a0, bcdDevice=c8.e1
[  248.801000][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.823485][   T48] usb 5-1: USB disconnect, device number 16
[  248.829760][ T7715] FAULT_INJECTION: forcing a failure.
[  248.829760][ T7715] name failslab, interval 1, probability 0, space 0, times 0
[  248.859214][   T24] usb 4-1: config 0 descriptor??
[  248.882168][ T7715] CPU: 1 UID: 0 PID: 7715 Comm: syz.2.352 Not tainted syzkaller #0 PREEMPT(full) 
[  248.882196][ T7715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  248.882206][ T7715] Call Trace:
[  248.882213][ T7715]  <TASK>
[  248.882221][ T7715]  dump_stack_lvl+0x16c/0x1f0
[  248.882259][ T7715]  should_fail_ex+0x512/0x640
[  248.882281][ T7715]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  248.882313][ T7715]  should_failslab+0xc2/0x120
[  248.882336][ T7715]  kmem_cache_alloc_node_noprof+0x78/0x770
[  248.882363][ T7715]  ? __alloc_skb+0x2b2/0x380
[  248.882392][ T7715]  ? __alloc_skb+0x2b2/0x380
[  248.882413][ T7715]  ? __pfx_netlink_insert+0x10/0x10
[  248.882438][ T7715]  __alloc_skb+0x2b2/0x380
[  248.882462][ T7715]  ? __pfx___alloc_skb+0x10/0x10
[  248.882484][ T7715]  ? netlink_autobind.isra.0+0x158/0x370
[  248.882522][ T7715]  netlink_alloc_large_skb+0x69/0x140
[  248.882550][ T7715]  netlink_sendmsg+0x698/0xdd0
[  248.882582][ T7715]  ? __pfx_netlink_sendmsg+0x10/0x10
[  248.882620][ T7715]  ____sys_sendmsg+0xa98/0xc70
[  248.882639][ T7715]  ? copy_msghdr_from_user+0x10a/0x160
[  248.882665][ T7715]  ? __pfx_____sys_sendmsg+0x10/0x10
[  248.882695][ T7715]  ___sys_sendmsg+0x134/0x1d0
[  248.882722][ T7715]  ? __pfx____sys_sendmsg+0x10/0x10
[  248.882745][ T7715]  ? __lock_acquire+0x622/0x1c90
[  248.882797][ T7715]  __sys_sendmsg+0x16d/0x220
[  248.882820][ T7715]  ? __pfx___sys_sendmsg+0x10/0x10
[  248.882862][ T7715]  do_syscall_64+0xcd/0xfa0
[  248.882884][ T7715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.882902][ T7715] RIP: 0033:0x7fa46418f6c9
[  248.882917][ T7715] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.882934][ T7715] RSP: 002b:00007fa4650a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  248.882952][ T7715] RAX: ffffffffffffffda RBX: 00007fa4643e5fa0 RCX: 00007fa46418f6c9
[  248.882964][ T7715] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  248.882975][ T7715] RBP: 00007fa4650a0090 R08: 0000000000000000 R09: 0000000000000000
[  248.882985][ T7715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.882995][ T7715] R13: 00007fa4643e6038 R14: 00007fa4643e5fa0 R15: 00007fff98cf1728
[  248.883020][ T7715]  </TASK>
[  248.884382][   T24] rndis_host 4-1:0.0: skipping garbage
[  249.200347][   T24] usb 4-1: bad CDC descriptors
[  249.212657][   T24] cdc_acm 4-1:0.0: skipping garbage
[  249.495392][   T24] usb 7-1: USB disconnect, device number 3
[  249.588289][   T30] audit: type=1400 audit(1762883180.043:370): avc:  denied  { ioctl } for  pid=7718 comm="syz.2.353" path="socket:[19072]" dev="sockfs" ino=19072 ioctlcmd=0x89ef scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  251.603079][  T890] usb 4-1: USB disconnect, device number 11
[  251.720151][   T30] audit: type=1400 audit(1762883182.173:371): avc:  denied  { write } for  pid=7739 comm="syz.5.357" laddr=fe80::3816:10ff:feba:42ba lport=58 faddr=ff02::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  252.763381][ T7755] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  253.246621][ T7755] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.291903][ T7755] netlink: 24 bytes leftover after parsing attributes in process `syz.3.361'.
[  253.394016][ T5892] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  253.763712][ T5892] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  253.805257][ T5892] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  253.822850][ T7763] netlink: 96 bytes leftover after parsing attributes in process `syz.5.363'.
[  253.832377][   T30] audit: type=1400 audit(1762883184.283:372): avc:  denied  { write } for  pid=7761 comm="syz.5.363" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  253.864660][ T5892] usb 4-1: config 1 has no interface number 0
[  253.884261][ T5892] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  253.895494][ T5892] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  253.906529][   T30] audit: type=1400 audit(1762883184.333:373): avc:  denied  { open } for  pid=7761 comm="syz.5.363" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  253.937851][ T5892] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  253.957327][ T5892] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  253.971710][ T5892] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  253.991343][ T5892] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  254.021066][ T5892] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.029153][ T5892] usb 4-1: Product: syz
[  254.033617][ T5892] usb 4-1: Manufacturer: syz
[  254.038435][ T5892] usb 4-1: SerialNumber: syz
[  254.064678][ T7754] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  254.121166][   T24] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  254.200655][ T5799] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[  254.278833][ T5892] cdc_ncm 4-1:1.1: bind() failure
[  254.297208][   T24] usb 6-1: config index 0 descriptor too short (expected 22, got 18)
[  254.315530][   T24] usb 6-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  254.318368][ T5892] usb 4-1: USB disconnect, device number 12
[  254.347352][   T24] usb 6-1: config 4 has 0 interfaces, different from the descriptor's value: 3
[  254.362516][ T5799] usb 7-1: config 8 has an invalid interface number: 223 but max is 0
[  254.368701][   T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= a.3a
[  254.374568][ T5799] usb 7-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  254.390676][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.390705][   T24] usb 6-1: Product: syz
[  254.390720][   T24] usb 6-1: Manufacturer: syz
[  254.390734][   T24] usb 6-1: SerialNumber: syz
[  254.403427][ T7774] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1548 sclass=netlink_route_socket pid=7774 comm=syz.2.367
[  254.427038][   T30] audit: type=1400 audit(1762883184.863:374): avc:  denied  { write } for  pid=7770 comm="syz.2.367" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  254.449658][    C0] vkms_vblank_simulate: vblank timer overrun
[  254.475170][ T5799] usb 7-1: config 8 has no interface number 0
[  254.485921][ T5799] usb 7-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d
[  254.498540][ T5799] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.507738][ T5799] usb 7-1: Product: syz
[  254.516981][ T5799] usb 7-1: Manufacturer: syz
[  254.527327][ T5799] usb 7-1: SerialNumber: syz
[  254.611204][   T30] audit: type=1400 audit(1762883185.073:375): avc:  denied  { read } for  pid=7761 comm="syz.5.363" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  254.634009][    C0] vkms_vblank_simulate: vblank timer overrun
[  254.641759][   T24] usb 6-1: USB disconnect, device number 7
[  254.788478][ T7779] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  256.101140][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  256.107454][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  256.116839][   T30] audit: type=1400 audit(1762883186.183:376): avc:  denied  { execute } for  pid=7783 comm="syz.3.369" dev="hugetlbfs" ino=19759 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  256.519447][   T30] audit: type=1400 audit(1762883186.183:377): avc:  denied  { execute_no_trans } for  pid=7783 comm="syz.3.369" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="hugetlbfs" ino=19759 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  256.549217][    C0] vkms_vblank_simulate: vblank timer overrun
[  256.570017][   T30] audit: type=1400 audit(1762883186.973:378): avc:  denied  { validate_trans } for  pid=7791 comm="syz.3.371" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  256.609367][   T30] audit: type=1400 audit(1762883186.973:379): avc:  denied  { lock } for  pid=7791 comm="syz.3.371" path="socket:[19231]" dev="sockfs" ino=19231 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  256.632423][    C0] vkms_vblank_simulate: vblank timer overrun
[  256.786420][ T7802] netlink: 165 bytes leftover after parsing attributes in process `syz.2.370'.
[  257.415642][ T7807] netlink: 20 bytes leftover after parsing attributes in process `syz.4.375'.
[  261.118640][   T30] audit: type=1400 audit(1762883191.363:380): avc:  denied  { write } for  pid=7826 comm="syz.3.381" name="001" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  262.039029][ T7828] syz.3.381 (7828): drop_caches: 2
[  262.140949][   T30] audit: type=1400 audit(1762883192.543:381): avc:  denied  { shutdown } for  pid=7837 comm="syz.4.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  262.255080][   T48] usb 7-1: USB disconnect, device number 4
[  262.724907][   T30] audit: type=1400 audit(1762883193.093:382): avc:  denied  { read } for  pid=7837 comm="syz.4.383" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  262.955660][ T7855] netlink: 'syz.6.384': attribute type 20 has an invalid length.
[  262.963612][ T7855] IPv6: NLM_F_CREATE should be specified when creating new route
[  263.013123][   T30] audit: type=1400 audit(1762883193.473:383): avc:  denied  { bind } for  pid=7847 comm="syz.6.384" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  263.191873][   T30] audit: type=1400 audit(1762883193.493:384): avc:  denied  { name_bind } for  pid=7847 comm="syz.6.384" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  263.222973][ T7855] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  263.382334][   T30] audit: type=1400 audit(1762883193.493:385): avc:  denied  { node_bind } for  pid=7847 comm="syz.6.384" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[  264.486909][ T7869] FAULT_INJECTION: forcing a failure.
[  264.486909][ T7869] name failslab, interval 1, probability 0, space 0, times 0
[  264.501117][ T7869] CPU: 1 UID: 0 PID: 7869 Comm: syz.4.388 Not tainted syzkaller #0 PREEMPT(full) 
[  264.501142][ T7869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  264.501152][ T7869] Call Trace:
[  264.501158][ T7869]  <TASK>
[  264.501165][ T7869]  dump_stack_lvl+0x16c/0x1f0
[  264.501194][ T7869]  should_fail_ex+0x512/0x640
[  264.501214][ T7869]  ? __kmalloc_noprof+0xca/0x880
[  264.501239][ T7869]  should_failslab+0xc2/0x120
[  264.501259][ T7869]  __kmalloc_noprof+0xdd/0x880
[  264.501282][ T7869]  ? io_cache_alloc_new+0x45/0xf0
[  264.501306][ T7869]  ? io_cache_alloc_new+0x45/0xf0
[  264.501322][ T7869]  io_cache_alloc_new+0x45/0xf0
[  264.501340][ T7869]  io_msg_alloc_async+0x1c3/0x3a0
[  264.501358][ T7869]  io_connect_prep+0x228/0x350
[  264.501377][ T7869]  io_submit_sqes+0x855/0x2710
[  264.501414][ T7869]  __do_sys_io_uring_enter+0xd69/0x1630
[  264.501442][ T7869]  ? __fget_files+0x20e/0x3c0
[  264.501458][ T7869]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  264.501484][ T7869]  ? fput+0x9b/0xd0
[  264.501504][ T7869]  ? ksys_write+0x1ac/0x250
[  264.501519][ T7869]  ? __pfx_ksys_write+0x10/0x10
[  264.501541][ T7869]  do_syscall_64+0xcd/0xfa0
[  264.501559][ T7869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.501576][ T7869] RIP: 0033:0x7f4b64b8f6c9
[  264.501589][ T7869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.501604][ T7869] RSP: 002b:00007f4b65ad2038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  264.501621][ T7869] RAX: ffffffffffffffda RBX: 00007f4b64de5fa0 RCX: 00007f4b64b8f6c9
[  264.501632][ T7869] RDX: 00000000000000f5 RSI: 00000000000047bc RDI: 0000000000000004
[  264.501642][ T7869] RBP: 00007f4b65ad2090 R08: 0000000000000000 R09: 0000000000000000
[  264.501652][ T7869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.501661][ T7869] R13: 00007f4b64de6038 R14: 00007f4b64de5fa0 R15: 00007fffa0b4fc58
[  264.501685][ T7869]  </TASK>
[  266.312012][   T30] audit: type=1400 audit(1762883196.733:386): avc:  denied  { search } for  pid=7881 comm="syz.5.392" name="/" dev="configfs" ino=203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  266.341579][ T7891] netlink: 4 bytes leftover after parsing attributes in process `syz.3.394'.
[  266.421484][   T30] audit: type=1400 audit(1762883196.843:387): avc:  denied  { search } for  pid=7881 comm="syz.5.392" name="/" dev="configfs" ino=203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  266.444100][   T30] audit: type=1400 audit(1762883196.843:388): avc:  denied  { search } for  pid=7881 comm="syz.5.392" name="/" dev="configfs" ino=203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  266.472224][   T30] audit: type=1400 audit(1762883196.843:389): avc:  denied  { read open } for  pid=7881 comm="syz.5.392" path="/" dev="configfs" ino=203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  266.637093][   T30] audit: type=1400 audit(1762883197.093:390): avc:  denied  { ioctl } for  pid=7897 comm="syz.2.396" path="socket:[19403]" dev="sockfs" ino=19403 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  266.664593][ T7898] FAULT_INJECTION: forcing a failure.
[  266.664593][ T7898] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  266.723711][ T7898] CPU: 0 UID: 0 PID: 7898 Comm: syz.2.396 Not tainted syzkaller #0 PREEMPT(full) 
[  266.723739][ T7898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  266.723749][ T7898] Call Trace:
[  266.723755][ T7898]  <TASK>
[  266.723762][ T7898]  dump_stack_lvl+0x16c/0x1f0
[  266.723795][ T7898]  should_fail_ex+0x512/0x640
[  266.723819][ T7898]  _copy_from_iter+0x29f/0x1720
[  266.723845][ T7898]  ? __alloc_skb+0x200/0x380
[  266.723869][ T7898]  ? __pfx__copy_from_iter+0x10/0x10
[  266.723891][ T7898]  ? netlink_autobind.isra.0+0x158/0x370
[  266.723926][ T7898]  netlink_sendmsg+0x820/0xdd0
[  266.723959][ T7898]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.724005][ T7898]  ____sys_sendmsg+0xa98/0xc70
[  266.724026][ T7898]  ? copy_msghdr_from_user+0x10a/0x160
[  266.724051][ T7898]  ? __pfx_____sys_sendmsg+0x10/0x10
[  266.724084][ T7898]  ___sys_sendmsg+0x134/0x1d0
[  266.724110][ T7898]  ? __pfx____sys_sendmsg+0x10/0x10
[  266.724133][ T7898]  ? __lock_acquire+0x622/0x1c90
[  266.724185][ T7898]  __sys_sendmsg+0x16d/0x220
[  266.724212][ T7898]  ? __pfx___sys_sendmsg+0x10/0x10
[  266.724254][ T7898]  do_syscall_64+0xcd/0xfa0
[  266.724275][ T7898]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.724296][ T7898] RIP: 0033:0x7fa46418f6c9
[  266.724312][ T7898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.724332][ T7898] RSP: 002b:00007fa4650a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.724351][ T7898] RAX: ffffffffffffffda RBX: 00007fa4643e5fa0 RCX: 00007fa46418f6c9
[  266.724364][ T7898] RDX: 0000000000008090 RSI: 0000200000000300 RDI: 0000000000000004
[  266.724377][ T7898] RBP: 00007fa4650a0090 R08: 0000000000000000 R09: 0000000000000000
[  266.724389][ T7898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.724401][ T7898] R13: 00007fa4643e6038 R14: 00007fa4643e5fa0 R15: 00007fff98cf1728
[  266.724429][ T7898]  </TASK>
[  267.148766][ T7906] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  267.515833][ T7902] FAULT_INJECTION: forcing a failure.
[  267.515833][ T7902] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  267.531142][ T7902] CPU: 1 UID: 0 PID: 7902 Comm: syz.3.397 Not tainted syzkaller #0 PREEMPT(full) 
[  267.531158][ T7902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  267.531165][ T7902] Call Trace:
[  267.531169][ T7902]  <TASK>
[  267.531175][ T7902]  dump_stack_lvl+0x16c/0x1f0
[  267.531198][ T7902]  should_fail_ex+0x512/0x640
[  267.531214][ T7902]  _copy_from_user+0x2e/0xd0
[  267.531229][ T7902]  copy_msghdr_from_user+0x98/0x160
[  267.531245][ T7902]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  267.531265][ T7902]  ___sys_sendmsg+0xfe/0x1d0
[  267.531280][ T7902]  ? __pfx____sys_sendmsg+0x10/0x10
[  267.531292][ T7902]  ? __lock_acquire+0x622/0x1c90
[  267.531321][ T7902]  __sys_sendmsg+0x16d/0x220
[  267.531335][ T7902]  ? __pfx___sys_sendmsg+0x10/0x10
[  267.531358][ T7902]  do_syscall_64+0xcd/0xfa0
[  267.531369][ T7902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.531381][ T7902] RIP: 0033:0x7fa0a938f6c9
[  267.531390][ T7902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  267.531401][ T7902] RSP: 002b:00007fa0aa252038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  267.531412][ T7902] RAX: ffffffffffffffda RBX: 00007fa0a95e5fa0 RCX: 00007fa0a938f6c9
[  267.531420][ T7902] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[  267.531427][ T7902] RBP: 00007fa0aa252090 R08: 0000000000000000 R09: 0000000000000000
[  267.531433][ T7902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.531439][ T7902] R13: 00007fa0a95e6038 R14: 00007fa0a95e5fa0 R15: 00007ffc2e9e0cd8
[  267.531454][ T7902]  </TASK>
[  268.139908][ T7914] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  268.151659][ T7914] cramfs: wrong magic
[  268.412478][ T7928] netlink: 68 bytes leftover after parsing attributes in process `syz.2.403'.
[  268.496895][   T30] audit: type=1400 audit(1762883198.853:391): avc:  denied  { create } for  pid=7920 comm="syz.2.403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  269.021041][ T5892] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  269.040217][ T7937] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.068520][ T7937] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  269.232828][ T5892] usb 5-1: Using ep0 maxpacket: 8
[  269.280870][ T5892] usb 5-1: config 0 has no interfaces?
[  269.286511][ T5892] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  269.320025][ T5892] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.395028][ T5892] usb 5-1: config 0 descriptor??
[  270.908593][ T7951] FAULT_INJECTION: forcing a failure.
[  270.908593][ T7951] name failslab, interval 1, probability 0, space 0, times 0
[  270.946618][ T7951] CPU: 0 UID: 0 PID: 7951 Comm: syz.2.408 Not tainted syzkaller #0 PREEMPT(full) 
[  270.946651][ T7951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  270.946658][ T7951] Call Trace:
[  270.946662][ T7951]  <TASK>
[  270.946667][ T7951]  dump_stack_lvl+0x16c/0x1f0
[  270.946690][ T7951]  should_fail_ex+0x512/0x640
[  270.946706][ T7951]  ? __kmalloc_cache_node_noprof+0x62/0x7a0
[  270.946720][ T7951]  should_failslab+0xc2/0x120
[  270.946734][ T7951]  __kmalloc_cache_node_noprof+0x75/0x7a0
[  270.946745][ T7951]  ? __get_vm_area_node+0x101/0x330
[  270.946757][ T7951]  ? __pfx_css_rstat_updated+0x10/0x10
[  270.946776][ T7951]  ? __get_vm_area_node+0x101/0x330
[  270.946788][ T7951]  __get_vm_area_node+0x101/0x330
[  270.946802][ T7951]  __vmalloc_node_range_noprof+0x271/0x1480
[  270.946816][ T7951]  ? vhost_task_create+0x1d2/0x370
[  270.946832][ T7951]  ? find_held_lock+0x2b/0x80
[  270.946846][ T7951]  ? vhost_task_create+0x1d2/0x370
[  270.946860][ T7951]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  270.946878][ T7951]  ? rcu_is_watching+0x12/0xc0
[  270.946893][ T7951]  ? vhost_task_create+0x1d2/0x370
[  270.946911][ T7951]  __vmalloc_node_noprof+0xad/0xf0
[  270.946924][ T7951]  ? vhost_task_create+0x1d2/0x370
[  270.946936][ T7951]  copy_process+0x2c77/0x76a0
[  270.946958][ T7951]  ? __pfx_copy_process+0x10/0x10
[  270.946974][ T7951]  ? lockdep_init_map_type+0x5c/0x280
[  270.946986][ T7951]  ? lockdep_init_map_type+0x5c/0x280
[  270.946997][ T7951]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  270.947014][ T7951]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  270.947028][ T7951]  vhost_task_create+0x1d2/0x370
[  270.947039][ T7951]  ? __pfx_vhost_task_create+0x10/0x10
[  270.947054][ T7951]  ? __pfx_vhost_task_fn+0x10/0x10
[  270.947073][ T7951]  kvm_mmu_post_init_vm+0x1b7/0x380
[  270.947086][ T7951]  kvm_arch_vcpu_ioctl_run+0x66/0x1920
[  270.947098][ T7951]  ? kvm_vcpu_ioctl+0x14c5/0x1690
[  270.947117][ T7951]  kvm_vcpu_ioctl+0x5eb/0x1690
[  270.947134][ T7951]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  270.947148][ T7951]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  270.947164][ T7951]  ? do_vfs_ioctl+0x128/0x14f0
[  270.947181][ T7951]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  270.947196][ T7951]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  270.947214][ T7951]  ? hook_file_ioctl_common+0x145/0x410
[  270.947234][ T7951]  ? selinux_file_ioctl+0x180/0x270
[  270.947245][ T7951]  ? selinux_file_ioctl+0xb4/0x270
[  270.947258][ T7951]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  270.947273][ T7951]  __x64_sys_ioctl+0x18e/0x210
[  270.947289][ T7951]  do_syscall_64+0xcd/0xfa0
[  270.947301][ T7951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.947313][ T7951] RIP: 0033:0x7fa46418f6c9
[  270.947323][ T7951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.947334][ T7951] RSP: 002b:00007fa46507f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  270.947345][ T7951] RAX: ffffffffffffffda RBX: 00007fa4643e6090 RCX: 00007fa46418f6c9
[  270.947353][ T7951] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  270.947360][ T7951] RBP: 00007fa46507f090 R08: 0000000000000000 R09: 0000000000000000
[  270.947367][ T7951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.947373][ T7951] R13: 00007fa4643e6128 R14: 00007fa4643e6090 R15: 00007fff98cf1728
[  270.947388][ T7951]  </TASK>
[  270.947452][ T7951] syz.2.408: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[  271.140692][ T5822] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  271.365493][  T978] usb 5-1: USB disconnect, device number 17
[  271.390787][ T7951] ,cpuset=/,mems_allowed=0-1
[  271.397065][ T7951] CPU: 1 UID: 0 PID: 7951 Comm: syz.2.408 Not tainted syzkaller #0 PREEMPT(full) 
[  271.397082][ T7951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  271.397089][ T7951] Call Trace:
[  271.397093][ T7951]  <TASK>
[  271.397098][ T7951]  dump_stack_lvl+0x16c/0x1f0
[  271.397119][ T7951]  warn_alloc+0x248/0x3a0
[  271.397139][ T7951]  ? __pfx_warn_alloc+0x10/0x10
[  271.397153][ T7951]  ? rcu_is_watching+0x12/0xc0
[  271.397168][ T7951]  ? __kmalloc_cache_node_noprof+0x2df/0x7a0
[  271.397180][ T7951]  ? __pfx_css_rstat_updated+0x10/0x10
[  271.397199][ T7951]  ? __kasan_kmalloc+0x8a/0xb0
[  271.397211][ T7951]  ? __get_vm_area_node+0x208/0x330
[  271.397227][ T7951]  __vmalloc_node_range_noprof+0xaf5/0x1480
[  271.397245][ T7951]  ? find_held_lock+0x2b/0x80
[  271.397259][ T7951]  ? vhost_task_create+0x1d2/0x370
[  271.397274][ T7951]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  271.397291][ T7951]  ? rcu_is_watching+0x12/0xc0
[  271.397306][ T7951]  ? vhost_task_create+0x1d2/0x370
[  271.397316][ T7951]  __vmalloc_node_noprof+0xad/0xf0
[  271.397329][ T7951]  ? vhost_task_create+0x1d2/0x370
[  271.397342][ T7951]  copy_process+0x2c77/0x76a0
[  271.397363][ T7951]  ? __pfx_copy_process+0x10/0x10
[  271.397380][ T7951]  ? lockdep_init_map_type+0x5c/0x280
[  271.397392][ T7951]  ? lockdep_init_map_type+0x5c/0x280
[  271.397402][ T7951]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  271.397419][ T7951]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  271.397434][ T7951]  vhost_task_create+0x1d2/0x370
[  271.397444][ T7951]  ? __pfx_vhost_task_create+0x10/0x10
[  271.397460][ T7951]  ? __pfx_vhost_task_fn+0x10/0x10
[  271.397479][ T7951]  kvm_mmu_post_init_vm+0x1b7/0x380
[  271.397492][ T7951]  kvm_arch_vcpu_ioctl_run+0x66/0x1920
[  271.397506][ T7951]  ? kvm_vcpu_ioctl+0x14c5/0x1690
[  271.397524][ T7951]  kvm_vcpu_ioctl+0x5eb/0x1690
[  271.397540][ T7951]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  271.397559][ T7951]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  271.397574][ T7951]  ? do_vfs_ioctl+0x128/0x14f0
[  271.397589][ T7951]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  271.397604][ T7951]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  271.397629][ T7951]  ? hook_file_ioctl_common+0x145/0x410
[  271.397648][ T7951]  ? selinux_file_ioctl+0x180/0x270
[  271.397659][ T7951]  ? selinux_file_ioctl+0xb4/0x270
[  271.397672][ T7951]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  271.397687][ T7951]  __x64_sys_ioctl+0x18e/0x210
[  271.397703][ T7951]  do_syscall_64+0xcd/0xfa0
[  271.397715][ T7951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.397726][ T7951] RIP: 0033:0x7fa46418f6c9
[  271.397735][ T7951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.397746][ T7951] RSP: 002b:00007fa46507f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  271.397758][ T7951] RAX: ffffffffffffffda RBX: 00007fa4643e6090 RCX: 00007fa46418f6c9
[  271.397765][ T7951] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  271.397772][ T7951] RBP: 00007fa46507f090 R08: 0000000000000000 R09: 0000000000000000
[  271.397778][ T7951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.397784][ T7951] R13: 00007fa4643e6128 R14: 00007fa4643e6090 R15: 00007fff98cf1728
[  271.397800][ T7951]  </TASK>
[  271.397898][ T7951] Mem-Info:
[  271.763641][ T7951] active_anon:30259 inactive_anon:0 isolated_anon:0
[  271.763641][ T7951]  active_file:17521 inactive_file:41101 isolated_file:0
[  271.763641][ T7951]  unevictable:768 dirty:250 writeback:0
[  271.763641][ T7951]  slab_reclaimable:12055 slab_unreclaimable:99311
[  271.763641][ T7951]  mapped:46283 shmem:20357 pagetables:1533
[  271.763641][ T7951]  sec_pagetables:0 bounce:0
[  271.763641][ T7951]  kernel_misc_reclaimable:0
[  271.763641][ T7951]  free:1282908 free_pcp:12184 free_cma:0
[  271.847359][ T7951] Node 0 active_anon:122836kB inactive_anon:0kB active_file:70080kB inactive_file:164200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:185128kB dirty:1000kB writeback:0kB shmem:81492kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12892kB pagetables:5988kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  271.888234][ T7951] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:144kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  271.930933][ T5822] usb 6-1: Using ep0 maxpacket: 8
[  271.937473][ T5822] usb 6-1: config 0 interface 0 has no altsetting 0
[  271.952962][ T7951] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  271.983153][ T5822] usb 6-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  272.011327][ T5822] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.055028][ T5822] usb 6-1: config 0 descriptor??
[  272.065787][ T7955] gfs2: not a GFS2 filesystem
[  272.110630][ T7951] lowmem_reserve[]: 0 2485 2487 2487 2487
[  272.135067][ T7951] Node 0 DMA32 free:1221808kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:121536kB inactive_anon:0kB active_file:70080kB inactive_file:164200kB unevictable:1536kB writepending:1000kB zspages:0kB present:3129332kB managed:2544860kB mlocked:0kB bounce:0kB free_pcp:29116kB local_pcp:22656kB free_cma:0kB
[  272.233839][ T7957] netlink: 'syz.4.410': attribute type 1 has an invalid length.
[  272.353921][ T7957] 8021q: adding VLAN 0 to HW filter on device bond1
[  272.374459][ T7951] lowmem_reserve[]: 0 0 1 1 1
[  272.413846][ T7951] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  272.466144][ T7959] bond1: (slave veth3): Enslaving as an active interface with a down link
[  272.690738][ T7951] lowmem_reserve[]: 0 0 0 0 0
[  272.855967][ T7951] Node 1 Normal free:3892264kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:204kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:22296kB local_pcp:13560kB free_cma:0kB
[  272.890841][ T5822] dragonrise 0003:0079:0011.0007: hidraw0: USB HID vd.c7 Device [HID 0079:0011] on usb-dummy_hcd.5-1/input0
[  273.014166][ T5822] usb 6-1: USB disconnect, device number 8
[  273.021194][ T7951] lowmem_reserve[]: 0 0 0 0 0
[  273.229859][ T7951] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  273.270735][ T7951] Node 0 DMA32: 1236*4kB (UME) 329*8kB (UM) 150*16kB (UME) 45*32kB (UM) 39*64kB (UM) 20*128kB (UM) 140*256kB (UM) 52*512kB (UM) 29*1024kB (UME) 4*2048kB (UME) 271*4096kB (M) = 1226840kB
[  273.394014][ T7963] fido_id[7963]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  273.477858][ T7951] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  273.565105][ T7951] Node 1 Normal: 152*4kB (UME) 39*8kB (UME) 45*16kB (UME) 114*32kB (UME) 44*64kB (UME) 11*128kB (UME) 5*256kB (UME) 3*512kB (UME) 1*1024kB (U) 2*2048kB (ME) 946*4096kB (M) = 3892264kB
[  273.649718][ T7951] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  273.685581][ T7951] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  273.719559][ T7951] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  273.760363][ T7951] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  273.860697][ T7951] 77859 total pagecache pages
[  273.897345][ T7951] 0 pages in swap cache
[  273.921181][ T7951] Free swap  = 124996kB
[  273.929300][ T7951] Total swap = 124996kB
[  273.959170][ T7951] 2097051 pages RAM
[  273.979559][ T7951] 0 pages HighMem/MovableOnly
[  273.999103][ T7951] 428746 pages reserved
[  274.013325][ T7951] 0 pages cma reserved
[  274.587201][ T7974] FAULT_INJECTION: forcing a failure.
[  274.587201][ T7974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  274.640747][ T7974] CPU: 0 UID: 0 PID: 7974 Comm: syz.6.416 Not tainted syzkaller #0 PREEMPT(full) 
[  274.640776][ T7974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  274.640787][ T7974] Call Trace:
[  274.640793][ T7974]  <TASK>
[  274.640801][ T7974]  dump_stack_lvl+0x16c/0x1f0
[  274.640836][ T7974]  should_fail_ex+0x512/0x640
[  274.640863][ T7974]  _copy_from_iter+0x29f/0x1720
[  274.640890][ T7974]  ? __alloc_skb+0x200/0x380
[  274.640912][ T7974]  ? __pfx__copy_from_iter+0x10/0x10
[  274.640933][ T7974]  ? netlink_autobind.isra.0+0x158/0x370
[  274.640971][ T7974]  netlink_sendmsg+0x820/0xdd0
[  274.641003][ T7974]  ? __pfx_netlink_sendmsg+0x10/0x10
[  274.641041][ T7974]  ____sys_sendmsg+0xa98/0xc70
[  274.641061][ T7974]  ? copy_msghdr_from_user+0x10a/0x160
[  274.641087][ T7974]  ? __pfx_____sys_sendmsg+0x10/0x10
[  274.641107][ T7974]  ___sys_sendmsg+0x134/0x1d0
[  274.641122][ T7974]  ? __pfx____sys_sendmsg+0x10/0x10
[  274.641135][ T7974]  ? __lock_acquire+0x622/0x1c90
[  274.641163][ T7974]  __sys_sendmsg+0x16d/0x220
[  274.641177][ T7974]  ? __pfx___sys_sendmsg+0x10/0x10
[  274.641200][ T7974]  do_syscall_64+0xcd/0xfa0
[  274.641211][ T7974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.641223][ T7974] RIP: 0033:0x7f5393d8f6c9
[  274.641233][ T7974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.641244][ T7974] RSP: 002b:00007f5391ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  274.641255][ T7974] RAX: ffffffffffffffda RBX: 00007f5393fe5fa0 RCX: 00007f5393d8f6c9
[  274.641262][ T7974] RDX: 0000000000040000 RSI: 00002000000007c0 RDI: 0000000000000003
[  274.641269][ T7974] RBP: 00007f5391ff6090 R08: 0000000000000000 R09: 0000000000000000
[  274.641276][ T7974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  274.641282][ T7974] R13: 00007f5393fe6038 R14: 00007f5393fe5fa0 R15: 00007ffc076001c8
[  274.641297][ T7974]  </TASK>
[  280.532193][ T8042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  280.543874][ T8042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  280.860687][ T5892] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  280.875815][ T5799] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  281.071061][ T5799] usb 6-1: Using ep0 maxpacket: 8
[  281.078362][ T5892] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  281.086772][ T5892] usb 5-1: config 0 has no interface number 0
[  281.096007][ T5799] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  281.123578][ T5799] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.133669][ T5892] usb 5-1: too many endpoints for config 0 interface 1 altsetting 167: 172, using maximum allowed: 30
[  281.145054][ T5799] usb 6-1: Product: syz
[  281.149227][ T5799] usb 6-1: Manufacturer: syz
[  281.153884][ T5892] usb 5-1: config 0 interface 1 altsetting 167 has 0 endpoint descriptors, different from the interface descriptor's value: 172
[  281.167177][ T5799] usb 6-1: SerialNumber: syz
[  281.181457][ T5799] usb 6-1: config 0 descriptor??
[  281.186607][ T5892] usb 5-1: config 0 interface 1 has no altsetting 0
[  281.196557][ T5799] gspca_main: se401-2.14.0 probing 047d:5003
[  281.214689][ T5892] usb 5-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  281.224180][ T5892] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.240609][ T5892] usb 5-1: Product: syz
[  281.244855][ T5892] usb 5-1: Manufacturer: syz
[  281.249545][ T5892] usb 5-1: SerialNumber: syz
[  281.258441][ T5892] usb 5-1: config 0 descriptor??
[  281.316752][ T8051] FAULT_INJECTION: forcing a failure.
[  281.316752][ T8051] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.348374][ T8051] CPU: 1 UID: 0 PID: 8051 Comm: syz.3.436 Not tainted syzkaller #0 PREEMPT(full) 
[  281.348403][ T8051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  281.348415][ T8051] Call Trace:
[  281.348421][ T8051]  <TASK>
[  281.348429][ T8051]  dump_stack_lvl+0x16c/0x1f0
[  281.348463][ T8051]  should_fail_ex+0x512/0x640
[  281.348492][ T8051]  _copy_from_iter+0x29f/0x1720
[  281.348520][ T8051]  ? __alloc_skb+0x200/0x380
[  281.348545][ T8051]  ? __pfx__copy_from_iter+0x10/0x10
[  281.348566][ T8051]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[  281.348588][ T8051]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  281.348620][ T8051]  netlink_sendmsg+0x820/0xdd0
[  281.348654][ T8051]  ? __pfx_netlink_sendmsg+0x10/0x10
[  281.348692][ T8051]  ____sys_sendmsg+0xa98/0xc70
[  281.348714][ T8051]  ? copy_msghdr_from_user+0x10a/0x160
[  281.348738][ T8051]  ? __pfx_____sys_sendmsg+0x10/0x10
[  281.348766][ T8051]  ___sys_sendmsg+0x134/0x1d0
[  281.348791][ T8051]  ? __pfx____sys_sendmsg+0x10/0x10
[  281.348814][ T8051]  ? __lock_acquire+0x622/0x1c90
[  281.348865][ T8051]  __sys_sendmsg+0x16d/0x220
[  281.348892][ T8051]  ? __pfx___sys_sendmsg+0x10/0x10
[  281.348943][ T8051]  do_syscall_64+0xcd/0xfa0
[  281.348964][ T8051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.348983][ T8051] RIP: 0033:0x7fa0a938f6c9
[  281.349000][ T8051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.349018][ T8051] RSP: 002b:00007fa0aa252038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  281.349038][ T8051] RAX: ffffffffffffffda RBX: 00007fa0a95e5fa0 RCX: 00007fa0a938f6c9
[  281.349051][ T8051] RDX: 0000000000004004 RSI: 0000200000007d80 RDI: 0000000000000004
[  281.349064][ T8051] RBP: 00007fa0aa252090 R08: 0000000000000000 R09: 0000000000000000
[  281.349076][ T8051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.349088][ T8051] R13: 00007fa0a95e6038 R14: 00007fa0a95e5fa0 R15: 00007ffc2e9e0cd8
[  281.349116][ T8051]  </TASK>
[  281.365831][ T8053] tc_dump_action: action bad kind
[  282.048959][   T30] audit: type=1400 audit(1762883212.483:392): avc:  denied  { mount } for  pid=8040 comm="syz.5.433" name="/" dev="autofs" ino=20724 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  282.496573][ T5799] input: se401 as /devices/platform/dummy_hcd.5/usb6/6-1/input/input22
[  282.538689][ T5799] usb 6-1: USB disconnect, device number 9
[  282.714733][ T8062] netlink: 56 bytes leftover after parsing attributes in process `syz.6.439'.
[  282.794854][ T5892] dvb_usb_ec168 5-1:0.1: probe with driver dvb_usb_ec168 failed with error -71
[  282.922057][ T5892] usb 5-1: USB disconnect, device number 18
[  283.514166][   T30] audit: type=1400 audit(1762883213.973:393): avc:  denied  { unmount } for  pid=6400 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  283.534101][    C1] vkms_vblank_simulate: vblank timer overrun
[  283.765180][ T8078] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.841310][ T8078] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.981165][   T30] audit: type=1400 audit(1762883214.433:394): avc:  denied  { write } for  pid=8073 comm="syz.6.442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  284.000616][    C1] vkms_vblank_simulate: vblank timer overrun
[  285.260108][ T8092] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  285.269696][ T8089] FAULT_INJECTION: forcing a failure.
[  285.269696][ T8089] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  285.351378][ T8089] CPU: 1 UID: 0 PID: 8089 Comm: syz.3.446 Not tainted syzkaller #0 PREEMPT(full) 
[  285.351408][ T8089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  285.351420][ T8089] Call Trace:
[  285.351427][ T8089]  <TASK>
[  285.351435][ T8089]  dump_stack_lvl+0x16c/0x1f0
[  285.351469][ T8089]  should_fail_ex+0x512/0x640
[  285.351497][ T8089]  _copy_from_iter+0x29f/0x1720
[  285.351524][ T8089]  ? __alloc_skb+0x200/0x380
[  285.351548][ T8089]  ? __pfx__copy_from_iter+0x10/0x10
[  285.351572][ T8089]  ? netlink_autobind.isra.0+0x158/0x370
[  285.351611][ T8089]  netlink_sendmsg+0x820/0xdd0
[  285.351642][ T8089]  ? __pfx_netlink_sendmsg+0x10/0x10
[  285.351680][ T8089]  ____sys_sendmsg+0xa98/0xc70
[  285.351701][ T8089]  ? copy_msghdr_from_user+0x10a/0x160
[  285.351728][ T8089]  ? __pfx_____sys_sendmsg+0x10/0x10
[  285.351760][ T8089]  ___sys_sendmsg+0x134/0x1d0
[  285.351787][ T8089]  ? __pfx____sys_sendmsg+0x10/0x10
[  285.351811][ T8089]  ? __lock_acquire+0x622/0x1c90
[  285.351863][ T8089]  __sys_sendmsg+0x16d/0x220
[  285.351896][ T8089]  ? __pfx___sys_sendmsg+0x10/0x10
[  285.351939][ T8089]  do_syscall_64+0xcd/0xfa0
[  285.351964][ T8089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.351984][ T8089] RIP: 0033:0x7fa0a938f6c9
[  285.352001][ T8089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.352020][ T8089] RSP: 002b:00007fa0aa252038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  285.352039][ T8089] RAX: ffffffffffffffda RBX: 00007fa0a95e5fa0 RCX: 00007fa0a938f6c9
[  285.352053][ T8089] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  285.352065][ T8089] RBP: 00007fa0aa252090 R08: 0000000000000000 R09: 0000000000000000
[  285.352078][ T8089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  285.352090][ T8089] R13: 00007fa0a95e6038 R14: 00007fa0a95e5fa0 R15: 00007ffc2e9e0cd8
[  285.352117][ T8089]  </TASK>
[  285.550534][    C1] vkms_vblank_simulate: vblank timer overrun
[  285.918070][   T30] audit: type=1400 audit(1762883216.373:395): avc:  denied  { create } for  pid=8095 comm="syz.4.451" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  286.117504][   T30] audit: type=1400 audit(1762883216.563:396): avc:  denied  { connect } for  pid=8096 comm="syz.6.450" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  286.442515][ T8107] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.452109][ T8107] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  287.831164][ T8112] netlink: 'syz.2.454': attribute type 10 has an invalid length.
[  287.888079][ T8112] syz_tun: entered promiscuous mode
[  287.985409][ T8112] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  288.341989][   T30] audit: type=1400 audit(1762883218.793:397): avc:  denied  { write } for  pid=8113 comm="syz.6.455" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  288.634675][ T8119] overlayfs: overlapping lowerdir path
[  290.051208][ T5822] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  290.085732][ T8084] syz.5.444 (8084): drop_caches: 1
[  290.285991][ T5822] usb 7-1: Using ep0 maxpacket: 8
[  290.357056][ T5822] usb 7-1: config 0 has no interfaces?
[  290.401193][ T5822] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  290.505940][ T5822] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.654613][ T5822] usb 7-1: config 0 descriptor??
[  291.495206][ T5822] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  291.830890][  T978] usb 7-1: USB disconnect, device number 5
[  291.945061][ T5822] usb 4-1: Using ep0 maxpacket: 32
[  291.959527][ T5822] usb 4-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  291.990259][ T5822] usb 4-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  292.009433][ T5822] usb 4-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  292.050700][ T5822] usb 4-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  292.078250][ T5822] usb 4-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  292.091310][ T5822] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.115642][ T8146] netlink: 12 bytes leftover after parsing attributes in process `syz.5.465'.
[  292.126272][ T5822] usb 4-1: Product: syz
[  292.130459][ T5822] usb 4-1: Manufacturer: syz
[  292.136118][ T5822] usb 4-1: SerialNumber: syz
[  292.140914][ T8146] netlink: 'syz.5.465': attribute type 12 has an invalid length.
[  292.163672][    C1] imon 4-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  292.220889][ T5892] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  292.308804][ T5822] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:155.0/input/input23
[  292.347612][ T5945] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  292.376691][ T5945] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  292.380859][ T5822] imon 4-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  292.411004][ T5945] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  292.430080][ T5822]  (id 0x00)
[  292.460294][ T5945] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  292.510638][ T5892] usb 5-1: Using ep0 maxpacket: 8
[  292.521777][ T5892] usb 5-1: config 0 interface 0 has no altsetting 0
[  292.528439][ T5892] usb 5-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  292.576108][ T5892] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.593950][ T5892] usb 5-1: config 0 descriptor??
[  292.660866][ T5822] rc_core: IR keymap rc-imon-pad not found
[  292.668862][ T5822] Registered IR keymap rc-empty
[  292.679118][ T5822] imon 4-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  292.689805][ T5822] imon 4-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  292.712448][ T5822] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:155.0/rc/rc0
[  292.733127][ T5822] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:155.0/rc/rc0/input24
[  292.768188][ T5822] imon 4-1:155.0: iMON device (15c2:ffdc, intf0) on usb<4:13> initialized
[  292.999269][ T8159] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.010292][ T8159] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.031338][ T5892] dragonrise 0003:0079:0011.0008: hidraw0: USB HID vd.c7 Device [HID 0079:0011] on usb-dummy_hcd.4-1/input0
[  293.443553][   T30] audit: type=1400 audit(1762883223.903:398): avc:  denied  { map } for  pid=8135 comm="syz.3.462" path="socket:[21225]" dev="sockfs" ino=21225 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  293.646641][  T978] usb 5-1: USB disconnect, device number 19
[  294.526376][ T8172] netlink: 8 bytes leftover after parsing attributes in process `syz.5.472'.
[  294.740685][ T5884] usb 4-1: USB disconnect, device number 13
[  294.931964][ T8181] netlink: 12 bytes leftover after parsing attributes in process `syz.4.475'.
[  295.494644][ T8191] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  295.532432][ T8191] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  295.565387][   T30] audit: type=1400 audit(1762883226.023:399): avc:  denied  { append } for  pid=8192 comm="syz.5.479" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  295.620693][ T5892] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  295.750987][ T5892] usb 7-1: device descriptor read/64, error -71
[  295.800663][ T5865] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  295.970676][ T5865] usb 6-1: Using ep0 maxpacket: 16
[  295.977414][ T5865] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  295.988550][ T5865] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  295.999153][ T5865] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  296.023131][ T5865] usb 6-1: config 0 descriptor??
[  296.031947][ T5892] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  296.243934][ T5892] usb 7-1: device descriptor read/64, error -71
[  296.295689][ T8207] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  296.324078][ T8207] cramfs: wrong magic
[  296.362031][ T5892] usb usb7-port1: attempt power cycle
[  296.461281][ T5865] mcp2221 0003:04D8:00DD.0009: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  296.721041][ T5892] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  296.744188][ T5865] usb 6-1: USB disconnect, device number 10
[  296.762721][ T5892] usb 7-1: device descriptor read/8, error -71
[  297.010733][ T5892] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  297.033780][ T5892] usb 7-1: device descriptor read/8, error -71
[  297.213904][ T5892] usb usb7-port1: unable to enumerate USB device
[  297.723935][ T8218] netlink: 4 bytes leftover after parsing attributes in process `syz.4.485'.
[  297.781988][ T5822] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  297.801193][   T30] audit: type=1400 audit(1762883228.253:400): avc:  denied  { setopt } for  pid=8221 comm="syz.4.487" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  297.940882][ T5822] usb 6-1: Using ep0 maxpacket: 8
[  297.971517][ T5822] usb 6-1: config 0 interface 0 has no altsetting 0
[  297.978167][ T5822] usb 6-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  298.200546][ T5822] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.213317][ T5822] usb 6-1: config 0 descriptor??
[  298.690023][   T30] audit: type=1400 audit(1762883228.803:401): avc:  denied  { create } for  pid=8228 comm="syz.2.489" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  298.710689][   T30] audit: type=1400 audit(1762883228.823:402): avc:  denied  { write } for  pid=8228 comm="syz.2.489" name="file0" dev="tmpfs" ino=605 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  298.781906][   T30] audit: type=1400 audit(1762883228.823:403): avc:  denied  { open } for  pid=8228 comm="syz.2.489" path="/113/file0" dev="tmpfs" ino=605 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  298.842655][   T30] audit: type=1400 audit(1762883228.843:404): avc:  denied  { ioctl } for  pid=8228 comm="syz.2.489" path="/113/file0" dev="tmpfs" ino=605 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  299.044246][   T30] audit: type=1400 audit(1762883229.453:405): avc:  denied  { unlink } for  pid=5823 comm="syz-executor" name="file0" dev="tmpfs" ino=605 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  299.082932][ T5822] dragonrise 0003:0079:0011.000A: hidraw0: USB HID vd.c7 Device [HID 0079:0011] on usb-dummy_hcd.5-1/input0
[  299.118110][ T8245] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  299.126509][ T8245] cramfs: wrong magic
[  299.835515][ T5822] usb 6-1: USB disconnect, device number 11
[  300.787375][   T30] audit: type=1400 audit(1762883231.133:406): avc:  denied  { write } for  pid=8273 comm="syz.5.500" path="socket:[22543]" dev="sockfs" ino=22543 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  300.900949][ T5865] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  301.052365][ T8285] mkiss: ax0: crc mode is auto.
[  301.102680][ T5865] usb 7-1: Using ep0 maxpacket: 8
[  301.120040][ T5865] usb 7-1: config 0 interface 0 has no altsetting 0
[  301.134275][ T5865] usb 7-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  301.216251][ T5865] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.249588][ T5865] usb 7-1: config 0 descriptor??
[  301.354065][ T8296] mkiss: ax0: crc mode is auto.
[  301.369245][ T8296] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  301.378019][ T8296] cramfs: wrong magic
[  301.693994][ T8298] syz.2.505 (8298): drop_caches: 1
[  301.741007][ T8298] syz.2.505 (8298): drop_caches: 1
[  301.959599][ T5865] dragonrise 0003:0079:0011.000B: hidraw0: USB HID vd.c7 Device [HID 0079:0011] on usb-dummy_hcd.6-1/input0
[  302.441497][ T8305] netlink: 40 bytes leftover after parsing attributes in process `syz.3.507'.
[  302.476744][ T5865] usb 7-1: USB disconnect, device number 10
[  302.563017][ T8307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.593176][ T8307] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  303.089836][ T8314] FAULT_INJECTION: forcing a failure.
[  303.089836][ T8314] name failslab, interval 1, probability 0, space 0, times 0
[  303.118433][ T8314] CPU: 1 UID: 0 PID: 8314 Comm: syz.5.511 Not tainted syzkaller #0 PREEMPT(full) 
[  303.118461][ T8314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  303.118472][ T8314] Call Trace:
[  303.118479][ T8314]  <TASK>
[  303.118487][ T8314]  dump_stack_lvl+0x16c/0x1f0
[  303.118522][ T8314]  should_fail_ex+0x512/0x640
[  303.118542][ T8314]  ? kmem_cache_alloc_lru_noprof+0x66/0x6e0
[  303.118572][ T8314]  should_failslab+0xc2/0x120
[  303.118594][ T8314]  kmem_cache_alloc_lru_noprof+0x79/0x6e0
[  303.118621][ T8314]  ? __d_alloc+0x32/0xae0
[  303.118647][ T8314]  ? __d_alloc+0x32/0xae0
[  303.118664][ T8314]  __d_alloc+0x32/0xae0
[  303.118687][ T8314]  d_alloc_parallel+0x111/0x1510
[  303.118720][ T8314]  ? find_held_lock+0x2b/0x80
[  303.118745][ T8314]  ? __pfx_d_alloc_parallel+0x10/0x10
[  303.118774][ T8314]  ? __d_lookup+0x266/0x4a0
[  303.118812][ T8314]  lookup_open.isra.0+0x665/0x1580
[  303.118846][ T8314]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  303.118891][ T8314]  ? lookup_fast+0x156/0x610
[  303.118923][ T8314]  path_openat+0x893/0x2cb0
[  303.118950][ T8314]  ? __pfx_path_openat+0x10/0x10
[  303.118970][ T8314]  ? __lock_acquire+0xb8a/0x1c90
[  303.118993][ T8314]  do_filp_open+0x20b/0x470
[  303.119014][ T8314]  ? __pfx_do_filp_open+0x10/0x10
[  303.119055][ T8314]  ? alloc_fd+0x471/0x7d0
[  303.119090][ T8314]  do_sys_openat2+0x11b/0x1d0
[  303.119115][ T8314]  ? __pfx_do_sys_openat2+0x10/0x10
[  303.119143][ T8314]  ? __fget_files+0x20e/0x3c0
[  303.119168][ T8314]  __x64_sys_openat+0x174/0x210
[  303.119193][ T8314]  ? __pfx___x64_sys_openat+0x10/0x10
[  303.119218][ T8314]  ? ksys_write+0x1ac/0x250
[  303.119246][ T8314]  do_syscall_64+0xcd/0xfa0
[  303.119266][ T8314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  303.119287][ T8314] RIP: 0033:0x7ff72f38f6c9
[  303.119303][ T8314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  303.119322][ T8314] RSP: 002b:00007ff73021c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  303.119340][ T8314] RAX: ffffffffffffffda RBX: 00007ff72f5e5fa0 RCX: 00007ff72f38f6c9
[  303.119353][ T8314] RDX: 0000000000008000 RSI: 0000200000000300 RDI: ffffffffffffff9c
[  303.119373][ T8314] RBP: 00007ff73021c090 R08: 0000000000000000 R09: 0000000000000000
[  303.119384][ T8314] R10: 00000000000001f7 R11: 0000000000000246 R12: 0000000000000001
[  303.119394][ T8314] R13: 00007ff72f5e6038 R14: 00007ff72f5e5fa0 R15: 00007ffd8bda5358
[  303.119421][ T8314]  </TASK>
[  303.592380][ T8326] netlink: 'syz.3.510': attribute type 1 has an invalid length.
[  303.799152][   T30] audit: type=1400 audit(1762883234.093:407): avc:  denied  { setopt } for  pid=8319 comm="syz.6.513" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  304.209419][ T8320] netlink: 'syz.6.513': attribute type 3 has an invalid length.
[  304.340321][   T30] audit: type=1400 audit(1762883234.793:408): avc:  denied  { append } for  pid=8319 comm="syz.6.513" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  304.521618][ T8335] syz.4.516 (8335): drop_caches: 1
[  304.771193][ T8335] syz.4.516 (8335): drop_caches: 1
[  304.988796][   T30] audit: type=1400 audit(1762883234.803:409): avc:  denied  { setattr } for  pid=8319 comm="syz.6.513" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  305.012001][   T30] audit: type=1326 audit(1762883234.933:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8322 comm="syz.5.514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff72f38f6c9 code=0x7fc00000
[  305.119229][   T30] audit: type=1326 audit(1762883235.573:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8334 comm="syz.3.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0a938f6c9 code=0x7fc00000
[  305.240704][   T30] audit: type=1326 audit(1762883235.573:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8334 comm="syz.3.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fa0a938f6c9 code=0x7fc00000
[  305.634306][   T30] audit: type=1326 audit(1762883235.573:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8334 comm="syz.3.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0a938f6c9 code=0x7fc00000
[  305.663164][   T30] audit: type=1326 audit(1762883235.573:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8334 comm="syz.3.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0a938f6c9 code=0x7fc00000
[  305.687682][   T30] audit: type=1326 audit(1762883235.573:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8334 comm="syz.3.517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0a938f6c9 code=0x7fc00000
[  305.726659][ T8355] netlink: 4 bytes leftover after parsing attributes in process `syz.3.522'.
[  305.751578][ T8355] tc_dump_action: action bad kind
[  305.826565][ T8350] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  305.844253][ T8350] cramfs: wrong magic
[  306.242135][ T8359] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8359 comm=syz.6.523
[  306.641510][ T8363] netlink: 'syz.6.523': attribute type 1 has an invalid length.
[  306.724363][ T5822] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  306.968057][ T8365] bond1: (slave bridge1): making interface the new active one
[  306.976933][ T8365] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  307.320804][ T5822] usb 6-1: device descriptor read/64, error -71
[  307.510669][ T5865] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  307.580670][ T5822] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  307.700732][ T5865] usb 7-1: Using ep0 maxpacket: 8
[  307.713164][ T5865] usb 7-1: config 0 interface 0 has no altsetting 0
[  307.719966][ T5865] usb 7-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  307.730852][ T5822] usb 6-1: device descriptor read/64, error -71
[  307.740422][ T5865] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.782294][ T5865] usb 7-1: config 0 descriptor??
[  307.907967][ T5822] usb usb6-port1: attempt power cycle
[  308.300932][ T5822] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  308.966971][ T5865] dragonrise 0003:0079:0011.000C: hidraw0: USB HID vd.c7 Device [HID 0079:0011] on usb-dummy_hcd.6-1/input0
[  309.354447][ T5822] usb 6-1: device descriptor read/8, error -71
[  309.791760][   T30] audit: type=1400 audit(1762883240.253:416): avc:  denied  { lock } for  pid=8387 comm="syz.3.532" path="socket:[22833]" dev="sockfs" ino=22833 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  310.142354][ T5884] usb 7-1: USB disconnect, device number 11
[  310.870723][ T8407] netlink: 4 bytes leftover after parsing attributes in process `syz.6.534'.
[  311.051556][ T8411] netlink: 'syz.3.533': attribute type 10 has an invalid length.
[  311.293100][ T8416] netlink: 28 bytes leftover after parsing attributes in process `syz.3.533'.
[  311.488380][ T5938] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  311.650775][ T5938] usb 5-1: Using ep0 maxpacket: 8
[  311.657615][ T5938] usb 5-1: config 0 has no interfaces?
[  311.670767][ T5938] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  311.680324][ T5938] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.769680][ T5938] usb 5-1: config 0 descriptor??
[  312.351810][ T5884] usb 5-1: USB disconnect, device number 20
[  313.487266][ T8427] netlink: 4 bytes leftover after parsing attributes in process `syz.4.539'.
[  314.218814][ T8386] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  314.231321][ T8404] gtp0: entered promiscuous mode
[  314.306996][ T8411] veth0_vlan: left promiscuous mode
[  314.322748][ T8411] veth0_vlan: entered promiscuous mode
[  314.344356][ T8411] team0: Device veth0_vlan failed to register rx_handler
[  314.366499][ T8427] team1: entered promiscuous mode
[  314.380787][ T8427] team1: entered allmulticast mode
[  314.832268][   T30] audit: type=1400 audit(1762883245.293:417): avc:  denied  { unlink } for  pid=8437 comm="syz.5.542" name="#1" dev="tmpfs" ino=399 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  315.156134][   T30] audit: type=1400 audit(1762883245.603:418): avc:  denied  { listen } for  pid=8443 comm="syz.6.543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  316.192480][   T30] audit: type=1400 audit(1762883245.613:419): avc:  denied  { accept } for  pid=8443 comm="syz.6.543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  316.729203][ T8450] syz.4.544 (8450): drop_caches: 1
[  317.000762][ T8454] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  317.009258][   T30] audit: type=1400 audit(1762883247.313:420): avc:  denied  { getopt } for  pid=8452 comm="syz.2.546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  317.028709][   T30] audit: type=1400 audit(1762883247.453:421): avc:  denied  { read } for  pid=8443 comm="syz.6.543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  317.045215][ T8454] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  317.059733][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  317.066175][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  317.099338][ T8450] syz.4.544 (8450): drop_caches: 1
[  317.129638][ T8454] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  317.167044][ T8454] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  317.493059][   T30] audit: type=1400 audit(1762883247.913:422): avc:  denied  { setopt } for  pid=8462 comm="syz.5.550" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  317.509819][ T8453] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  317.536212][ T8453] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  317.885077][   T50] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.905984][   T50] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.927314][   T50] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  317.938609][ T8482] tipc: Started in network mode
[  317.971858][ T8482] tipc: Node identity 1a7005adc65c, cluster identity 4711
[  318.016219][ T8482] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  318.045942][ T8485] syzkaller0: entered promiscuous mode
[  318.065679][ T8485] syzkaller0: entered allmulticast mode
[  318.087236][   T50] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  318.135124][   T30] audit: type=1400 audit(1762883248.593:423): avc:  denied  { ioctl } for  pid=8476 comm="syz.3.552" path="socket:[24132]" dev="sockfs" ino=24132 ioctlcmd=0x891e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  318.170522][ T8476] tipc: Resetting bearer <eth:syzkaller0>
[  318.408015][ T8476] tipc: Disabling bearer <eth:syzkaller0>
[  318.948321][   T30] audit: type=1400 audit(1762883249.403:424): avc:  denied  { accept } for  pid=8497 comm="syz.4.557" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  319.024946][ T8498] xt_NFQUEUE: number of total queues is 0
[  319.114722][ T8502] netlink: 'syz.2.558': attribute type 1 has an invalid length.
[  319.122825][ T8465] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  319.365350][ T8465] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  319.376477][ T8465] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.392405][ T8465] usb 4-1: config 0 descriptor??
[  319.461148][   T30] audit: type=1400 audit(1762883249.913:425): avc:  denied  { shutdown } for  pid=8509 comm="syz.6.561" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  319.462824][ T8511] netlink: 'syz.6.561': attribute type 1 has an invalid length.
[  319.553642][ T8511] bond2: (slave gretap1): making interface the new active one
[  319.562937][ T8511] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  319.571846][ T5926] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  319.579528][ T5822] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  319.621955][ T8513] FAULT_INJECTION: forcing a failure.
[  319.621955][ T8513] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  319.640046][ T8511] netlink: 28 bytes leftover after parsing attributes in process `syz.6.561'.
[  319.651594][ T8511] 8021q: adding VLAN 0 to HW filter on device bond2
[  319.669441][ T8513] CPU: 0 UID: 0 PID: 8513 Comm: syz.2.562 Not tainted syzkaller #0 PREEMPT(full) 
[  319.669469][ T8513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  319.669489][ T8513] Call Trace:
[  319.669496][ T8513]  <TASK>
[  319.669504][ T8513]  dump_stack_lvl+0x16c/0x1f0
[  319.669541][ T8513]  should_fail_ex+0x512/0x640
[  319.669569][ T8513]  _copy_to_user+0x32/0xd0
[  319.669596][ T8513]  simple_read_from_buffer+0xcb/0x170
[  319.669629][ T8513]  proc_fail_nth_read+0x197/0x240
[  319.669655][ T8513]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  319.669680][ T8513]  ? rw_verify_area+0xcf/0x6c0
[  319.669708][ T8513]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  319.669732][ T8513]  vfs_read+0x1e4/0xcf0
[  319.669755][ T8513]  ? __pfx___mutex_lock+0x10/0x10
[  319.669776][ T8513]  ? __pfx_vfs_read+0x10/0x10
[  319.669803][ T8513]  ? __fget_files+0x20e/0x3c0
[  319.669833][ T8513]  ksys_read+0x12a/0x250
[  319.669851][ T8513]  ? __pfx_ksys_read+0x10/0x10
[  319.669867][ T8513]  ? fput+0x9b/0xd0
[  319.669895][ T8513]  do_syscall_64+0xcd/0xfa0
[  319.669917][ T8513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  319.669937][ T8513] RIP: 0033:0x7fa46418e0dc
[  319.669952][ T8513] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  319.669970][ T8513] RSP: 002b:00007fa4650a0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  319.669989][ T8513] RAX: ffffffffffffffda RBX: 00007fa4643e5fa0 RCX: 00007fa46418e0dc
[  319.670003][ T8513] RDX: 000000000000000f RSI: 00007fa4650a00a0 RDI: 0000000000000004
[  319.670015][ T8513] RBP: 00007fa4650a0090 R08: 0000000000000000 R09: 0000000000000000
[  319.670028][ T8513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  319.670040][ T8513] R13: 00007fa4643e6038 R14: 00007fa4643e5fa0 R15: 00007fff98cf1728
[  319.670070][ T8513]  </TASK>
[  319.730657][ T5822] usb 6-1: Using ep0 maxpacket: 8
[  319.863254][ T5926] usb 5-1: Using ep0 maxpacket: 8
[  319.871271][ T5822] usb 6-1: config 0 has no interfaces?
[  319.876792][ T5822] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  319.886556][ T5926] usb 5-1: config 0 has no interfaces?
[  319.892096][ T5926] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  319.902205][ T5822] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.914425][ T5926] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.932444][ T5822] usb 6-1: config 0 descriptor??
[  319.938298][ T5926] usb 5-1: config 0 descriptor??
[  320.093496][ T8518] FAULT_INJECTION: forcing a failure.
[  320.093496][ T8518] name failslab, interval 1, probability 0, space 0, times 0
[  320.106457][ T8518] CPU: 0 UID: 0 PID: 8518 Comm: syz.2.563 Not tainted syzkaller #0 PREEMPT(full) 
[  320.106489][ T8518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  320.106501][ T8518] Call Trace:
[  320.106508][ T8518]  <TASK>
[  320.106516][ T8518]  dump_stack_lvl+0x16c/0x1f0
[  320.106552][ T8518]  should_fail_ex+0x512/0x640
[  320.106575][ T8518]  ? __kmalloc_noprof+0xca/0x880
[  320.106606][ T8518]  should_failslab+0xc2/0x120
[  320.106629][ T8518]  __kmalloc_noprof+0xdd/0x880
[  320.106654][ T8518]  ? __do_sys_futex_waitv+0x18f/0x2c0
[  320.106676][ T8518]  ? __do_sys_futex_waitv+0x221/0x2c0
[  320.106702][ T8518]  ? __do_sys_futex_waitv+0x221/0x2c0
[  320.106721][ T8518]  __do_sys_futex_waitv+0x221/0x2c0
[  320.106744][ T8518]  ? __pfx___do_sys_futex_waitv+0x10/0x10
[  320.106782][ T8518]  do_syscall_64+0xcd/0xfa0
[  320.106804][ T8518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.106825][ T8518] RIP: 0033:0x7fa46418f6c9
[  320.106842][ T8518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.106861][ T8518] RSP: 002b:00007fa4650a0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c1
[  320.106881][ T8518] RAX: ffffffffffffffda RBX: 00007fa4643e5fa0 RCX: 00007fa46418f6c9
[  320.106895][ T8518] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000001080
[  320.106907][ T8518] RBP: 00007fa4650a0090 R08: 0000000000000001 R09: 0000000000000000
[  320.106920][ T8518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.106932][ T8518] R13: 00007fa4643e6038 R14: 00007fa4643e5fa0 R15: 00007fff98cf1728
[  320.106962][ T8518]  </TASK>
[  320.270195][ T8465] usb 4-1: Cannot set MAC address
[  320.275466][ T8465] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  320.306385][ T8465] usb 4-1: USB disconnect, device number 14
[  320.689886][ T8465] usb 5-1: USB disconnect, device number 21
[  321.227638][ T8530] netlink: 14 bytes leftover after parsing attributes in process `syz.2.564'.
[  321.426175][ T5822] usb 6-1: USB disconnect, device number 16
[  321.514186][ T8464] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  321.541214][ T8534] Bluetooth: MGMT ver 1.23
[  321.548923][   T30] audit: type=1400 audit(1762883252.003:426): avc:  denied  { listen } for  pid=8533 comm="syz.4.567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  321.817988][   T30] audit: type=1400 audit(1762883252.003:427): avc:  denied  { accept } for  pid=8533 comm="syz.4.567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  321.938921][ T8530] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  321.953823][ T8530] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  321.978884][ T8464] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  321.989064][ T8530] bond0 (unregistering): (slave syz_tun): Releasing backup interface
[  321.998947][ T8530] bond0 (unregistering): Released all slaves
[  322.045588][ T8464] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  322.079105][ T8464] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  322.100699][ T8464] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  322.143745][ T8464] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  322.171902][ T8536] tipc: Started in network mode
[  322.176801][ T8536] tipc: Node identity 7eec9a697ebe, cluster identity 4711
[  322.211698][ T8464] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  322.231756][ T8537] trusted_key: encrypted_key: insufficient parameters specified
[  322.246041][ T8536] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  322.252854][ T8464] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  322.285258][ T8464] usb 4-1: Product: syz
[  322.289459][ T8464] usb 4-1: Manufacturer: syz
[  322.320109][ T8537] syzkaller0: entered promiscuous mode
[  322.343425][ T8464] cdc_wdm 4-1:1.0: skipping garbage
[  322.348664][ T8464] cdc_wdm 4-1:1.0: skipping garbage
[  322.394265][ T8537] syzkaller0: entered allmulticast mode
[  322.437083][ T8464] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  322.454540][ T8464] cdc_wdm 4-1:1.0: Unknown control protocol
[  322.550726][   T30] audit: type=1400 audit(1762883253.003:428): avc:  denied  { read write } for  pid=8527 comm="syz.3.566" name="cdc-wdm0" dev="devtmpfs" ino=3040 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[  322.613701][ T8536] tipc: Resetting bearer <eth:syzkaller0>
[  322.647695][   T30] audit: type=1400 audit(1762883253.003:429): avc:  denied  { open } for  pid=8527 comm="syz.3.566" path="/dev/cdc-wdm0" dev="devtmpfs" ino=3040 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:modem_device_t tclass=chr_file permissive=1
[  322.713560][ T8535] tipc: Resetting bearer <eth:syzkaller0>
[  322.890306][ T8535] tipc: Disabling bearer <eth:syzkaller0>
[  322.910475][ T8542] tipc: Enabled bearer <udp:syz2>, priority 10
[  324.022176][ T5891] tipc: Node number set to 3693872557
[  324.155994][   T30] audit: type=1400 audit(1762883254.613:430): avc:  denied  { ioctl } for  pid=8553 comm="syz.5.573" path="socket:[23435]" dev="sockfs" ino=23435 ioctlcmd=0x8b2c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  324.390269][   T30] audit: type=1400 audit(1762883254.843:431): avc:  denied  { connect } for  pid=8553 comm="syz.5.573" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  325.256599][ T5926] usb 4-1: USB disconnect, device number 15
[  325.290910][ T8465] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  325.571250][ T8465] usb 7-1: Using ep0 maxpacket: 8
[  325.937539][   T30] audit: type=1400 audit(1762883256.243:432): avc:  denied  { write } for  pid=8568 comm="syz.4.578" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  326.899422][   T30] audit: type=1400 audit(1762883257.323:433): avc:  denied  { append } for  pid=8573 comm="syz.2.580" name="media8" dev="devtmpfs" ino=1014 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  326.922274][   T30] audit: type=1400 audit(1762883257.333:434): avc:  denied  { setattr } for  pid=8573 comm="syz.2.580" name="cuse" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  327.205382][ T8465] usb 7-1: config 0 has no interfaces?
[  327.214100][ T8465] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  327.226180][ T8465] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  327.431126][ T8465] usb 7-1: config 0 descriptor??
[  328.095528][   T30] audit: type=1400 audit(1762883258.543:435): avc:  denied  { mounton } for  pid=8590 comm="syz.4.583" path="/125/file0" dev="tmpfs" ino=663 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  328.181006][    T9] usb 7-1: USB disconnect, device number 12
[  328.255831][ T8593] FAULT_INJECTION: forcing a failure.
[  328.255831][ T8593] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  328.305686][ T8593] CPU: 1 UID: 0 PID: 8593 Comm: syz.2.582 Not tainted syzkaller #0 PREEMPT(full) 
[  328.305712][ T8593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  328.305723][ T8593] Call Trace:
[  328.305730][ T8593]  <TASK>
[  328.305738][ T8593]  dump_stack_lvl+0x16c/0x1f0
[  328.305787][ T8593]  should_fail_ex+0x512/0x640
[  328.305813][ T8593]  _copy_from_user+0x2e/0xd0
[  328.305845][ T8593]  drm_ioctl+0x4fb/0xc30
[  328.305867][ T8593]  ? __pfx_drm_mode_create_dumb_ioctl+0x10/0x10
[  328.305892][ T8593]  ? __pfx_drm_ioctl+0x10/0x10
[  328.305922][ T8593]  ? selinux_file_ioctl+0x180/0x270
[  328.305943][ T8593]  ? selinux_file_ioctl+0xb4/0x270
[  328.305973][ T8593]  ? __pfx_drm_ioctl+0x10/0x10
[  328.305991][ T8593]  __x64_sys_ioctl+0x18e/0x210
[  328.306017][ T8593]  do_syscall_64+0xcd/0xfa0
[  328.306036][ T8593]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  328.306055][ T8593] RIP: 0033:0x7fa46418f6c9
[  328.306070][ T8593] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  328.306087][ T8593] RSP: 002b:00007fa4650a0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  328.306107][ T8593] RAX: ffffffffffffffda RBX: 00007fa4643e5fa0 RCX: 00007fa46418f6c9
[  328.306120][ T8593] RDX: 0000200000000140 RSI: 00000000c02064b2 RDI: 0000000000000003
[  328.306133][ T8593] RBP: 00007fa4650a0090 R08: 0000000000000000 R09: 0000000000000000
[  328.306144][ T8593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  328.306156][ T8593] R13: 00007fa4643e6038 R14: 00007fa4643e5fa0 R15: 00007fff98cf1728
[  328.306184][ T8593]  </TASK>
[  328.700742][   T30] audit: type=1400 audit(1762883259.153:436): avc:  denied  { append } for  pid=8597 comm="syz.5.585" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  328.796644][ T8606] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  328.809608][ T8606] cramfs: wrong magic
[  329.510694][ T5926] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  329.679939][   T30] audit: type=1400 audit(1762883260.103:437): avc:  denied  { mount } for  pid=8624 comm="syz.3.592" name="/" dev="hugetlbfs" ino=25607 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  329.740754][ T5926] usb 7-1: device descriptor read/64, error -71
[  329.780468][   T30] audit: type=1400 audit(1762883260.233:438): avc:  denied  { map } for  pid=8624 comm="syz.3.592" path="/dev/sg0" dev="devtmpfs" ino=786 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  329.810939][   T30] audit: type=1400 audit(1762883260.233:439): avc:  denied  { execute } for  pid=8624 comm="syz.3.592" path="/dev/sg0" dev="devtmpfs" ino=786 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  330.043953][ T5926] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  330.055612][ T8629] netlink: 12 bytes leftover after parsing attributes in process `syz.4.593'.
[  330.203956][ T5926] usb 7-1: device descriptor read/64, error -71
[  330.227530][ T8620] syz.5.590 (8620): drop_caches: 1
[  330.361325][ T5926] usb usb7-port1: attempt power cycle
[  330.727231][ T5926] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  330.826280][ T5822] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  331.065627][ T5926] usb 7-1: device descriptor read/8, error -71
[  331.450853][ T5822] usb 6-1: Using ep0 maxpacket: 32
[  331.501335][ T5822] usb 6-1: config 0 has an invalid interface number: 21 but max is 0
[  331.509575][ T5822] usb 6-1: config 0 has no interface number 0
[  331.515794][ T5926] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  331.531007][ T5822] usb 6-1: config 0 interface 21 altsetting 2 bulk endpoint 0x2 has invalid maxpacket 1023
[  331.543514][ T5822] usb 6-1: config 0 interface 21 has no altsetting 0
[  331.553058][ T5822] usb 6-1: New USB device found, idVendor=2c7c, idProduct=0121, bcdDevice= 9.64
[  331.562698][ T5926] usb 7-1: device descriptor read/8, error -71
[  331.580822][ T5822] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  331.592904][ T5822] usb 6-1: Product: syz
[  331.597098][ T5822] usb 6-1: Manufacturer: syz
[  331.742685][ T8645] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'filter'
[  332.039391][ T5926] usb usb7-port1: unable to enumerate USB device
[  332.046865][ T8647] netlink: 'syz.4.597': attribute type 1 has an invalid length.
[  332.093383][ T5822] usb 6-1: SerialNumber: syz
[  332.116410][ T5822] usb 6-1: config 0 descriptor??
[  332.122393][ T8633] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  332.133534][ T5822] option 6-1:0.21: GSM modem (1-port) converter detected
[  332.195852][ T5822] usb 6-1: GSM modem (1-port) converter now attached to ttyUSB0
[  332.511911][   T30] audit: type=1804 audit(1762883262.953:440): pid=8633 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.5.594" name="/newroot/83/file0" dev="tmpfs" ino=460 res=1 errno=0
[  332.542209][ T5822] usb 6-1: USB disconnect, device number 17
[  332.597644][ T5822] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0
[  332.701086][ T5822] option 6-1:0.21: device disconnected
[  332.869664][ T8658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  332.915076][ T8658] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.978747][ T8660] input: syz0 as /devices/virtual/input/input25
[  333.020337][ T8660] FAULT_INJECTION: forcing a failure.
[  333.020337][ T8660] name failslab, interval 1, probability 0, space 0, times 0
[  333.086816][ T8660] CPU: 0 UID: 0 PID: 8660 Comm: syz.4.603 Not tainted syzkaller #0 PREEMPT(full) 
[  333.086847][ T8660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  333.086859][ T8660] Call Trace:
[  333.086866][ T8660]  <TASK>
[  333.086873][ T8660]  dump_stack_lvl+0x16c/0x1f0
[  333.086910][ T8660]  should_fail_ex+0x512/0x640
[  333.086933][ T8660]  ? __kmalloc_noprof+0xca/0x880
[  333.086964][ T8660]  should_failslab+0xc2/0x120
[  333.086988][ T8660]  __kmalloc_noprof+0xdd/0x880
[  333.087013][ T8660]  ? kasan_quarantine_put+0x10a/0x240
[  333.087033][ T8660]  ? lockdep_hardirqs_on+0x7c/0x110
[  333.087061][ T8660]  ? kobject_get_path+0xd2/0x2a0
[  333.087086][ T8660]  ? kobject_get_path+0xd2/0x2a0
[  333.087105][ T8660]  kobject_get_path+0xd2/0x2a0
[  333.087131][ T8660]  input_devices_seq_show+0x8d/0x1130
[  333.087164][ T8660]  ? __pfx_input_devices_seq_show+0x10/0x10
[  333.087198][ T8660]  ? seq_list_start+0x9a/0xc0
[  333.087228][ T8660]  seq_read_iter+0xb25/0x12d0
[  333.087271][ T8660]  seq_read+0x3a3/0x570
[  333.087299][ T8660]  ? __pfx_seq_read+0x10/0x10
[  333.087340][ T8660]  ? avc_policy_seqno+0x9/0x20
[  333.087372][ T8660]  ? __pfx_seq_read+0x10/0x10
[  333.087401][ T8660]  proc_reg_read+0x240/0x330
[  333.087431][ T8660]  ? __pfx_proc_reg_read+0x10/0x10
[  333.087460][ T8660]  vfs_read+0x1e4/0xcf0
[  333.087483][ T8660]  ? __pfx___mutex_lock+0x10/0x10
[  333.087504][ T8660]  ? __pfx_vfs_read+0x10/0x10
[  333.087531][ T8660]  ? __fget_files+0x20e/0x3c0
[  333.087566][ T8660]  ksys_read+0x12a/0x250
[  333.087584][ T8660]  ? __pfx_ksys_read+0x10/0x10
[  333.087612][ T8660]  do_syscall_64+0xcd/0xfa0
[  333.087634][ T8660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.087655][ T8660] RIP: 0033:0x7f4b64b8f6c9
[  333.087671][ T8660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.087690][ T8660] RSP: 002b:00007f4b65ad2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  333.087709][ T8660] RAX: ffffffffffffffda RBX: 00007f4b64de5fa0 RCX: 00007f4b64b8f6c9
[  333.087722][ T8660] RDX: 0000000000002020 RSI: 00002000000028c0 RDI: 0000000000000004
[  333.087735][ T8660] RBP: 00007f4b65ad2090 R08: 0000000000000000 R09: 0000000000000000
[  333.087747][ T8660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.087759][ T8660] R13: 00007f4b64de6038 R14: 00007f4b64de5fa0 R15: 00007fffa0b4fc58
[  333.087788][ T8660]  </TASK>
[  333.406761][   T30] audit: type=1400 audit(1762883263.863:441): avc:  denied  { create } for  pid=8654 comm="syz.2.602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  333.408496][ T8658] 9pnet_fd: p9_fd_create_tcp (8658): problem binding to privport
[  333.441688][ T8658] fuse: Bad value for 'user_id'
[  333.446588][ T8658] fuse: Bad value for 'user_id'
[  333.757842][ T8669] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer.
[  333.792519][ T8669] FAULT_INJECTION: forcing a failure.
[  333.792519][ T8669] name failslab, interval 1, probability 0, space 0, times 0
[  333.818958][ T8669] CPU: 0 UID: 0 PID: 8669 Comm: syz.4.607 Not tainted syzkaller #0 PREEMPT(full) 
[  333.818988][ T8669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  333.819000][ T8669] Call Trace:
[  333.819006][ T8669]  <TASK>
[  333.819014][ T8669]  dump_stack_lvl+0x16c/0x1f0
[  333.819051][ T8669]  should_fail_ex+0x512/0x640
[  333.819074][ T8669]  ? __kmalloc_cache_noprof+0x5f/0x780
[  333.819106][ T8669]  should_failslab+0xc2/0x120
[  333.819130][ T8669]  __kmalloc_cache_noprof+0x72/0x780
[  333.819158][ T8669]  ? __pfx___might_resched+0x10/0x10
[  333.819183][ T8669]  ? vhost_task_create+0xe5/0x370
[  333.819202][ T8669]  ? rcu_is_watching+0x12/0xc0
[  333.819227][ T8669]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  333.819256][ T8669]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  333.819282][ T8669]  ? vhost_task_create+0xe5/0x370
[  333.819302][ T8669]  vhost_task_create+0xe5/0x370
[  333.819322][ T8669]  ? __pfx_vhost_task_create+0x10/0x10
[  333.819352][ T8669]  ? __pfx_vhost_task_fn+0x10/0x10
[  333.819387][ T8669]  kvm_mmu_post_init_vm+0x1b7/0x380
[  333.819411][ T8669]  kvm_arch_vcpu_ioctl_run+0x66/0x1920
[  333.819434][ T8669]  ? kvm_vcpu_ioctl+0x14c5/0x1690
[  333.819472][ T8669]  kvm_vcpu_ioctl+0x5eb/0x1690
[  333.819503][ T8669]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  333.819531][ T8669]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  333.819559][ T8669]  ? do_vfs_ioctl+0x128/0x14f0
[  333.819587][ T8669]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  333.819614][ T8669]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  333.819649][ T8669]  ? hook_file_ioctl_common+0x145/0x410
[  333.819684][ T8669]  ? selinux_file_ioctl+0x180/0x270
[  333.819705][ T8669]  ? selinux_file_ioctl+0xb4/0x270
[  333.819729][ T8669]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  333.819757][ T8669]  __x64_sys_ioctl+0x18e/0x210
[  333.819787][ T8669]  do_syscall_64+0xcd/0xfa0
[  333.819809][ T8669]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  333.819831][ T8669] RIP: 0033:0x7f4b64b8f6c9
[  333.819847][ T8669] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  333.819867][ T8669] RSP: 002b:00007f4b65ad2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  333.819886][ T8669] RAX: ffffffffffffffda RBX: 00007f4b64de5fa0 RCX: 00007f4b64b8f6c9
[  333.819899][ T8669] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  333.819911][ T8669] RBP: 00007f4b65ad2090 R08: 0000000000000000 R09: 0000000000000000
[  333.819924][ T8669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  333.819935][ T8669] R13: 00007f4b64de6038 R14: 00007f4b64de5fa0 R15: 00007fffa0b4fc58
[  333.819965][ T8669]  </TASK>
[  333.834718][   T30] audit: type=1400 audit(1762883263.913:442): avc:  denied  { remount } for  pid=8654 comm="syz.2.602" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  334.306420][   T30] audit: type=1400 audit(1762883264.753:443): avc:  denied  { connect } for  pid=8678 comm="syz.4.611" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  334.334621][    T9] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  334.492392][    T9] usb 6-1: Using ep0 maxpacket: 8
[  334.513846][    T9] usb 6-1: config 0 has no interfaces?
[  334.529945][    T9] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  334.569195][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.598382][    T9] usb 6-1: config 0 descriptor??
[  334.759306][   T30] audit: type=1400 audit(1762883265.213:444): avc:  denied  { listen } for  pid=8694 comm="syz.3.614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  334.842532][ T8698] delete_channel: no stack
[  335.334286][ T8465] usb 6-1: USB disconnect, device number 18
[  335.357845][   T30] audit: type=1400 audit(1762883265.243:445): avc:  denied  { read } for  pid=8694 comm="syz.3.614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  335.492965][   T30] audit: type=1400 audit(1762883265.303:446): avc:  denied  { create } for  pid=8694 comm="syz.3.614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  335.647548][   T30] audit: type=1400 audit(1762883265.313:447): avc:  denied  { accept } for  pid=8694 comm="syz.3.614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  335.690112][   T30] audit: type=1400 audit(1762883265.323:448): avc:  denied  { ioctl } for  pid=8694 comm="syz.3.614" path="socket:[26015]" dev="sockfs" ino=26015 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  335.852199][   T30] audit: type=1400 audit(1762883265.953:449): avc:  denied  { create } for  pid=8700 comm="syz.2.616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  336.508133][ T8723] Illegal XDP return value 240830976 on prog  (id 110) dev N/A, expect packet loss!
[  336.791149][ T5822] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  336.848188][ T8731] FAULT_INJECTION: forcing a failure.
[  336.848188][ T8731] name failslab, interval 1, probability 0, space 0, times 0
[  336.937949][ T8731] CPU: 0 UID: 0 PID: 8731 Comm: syz.5.623 Not tainted syzkaller #0 PREEMPT(full) 
[  336.937978][ T8731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  336.937991][ T8731] Call Trace:
[  336.937997][ T8731]  <TASK>
[  336.938006][ T8731]  dump_stack_lvl+0x16c/0x1f0
[  336.938043][ T8731]  should_fail_ex+0x512/0x640
[  336.938067][ T8731]  ? fs_reclaim_acquire+0xae/0x150
[  336.938097][ T8731]  should_failslab+0xc2/0x120
[  336.938121][ T8731]  __kmalloc_noprof+0xdd/0x880
[  336.938149][ T8731]  ? tomoyo_encode2+0x100/0x3e0
[  336.938178][ T8731]  ? tomoyo_encode2+0x100/0x3e0
[  336.938199][ T8731]  tomoyo_encode2+0x100/0x3e0
[  336.938226][ T8731]  tomoyo_encode+0x29/0x50
[  336.938256][ T8731]  tomoyo_realpath_from_path+0x18f/0x6e0
[  336.938289][ T8731]  tomoyo_path_number_perm+0x245/0x580
[  336.938309][ T8731]  ? tomoyo_path_number_perm+0x237/0x580
[  336.938332][ T8731]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  336.938355][ T8731]  ? find_held_lock+0x2b/0x80
[  336.938407][ T8731]  ? find_held_lock+0x2b/0x80
[  336.938432][ T8731]  ? hook_file_ioctl_common+0x145/0x410
[  336.938465][ T8731]  ? __fget_files+0x20e/0x3c0
[  336.938491][ T8731]  security_file_ioctl+0x9b/0x240
[  336.938517][ T8731]  __x64_sys_ioctl+0xb7/0x210
[  336.938547][ T8731]  do_syscall_64+0xcd/0xfa0
[  336.938570][ T8731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.938591][ T8731] RIP: 0033:0x7ff72f38f6c9
[  336.938607][ T8731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.938626][ T8731] RSP: 002b:00007ff73021c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  336.938647][ T8731] RAX: ffffffffffffffda RBX: 00007ff72f5e5fa0 RCX: 00007ff72f38f6c9
[  336.938660][ T8731] RDX: 00002000000003c0 RSI: 00000000c01864b1 RDI: 0000000000000003
[  336.938673][ T8731] RBP: 00007ff73021c090 R08: 0000000000000000 R09: 0000000000000000
[  336.938686][ T8731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.938698][ T8731] R13: 00007ff72f5e6038 R14: 00007ff72f5e5fa0 R15: 00007ffd8bda5358
[  336.938728][ T8731]  </TASK>
[  336.992830][ T5822] usb 5-1: unable to get BOS descriptor or descriptor too short
[  337.000090][ T8731] ERROR: Out of memory at tomoyo_realpath_from_path.
[  337.291682][ T5822] usb 5-1: not running at top speed; connect to a high speed hub
[  337.300841][ T5822] usb 5-1: config 12 has an invalid interface number: 184 but max is 0
[  337.309191][ T5822] usb 5-1: config 12 has no interface number 0
[  337.320745][ T5822] usb 5-1: config 12 interface 184 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 10
[  337.345134][ T5822] usb 5-1: New USB device found, idVendor=0499, idProduct=100d, bcdDevice=84.a2
[  337.354269][ T5822] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.374045][ T5822] usb 5-1: Product: syz
[  337.378243][ T5822] usb 5-1: Manufacturer: syz
[  337.400814][ T5822] usb 5-1: SerialNumber: syz
[  337.626978][ T5822] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  337.716305][ T5822] usb 5-1: USB disconnect, device number 22
[  338.714547][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  338.714563][   T30] audit: type=1400 audit(1762883269.173:453): avc:  denied  { watch watch_reads } for  pid=8746 comm="syz.2.628" path="/145/net_prio.prioidx" dev="tmpfs" ino=772 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  339.453462][ T8761] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  339.462902][ T8761] cramfs: wrong magic
[  339.763121][ T8470] af_packet: tpacket_rcv: packet too big, clamped from 80 to 4294967272. macoff=96
[  339.942238][ T8465] usb 6-1: new full-speed USB device number 19 using dummy_hcd
[  340.102312][ T8465] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  340.110372][ T8465] usb 6-1: config 0 has no interface number 0
[  340.116672][ T8465] usb 6-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  340.171420][ T8465] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.207667][ T8465] usb 6-1: config 0 descriptor??
[  340.229962][ T8465] usb 6-1: selecting invalid altsetting 1
[  340.237343][ T8465] dvb_ttusb_budget: ttusb_init_controller: error
[  340.255637][ T8465] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  340.424672][ T8465] DVB: Unable to find symbol cx22700_attach()
[  340.661781][ T8465] DVB: Unable to find symbol tda10046_attach()
[  340.682611][ T8465] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  340.727911][ T8465] usb 6-1: USB disconnect, device number 19
[  340.833750][ T8782] vimc link validate: Sensor B:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 1:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  342.095098][ T8788] syz.3.638 (8788): drop_caches: 1
[  342.129011][ T8788] syz.3.638 (8788): drop_caches: 1
[  342.676580][ T8802] hpfs: hpfs_map_sector(): read error
[  342.843843][ T8811] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.851555][ T8811] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.222943][ T8811] bridge0: port 3(batadv0) entered disabled state
[  343.544173][ T8811] bridge_slave_1: left allmulticast mode
[  343.557335][ T8811] bridge_slave_1: left promiscuous mode
[  343.564309][ T8811] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.601301][ T8811] bridge_slave_0: left allmulticast mode
[  343.690768][ T8811] bridge_slave_0: left promiscuous mode
[  343.822966][ T8811] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.438578][ T8840] syz.5.649 (8840): drop_caches: 1
[  345.476035][ T8840] syz.5.649 (8840): drop_caches: 1
[  345.568642][   T30] audit: type=1400 audit(1762883276.023:454): avc:  denied  { create } for  pid=8841 comm="syz.3.648" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  345.665955][   T30] audit: type=1400 audit(1762883276.043:455): avc:  denied  { read write } for  pid=8843 comm="syz.2.650" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  346.080845][    T9] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  346.090448][   T30] audit: type=1400 audit(1762883276.043:456): avc:  denied  { open } for  pid=8843 comm="syz.2.650" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  346.370798][    T9] usb 4-1: Using ep0 maxpacket: 8
[  346.386234][ T8857] RDS: rds_bind could not find a transport for fe80::aa, load rds_tcp or rds_rdma?
[  346.760100][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[  346.775535][    T9] usb 4-1: New USB device found, idVendor=0079, idProduct=0011, bcdDevice= 0.00
[  346.787147][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.807361][   T30] audit: type=1400 audit(1762883277.253:457): avc:  denied  { block_suspend } for  pid=8858 comm="syz.5.656" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  346.811079][    T9] usb 4-1: config 0 descriptor??
[  346.867170][ T8859] FAULT_INJECTION: forcing a failure.
[  346.867170][ T8859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.889839][ T8859] CPU: 0 UID: 0 PID: 8859 Comm: syz.5.656 Not tainted syzkaller #0 PREEMPT(full) 
[  346.889868][ T8859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  346.889878][ T8859] Call Trace:
[  346.889884][ T8859]  <TASK>
[  346.889890][ T8859]  dump_stack_lvl+0x16c/0x1f0
[  346.889923][ T8859]  should_fail_ex+0x512/0x640
[  346.889948][ T8859]  _copy_to_user+0x32/0xd0
[  346.889971][ T8859]  simple_read_from_buffer+0xcb/0x170
[  346.889999][ T8859]  proc_fail_nth_read+0x197/0x240
[  346.890021][ T8859]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  346.890043][ T8859]  ? rw_verify_area+0xcf/0x6c0
[  346.890066][ T8859]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  346.890086][ T8859]  vfs_read+0x1e4/0xcf0
[  346.890106][ T8859]  ? __pfx___mutex_lock+0x10/0x10
[  346.890124][ T8859]  ? __pfx_vfs_read+0x10/0x10
[  346.890148][ T8859]  ? __fget_files+0x20e/0x3c0
[  346.890173][ T8859]  ksys_read+0x12a/0x250
[  346.890189][ T8859]  ? __pfx_ksys_read+0x10/0x10
[  346.890214][ T8859]  do_syscall_64+0xcd/0xfa0
[  346.890232][ T8859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.890250][ T8859] RIP: 0033:0x7ff72f38e0dc
[  346.890265][ T8859] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  346.890280][ T8859] RSP: 002b:00007ff73021c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  346.890297][ T8859] RAX: ffffffffffffffda RBX: 00007ff72f5e5fa0 RCX: 00007ff72f38e0dc
[  346.890308][ T8859] RDX: 000000000000000f RSI: 00007ff73021c0a0 RDI: 0000000000000005
[  346.890327][ T8859] RBP: 00007ff73021c090 R08: 0000000000000000 R09: 0000000000000000
[  346.890338][ T8859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  346.890347][ T8859] R13: 00007ff72f5e6038 R14: 00007ff72f5e5fa0 R15: 00007ffd8bda5358
[  346.890373][ T8859]  </TASK>
[  347.217124][ T8862] FAULT_INJECTION: forcing a failure.
[  347.217124][ T8862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  347.232087][ T8862] CPU: 1 UID: 0 PID: 8862 Comm: syz.6.657 Not tainted syzkaller #0 PREEMPT(full) 
[  347.232116][ T8862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  347.232127][ T8862] Call Trace:
[  347.232134][ T8862]  <TASK>
[  347.232143][ T8862]  dump_stack_lvl+0x16c/0x1f0
[  347.232179][ T8862]  should_fail_ex+0x512/0x640
[  347.232206][ T8862]  _copy_from_user+0x2e/0xd0
[  347.232233][ T8862]  get_timespec64+0x8b/0x240
[  347.232262][ T8862]  ? __pfx_get_timespec64+0x10/0x10
[  347.232289][ T8862]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  347.232317][ T8862]  get_itimerspec64+0x40/0x60
[  347.232345][ T8862]  __x64_sys_timer_settime+0x17d/0x2c0
[  347.232371][ T8862]  ? __pfx___x64_sys_timer_settime+0x10/0x10
[  347.232398][ T8862]  ? ksys_write+0x1ac/0x250
[  347.232430][ T8862]  do_syscall_64+0xcd/0xfa0
[  347.232451][ T8862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.232471][ T8862] RIP: 0033:0x7f5393d8f6c9
[  347.232489][ T8862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.232508][ T8862] RSP: 002b:00007f5391ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  347.232528][ T8862] RAX: ffffffffffffffda RBX: 00007f5393fe5fa0 RCX: 00007f5393d8f6c9
[  347.232542][ T8862] RDX: 0000200000000040 RSI: 0000000000000001 RDI: 0000000000000000
[  347.232555][ T8862] RBP: 00007f5391ff6090 R08: 0000000000000000 R09: 0000000000000000
[  347.232574][ T8862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.232585][ T8862] R13: 00007f5393fe6038 R14: 00007f5393fe5fa0 R15: 00007ffc076001c8
[  347.232614][ T8862]  </TASK>
[  347.385004][    T9] dragonrise 0003:0079:0011.000D: hidraw0: USB HID vd.c7 Device [HID 0079:0011] on usb-dummy_hcd.3-1/input0
[  347.671324][    T9] usb 4-1: USB disconnect, device number 16
[  348.464569][ T8866] isofs_fill_super: bread failed, dev=loop5, iso_blknum=16, block=32
[  348.554913][ T8874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.578354][ T8874] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.783828][ T8874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.871021][ T8874] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.890446][ T8878] cgroup: name respecified
[  349.010652][   T30] audit: type=1400 audit(1762883279.463:458): avc:  denied  { ioctl } for  pid=8873 comm="syz.2.661" path="socket:[26646]" dev="sockfs" ino=26646 ioctlcmd=0x662c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  349.200709][ T8464] usb 6-1: new full-speed USB device number 20 using dummy_hcd
[  349.220674][ T5926] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  349.424198][ T5926] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  349.456816][ T8464] usb 6-1: unable to get BOS descriptor or descriptor too short
[  349.466446][ T5926] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  349.471317][ T8464] usb 6-1: not running at top speed; connect to a high speed hub
[  349.545872][ T5926] usb 7-1: Product: syz
[  349.556390][ T8888] FAULT_INJECTION: forcing a failure.
[  349.556390][ T8888] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  349.567022][ T8464] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  349.607397][ T5926] usb 7-1: Manufacturer: syz
[  349.638036][ T5926] usb 7-1: SerialNumber: syz
[  349.670712][ T8464] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  349.690811][ T8888] CPU: 0 UID: 0 PID: 8888 Comm: syz.3.665 Not tainted syzkaller #0 PREEMPT(full) 
[  349.690840][ T8888] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  349.690852][ T8888] Call Trace:
[  349.690859][ T8888]  <TASK>
[  349.690867][ T8888]  dump_stack_lvl+0x16c/0x1f0
[  349.690902][ T8888]  should_fail_ex+0x512/0x640
[  349.690930][ T8888]  _copy_from_iter+0x29f/0x1720
[  349.690959][ T8888]  ? __alloc_skb+0x200/0x380
[  349.690984][ T8888]  ? __pfx__copy_from_iter+0x10/0x10
[  349.691006][ T8888]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[  349.691029][ T8888]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[  349.691066][ T8888]  netlink_sendmsg+0x820/0xdd0
[  349.691099][ T8888]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.691146][ T8888]  ____sys_sendmsg+0xa98/0xc70
[  349.691167][ T8888]  ? copy_msghdr_from_user+0x10a/0x160
[  349.691194][ T8888]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.691211][ T8888]  ? irqentry_exit+0x3b/0x90
[  349.691244][ T8888]  ___sys_sendmsg+0x134/0x1d0
[  349.691273][ T8888]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.691296][ T8888]  ? __lock_acquire+0x622/0x1c90
[  349.691353][ T8888]  __sys_sendmsg+0x16d/0x220
[  349.691379][ T8888]  ? __pfx___sys_sendmsg+0x10/0x10
[  349.691404][ T8888]  ? __pfx_bpf_trace_run2+0x10/0x10
[  349.691437][ T8888]  ? syscall_trace_enter+0x1cb/0x240
[  349.691462][ T8888]  ? rcu_is_watching+0x12/0xc0
[  349.691492][ T8888]  do_syscall_64+0xcd/0xfa0
[  349.691513][ T8888]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.691534][ T8888] RIP: 0033:0x7fa0a938f6c9
[  349.691551][ T8888] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.691570][ T8888] RSP: 002b:00007fa0aa252038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.691588][ T8888] RAX: ffffffffffffffda RBX: 00007fa0a95e5fa0 RCX: 00007fa0a938f6c9
[  349.691600][ T8888] RDX: 0000000000004890 RSI: 00002000000002c0 RDI: 0000000000000003
[  349.691611][ T8888] RBP: 00007fa0aa252090 R08: 0000000000000000 R09: 0000000000000000
[  349.691622][ T8888] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.691632][ T8888] R13: 00007fa0a95e6038 R14: 00007fa0a95e5fa0 R15: 00007ffc2e9e0cd8
[  349.691659][ T8888]  </TASK>
[  349.719571][ T5926] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  349.840638][ T8464] usb 6-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  350.080657][   T30] audit: type=1400 audit(1762883280.493:459): avc:  denied  { firmware_load } for  pid=8470 comm="kworker/1:9" path="/lib/firmware/ath9k_htc/htc_9271-1.4.0.fw" dev="sda1" ino=313 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  350.270735][ T8470] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  351.322685][ T8464] usb 6-1: New USB device found, idVendor=0cb8, idProduct=c90b, bcdDevice= d.ae
[  351.353620][ T8464] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.432470][ T8464] usb 6-1: Product: syz
[  351.476692][ T8464] usb 6-1: Manufacturer: syz
[  351.528559][ T8464] usb 6-1: SerialNumber: syz
[  351.550774][    T9] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[  351.710906][    T9] usb 4-1: device descriptor read/64, error -71
[  351.846204][ T8464] usb 6-1: USB disconnect, device number 20
[  351.921051][ T8470] usb 7-1: Service connection timeout for: 256
[  351.927395][ T8470] ath9k_htc 7-1:1.0: ath9k_htc: Unable to initialize HTC services
[  352.040720][    T9] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  352.063668][ T8470] ath9k_htc: Failed to initialize the device
[  352.127986][ T8470] usb 7-1: ath9k_htc: USB layer deinitialized
[  352.230829][    T9] usb 4-1: device descriptor read/64, error -71
[  352.386730][    T9] usb usb4-port1: attempt power cycle
[  352.830717][    T9] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[  352.939896][    T9] usb 4-1: device descriptor read/8, error -71
[  353.237165][ T8899] FAULT_INJECTION: forcing a failure.
[  353.237165][ T8899] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  353.250647][ T8899] CPU: 0 UID: 0 PID: 8899 Comm: syz.5.669 Not tainted syzkaller #0 PREEMPT(full) 
[  353.250675][ T8899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  353.250687][ T8899] Call Trace:
[  353.250693][ T8899]  <TASK>
[  353.250701][ T8899]  dump_stack_lvl+0x16c/0x1f0
[  353.250736][ T8899]  should_fail_ex+0x512/0x640
[  353.250761][ T8899]  _copy_from_user+0x2e/0xd0
[  353.250784][ T8899]  kstrtouint_from_user+0xd6/0x1d0
[  353.250811][ T8899]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  353.250844][ T8899]  ? __lock_acquire+0xb8a/0x1c90
[  353.250876][ T8899]  proc_fail_nth_write+0x83/0x220
[  353.250901][ T8899]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  353.250932][ T8899]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  353.250954][ T8899]  vfs_write+0x2a0/0x11d0
[  353.250979][ T8899]  ? __pfx___mutex_lock+0x10/0x10
[  353.250998][ T8899]  ? __pfx_vfs_write+0x10/0x10
[  353.251012][ T8899]  ? __fget_files+0x20e/0x3c0
[  353.251028][ T8899]  ksys_write+0x12a/0x250
[  353.251039][ T8899]  ? __pfx_ksys_write+0x10/0x10
[  353.251051][ T8899]  ? rcu_is_watching+0x12/0xc0
[  353.251078][ T8899]  do_syscall_64+0xcd/0xfa0
[  353.251101][ T8899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.251123][ T8899] RIP: 0033:0x7ff72f38e17f
[  353.251139][ T8899] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  353.251151][ T8899] RSP: 002b:00007ff7301fb030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  353.251162][ T8899] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007ff72f38e17f
[  353.251169][ T8899] RDX: 0000000000000001 RSI: 00007ff7301fb0a0 RDI: 0000000000000007
[  353.251175][ T8899] RBP: 00007ff7301fb090 R08: 0000000000000000 R09: 0000000000000000
[  353.251182][ T8899] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  353.251188][ T8899] R13: 00007ff72f5e6128 R14: 00007ff72f5e6090 R15: 00007ffd8bda5358
[  353.251207][ T8899]  </TASK>
[  353.462007][    T9] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  353.748817][    T9] usb 4-1: device descriptor read/8, error -71
[  353.961076][    T9] usb usb4-port1: unable to enumerate USB device
[  355.360846][   T31] INFO: task kworker/0:7:5899 blocked for more than 143 seconds.
[  355.378843][   T31]       Not tainted syzkaller #0
[  355.430837][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  355.494731][   T31] task:kworker/0:7     state:D stack:22920 pid:5899  tgid:5899  ppid:2      task_flags:0x4208060 flags:0x00080000
[  355.603429][   T31] Workqueue: usb_hub_wq hub_event
[  355.645327][   T31] Call Trace:
[  355.675385][   T31]  <TASK>
[  355.697427][   T31]  __schedule+0x1190/0x5de0
[  355.739812][   T31]  ? ret_from_fork_asm+0x1a/0x30
[  355.782963][   T31]  ? __lock_acquire+0x622/0x1c90
[  355.824088][   T31]  ? __pfx___schedule+0x10/0x10
[  355.869166][   T31]  ? find_held_lock+0x2b/0x80
[  355.919652][   T31]  ? schedule+0x2d7/0x3a0
[  355.950432][   T31]  schedule+0xe7/0x3a0
[  356.003929][   T31]  schedule_timeout+0x257/0x290
[  356.060859][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  356.113675][   T31]  ? mark_held_locks+0x49/0x80
[  356.190652][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  356.195909][   T31]  __wait_for_common+0x2fc/0x4e0
[  356.280640][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  356.286074][   T31]  ? __pfx___wait_for_common+0x10/0x10
[  356.410839][   T31]  ? __pfx_device_del+0x10/0x10
[  356.438572][   T31]  ? kobject_put+0xab/0x5a0
[  356.487345][   T31]  i2c_del_adapter+0x546/0x6f0
[  356.525674][   T31]  ? usb_free_stream_buffers.isra.0+0x1b8/0x2b0
[  356.587379][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[  356.634348][   T31]  ? rcu_is_watching+0x12/0xc0
[  356.639161][   T31]  ? kfree+0x252/0x6d0
[  356.720625][   T31]  ? usb_urb_exit+0x1ff/0x2b0
[  356.760635][   T31]  dvb_usb_i2c_exit+0x9f/0xf0
[  356.796849][   T31]  dvb_usb_device_exit+0x334/0x580
[  356.860735][   T31]  ? __pfx_dvb_usb_device_exit+0x10/0x10
[  356.910010][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  356.971593][   T31]  cxusb_probe+0x1c9/0x7d0
[  356.976066][   T31]  ? mark_held_locks+0x49/0x80
[  357.060973][   T31]  ? __pfx_cxusb_probe+0x10/0x10
[  357.110660][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  357.115921][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  357.201533][   T31]  ? __pm_runtime_set_status+0x13c/0xa80
[  357.250688][   T31]  usb_probe_interface+0x303/0xa40
[  357.278585][   T31]  ? __pfx_usb_probe_interface+0x10/0x10
[  357.322624][   T31]  really_probe+0x241/0xa90
[  357.363779][   T31]  __driver_probe_device+0x1de/0x440
[  357.407459][   T31]  driver_probe_device+0x4c/0x1b0
[  357.460690][   T31]  __device_attach_driver+0x1df/0x310
[  357.497810][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  357.550346][   T31]  bus_for_each_drv+0x159/0x1e0
[  357.589632][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  357.636799][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  357.681778][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  357.720762][   T31]  __device_attach+0x1e4/0x4b0
[  357.752564][   T31]  ? __pfx___device_attach+0x10/0x10
[  357.787890][   T31]  ? do_raw_spin_unlock+0x172/0x230
[  357.825073][   T31]  bus_probe_device+0x17f/0x1c0
[  357.861520][   T31]  device_add+0x1148/0x1aa0
[  357.896330][   T31]  ? __pfx_device_add+0x10/0x10
[  357.935272][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  357.974031][   T31]  usb_set_configuration+0x1187/0x1e20
[  358.027312][   T31]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[  358.070469][   T31]  usb_generic_driver_probe+0xb1/0x110
[  358.117862][   T31]  usb_probe_device+0xef/0x3e0
[  358.151459][   T31]  ? __pfx_usb_probe_device+0x10/0x10
[  358.189022][   T31]  really_probe+0x241/0xa90
[  358.226234][   T31]  __driver_probe_device+0x1de/0x440
[  358.266239][   T31]  ? usb_driver_applicable+0x1c7/0x220
[  358.310711][   T31]  driver_probe_device+0x4c/0x1b0
[  358.347785][   T31]  __device_attach_driver+0x1df/0x310
[  358.391936][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[  358.430430][   T31]  bus_for_each_drv+0x159/0x1e0
[  358.470701][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[  358.507323][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  358.543038][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  358.587267][   T31]  __device_attach+0x1e4/0x4b0
[  358.624544][   T31]  ? __pfx___device_attach+0x10/0x10
[  358.662725][   T31]  ? do_raw_spin_unlock+0x172/0x230
[  358.700774][   T31]  bus_probe_device+0x17f/0x1c0
[  358.739167][   T31]  device_add+0x1148/0x1aa0
[  358.772924][   T31]  ? __pfx_device_add+0x10/0x10
[  358.804546][   T31]  ? add_device_randomness+0xb7/0xf0
[  358.848989][   T31]  ? __usb_get_extra_descriptor+0x158/0x1c0
[  358.895114][   T31]  usb_new_device+0xd07/0x1a60
[  358.925899][   T31]  ? do_raw_spin_lock+0x12c/0x2b0
[  358.964105][   T31]  ? __pfx_usb_new_device+0x10/0x10
[  359.002912][   T31]  ? mark_held_locks+0x49/0x80
[  359.039222][   T31]  hub_event+0x2f34/0x4fe0
[  359.076492][   T31]  ? __pfx_hub_event+0x10/0x10
[  359.109066][   T31]  ? assoc_array_insert+0xab0/0x3970
[  359.151873][   T31]  ? rcu_is_watching+0x12/0xc0
[  359.185799][   T31]  process_one_work+0x9cf/0x1b70
[  359.224110][   T31]  ? __pfx_hcd_resume_work+0x10/0x10
[  359.261810][   T31]  ? __pfx_process_one_work+0x10/0x10
[  359.302878][   T31]  ? assign_work+0x1a0/0x250
[  359.340898][   T31]  worker_thread+0x6c8/0xf10
[  359.365543][   T31]  ? __kthread_parkme+0x19e/0x250
[  359.401888][   T31]  ? __pfx_worker_thread+0x10/0x10
[  359.443789][   T31]  kthread+0x3c5/0x780
[  359.469091][   T31]  ? __pfx_kthread+0x10/0x10
[  359.503643][   T31]  ? rcu_is_watching+0x12/0xc0
[  359.537252][   T31]  ? __pfx_kthread+0x10/0x10
[  359.572688][   T31]  ret_from_fork+0x675/0x7d0
[  359.605126][   T31]  ? __pfx_kthread+0x10/0x10
[  359.644005][   T31]  ret_from_fork_asm+0x1a/0x30
[  359.671813][   T31]  </TASK>
[  359.706672][   T31] 
[  359.706672][   T31] Showing all locks held in the system:
[  359.824875][   T31] 1 lock held by khungtaskd/31:
[  359.874050][   T31]  #0: ffffffff8e3c4720 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  359.975451][   T31] 2 locks held by getty/5569:
[  359.980162][   T31]  #0: ffff888035cdb0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  360.080914][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  360.145112][   T31] 3 locks held by udevd/5817:
[  360.149822][   T31] 1 lock held by udevd/5826:
[  360.220629][   T31] 1 lock held by udevd/5827:
[  360.225253][   T31] 5 locks held by kworker/0:7/5899:
[  360.230448][   T31]  #0: ffff88801e29b548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  360.350597][   T31]  #1: ffffc9000465fd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  360.413150][   T31]  #2: ffff8880290e0198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fe0
[  360.471640][   T31]  #3: ffff8880296ca198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  360.541153][   T31]  #4: ffff88802a2df160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  360.597342][   T31] 4 locks held by udevd/5954:
[  360.623249][   T31]  #0: ffff888029350d58 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12d0
[  360.679260][   T31]  #1: ffff888030769488 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x4f/0x2a0
[  360.743932][   T31]  #2: ffff888056c13878 (kn->active#19){.+.+}-{0:0}, at: kernfs_seq_start+0xbc/0x2a0
[  360.803998][   T31]  #3: ffff8880296ca198 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[  360.870674][   T31] 2 locks held by udevd/6162:
[  360.899157][   T31] 3 locks held by kworker/u8:11/7632:
[  360.936253][   T31]  #0: ffff88813ff29948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  361.050793][   T31]  #1: ffffc90003f8fd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  361.137069][   T31]  #2: ffffffff900e7388 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0
[  361.202295][   T31] 2 locks held by syz.4.642/8813:
[  361.240986][   T31]  #0: ffffffff900e7388 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[  361.305854][   T31]  #1: ffffffff8e3cfcb8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0
[  361.375072][   T31] 2 locks held by syz.2.661/8885:
[  361.410094][   T31]  #0: ffffffff900bb428 (vlan_ioctl_mutex){+.+.}-{4:4}, at: sock_ioctl+0x49c/0x6b0
[  361.479415][   T31]  #1: ffffffff900e7388 (rtnl_mutex){+.+.}-{4:4}, at: vlan_ioctl_handler+0xce/0xa70
[  361.549529][   T31] 2 locks held by syz.6.662/8878:
[  361.589024][   T31]  #0: ffffffff9018b110 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[  361.649502][   T31]  #1: ffffffff900e7388 (rtnl_mutex){+.+.}-{4:4}, at: nl80211_pre_doit+0xb4/0xb10
[  361.724871][   T31] 
[  361.739480][   T31] =============================================
[  361.739480][   T31] 
[  361.805222][   T31] NMI backtrace for cpu 0
[  361.805241][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  361.805266][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  361.805277][   T31] Call Trace:
[  361.805284][   T31]  <TASK>
[  361.805292][   T31]  dump_stack_lvl+0x116/0x1f0
[  361.805329][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  361.805352][   T31]  ? _raw_spin_unlock_irqrestore+0x61/0x80
[  361.805383][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  361.805414][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  361.805442][   T31]  watchdog+0xf3f/0x1170
[  361.805472][   T31]  ? rcu_is_watching+0x12/0xc0
[  361.805498][   T31]  ? __pfx_watchdog+0x10/0x10
[  361.805521][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  361.805557][   T31]  ? __kthread_parkme+0x19e/0x250
[  361.805588][   T31]  ? __pfx_watchdog+0x10/0x10
[  361.805612][   T31]  kthread+0x3c5/0x780
[  361.805633][   T31]  ? __pfx_kthread+0x10/0x10
[  361.805655][   T31]  ? rcu_is_watching+0x12/0xc0
[  361.805680][   T31]  ? __pfx_kthread+0x10/0x10
[  361.805701][   T31]  ret_from_fork+0x675/0x7d0
[  361.805719][   T31]  ? __pfx_kthread+0x10/0x10
[  361.805740][   T31]  ret_from_fork_asm+0x1a/0x30
[  361.805782][   T31]  </TASK>
[  361.805789][   T31] Sending NMI from CPU 0 to CPUs 1:
[  361.932813][    C1] NMI backtrace for cpu 1
[  361.932828][    C1] CPU: 1 UID: 0 PID: 5828 Comm: udevd Not tainted syzkaller #0 PREEMPT(full) 
[  361.932850][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  361.932861][    C1] RIP: 0010:unwind_next_frame+0x160f/0x20a0
[  361.932887][    C1] Code: 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 84 cb f9 ff ff e8 94 6f b9 00 e9 c1 f9 ff ff 48 b8 00 00 00 00 00 fc ff df 48 8b 14 24 <48> c1 ea 03 80 3c 02 00 0f 85 56 05 00 00 49 8d 7d 08 49 8b 5d 38
[  361.932905][    C1] RSP: 0018:ffffc90002e875e0 EFLAGS: 00000046
[  361.932920][    C1] RAX: dffffc0000000000 RBX: 0000000000000001 RCX: ffffffff91245e14
[  361.932933][    C1] RDX: ffffc90002e87688 RSI: 0000000000000001 RDI: 0000000000000001
[  361.932944][    C1] RBP: ffffc90002e87698 R08: ffffffff91245e18 R09: 0000000000000001
[  361.932956][    C1] R10: 0000000000000000 R11: 0000000000012576 R12: ffffc90002e876a0
[  361.932968][    C1] R13: ffffc90002e87650 R14: ffffc90002e879c0 R15: ffffc90002e87684
[  361.932981][    C1] FS:  00007f732659b880(0000) GS:ffff888124b08000(0000) knlGS:0000000000000000
[  361.932999][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  361.933011][    C1] CR2: 00007fa0a95b3ad8 CR3: 000000005a4d0000 CR4: 00000000003526f0
[  361.933022][    C1] Call Trace:
[  361.933028][    C1]  <TASK>
[  361.933034][    C1]  ? __kasan_save_free_info+0x3b/0x60
[  361.933062][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  361.933089][    C1]  arch_stack_walk+0x94/0x100
[  361.933111][    C1]  ? __kasan_slab_free+0x5f/0x80
[  361.933133][    C1]  stack_trace_save+0x8e/0xc0
[  361.933156][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  361.933181][    C1]  ? __lock_acquire+0xb8a/0x1c90
[  361.933199][    C1]  kasan_save_stack+0x33/0x60
[  361.933216][    C1]  ? kasan_save_stack+0x33/0x60
[  361.933232][    C1]  ? kasan_save_track+0x14/0x30
[  361.933249][    C1]  ? __kasan_save_free_info+0x3b/0x60
[  361.933295][    C1]  kasan_save_track+0x14/0x30
[  361.933312][    C1]  __kasan_save_free_info+0x3b/0x60
[  361.933336][    C1]  __kasan_slab_free+0x5f/0x80
[  361.933356][    C1]  kmem_cache_free+0x2d4/0x6c0
[  361.933372][    C1]  ? __sigqueue_free+0xba/0x2a0
[  361.933401][    C1]  ? __sigqueue_free+0xba/0x2a0
[  361.933425][    C1]  __sigqueue_free+0xba/0x2a0
[  361.933450][    C1]  collect_signal+0x263/0x540
[  361.933468][    C1]  dequeue_signal+0x3f9/0x520
[  361.933492][    C1]  ? __pfx_dequeue_signal+0x10/0x10
[  361.933508][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  361.933532][    C1]  signalfd_read_iter+0x230/0x7c0
[  361.933559][    C1]  ? __pfx_signalfd_read_iter+0x10/0x10
[  361.933583][    C1]  ? __pfx_default_wake_function+0x10/0x10
[  361.933607][    C1]  ? selinux_file_permission+0x126/0x660
[  361.933631][    C1]  ? bpf_lsm_file_permission+0x9/0x10
[  361.933649][    C1]  ? security_file_permission+0x71/0x210
[  361.933672][    C1]  ? rw_verify_area+0xcf/0x6c0
[  361.933698][    C1]  vfs_read+0x8bf/0xcf0
[  361.933717][    C1]  ? __pfx_vfs_read+0x10/0x10
[  361.933734][    C1]  ? bpf_trace_run2+0x26b/0x590
[  361.933759][    C1]  ? bpf_trace_run2+0x2ab/0x590
[  361.933779][    C1]  ? __pfx_bpf_trace_run2+0x10/0x10
[  361.933803][    C1]  ksys_read+0x12a/0x250
[  361.933819][    C1]  ? __pfx_ksys_read+0x10/0x10
[  361.933835][    C1]  ? syscall_trace_enter+0x1cb/0x240
[  361.933856][    C1]  ? rcu_is_watching+0x12/0xc0
[  361.933881][    C1]  do_syscall_64+0xcd/0xfa0
[  361.933900][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  361.933918][    C1] RIP: 0033:0x7f7326bc6407
[  361.933932][    C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  361.933948][    C1] RSP: 002b:00007fff36b0d8a0 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[  361.933964][    C1] RAX: ffffffffffffffda RBX: 00007f732659b880 RCX: 00007f7326bc6407
[  361.933976][    C1] RDX: 0000000000000080 RSI: 00007fff36b0d9e0 RDI: 0000000000000003
[  361.933987][    C1] RBP: 00005608adfed2c0 R08: 0000000000000000 R09: 0000000000000000
[  361.933998][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff36b0d930
[  361.934009][    C1] R13: 00007fff36b0d930 R14: 0000000000000000 R15: 0000000000000000
[  361.934028][    C1]  </TASK>