last executing test programs:

18m12.53197998s ago: executing program 1 (id=475):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(0x0, 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000001080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c010000", @ANYRES16=r1, @ANYBLOB="01000000000000000000170000000c00060001000000010000000c01308014000400976f1044852bca665354bd217b"], 0x12c}, 0x1, 0x0, 0x0, 0x24004821}, 0x0)

18m12.412143422s ago: executing program 1 (id=477):
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000))
syz_open_procfs(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DISABLE_SE(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r2, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x70, &(0x7f0000000580)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x0, 0xab00, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @empty}}}})
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r2, 0x84, 0x79, &(0x7f0000000000)={0x0, 0x6, 0x8001}, 0x8)

18m9.854962901s ago: executing program 1 (id=480):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0)
semctl$IPC_RMID(0x0, 0x0, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[], 0x28}}, 0x0)
add_key(&(0x7f0000000000)='asymmetric\x00', 0x0, &(0x7f0000000580)="303e3080020000000900f190c937dc6b14243b0402e8886ff204d830fa5b3ba026b4fb643891162fb3fbf36e7118a3", 0x2f, 0x0)
getresuid(&(0x7f0000000080), 0x0, &(0x7f0000000100))
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
read$FUSE(0xffffffffffffffff, &(0x7f0000000640)={0x2020}, 0x2020)
sendmsg$nl_xfrm(r5, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8801}, 0x0)

18m8.334931874s ago: executing program 1 (id=485):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x1000, 0x0)
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', r0, &(0x7f0000000240)='./file0/file0\x00', 0x272)

18m7.788664673s ago: executing program 1 (id=486):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, 0x0, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000340)=@gettaction={0x34, 0x32, 0x301, 0x0, 0x2, {}, [@action_gd=@TCA_ACT_TAB={0x14, 0x1, [{0x10, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1, 0x1}}]}, 0x34}}, 0x4000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$kcm(0x2, 0x1, 0x84)
setsockopt$sock_attach_bpf(r1, 0x84, 0x25, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r5 = socket$kcm(0xa, 0x2, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000040)={0x84, @broadcast, 0x4e21, 0x3, 'rr\x00', 0xd, 0x5, 0x8a1a}, 0x2c)
sendmsg$sock(r5, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
openat$cgroup_int(0xffffffffffffffff, 0x0, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000080)={0xffffffff, "fa02c8098000"})
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)

18m7.547782533s ago: executing program 1 (id=487):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000400)='veno', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window={0x3, 0x5}], 0x6)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x8901, &(0x7f0000000080)={'syztnl1\x00', 0x0})
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
r1 = add_key$user(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r2 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000280)='asymmetric\x00', &(0x7f0000000200)=@secondary)
keyctl$KEYCTL_MOVE(0x1e, r1, 0xffffffffffffffff, r2, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800008b}, 0x0)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="0100", 0x2, 0xfffffffffffffffd)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ptrace$cont(0x7, 0x0, 0x41, 0x2c7d62d7)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x2c001, 0x0)
r4 = fsopen(&(0x7f0000000340)='binfmt_misc\x00', 0x1)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
ioctl$FIGETBSZ(r4, 0x2, &(0x7f0000000240))
r5 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="1201410130f56920ac05190272f00102030109021b000100001000090455070103490200090582030004"], 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@bridge_newneigh={0x1c, 0x1c, 0x1, 0x70bd28, 0x25dfdbfc, {0x7, 0x0, 0x0, 0x0, 0x80, 0x22, 0xb}}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20040010)
syz_usb_control_io(r5, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00N\b'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

18m7.011613217s ago: executing program 32 (id=487):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000400)='veno', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window={0x3, 0x5}], 0x6)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x8901, &(0x7f0000000080)={'syztnl1\x00', 0x0})
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
r1 = add_key$user(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff)
r2 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000280)='asymmetric\x00', &(0x7f0000000200)=@secondary)
keyctl$KEYCTL_MOVE(0x1e, r1, 0xffffffffffffffff, r2, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800008b}, 0x0)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="0100", 0x2, 0xfffffffffffffffd)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ptrace$cont(0x7, 0x0, 0x41, 0x2c7d62d7)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0x2c001, 0x0)
r4 = fsopen(&(0x7f0000000340)='binfmt_misc\x00', 0x1)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
ioctl$FIGETBSZ(r4, 0x2, &(0x7f0000000240))
r5 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="1201410130f56920ac05190272f00102030109021b000100001000090455070103490200090582030004"], 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000001300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@bridge_newneigh={0x1c, 0x1c, 0x1, 0x70bd28, 0x25dfdbfc, {0x7, 0x0, 0x0, 0x0, 0x80, 0x22, 0xb}}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x20040010)
syz_usb_control_io(r5, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00N\b'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3m57.691123883s ago: executing program 5 (id=3286):
openat$comedi(0xffffff9c, 0x0, 0x424b82, 0x0) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) (async, rerun: 32)
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0xc3ac83da9bf71c0c, 0x0) (async, rerun: 32)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0x4}, 0x0)
r2 = socket(0x2c, 0x2, 0xfffff800) (async)
socket(0x8, 0x1, 0x0)
ioctl$SIOCGETSGCNT(r2, 0x89a0, &(0x7f0000000200)={@local, @rand_addr=0x64010125}) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, 0x0) (async)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ip_tables_names\x00') (async)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0xb, 0x10, r3, 0x6eb8c000) (async, rerun: 64)
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x18) (rerun: 64)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil) (async)
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000400)={{&(0x7f00003f9000/0x1000)=nil, 0x1000}}) (async)
r5 = fcntl$getown(r1, 0x9)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={r5, r3, 0x0, 0x3, &(0x7f0000000140)='&:\x00'}, 0x30) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (rerun: 32)
sendmsg$DEVLINK_CMD_RATE_GET(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01070000000000000000450022f72b000e0001b63bfa97d606eabaad658c449978006e657464657673696d006237d30302006e657464657673696d300000"], 0x34}}, 0x0) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0}, 0x1, 0x0, 0x0, 0x4000050}, 0x20000000) (async)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b00010062726964676500001800028005001900840000000c001e"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) (async, rerun: 64)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840) (async, rerun: 64)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x2c, 0x24, 0xb, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xd, 0xffff}, {0x5, 0xe}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x0) (async, rerun: 32)
r8 = socket$netlink(0x10, 0x3, 0x0) (rerun: 32)
sendmmsg(r8, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3m57.676701766s ago: executing program 5 (id=3288):
r0 = socket$unix(0x1, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r2, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x66, 0x20, 0x0, 0x8, 0x3, 0x4, 0x1})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$vim2m(&(0x7f0000000080), 0x3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcf\xcb\x92\xf1\x83\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
setreuid(0x0, 0xee01)
r7 = syz_io_uring_setup(0x1714, &(0x7f0000000480)={0x0, 0x1, 0x10000, 0x1, 0xd5}, &(0x7f0000000100)=<r8=>0x0, &(0x7f00000002c0)=<r9=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r7, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
syz_io_uring_submit(r8, r9, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r1, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x22}})
io_uring_enter(r7, 0x27e2, 0x0, 0x7, 0x0, 0x0)
bind$unix(r0, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
setxattr$security_selinux(&(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f0000000340), &(0x7f0000000100)='system_u:object_r:pam_console_exec_t:s0\x00', 0x28, 0x2)
bind$netlink(0xffffffffffffffff, &(0x7f00000003c0)={0x10, 0x0, 0x1, 0x2ffffffff}, 0xc)
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f00000001c0)={0x44, 0x0, &(0x7f0000000900)=[@reply={0x40406301, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

3m56.654158338s ago: executing program 5 (id=3290):
shmget$private(0x0, 0x8000, 0x10, &(0x7f0000ff5000/0x8000)=nil)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$addseals(0xffffffffffffffff, 0x409, 0xe)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
shmget$private(0x0, 0xfffffffffeffffff, 0x4800, &(0x7f0000ffc000/0x3000)=nil)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x80281, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x4a, '\x00', 0x0, @fallback, r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r5, 0x4020565a, &(0x7f0000000080)={0x5, 0x2})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000030000000300000000200000000000000010000040000000000000000030000000000000000000000000000020000000000000000000000040000"], 0x0, 0x4a}, 0x28)
r6 = socket(0x10, 0x803, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'vlan0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newtfilter={0x7c, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r8, {0xf, 0x8}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_u32={{0x8}, {0x50, 0x2, [@TCA_U32_SEL={0x44, 0x5, {0xe, 0x10, 0x3, 0x1, 0x4, 0x1002, 0x6, 0xfffffffa, [{0x200, 0x500, 0x3, 0x6}, {0x6783, 0x2, 0xffffffff, 0x10}, {0x0, 0x53, 0xa9, 0x1}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xffff, 0x8}}]}}]}, 0x7c}}, 0x24040084)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYRESHEX, @ANYRES8=r3], 0x1c}, 0x1, 0x0, 0x0, 0x20004011}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
shmdt(0x0)

3m55.653045225s ago: executing program 5 (id=3294):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = gettid()
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$tipc(0x1e, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f00000009c0)=0x80000)
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, 0x0)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, &(0x7f0000000380)={{@host}, 0x59, 0x2800000000000000, 0x1, 0xfffffffa})
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAPCLR(r3, 0x4b68, 0x0)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000140)='hugetlb.2MB.limit_in_bytes\x00', 0x2, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000a80)=0x4)
ioctl$PPPIOCSFLAGS1(r4, 0x40047459, &(0x7f00000000c0)=0x550b6c)
read(r4, 0x0, 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x1000, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xa5840, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000380)='./file0/file0\x00', r0, &(0x7f0000000240)='./file0/file0\x00', 0x272)

3m54.453741238s ago: executing program 5 (id=3299):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
syz_init_net_socket$netrom(0x6, 0x5, 0x0) (async)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48) (async)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48)
sendto$netrom(r1, 0x0, 0x2, 0x0, &(0x7f0000000000)={{0x6, @rose}, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null]}, 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpgid(0x0)
prlimit64(r3, 0xd, &(0x7f0000000040)={0x14, 0xd233}, &(0x7f00000000c0)) (async)
prlimit64(r3, 0xd, &(0x7f0000000040)={0x14, 0xd233}, &(0x7f00000000c0))
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$netlink(0x10, 0x3, 0x0)
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, 0x0)
syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0xe873, 0x400, 0x2, 0x250}, &(0x7f0000000280), &(0x7f0000000240)) (async)
r7 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0xe873, 0x400, 0x2, 0x250}, &(0x7f0000000280)=<r8=>0x0, &(0x7f0000000240)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) (async)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd_index=0x3, 0x6, 0x0, 0x0, 0x10, 0x1})
io_uring_enter(r7, 0x627, 0x4c1, 0x43, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) (async)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
sendmmsg$unix(r10, &(0x7f00000bd000), 0x318, 0x0) (async)
sendmmsg$unix(r10, &(0x7f00000bd000), 0x318, 0x0)

3m53.279603936s ago: executing program 5 (id=3306):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
syz_usb_control_io$lan78xx(r1, &(0x7f0000000100)={0x14, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000080)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x100c}}}, &(0x7f0000000600)={0x34, &(0x7f0000000400)={0x40, 0x5, 0x62, "65d943637767f3b791301293508c6a31617f7f9fbb249cbddd8d73ce7f53705e02c66ad4a1e59fbfbad14131129c25aea29ac1c8b5309919d7785546815d37507401b01e5bbbe13717063bd7c18a244701875b14fc7b79bdc32bb3885aeba55794fa"}, &(0x7f00000001c0)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000500)={0x0, 0x8, 0x1, 0xb9}, &(0x7f0000000540)={0xc0, 0xa1, 0x4, 0x7}, 0x0, &(0x7f00000005c0)={0xc0, 0xa2, 0x2f, "1003046f42a6612cf2f0b78c4feadfe4cf3232b0bd224a7fdf0b651918d958436acd66dd436d87eb58ad3fd63a14e5"}})
write$selinux_load(r4, &(0x7f0000000000)={0xf97cff8c, 0x8, 'SE Linux', "fa0cf9222d09000000000076a7a3de7bb0a3a9837959a78c5112dd7b7314b6dff023189d0390d96d8bb6c320549b6aa94f"}, 0x41)

3m52.91113588s ago: executing program 33 (id=3306):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
r1 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='tracefs\x00', 0x1214040, 0x0)
r4 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r5, 0x0)
syz_usb_control_io$lan78xx(r1, &(0x7f0000000100)={0x14, &(0x7f0000000300)=ANY=[@ANYBLOB], &(0x7f0000000080)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x100c}}}, &(0x7f0000000600)={0x34, &(0x7f0000000400)={0x40, 0x5, 0x62, "65d943637767f3b791301293508c6a31617f7f9fbb249cbddd8d73ce7f53705e02c66ad4a1e59fbfbad14131129c25aea29ac1c8b5309919d7785546815d37507401b01e5bbbe13717063bd7c18a244701875b14fc7b79bdc32bb3885aeba55794fa"}, &(0x7f00000001c0)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000500)={0x0, 0x8, 0x1, 0xb9}, &(0x7f0000000540)={0xc0, 0xa1, 0x4, 0x7}, 0x0, &(0x7f00000005c0)={0xc0, 0xa2, 0x2f, "1003046f42a6612cf2f0b78c4feadfe4cf3232b0bd224a7fdf0b651918d958436acd66dd436d87eb58ad3fd63a14e5"}})
write$selinux_load(r4, &(0x7f0000000000)={0xf97cff8c, 0x8, 'SE Linux', "fa0cf9222d09000000000076a7a3de7bb0a3a9837959a78c5112dd7b7314b6dff023189d0390d96d8bb6c320549b6aa94f"}, 0x41)

2.307755952s ago: executing program 3 (id=4202):
creat(&(0x7f00000002c0)='./file0\x00', 0x109)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x34014c40, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000052b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005468a9fe52386e52000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000da0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000f7ffffffffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000001d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000bb33ea699a80e3f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x0, {0x0, 0xa}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8652b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x6, {0x8, 0x0, 0x0, {0x0, 0xfffffffffffffffe, 0xfffffffffffffffe, 0x0, 0x10000, 0x0, 0x1, 0x3966, 0x1, 0x8000, 0xfffffffc, r2, r3, 0x1, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x80101, 0x101)
write$tcp_congestion(r4, 0x0, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r4, 0xc0506617, 0x0)

2.078820815s ago: executing program 3 (id=4208):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000100)=@assoc_value, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000280)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r1, &(0x7f0000001780)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x4, @loopback, 0x3}, 0x1c, &(0x7f0000001200)=[{&(0x7f0000001240)="00ee59", 0x3}], 0x1}}], 0x1, 0x4289a)
socket$inet6_sctp(0xa, 0x1, 0x84)
close_range(r0, 0xffffffffffffffff, 0x0)

1.8796859s ago: executing program 3 (id=4213):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x88101)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', r2, 0x0, 0x4}, 0x18)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

1.879584323s ago: executing program 4 (id=4214):
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='map_files\x00')
fchdir(r0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)

1.780187465s ago: executing program 3 (id=4217):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000077c0)={0x2020, 0x0, <r1=>0x0, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000140)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0xfe05a, 0x5000, 0x0, 0x0, 0x4}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000009800)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000002140)="4627563e95d073e9c44031e486c6c3c887234dab29bb5d4444d206b6ed7b2b3001b6ed59a692ab0f0251ebf104d3747ab90777b96df4449e5275f86a62902df16f5fba75e202cbdf6fe7cc018a76b412f6485398037d6cb464f1dcf7fda3c76e43cdf64a53f6182a0b7e6476035e8bce74d0582b1ccf32dc8b0cc3b610b143afb4d3c163308a66f2dedd0d45f392d7899f5c4d2ded35c1602f7338dea29e0dff356a32c9e921eeebf8b9845ec2a40b68a8bdcb88009c910e110de23a02648667d740186ee2a3f4a59672477230c4a3a62a1417659b1978cf2b671f836d49fd361ad0af9157916d29cb4fcc1e873a336660b639383485a5322faca6694c74f58fa428582950bd136778dff61da52778dade8b2c3331b31a89259469b0900ab4173202f6256b2d23d3feb8517556292de52662192eca03da5744515c4a92cd3f0f296209bacb28a0267776c9797a784cfd95a52f9de496a5ed70459d55041b663a70d7d471da4f86cd187fd53e667422a0fdfe5eb34e2f2b8c133f2271fe5b1e71533b698169ac8107187533e37765fbd69c327ec608249c44018e3496b2f66fb8bb942f4bd26ed687ee1f7d2a53d7233fbde91cd03f4b4db0c23ed56ff9a61e0d5a1bf6ed50c308e8af0c32b2e0b15df009046ed88d60b772e0cdbfb3d765251aae01b01660df364dce51971ea2034b316a0b0071cb1d28bb86279de377ccb5a18ce981241b5d566e248866f280d71c6775e14fad44342945663bd56ad056f79e49f8071153391f8de78b05496a5f174e812ee0b102e0421c632e4a9f8ffd87ea68df1d7e85af4b30024b2a3cf0e1106871b3427eedfe857f3bc2a021d42fc09224ece3c56e57806a2da229231cc8e3ed5dbd82fd2d3894cba01e36c2ba91a42456eb570446fa3e2eddfe30264572d5d778cbf5d676ad4bd37d11e09573a5566b3656a760c9d3030b2bcd90be0d670866010e2d33c93f223a79ca167bce1a46670db33470c75776582f26b5d9ce847493ddb34612bc829f93f473c24263246011c4ca689f62f4539550ee13b246aeeec477fb2e9e4b223f66c006303abdb003809b9cd4e993b90821750b86608882355e5f587182c1ac6c677b07c26956073ff3a78d4f325139d9c0b8aead052e73fd21b3615ea22acc084bf5060f72936796311e31c038426f0a0e6c304cd2d9c363e7a1a21752032be17adca8b476b0e571b591c9dd923b0066fd5e32e045494c0a9e1e511f147988e0a5fe9652b92ed0e015ef54e3ed2a510b9383f1938dece777ca866f1a21082052827f3a48c2f38482fe3a8286c0ff17d4c24a468a5a0ec0a2eb1165f48cf76fc07450c82294d973a1793dd58008834f0d3aba4e097ceff0ba44656c67839ff3e489975297b334ecf6c7ce4634afbe3d8ab70827563aa75ffafc43429170c3fe3854238485c5a9b567a959a746010c22a92e863e318312e0efc06ab86d1435e06aca5f4b7b7f06a78f90795545c145c9941b74adb9a31ab4f749f81665dd9308acba8d7861856b548eab226377be82611ad79c8d25b176de98003c1ea28b556a2b90360913c39f8f64f0d122c732af5a990603429b354ecd4de797e17722c66546cc38349cb09c40ea54972562734e9816c83103e0bd19451e6144d005e6ce6d6d6fc1ce90238b73d1e0aaa4ee9fd0545054cea97639a404edf3b27c0073be84961084ea685e8ace53c7d7f52b62e378d9ee167aec3e5cbd60ff36c0d3ad40181bad59f111c30e9414112fbc71ad7ede21c288c878dd2509c36f93c31dab5d091107c8e8bdcadffdcb3053eba35b44c70a6421b343922cb11c69b886db0f412e5c23f89dbaff9e5847fd749e28356cab3999f1142449047a3a6c43bf670244e55d888f36ef1dc87bc5bb1460b6c8d1e69efca9a02ba834591906a65102c3e1c1c7dbdeccc7e261795f349d110836445d8ba19cbc699c46d4edc34942a488de1cc1140dc6acf23c8ec1f475e613c85ba025ff7ae639cb2499629eb5f5c88c4057e30bcf41767424af763c9204084856d87cd99f0da06ae6ee5b7382c1f6f2cbb2cf2dfd8320271f16ba7ebd8f0e3c742482f5426530b1ab946c7118f70aa4eac41dd78569341a0f3dd250531aaefdff4cab9e9eed7efdaa865f9b804ade79ced061a1fcd18a6c61a708fdf119841dc232cc5c4e5343cb8a82e9dd9647779bca053b5a2c43481c06ce2a593e388f5f5f4e681771021aaaf0589dac69db22c7285035d1eb89c75935fa4208b3786f2640ce9d65b0e671967dc27808fea5d17ac70a3ac2802f65d45d9c0372aeed530ee58bf04e190f50dac25139caec0b253d17af28eaed173c7043d66567188f04ea51733835c1c66ac7a634d7b90bdac4a6d1075bb277dc6ca420b24485012db44aed5a2e8099f4f3ed53bdb0b35b35905db28169b3e3b3d13ff94bdf2c9549f4a54c64b8d27098b86ff46cfd515f35b1d5a1bbf1bb29df16cdf296e804977a6b583d018c4fdb66264d5f2d9e162059017d6b6cbc6d6c2f1009717c67093f6feaafce1f242f4b730a2e714e9bba79f18c42a158425147b7b2cd9add4ac1d2c1a95b13a4f352d51982a5d967cd611911e6d0777afbc10883c6293f056acc69da89a0a64913be996466ed63f969d5ccd124cd3052d6654e6db0519449f3cbf3a2011541d26e5b76c3c192857905bcf989fd943d42aee9ebd40fee33094eae69154092e9514819ff126040ea7d43a927809149cfaffcc76cb1e332426bf0eb1ac1a3968c70030453a284a0fe39b9ebd704f0950cb5350d4c60d65566b3f24ec4636cd5bb3e23066f4d4f1814e60f286f3ad2d3c10e79c5991c8bf5fdb561723873fe0c75c7bb6ba262aa3a6655349df95f07abb0200d5b9152da4bfdd66a311b29a15755e8465b7b0d99f7f8ccefe9cb3561b5619d4c21b36c9b29442ccd5949882d0167244d84b677685d62074f63b8dc66941f317c78bb093491e2acb7207cc80fe51c22199aae878170af9fa1eb164854587007eb108f23d1c7946bf75aee50eee6fffdae24b992393bd37d268a136b3dcb1b7d2c9b9fbfe0c860b0d344f488e85de2a65a20eb057f0047d0b6b8898bdd68e21f2234a2c66b963a2d86f62297a7d1176c14acaddd4861f5bb74ee91eb3b6ba0c7328433b977e23c02ab67d82a12d620fc034f1c9c3a99a6a07ddf59eaa18384e429101dacbd93ee794e27b774242446fa433a8c03e4312ad56f6c4dfd1ad014d07932480e07caedabda36caaeaaf405dfa1a650843f2e09ae89c666ab8754d9bf9b290f4c4c9242d8f98533bfdbae191a6fbcba6bdb9096427d2d8efb5dcfbd58df7763cc445bf44a0be6de2335a395ab8157dee25794be81c3d87a7d457b52d88f86cabf91f2ec16a8e05a00f72277943737839a5242163025704c7b938f3f424ef5db6b60d3181e3ef94cbdc6516f0ecf01b52164b92f2e12ed55db595fd8de6862a3b12ebe06b19d1f93132b83b2f5ddbc9808b3ce8fa40352c84664d824edd2631a5e2fddaae887689092007d3d0f22a948f54bfd5c42bea5f0d6bf5018cee5ef232c8b6ea3f54ee6f4997c8ad5ccfd28227eeca811312375a849bdf4d343c1b0ec7035279d1bc0892ef193a74018d5ccd5ccaf0503a697b23abb44b7aa3beced0626daa5e1fbfc4d29d2804292fcc60b775f656179510168bf05929dbc92e009d94561d946f7b4b5a18c08d29678c482d90e07abb029e80546e5cee6c4a30712a9b92d556a29b2de021bd49b6398340a9363b689bedc007416bcb659c0c4b6eaa31ec4976ee4896ff87a7dfab48dc7046d44c9c2db6881f7d6b252e582eb878b0be9b24666e74e8eb565c07582f17817ea2422de5da79cb367e76b9b8a9d056de06ad0483986fef2a3b62d64d5d2128cf55499025ad0739ad3ce5e1bfa6aaac16828bdacad2f86b32ed933a2f672efd1f4a32dd23e59aed872d1015eaaf701a0ef8e1427d59728450c4f1bd561e7ef6f8e34d12ae2120a51746a5c346e739c09854caeec07af0d70dd4d9164b3ae8a098a41c081465fdb5537cb560426bc0de4b735f253dbc779b9dce429d99700cd6c0cbd778caeb56401b2bb5c1ca310ab0c91e1d9f4578b5fb3b4f0dad4c565495797e8e83603f3ef188a896fad5bfec24457e0f6f962b8613434f16acf74308171567eae5ad9ec11186a56493a5394042bd1b29fbe0ce64e5f1b0b56e8910343666d627d71c729c0c90bfae0134e117842d67b160ff50688f7b45f0ae330c2d4890732ace7795ff74b6e36466da623c8eef75528b22199c9bf589a1fcd2aca6c5fe3cce2eddabf1ddc8e87380b815ed5928222613383db7941eb9d55b45487b399a9a35ca4cbd9eaf08c71273fc3334b0acdbd117b13697a9ae475e79a44911ce4fed1490a2ec654fe469c9ea933999dae3616b063769446cfefb4562bd124e42f62a3dd0385fe3d21029ad8fd1c58b0badd42e415a76e3e92f246629d3579dd80d940e6dd9bee3d9a6ef8a7840fb253507e718eca32ff4119eb0bcc02aa210939a3bc41704a63202139c68e276254395ab6b858f4528ea2b3a57328e0b31816de3ad85e50e7f4ec9445eaf21a8b9916ed209bb7e79a7a08c2e4e09644ab831c0ba68d05d5ebf57a9eb36bb9caa8e7ac78a8ccca1bcb03cef0c5eb31fafa6e283632c117031aa3919f72aa80a2b9b2557749951348d5294ed2414ffcbafdf976bfb7a401bedb208fe1285738df515af493047aec962bcacb8ea7bad5fc12d5bf415e66c06c4c87044e694291e104ef53850cbc7ef73ab57982d77a3f941c226a915163e8eebd256cb8a1f0130023d2c5d3be77cab39bae4449711d6f39e50cc83eefaf6cc727b1c0b3fc4f7bd110d18262cd872cee8ca95f1be8005d5b339abbde923ef2d4290d5579e4420ff2beb705c16e96101c38c31cfd05639f252730c145182e4406aab68f556e0290ccf05e25a7bf13cdb5db47a8a0841fbeb880d4f0add608d1badb8992924b548ef1426ec774ec9d86678d4c2aae8f1e3b2dfb295802f75727a308dd1b39460f26858eff99fae8d27f24ea6902adabc89311a5fd18c3d9c606db7295f25acd22624bcc753c4c3acdb3f6c563174441333b69a126e4fcc6b06165f6221539c5ed277c20dac4b7978619e10616475de88810bbac714f3651efaa59b75791080a1086c0f3f1b5edb4b3976cc936665855f6a56788d76c6e771b1c968c859fd1ba995d336d301695fc012b8031a14ca529e3e9bf622db6813417925bb4e1a7a5b786aa90f4d048f1f442a2696970dd442d3a6ee117a3e768644c99951b75e51e98de61bc7ed8eb9e87fd43ec75e948829bd19fc545cddefee7a6f068a419e216982ca4ce6ad3256f1e64d203ba1da27e9e175738124ca86a312d0dd0caae6d64751d459d8134830ebb4f4c7931aa90c1ad6fefd99ea4ded3d246236719d6fd48979ee31eaabbea385e91aea0557a58d73a63660ecee981e3da40a39fec3f01caaffafee3504e9f8dc990cc2d69c513db25f6e722ea4811f778af8a338498b6b908682aca6e02e898cb65377f820529d35707cb83ba69b16c92b571728c58188fb08ed6f6c27d6b70e963b147605714468b90966f082d7175fcbc6e770835efb6e7bac5eeaeb5b2c23eb30ecc102e647f1ff71bc6b35f629a55dd305f8ed5287e35403a91b4dc77a6df2fff354460bf563c071846c84617da4df4c46a9e359c45d217a2b096c830ac8614947d110334ca17f587d86825b2b7ae1039fc11109687c1ad0a16f0180d1700414a4694e7ab73c715436dce437a9b3dff55f62fc1ffffc33d3be037c34c9ee7a0fcfeaec1778268565663f39b69c141304c892ae80da42cc854a87c955e6d8060a731eb16ee91e8ea27f90da85196e4f034d40b85ff59eb4b7c76218342f9c9f8d3749c874562829b7ad0c786c5c25ed240aa14755ff7f5ba5298f9f6b6ec3a46ac36d6a39c59c2ecf7781da77931214ac9a8697691d933b20cb64acde409fc159d748e4f92d83ff7767260fdec04b2e80cc524a2366e8fa5b70eb8684d164dec49fa95f42e7e75daa8c268204beec1fbc58cbbe3317af0993a8676dfdb13db7875f50cebdbc629bcd605dd4c4a65c31870495fb9a9ec51c1867ca8b117a6f9507aa26cee54c4c12f8f22b9d88072639ad765bb7906435128d1c146b9e2029880eccbdf78449bd0630381ad16c13444d709a11890d80fae0d24c037180a8726143306a7cd67abbc830167f524008f9a8e3172df597a63af2e87a92e90b70ce53069657f9b46acc9da241a1b00571540ec5fed4a9acfdd0066ba248cb2bf24540d7296256d4c9a5a5bc821817ada912cdde59876d86d4c53c1d047c6bc3442c2ee78326d7c51b6d01bd4f7ff5bc45db88649220d44099b406ac2e4744996b869ea688ecb4e758e755b29717869d5dfccbf5fd553ad83de0c4cd16b3fd4913451734226e4cf29bc0a860943b3e854d8cf49f07d2bfba1c280efaa85bb8f0f8818d1e58178c338c9e46c873adc0a4b6c832aaf0878956d8a04fcc043ff307f60a263cf1bc57ad0434b6a6f99075d932ff75deb8b017cbd16b272139a4addc24749d9551ba44d5bef0536e58de5e9d0b8985f1044163d542859c699f27f033b01d1e5d4c5598bcc4279f29c56eca82cf40c3b2799277e9b0aea04ba5cdd679e3eb63ceb0eafc21c373356caadc0f5730054a0979d7e32117962af0444b7e0e75bf1d30fd1af656956367bbbddf018531833f6c383b76cd63d014c91f67b41548e558cfae6a953a78c36ba3a896b3a0bf48aaa947d042a456a48c8f323682f560f2679f53578f00746cb04c4ef12b905b37f1b1bac9c75a85d6f173d531198f150ee6dbe7fcdbed4e0baf7610b82a793c17124970924ae32c86f9b7b40a229219958cd2445fca613e264adbf29644b1f405c68ef8afff7f4c1dc86f0e578e3716fa86c53f776dc42e7d28978f1e694428560b923b5d44e3aacb18cb38d3efd90ca0812027d336b011557e9e953cbff769e9ba84b903f5fcf1e6b4ab3e210ceaac574f80607116b196b6ded8668729f9be216bfdd049e88d1cb45581701c6ca7c991488a73e6ae5decdfc6416fa69b76f82e92246ee2b29c91885be24e96ea72438499c5c421ffd199f172667adf7d257947bb47945817930a7f2f0dfc73c2a5f6002fd40b9ea51c4a0c610e9759d43c082ed0c126c0de63c5a079b4c8bac46fcc8a1f74d8929ee2b7878430e3caed5f5aad7378fcbc4d659144a7cdbd654185ffdabd9b36257993ca823990df4aa7809ee58b7a278f38085202f3618fefef67f71b39f8ed35a28b3ff47e6caa3cecdbb41b899ea7ef3179ec3d67d0e3380f61d5a57453b9b790d171e1838c68f988a6914f4b81a7a12a0f50612182de8844a5f18026bc4110a10a31a88dae4bb40a3fea22360830784cf82ccde8187d04635e7e5bc6cda8252fa77d7022ae5fdeb978315f925cdbe7cbe0e3894965795fda4b94068bee89f79f86c420b211411929b9b3074703583c0ba0703a4d282441495110dd167c228079db163febc9ea0bcb02ab400999abfecfbca274fca55a055859eb256fcddc1d1773d72d5c3793ca3ff5f2fbe647b04f5ff2b2dc50a3a897e03634a36d21e391e6b6290cf85064711600de9a74057b78d9c04857017bc762300872f674eed1b68fac65025f3252bb803a9ff8ccf4b2b49028622168439db3bc01ea9ae7618b73dc7f858ba388891da14b88f7fee4f5f49abd687ba947969b8b923c2e119fe172126835ab4d1429133a38bbb80f1f6c308ffd180a179c05d9fb112a70e7658f9e3c7b6545556726e6589ba479edf21afd08da62963b5b724fa7b618c27fba201297dd465217de92395734355e9b34e27ff4916d78dbe0424df3d6110297a7847efda2675f12a3bf5e4b07827cdae6c61b0d969f6bb15be656b394a3f3ca8d705a4cac9c78c66c4be58c40888d49ceb08eb9a90c230faace7e4c837a8cb1aa69b020f9f43532cb7315cd698dfffb0179fb24e135480af4c437170c010e6e8f94108523dca95598c59b9e483753b79bafb02a455ceec727fd271b4cb4af7d958751a747afe6625c1e8b0316af5e13e42dc8d97dc42d5960edcaa391164693250a6f98653fa20c78823e1c1a77b798491f197a647b291cdd04087b3143e5b0fc550ecbbff19666b1c8e2a5bf2cb40f9f54c11828a8dd16489f36583e3128cda7a9abde8abbf61294450af638f56444176b5a11f84e67e4e666d6df58c45c0adc45938a2639fb1717a44c8dedf8471ac82fc1771a704f778fb812acb953493a831be5b28b16b20a112aafcee4e44640a6653c4b3035d5de4fcc16312057046bc3c650057dd9be4450b3e837ff8ac19019e67550a124416d671ccc76de36946c2d91f3d63b212111f4f09f39c24c1a981a7e63dd37a8d94ebfae1df5796d971193a8c723f172a9266af23d1d0e48aae73de4e7545a13f09a1ae3feb147ba1c700776148f027abc7dbdd1f3cb823b9a4c0e9dd43fd0bc411dc3eac2369f10fc9669ffaec5ef76da6b7f8884430b3a00da63a0e5272de159ea047584f4804a14159b1321309db45c55af563081d126300dc3ac446936f6653db92fc09d225716f425997dc247939b8c1e09a11f8b10c36b671cc590922051871ce19f6db85eefac9a666c3cec6fd5a69e7610ae5123413b458024b02521420d8c50c265d7b763f070b8fd1981824da47079135a667ee2395e43cae172e6a5ae96aeb7ce490212792498e427b80036f52cc557d3f94b118b2248af9a75a6d27d084ba423edc616981864cb0069a06f359a953a6e7df6b765d222626030248253e4e93eb0979b0a5550ee15d1489f56cc1d30b1584f37b51dfa029af5b45a85b141f4f8ffdc809a19e01f22f80c8a11e9d35f790a6de2d898462a19f412de4df26896a3d107baa7a661b5482cd71453b5f88f889b93ee6df84363ecaf04cb0dcd4369f9d1a827b955182334a998e8f2edbfe74beb14e9ff50134f03d24d70b068801684e25370c1cfc065d88582389713500f974e8a6c6e7f015b8e84e5b9861e45d4ce4eef79f0e8d4f15eaf7c1b33e64287470b5b3c0b8b6bdadae567f977341b57486c1eb279be8ee1cdf11b6e0dbd42d32c95b6801cea98e6000ea80777c6ad3f62012732859497080b3aa127a0f3a7b80a99182406ccfd54affb463f8eaf01b0c65ab582628b3c2237d039ee68d307dd113e4b593b243bd64eb6f58a0ccdd8e9a78f9ed393e2affde8d616d57c7aa1d12ebb4be718b49843ec6a90d5d8c197f154f27805046c410d4e1b66cbf4a8e495a3a229a2a1d58b4909a240d7ae6ea9e740c055b06e756e57e2ff19c148cbaf37357c0d3273b7f2ec631565e9f6c6c8722ddb0c1180695fb204f35917dc2fe11469801c545b2560a59d0666ec129b88e4f427989e820982329c2c39321f25648666af651f87b495195a95a5d158fd161324796272303114d99d22890385853dbc66d37ce22de0db447260217cf51aaed240e4f4963ca7510522fc6e7dbe164ccdedc334787ddb24bbc8205bf3353d447a1de2407c248775fa7e318d83e3ff18150b3cd9a7cbb0df0703aab6ef8d0f71bf9b5a305dc25fbd200e06b73c7f298320bd90dab05ec62b5f885e7cf95274c656051c71628f31196354460b001b6366c26fd2e92f6ad68ea37d7e3fe91fe98223563b4d23f802b3911a5241a793cb9f5b4f80081ace5877f95da7499f728ab09837120ca75c63d725e46f9f77c3da16318c9bcdd4a9d68379b627c1a71a34b684e5614ab3fabceab8d2741aca921b1b018098060686c56d7ed190e7470f529f6e680ed72e749fe7c9c2f37ea8cf08d4520e496361d2437018bbda93396c05abb2aeba443ea1ee56a3da04a8b880452a3610cb4163154e02df8a08a5e48c03fb0b0cdd4d355142cc736b344b9fd987b49b85791e5bf7805250dfe63b04c7ff56608129ef43664aa2acf82f18b49cdfd2ae5551ea4d486b35cd2ea60e3f032c58f531d4d36054f5ce268a29862ded0a3cc0ff1d30882f7c85b95e9a8599bf1d143d2d25555bbaa6f8b673b76ca8cc17b693519194784833d902581fec4e656ca546eade53abfd7e4650df648cb61a146bef5382f9255bf4a7c380854568495bdb7b33f490d240ead3d1851ce3b6400eda5a370f13ec998605f46b234bc9293c026bd1d648647bf52d506deb522012ae89c4ea75414ae6677c4aef28dd756f877af23d1a5ae3cb2205850c14f27f595d1a1542bb1eaf641293e3ba40e0bb54193a1e5db969d37c97709efbc34ab509f08a51ba71ecc4f9f66c27190115948cffaae914e7eb4e8d0c59ef7368e9b08a05bbbd340e1c1d34319f150d299c0ddf3bb2138359e826f4997068b99d13cc454fea46b8664d413b79b19656d62cbb5b31744aa33f99651fa56703eaec2e6998c7321f69f6cd110c89ae0c612a96f9a84dd751fd81ff66c80563e7091f5c5b67f89d52e7c58eb26218cddeaf5c6def3ad07a610bd4e5785675580c199b8550cbb02e3b4e1d240bb8df8e514fb505f39fd222209584331bef5d271056accaef84c88741ebd9f116cce3fe7b07b78ac4bad346c0d6e71c9daecd8d60aa8ea0914f85c9078dfaff04ba5e9bbbacddbc0cb40fe20f869d7f196c5edb6657c50b82c67f1abab663bff0a8da16422fe31a4a17995ee25081a06154d1c03f1a87a9d4ad5141a9227849bd920d2515ca16a245b635c85a77884cce0b8ae56929b5e22c52f971c2eed4ccfd64f7790a616f719fc0305af71405abae9407ed1cdaa26606331fdcf9b3c19b90e561f646ea15e0e668ef37b349594a335baf26962b89ef33c98aec3ca3e7df47c20dc2928d074e5f87c0edcf37cb25d3b8304f57f8257a5ae96791697e3c6d04f4ec2eb6a69f25346defed5b509368dea2b1960218bc6dd21b567583c229fc7b5fc85f7f2032eb304c3a1f72204f75ee950344cdef846d94e916b29a43d00c789256810de5fff6f9fd1af0fcfc2edd3fff9e2010d88083fc0b9e6a291e9a7a08af62433689a39e34bed8dafc90fec82be5c63a843d82132ce8916e395791dc86c8d11caf57f7fd096c28537ec38d6c14df9782312abc85fba2d04b0b159637b0e09f7e9faa1a6136359d17cf7c58b83994d58674ddbc248b804a82156900ca95a5002ef62de046e2f5ddf8e1e19f00189d4f5169bfc3c67afc149c6bc155767e64eac433cfb787be7f7bae7f869c0ec3d142668c2f90d383af7207a635850c515d69c6a62e24e0d58c5da244a917a17caa6be01992c4f8be0b9fff57522db4756840bdf72cafa6061ff2b86305c180c470b3af589e7c9e5328d98cf737bf01d80762e1e41a4d63a8655387be7f295862fdea629aa97b40c2ba1b563f1a103a860f7dff7fd5ee8423ce3dbf0fad41b66965c67299e35483130d461ac6c68215850fd441323bb856cdf03f624520743f7b445641c72e08994c8f252fe179b29226637b533f0ed6c94a0b84efc1a884af940fbc05c654b59d37a54047de233c496103bb27b657e7f63c24ef3ce29709622f67653f398dc7c4e44", 0x2000, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x150, 0x0, 0x0, [{{0x3, 0x0, 0x0, 0x0, 0x10080, 0x2, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, r2, 0x0, 0xfffffffc}}, {0x4, 0x0, 0x8, 0x12, 'd\x00\x10\x00\x00\x00\x00\x00'}}, {{0x3, 0x0, 0x0, 0x73, 0x746, 0x0, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff7ffffe, 0x2000, 0x0, 0x0, 0x0, 0x0, 0xf4}}, {0x0, 0xfffffffffffffffe, 0x7, 0x25, 'group_id'}}]}, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)

1.727715619s ago: executing program 4 (id=4218):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000040))
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x200000000)
r1 = dup2(r0, r0)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000040)=0x1)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
read$FUSE(r1, &(0x7f0000002280)={0x2020}, 0x2020)

1.723815752s ago: executing program 6 (id=4219):
pipe(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
writev(r1, &(0x7f0000000400)=[{&(0x7f0000000100)='|', 0x1}], 0x1)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe2$9p(0x0, 0x80000)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, 0x0)
write$cgroup_pid(r2, &(0x7f0000000000), 0xffffff98)
splice(r0, 0x0, r2, 0x0, 0x80000000, 0x3)

1.638846142s ago: executing program 4 (id=4221):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='signal_generate\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='signal_generate\x00', r0, 0x0, 0xc00000000000000}, 0x18)
r1 = gettid()
tkill(r1, 0x11)

1.569076156s ago: executing program 3 (id=4223):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x44, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0xb, 0xf}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_basic={{0xa}, {0x14, 0x2, [@TCA_BASIC_POLICE={0x10, 0x4, [@TCA_POLICE_RATE64={0xc, 0x8, 0x8}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)

1.511731289s ago: executing program 4 (id=4224):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r0, 0x0)
ftruncate(r0, 0xc17a)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @multicast1}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x2, &(0x7f0000000040)=0x2800, 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x0, 0xfffd, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8000, 0x1400}, 0xa5, 0x5, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
sendmsg$inet(r1, &(0x7f00000015c0)={0x0, 0x14, &(0x7f0000001600)=[{&(0x7f0000000240)=' ', 0xffffff1f}], 0x1}, 0x0)

1.440039326s ago: executing program 3 (id=4226):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$binfmt_aout(r0, &(0x7f0000000340)=ANY=[], 0xff2e)
ioctl$TCXONC(r0, 0x540a, 0x0)
move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)
ioctl$TCXONC(r0, 0x540a, 0x1)
ioctl$TCSETS(r0, 0x5402, &(0x7f00000003c0)={0x1b, 0x8, 0x8, 0x4, 0x1a, "c6ff9d3903d50c896ff059f6501e0aeedbc9d6"})

1.259771507s ago: executing program 2 (id=4227):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
clock_adjtime(0xffffffd3, &(0x7f0000000000)={0xb, 0x8a, 0xfffffffffffffff9, 0x2000000000009, 0x7, 0x43, 0x52e6ac5d, 0x2000ffffffff, 0x9655, 0xfffffffffffffffe, 0xa, 0x9, 0x5, 0x8000000b, 0x80000000000000, 0xcc3, 0x1, 0x85, 0x17, 0x3, 0x100000000, 0x5, 0x200000005, 0xfffffffffffffffe, 0x3, 0xa})

1.152572661s ago: executing program 2 (id=4229):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x442, 0x0)
unshare(0x28000600)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='virtio_transport_alloc_pkt\x00'}, 0x10)
prctl$PR_SET_NAME(0xf, 0x0)
connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x3, 0x1, 0x4000, 0x1000, &(0x7f0000fe9000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe7000/0x18000)=nil, &(0x7f00000000c0)=[@text32={0x20, 0x0}], 0x1, 0x20, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

1.060186696s ago: executing program 0 (id=4230):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$kvm(0x0, &(0x7f00000002c0), 0x102, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000040)=0x8, 0x4)
bind$inet(r2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r1, &(0x7f00000001c0), 0x0}, 0x20)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
accept$packet(r1, 0x0, 0x0)
ioctl$KVM_IRQFD(r3, 0x4020ae76, &(0x7f0000000300)={0xffffffffffffffff, 0x4, 0x3})

719.811078ms ago: executing program 6 (id=4231):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000240)="67400f07c40249af4b8bb9800000c00f3235010000000f300f20a366450f769e00000100440f20c03588001d00440f22c0460f01c9c4827d24c366bafc0cf0ff07ef87f345a57a43e16806a4", 0x4c}], 0x1, 0x7c, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

719.667809ms ago: executing program 0 (id=4232):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000080)={0x5, 0x4, 0x7, 0x8000000000000000, 0x3})

692.749532ms ago: executing program 2 (id=4233):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETLINK(r1, 0x400454cc, 0x300)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})

631.887906ms ago: executing program 4 (id=4234):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
unshare(0x22020600)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0xb101e, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xfffffecc)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)

554.412395ms ago: executing program 0 (id=4235):
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
sendfile(r0, r0, &(0x7f0000000040)=0x8, 0x6)

498.07315ms ago: executing program 2 (id=4236):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x20081, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000400)=[@text64={0x40, 0x0}], 0x1, 0x10, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000240)=ANY=[@ANYBLOB="0100000000000000800000c0"])
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe7000/0x18000)=nil, 0x0, 0x0, 0x4, 0x0, 0x0)

466.700115ms ago: executing program 0 (id=4237):
unshare(0x2040600)
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000240), 0x2)
r1 = memfd_create(&(0x7f0000000540)='y\x105\xfb\xf7u\x83%\x1f\xe09@:r\xc2\xb9x0\x90P\x03\x00\x00\x00\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x18\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\"%/u\x17\xdam\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d[\v\xfc\xad\x0f\xa8\xc5\xad\x001\x8b%\xaa?\x00\x00\x00\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\x11\xf0\xc2Gj+kV', 0x2)
ftruncate(r1, 0x10000)
unshare(0x40010b00)
fcntl$addseals(r1, 0x409, 0x7)
r2 = ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000000)={r1, 0x0, 0x0, 0x8000})
ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000440)=0x2)
ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086200, &(0x7f0000000380)=0x6)

435.037788ms ago: executing program 6 (id=4238):
r0 = syz_open_procfs(0x0, &(0x7f0000000340)='net/rt_cache\x00')
preadv(r0, &(0x7f0000000840)=[{&(0x7f0000000600)=""/128, 0x80}], 0x1, 0x7f, 0x1ff)

343.643982ms ago: executing program 4 (id=4239):
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f"])
io_uring_setup(0x56ab, &(0x7f0000000040)={0x0, 0x36e, 0xc000, 0xc, 0xa0002f5})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

343.521016ms ago: executing program 0 (id=4240):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000006a80), 0x1, 0x0)
write$vga_arbiter(r0, &(0x7f0000000640)=ANY=[@ANYBLOB='trylock m'], 0xb)

322.24043ms ago: executing program 6 (id=4241):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000a00)="449f", 0x2}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000001c0)="ff", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000140)="050843cb10087b3d2217d4", 0xb}, {&(0x7f0000000380)="f742c97e8353ef9d8afd344747fb058fea97deff79dbb8e7b56b20a2d430240bf6d32e802d80bb22b247cbad7cbbc4ec0293eb6e0c35c044ad426db18e9403dc1b6b93bfb0ea8f4cb3f3f9cf3a2379cbb191560885ad9a829313c85064a06bc36da8", 0x62}], 0x2}}], 0x3, 0x40408e0)

228.118863ms ago: executing program 6 (id=4242):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000)=0x13f, 0x4)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x1f6, 0x4)
sendmmsg$inet(r0, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, 0x0}}], 0x1, 0x4000800)

137.464228ms ago: executing program 0 (id=4243):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r1 = accept$alg(r0, 0x0, 0x0)
r2 = dup(r1)
write$FUSE_INIT(r2, &(0x7f0000000080)={0x4f}, 0xfffffdef)
setsockopt(r1, 0x1, 0x7, &(0x7f0000000040)="c04bfa0a", 0xa)

137.287467ms ago: executing program 6 (id=4244):
openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
r3 = memfd_create(&(0x7f0000000180)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
ftruncate(r3, 0xffff)
fcntl$addseals(r3, 0x409, 0x7)
r4 = ioctl$UDMABUF_CREATE(r2, 0x40187542, &(0x7f0000000140)={r3, 0x1, 0x0, 0x4000})
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000007, 0x11, r4, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000001c0)={[0x3ff, 0x6, 0x8000000000000, 0xe, 0x10003, 0x41, 0x400200cc0, 0xffd, 0x8008, 0x6, 0x0, 0x0, 0x5, 0x0, 0x6b, 0x7ff], 0xeeee8000, 0x2019c0})
ioctl$KVM_RUN(r5, 0xae80, 0x0)

79.892325ms ago: executing program 2 (id=4245):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4030ae7b, &(0x7f0000000080)={0x5, 0x4, 0x7, 0x8000000000000000, 0x3})

0s ago: executing program 2 (id=4246):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000004c0)={'lo\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=@bridge_delneigh={0x28, 0x1d, 0x911, 0x70bd27, 0x25dfdbfc, {0x7, 0x0, 0x0, r2, 0x0, 0x2, 0x8}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}}]}, 0x5b}, 0x1, 0x0, 0x0, 0xcc082}, 0x4044800)

kernel console output (not intermixed with test programs):

/0x90
[ 1165.996520][T20238]  ? selinux_file_ioctl+0x180/0x270
[ 1165.996544][T20238]  fb_ioctl+0xe5/0x150
[ 1165.996566][T20238]  ? __pfx_fb_ioctl+0x10/0x10
[ 1165.996589][T20238]  __x64_sys_ioctl+0x18e/0x210
[ 1165.996617][T20238]  do_syscall_64+0xcd/0xfa0
[ 1165.996646][T20238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1165.996665][T20238] RIP: 0033:0x7f237478efc9
[ 1165.996679][T20238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1165.996697][T20238] RSP: 002b:00007f2375687038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1165.996715][T20238] RAX: ffffffffffffffda RBX: 00007f23749e5fa0 RCX: 00007f237478efc9
[ 1165.996727][T20238] RDX: 0000200000000100 RSI: 0000000000004601 RDI: 0000000000000003
[ 1165.996738][T20238] RBP: 00007f2375687090 R08: 0000000000000000 R09: 0000000000000000
[ 1165.996749][T20238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1165.996759][T20238] R13: 00007f23749e6038 R14: 00007f23749e5fa0 R15: 00007ffff33947c8
[ 1165.996785][T20238]  </TASK>
[ 1166.301455][T20245] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3640'.
[ 1166.954488][ T6371] kernel read not supported for file /syz3 (pid: 6371 comm: kworker/1:7)
[ 1167.005547][ T5893] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[ 1167.205864][ T5893] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1167.214122][ T5893] usb 7-1: not running at top speed; connect to a high speed hub
[ 1167.215555][ T6371] usb 4-1: new high-speed USB device number 120 using dummy_hcd
[ 1167.362973][ T5893] usb 7-1: config 1 interface 0 altsetting 2 endpoint 0x81 has invalid maxpacket 1007, setting to 64
[ 1167.380446][ T5893] usb 7-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1167.393800][ T5893] usb 7-1: config 1 interface 0 has no altsetting 0
[ 1167.402639][ T5893] usb 7-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.40
[ 1167.412303][ T5893] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1167.442185][ T5893] usb 7-1: Product: syz
[ 1167.452275][ T5893] usb 7-1: Manufacturer: syz
[ 1167.457308][ T5893] usb 7-1: SerialNumber: syz
[ 1167.464738][T20250] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1167.487271][ T6371] usb 4-1: Using ep0 maxpacket: 16
[ 1167.527076][ T6371] usb 4-1: config index 0 descriptor too short (expected 64018, got 18)
[ 1167.562246][ T6371] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[ 1167.585539][ T6371] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1167.616020][ T6371] usb 4-1: New USB device found, idVendor=03fd, idProduct=ebbe, bcdDevice=ed.e2
[ 1167.651259][ T6371] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1167.669812][ T6371] usb 4-1: Product: syz
[ 1167.674016][ T6371] usb 4-1: Manufacturer: syz
[ 1167.693987][ T6371] usb 4-1: SerialNumber: syz
[ 1167.702854][ T6371] usb 4-1: config 0 descriptor??
[ 1167.725749][ T5893] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/input/input118
[ 1167.777932][ T5893] usb 7-1: USB disconnect, device number 16
[ 1167.888680][T20261] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=71 sclass=netlink_route_socket pid=20261 comm=syz.0.3646
[ 1167.941826][ T6371] usb 4-1: USB disconnect, device number 120
[ 1168.399229][T20272] netlink: 'syz.6.3648': attribute type 20 has an invalid length.
[ 1168.407588][T20272] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1168.478056][T20272] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[ 1168.948789][ T6104] libceph: connect (1)[c::]:6789 error -101
[ 1169.039848][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1169.054204][T20285] FAULT_INJECTION: forcing a failure.
[ 1169.054204][T20285] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1169.068259][T20285] CPU: 0 UID: 0 PID: 20285 Comm: syz.3.3651 Not tainted syzkaller #0 PREEMPT(full) 
[ 1169.068284][T20285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1169.068295][T20285] Call Trace:
[ 1169.068301][T20285]  <TASK>
[ 1169.068308][T20285]  dump_stack_lvl+0x16c/0x1f0
[ 1169.068339][T20285]  should_fail_ex+0x512/0x640
[ 1169.068365][T20285]  _copy_from_user+0x2e/0xd0
[ 1169.068388][T20285]  memdup_user_nul+0x6c/0x120
[ 1169.068408][T20285]  __do_sys_fsconfig+0x628/0xbe0
[ 1169.068441][T20285]  ? __pfx___do_sys_fsconfig+0x10/0x10
[ 1169.068477][T20285]  do_syscall_64+0xcd/0xfa0
[ 1169.068506][T20285]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1169.068524][T20285] RIP: 0033:0x7f1c1cd8efc9
[ 1169.068539][T20285] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1169.068556][T20285] RSP: 002b:00007f1c1dc45038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[ 1169.068572][T20285] RAX: ffffffffffffffda RBX: 00007f1c1cfe6090 RCX: 00007f1c1cd8efc9
[ 1169.068584][T20285] RDX: 0000200000000000 RSI: 0000000000000002 RDI: 0000000000000003
[ 1169.068594][T20285] RBP: 00007f1c1dc45090 R08: 0000000000000001 R09: 0000000000000000
[ 1169.068605][T20285] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[ 1169.068615][T20285] R13: 00007f1c1cfe6128 R14: 00007f1c1cfe6090 R15: 00007fff5764f388
[ 1169.068641][T20285]  </TASK>
[ 1169.268295][ T6104] libceph: mon0 (1)[c::]:6789 connect error
[ 1169.277923][T20281] ceph: No mds server is up or the cluster is laggy
[ 1169.751407][T14344] libceph: connect (1)[c::]:6789 error -101
[ 1169.757544][T14344] libceph: mon0 (1)[c::]:6789 connect error
[ 1170.035829][   T30] kauditd_printk_skb: 25 callbacks suppressed
[ 1170.035847][   T30] audit: type=1326 audit(1762056244.958:2338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20288 comm="syz.4.3653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1170.065387][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1170.185566][    T9] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[ 1170.203051][   T30] audit: type=1326 audit(1762056244.958:2339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20288 comm="syz.4.3653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1170.260615][   T30] audit: type=1326 audit(1762056244.958:2340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20288 comm="syz.4.3653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1170.299219][   T30] audit: type=1326 audit(1762056244.958:2341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20288 comm="syz.4.3653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1171.071492][    T9] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1171.071492][   T30] audit: type=1326 audit(1762056244.958:2342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20288 comm="syz.4.3653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1171.071526][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1171.111636][   T30] audit: type=1326 audit(1762056244.958:2343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20288 comm="syz.4.3653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1171.179401][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1171.189246][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1171.202307][    T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1171.211483][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1171.286252][   T30] audit: type=1326 audit(1762056244.958:2344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20288 comm="syz.4.3653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1171.287762][    T9] usb 3-1: config 0 descriptor??
[ 1171.428488][T20310] netlink: 'syz.6.3659': attribute type 1 has an invalid length.
[ 1171.436435][T20310] netlink: 244 bytes leftover after parsing attributes in process `syz.6.3659'.
[ 1171.572298][   T30] audit: type=1326 audit(1762056244.958:2345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20288 comm="syz.4.3653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1171.636479][T20309] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3659'.
[ 1171.647735][T20309] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3659'.
[ 1171.666206][   T30] audit: type=1326 audit(1762056244.958:2346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20288 comm="syz.4.3653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1172.085377][T20315] netlink: 124 bytes leftover after parsing attributes in process `syz.2.3652'.
[ 1172.481922][   T30] audit: type=1326 audit(1762056244.958:2347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20288 comm="syz.4.3653" exe="/root/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1172.559306][    T9] usbhid 3-1:0.0: can't add hid device: -71
[ 1172.566353][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1172.584168][    T9] usb 3-1: USB disconnect, device number 118
[ 1173.014525][T20328] syzkaller1: entered promiscuous mode
[ 1173.030207][T20328] syzkaller1: entered allmulticast mode
[ 1173.148410][T20331] netlink: 'syz.0.3664': attribute type 13 has an invalid length.
[ 1174.079479][T20349] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3670'.
[ 1174.345591][    T9] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[ 1176.501397][T20357] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3673'.
[ 1176.574212][    T9] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1176.587974][    T9] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1176.601491][    T9] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1176.614854][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1176.734543][    T9] usb 7-1: SerialNumber: syz
[ 1176.927654][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1176.994166][    T9] usb 7-1: 0:2 : does not exist
[ 1177.000495][T20367] FAULT_INJECTION: forcing a failure.
[ 1177.000495][T20367] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1177.003695][    T9] usb 7-1: unit 5: unexpected type 0x09
[ 1177.043560][T20369] FAULT_INJECTION: forcing a failure.
[ 1177.043560][T20369] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1177.053365][T20367] CPU: 1 UID: 0 PID: 20367 Comm: syz.3.3676 Not tainted syzkaller #0 PREEMPT(full) 
[ 1177.053389][T20367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1177.053398][T20367] Call Trace:
[ 1177.053404][T20367]  <TASK>
[ 1177.053411][T20367]  dump_stack_lvl+0x16c/0x1f0
[ 1177.053444][T20367]  should_fail_ex+0x512/0x640
[ 1177.053465][T20367]  _copy_from_iter+0x29f/0x1720
[ 1177.053488][T20367]  ? __alloc_skb+0x200/0x380
[ 1177.053508][T20367]  ? __pfx__copy_from_iter+0x10/0x10
[ 1177.053526][T20367]  ? netlink_autobind.isra.0+0x158/0x370
[ 1177.053555][T20367]  netlink_sendmsg+0x820/0xdd0
[ 1177.053581][T20367]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1177.053610][T20367]  ____sys_sendmsg+0xa98/0xc70
[ 1177.053626][T20367]  ? copy_msghdr_from_user+0x10a/0x160
[ 1177.053645][T20367]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1177.053670][T20367]  ___sys_sendmsg+0x134/0x1d0
[ 1177.053691][T20367]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1177.053708][T20367]  ? __lock_acquire+0x622/0x1c90
[ 1177.053758][T20367]  __sys_sendmsg+0x16d/0x220
[ 1177.053777][T20367]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1177.053811][T20367]  do_syscall_64+0xcd/0xfa0
[ 1177.053835][T20367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1177.053851][T20367] RIP: 0033:0x7f1c1cd8efc9
[ 1177.053864][T20367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1177.053879][T20367] RSP: 002b:00007f1c1dc66038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1177.053895][T20367] RAX: ffffffffffffffda RBX: 00007f1c1cfe5fa0 RCX: 00007f1c1cd8efc9
[ 1177.053905][T20367] RDX: 0000000000000084 RSI: 0000200000000100 RDI: 0000000000000003
[ 1177.053914][T20367] RBP: 00007f1c1dc66090 R08: 0000000000000000 R09: 0000000000000000
[ 1177.053923][T20367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1177.053932][T20367] R13: 00007f1c1cfe6038 R14: 00007f1c1cfe5fa0 R15: 00007fff5764f388
[ 1177.053954][T20367]  </TASK>
[ 1177.260883][    T9] usb 7-1: USB disconnect, device number 17
[ 1177.288658][T20369] CPU: 0 UID: 0 PID: 20369 Comm: syz.0.3677 Not tainted syzkaller #0 PREEMPT(full) 
[ 1177.288682][T20369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1177.288693][T20369] Call Trace:
[ 1177.288699][T20369]  <TASK>
[ 1177.288706][T20369]  dump_stack_lvl+0x16c/0x1f0
[ 1177.288735][T20369]  should_fail_ex+0x512/0x640
[ 1177.288757][T20369]  should_fail_alloc_page+0xe7/0x130
[ 1177.288779][T20369]  prepare_alloc_pages+0x3c2/0x610
[ 1177.288802][T20369]  __alloc_frozen_pages_noprof+0x18b/0x2470
[ 1177.288838][T20369]  ? __lock_acquire+0x622/0x1c90
[ 1177.288869][T20369]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1177.288898][T20369]  ? __lock_acquire+0x622/0x1c90
[ 1177.288925][T20369]  ? register_lock_class+0x41/0x4c0
[ 1177.288942][T20369]  ? mtree_range_walk+0x718/0xc00
[ 1177.288967][T20369]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1177.288992][T20369]  ? policy_nodemask+0xea/0x4e0
[ 1177.289013][T20369]  alloc_pages_mpol+0x1fb/0x550
[ 1177.289034][T20369]  ? __pfx_alloc_pages_mpol+0x10/0x10
[ 1177.289060][T20369]  alloc_pages_noprof+0x131/0x390
[ 1177.289081][T20369]  pte_alloc_one+0x1e/0x350
[ 1177.289103][T20369]  __pte_alloc+0x6d/0x380
[ 1177.289121][T20369]  ? __pfx___pte_alloc+0x10/0x10
[ 1177.289141][T20369]  ? mm_alloc_pmd+0x2c2/0x470
[ 1177.289161][T20369]  move_pages+0x1504/0x4d10
[ 1177.289194][T20369]  ? __lock_acquire+0xb8a/0x1c90
[ 1177.289220][T20369]  ? __pfx_move_pages+0x10/0x10
[ 1177.289247][T20369]  ? find_held_lock+0x2b/0x80
[ 1177.289267][T20369]  ? __might_fault+0xe3/0x190
[ 1177.289291][T20369]  ? __might_fault+0xe3/0x190
[ 1177.289311][T20369]  ? __might_fault+0x13b/0x190
[ 1177.289345][T20369]  userfaultfd_ioctl+0x607/0x3930
[ 1177.289367][T20369]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[ 1177.289384][T20369]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1177.289418][T20369]  ? hook_file_ioctl_common+0x145/0x410
[ 1177.289447][T20369]  ? selinux_file_ioctl+0x180/0x270
[ 1177.289466][T20369]  ? selinux_file_ioctl+0xb4/0x270
[ 1177.289482][T20369]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[ 1177.289499][T20369]  ? __x64_sys_ioctl+0x18e/0x210
[ 1177.289519][T20369]  __x64_sys_ioctl+0x18e/0x210
[ 1177.289542][T20369]  do_syscall_64+0xcd/0xfa0
[ 1177.289571][T20369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1177.289589][T20369] RIP: 0033:0x7efcf898efc9
[ 1177.289603][T20369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1177.289619][T20369] RSP: 002b:00007efcf9746038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1177.289638][T20369] RAX: ffffffffffffffda RBX: 00007efcf8be5fa0 RCX: 00007efcf898efc9
[ 1177.289649][T20369] RDX: 0000200000000180 RSI: 00000000c028aa05 RDI: 0000000000000003
[ 1177.289659][T20369] RBP: 00007efcf9746090 R08: 0000000000000000 R09: 0000000000000000
[ 1177.289669][T20369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1177.289679][T20369] R13: 00007efcf8be6038 R14: 00007efcf8be5fa0 R15: 00007ffde27fe988
[ 1177.289704][T20369]  </TASK>
[ 1177.606414][T18086] udevd[18086]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1178.210772][   T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1178.406948][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1178.406995][   T30] audit: type=1400 audit(1762056253.328:2365): avc:  denied  { mount } for  pid=20387 comm="syz.4.3684" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 1178.586885][T20394] FAULT_INJECTION: forcing a failure.
[ 1178.586885][T20394] name failslab, interval 1, probability 0, space 0, times 0
[ 1178.615832][T20394] CPU: 1 UID: 0 PID: 20394 Comm: syz.6.3685 Not tainted syzkaller #0 PREEMPT(full) 
[ 1178.615856][T20394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1178.615862][T20394] Call Trace:
[ 1178.615867][T20394]  <TASK>
[ 1178.615871][T20394]  dump_stack_lvl+0x16c/0x1f0
[ 1178.615891][T20394]  should_fail_ex+0x512/0x640
[ 1178.615905][T20394]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[ 1178.615924][T20394]  should_failslab+0xc2/0x120
[ 1178.615936][T20394]  kmem_cache_alloc_node_noprof+0x78/0x770
[ 1178.615952][T20394]  ? copy_process+0x4b5/0x76a0
[ 1178.615970][T20394]  ? copy_process+0x4b5/0x76a0
[ 1178.615983][T20394]  copy_process+0x4b5/0x76a0
[ 1178.616003][T20394]  ? __pfx_copy_process+0x10/0x10
[ 1178.616019][T20394]  ? lockdep_init_map_type+0x5c/0x280
[ 1178.616032][T20394]  ? lockdep_init_map_type+0x5c/0x280
[ 1178.616042][T20394]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[ 1178.616058][T20394]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[ 1178.616072][T20394]  vhost_task_create+0x1d2/0x370
[ 1178.616084][T20394]  ? __pfx_vhost_task_create+0x10/0x10
[ 1178.616099][T20394]  ? __pfx_vhost_task_fn+0x10/0x10
[ 1178.616116][T20394]  kvm_mmu_post_init_vm+0x1b7/0x380
[ 1178.616129][T20394]  kvm_arch_vcpu_ioctl_run+0x66/0x1970
[ 1178.616141][T20394]  ? kvm_vcpu_ioctl+0x14c5/0x1690
[ 1178.616159][T20394]  kvm_vcpu_ioctl+0x5eb/0x1690
[ 1178.616182][T20394]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1178.616197][T20394]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1178.616213][T20394]  ? do_vfs_ioctl+0x128/0x14f0
[ 1178.616228][T20394]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1178.616243][T20394]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1178.616260][T20394]  ? hook_file_ioctl_common+0x145/0x410
[ 1178.616279][T20394]  ? selinux_file_ioctl+0x180/0x270
[ 1178.616289][T20394]  ? selinux_file_ioctl+0xb4/0x270
[ 1178.616302][T20394]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1178.616317][T20394]  __x64_sys_ioctl+0x18e/0x210
[ 1178.616333][T20394]  do_syscall_64+0xcd/0xfa0
[ 1178.616351][T20394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1178.616361][T20394] RIP: 0033:0x7f8d2d18efc9
[ 1178.616371][T20394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1178.616381][T20394] RSP: 002b:00007f8d2e0ec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1178.616392][T20394] RAX: ffffffffffffffda RBX: 00007f8d2d3e6090 RCX: 00007f8d2d18efc9
[ 1178.616398][T20394] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1178.616405][T20394] RBP: 00007f8d2e0ec090 R08: 0000000000000000 R09: 0000000000000000
[ 1178.616411][T20394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1178.616417][T20394] R13: 00007f8d2d3e6128 R14: 00007f8d2d3e6090 R15: 00007fff7d4f3218
[ 1178.616431][T20394]  </TASK>
[ 1179.225756][T20407] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3687'.
[ 1179.258433][T20407] bridge_slave_1: left allmulticast mode
[ 1179.264102][T20407] bridge_slave_1: left promiscuous mode
[ 1179.270288][T20407] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1179.432408][T20407] bridge_slave_0: left allmulticast mode
[ 1179.438197][T20407] bridge_slave_0: left promiscuous mode
[ 1179.458671][T20407] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1182.075360][T20436] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3697'.
[ 1182.505355][T20438] overlayfs: failed to resolve 'uid>00000000000000016384': -2
[ 1184.666017][T20480] FAULT_INJECTION: forcing a failure.
[ 1184.666017][T20480] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1184.688796][T20480] CPU: 0 UID: 0 PID: 20480 Comm: syz.4.3707 Not tainted syzkaller #0 PREEMPT(full) 
[ 1184.688823][T20480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1184.688833][T20480] Call Trace:
[ 1184.688839][T20480]  <TASK>
[ 1184.688848][T20480]  dump_stack_lvl+0x16c/0x1f0
[ 1184.688880][T20480]  should_fail_ex+0x512/0x640
[ 1184.688905][T20480]  _copy_to_user+0x32/0xd0
[ 1184.688930][T20480]  video_usercopy+0xf43/0x1720
[ 1184.688959][T20480]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1184.688985][T20480]  ? selinux_kernel_read_file+0x120/0x130
[ 1184.689005][T20480]  ? __pfx_video_usercopy+0x10/0x10
[ 1184.689050][T20480]  v4l2_ioctl+0x1bd/0x250
[ 1184.689074][T20480]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1184.689100][T20480]  __x64_sys_ioctl+0x18e/0x210
[ 1184.689125][T20480]  do_syscall_64+0xcd/0xfa0
[ 1184.689152][T20480]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1184.689170][T20480] RIP: 0033:0x7ffaf878efc9
[ 1184.689191][T20480] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1184.689208][T20480] RSP: 002b:00007ffaf9569038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1184.689225][T20480] RAX: ffffffffffffffda RBX: 00007ffaf89e5fa0 RCX: 00007ffaf878efc9
[ 1184.689236][T20480] RDX: 0000200000000040 RSI: 00000000c008561c RDI: 0000000000000005
[ 1184.689246][T20480] RBP: 00007ffaf9569090 R08: 0000000000000000 R09: 0000000000000000
[ 1184.689256][T20480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1184.689265][T20480] R13: 00007ffaf89e6038 R14: 00007ffaf89e5fa0 R15: 00007ffd7c450eb8
[ 1184.689288][T20480]  </TASK>
[ 1186.434350][T20513] netlink: 'syz.0.3716': attribute type 1 has an invalid length.
[ 1186.442309][T20513] netlink: 244 bytes leftover after parsing attributes in process `syz.0.3716'.
[ 1186.627986][T20511] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3716'.
[ 1186.637285][T20511] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3716'.
[ 1188.233443][T20542] FAULT_INJECTION: forcing a failure.
[ 1188.233443][T20542] name failslab, interval 1, probability 0, space 0, times 0
[ 1188.249993][T20542] CPU: 1 UID: 0 PID: 20542 Comm: syz.3.3721 Not tainted syzkaller #0 PREEMPT(full) 
[ 1188.250017][T20542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1188.250027][T20542] Call Trace:
[ 1188.250033][T20542]  <TASK>
[ 1188.250040][T20542]  dump_stack_lvl+0x16c/0x1f0
[ 1188.250070][T20542]  should_fail_ex+0x512/0x640
[ 1188.250090][T20542]  ? fs_reclaim_acquire+0xae/0x150
[ 1188.250112][T20542]  should_failslab+0xc2/0x120
[ 1188.250132][T20542]  __kmalloc_noprof+0xdd/0x880
[ 1188.250157][T20542]  ? tomoyo_encode2+0x100/0x3e0
[ 1188.250186][T20542]  ? tomoyo_encode2+0x100/0x3e0
[ 1188.250205][T20542]  tomoyo_encode2+0x100/0x3e0
[ 1188.250229][T20542]  tomoyo_encode+0x29/0x50
[ 1188.250248][T20542]  tomoyo_realpath_from_path+0x18f/0x6e0
[ 1188.250276][T20542]  tomoyo_path_number_perm+0x245/0x580
[ 1188.250300][T20542]  ? tomoyo_path_number_perm+0x237/0x580
[ 1188.250333][T20542]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1188.250359][T20542]  ? find_held_lock+0x2b/0x80
[ 1188.250401][T20542]  ? find_held_lock+0x2b/0x80
[ 1188.250419][T20542]  ? hook_file_ioctl_common+0x145/0x410
[ 1188.250446][T20542]  ? __fget_files+0x20e/0x3c0
[ 1188.250468][T20542]  security_file_ioctl+0x9b/0x240
[ 1188.250486][T20542]  __x64_sys_ioctl+0xb7/0x210
[ 1188.250507][T20542]  do_syscall_64+0xcd/0xfa0
[ 1188.250529][T20542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1188.250543][T20542] RIP: 0033:0x7f1c1cd8efc9
[ 1188.250555][T20542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1188.250569][T20542] RSP: 002b:00007f1c1dc66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1188.250583][T20542] RAX: ffffffffffffffda RBX: 00007f1c1cfe5fa0 RCX: 00007f1c1cd8efc9
[ 1188.250592][T20542] RDX: 00002000000000c0 RSI: 00000000000007a5 RDI: 0000000000000003
[ 1188.250600][T20542] RBP: 00007f1c1dc66090 R08: 0000000000000000 R09: 0000000000000000
[ 1188.250608][T20542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1188.250616][T20542] R13: 00007f1c1cfe6038 R14: 00007f1c1cfe5fa0 R15: 00007fff5764f388
[ 1188.250636][T20542]  </TASK>
[ 1188.301705][T20547] FAULT_INJECTION: forcing a failure.
[ 1188.301705][T20547] name failslab, interval 1, probability 0, space 0, times 0
[ 1188.305010][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1188.479415][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1188.485380][    C1] hrtimer: interrupt took 229909287 ns
[ 1188.505887][T20547] CPU: 1 UID: 0 PID: 20547 Comm: syz.0.3720 Not tainted syzkaller #0 PREEMPT(full) 
[ 1188.505904][T20547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1188.505910][T20547] Call Trace:
[ 1188.505914][T20547]  <TASK>
[ 1188.505919][T20547]  dump_stack_lvl+0x16c/0x1f0
[ 1188.505939][T20547]  should_fail_ex+0x512/0x640
[ 1188.505951][T20547]  ? __kmalloc_cache_noprof+0x5f/0x780
[ 1188.505969][T20547]  should_failslab+0xc2/0x120
[ 1188.505981][T20547]  __kmalloc_cache_noprof+0x72/0x780
[ 1188.505997][T20547]  ? __pfx___might_resched+0x10/0x10
[ 1188.506011][T20547]  ? vhost_task_create+0xe5/0x370
[ 1188.506022][T20547]  ? rcu_is_watching+0x12/0xc0
[ 1188.506035][T20547]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[ 1188.506052][T20547]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[ 1188.506065][T20547]  ? vhost_task_create+0xe5/0x370
[ 1188.506076][T20547]  vhost_task_create+0xe5/0x370
[ 1188.506086][T20547]  ? __pfx_vhost_task_create+0x10/0x10
[ 1188.506101][T20547]  ? __pfx_vhost_task_fn+0x10/0x10
[ 1188.506118][T20547]  kvm_mmu_post_init_vm+0x1b7/0x380
[ 1188.506131][T20547]  kvm_arch_vcpu_ioctl_run+0x66/0x1970
[ 1188.506143][T20547]  ? kvm_vcpu_ioctl+0x14c5/0x1690
[ 1188.506161][T20547]  kvm_vcpu_ioctl+0x5eb/0x1690
[ 1188.506177][T20547]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1188.506192][T20547]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1188.506208][T20547]  ? do_vfs_ioctl+0x128/0x14f0
[ 1188.506223][T20547]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1188.506238][T20547]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1188.506256][T20547]  ? hook_file_ioctl_common+0x145/0x410
[ 1188.506274][T20547]  ? selinux_file_ioctl+0x180/0x270
[ 1188.506293][T20547]  ? selinux_file_ioctl+0xb4/0x270
[ 1188.506308][T20547]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1188.506328][T20547]  __x64_sys_ioctl+0x18e/0x210
[ 1188.506344][T20547]  do_syscall_64+0xcd/0xfa0
[ 1188.506361][T20547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1188.506372][T20547] RIP: 0033:0x7efcf898efc9
[ 1188.506381][T20547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1188.506392][T20547] RSP: 002b:00007efcf6bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1188.506403][T20547] RAX: ffffffffffffffda RBX: 00007efcf8be6090 RCX: 00007efcf898efc9
[ 1188.506409][T20547] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1188.506415][T20547] RBP: 00007efcf6bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 1188.506422][T20547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1188.506428][T20547] R13: 00007efcf8be6128 R14: 00007efcf8be6090 R15: 00007ffde27fe988
[ 1188.506442][T20547]  </TASK>
[ 1188.587346][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1188.716718][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1188.735843][T20542] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1189.145543][T20556] input: syz1 as /devices/virtual/input/input120
[ 1189.216426][   T30] audit: type=1400 audit(1762056264.158:2366): avc:  denied  { ioctl } for  pid=20554 comm="syz.0.3723" path="/dev/input/mice" dev="devtmpfs" ino=916 ioctlcmd=0x5640 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1189.850064][T20564] overlayfs: failed to resolve './file0': -2
[ 1191.170875][T20591] FAULT_INJECTION: forcing a failure.
[ 1191.170875][T20591] name failslab, interval 1, probability 0, space 0, times 0
[ 1191.185545][T20591] CPU: 0 UID: 0 PID: 20591 Comm: syz.3.3733 Not tainted syzkaller #0 PREEMPT(full) 
[ 1191.185571][T20591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1191.185580][T20591] Call Trace:
[ 1191.185587][T20591]  <TASK>
[ 1191.185594][T20591]  dump_stack_lvl+0x16c/0x1f0
[ 1191.185623][T20591]  should_fail_ex+0x512/0x640
[ 1191.185636][T20591]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[ 1191.185655][T20591]  should_failslab+0xc2/0x120
[ 1191.185669][T20591]  kmem_cache_alloc_node_noprof+0x78/0x770
[ 1191.185685][T20591]  ? copy_process+0x4b5/0x76a0
[ 1191.185698][T20591]  ? preempt_schedule_thunk+0x16/0x30
[ 1191.185718][T20591]  ? copy_process+0x4b5/0x76a0
[ 1191.185731][T20591]  copy_process+0x4b5/0x76a0
[ 1191.185751][T20591]  ? __pfx_copy_process+0x10/0x10
[ 1191.185767][T20591]  ? lockdep_init_map_type+0x5c/0x280
[ 1191.185779][T20591]  ? lockdep_init_map_type+0x5c/0x280
[ 1191.185789][T20591]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[ 1191.185805][T20591]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[ 1191.185819][T20591]  vhost_task_create+0x1d2/0x370
[ 1191.185830][T20591]  ? __pfx_vhost_task_create+0x10/0x10
[ 1191.185844][T20591]  ? __pfx_vhost_task_fn+0x10/0x10
[ 1191.185862][T20591]  kvm_mmu_post_init_vm+0x1b7/0x380
[ 1191.185874][T20591]  kvm_arch_vcpu_ioctl_run+0x66/0x1970
[ 1191.185886][T20591]  ? preempt_schedule_thunk+0x16/0x30
[ 1191.185905][T20591]  kvm_vcpu_ioctl+0x5eb/0x1690
[ 1191.185922][T20591]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1191.185937][T20591]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1191.185952][T20591]  ? do_vfs_ioctl+0x128/0x14f0
[ 1191.185968][T20591]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1191.185982][T20591]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1191.186000][T20591]  ? hook_file_ioctl_common+0x145/0x410
[ 1191.186019][T20591]  ? selinux_file_ioctl+0x180/0x270
[ 1191.186032][T20591]  ? selinux_file_ioctl+0xb4/0x270
[ 1191.186044][T20591]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1191.186059][T20591]  __x64_sys_ioctl+0x18e/0x210
[ 1191.186075][T20591]  do_syscall_64+0xcd/0xfa0
[ 1191.186092][T20591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1191.186103][T20591] RIP: 0033:0x7f1c1cd8efc9
[ 1191.186112][T20591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1191.186122][T20591] RSP: 002b:00007f1c1dc66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1191.186133][T20591] RAX: ffffffffffffffda RBX: 00007f1c1cfe5fa0 RCX: 00007f1c1cd8efc9
[ 1191.186139][T20591] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[ 1191.186146][T20591] RBP: 00007f1c1dc66090 R08: 0000000000000000 R09: 0000000000000000
[ 1191.186152][T20591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1191.186157][T20591] R13: 00007f1c1cfe6038 R14: 00007f1c1cfe5fa0 R15: 00007fff5764f388
[ 1191.186172][T20591]  </TASK>
[ 1191.512459][T20594] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3734'.
[ 1191.521528][T20594] team0: left allmulticast mode
[ 1191.526443][T20594] team_slave_0: left allmulticast mode
[ 1191.531944][T20594] team_slave_1: left allmulticast mode
[ 1191.537523][T20594] team0: left promiscuous mode
[ 1191.542293][T20594] team_slave_0: left promiscuous mode
[ 1191.548035][T20594] team_slave_1: left promiscuous mode
[ 1191.553936][T20594] bridge0: port 3(team0) entered disabled state
[ 1191.895632][   T30] audit: type=1400 audit(1762056266.828:2367): avc:  denied  { read } for  pid=20595 comm="syz.3.3735" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[ 1191.919476][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1192.199870][T20594] bridge_slave_1: left allmulticast mode
[ 1192.206562][T20594] bridge_slave_1: left promiscuous mode
[ 1192.212343][T20594] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1192.341719][T20594] bridge_slave_0: left allmulticast mode
[ 1192.347468][T20594] bridge_slave_0: left promiscuous mode
[ 1192.363398][T20594] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1192.545556][    T9] usb 4-1: new high-speed USB device number 121 using dummy_hcd
[ 1192.708277][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1192.719350][    T9] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1192.729089][ T5893] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[ 1192.736895][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1192.755829][    T9] usb 4-1: config 0 descriptor??
[ 1192.767768][    T9] pwc: Askey VC010 type 2 USB webcam detected.
[ 1192.926271][ T5893] usb 7-1: Using ep0 maxpacket: 16
[ 1193.035620][ T5893] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 1193.105862][ T5893] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1193.117338][ T5893] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[ 1193.133493][ T5893] usb 7-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[ 1193.142724][ T5893] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1193.178331][ T5893] usb 7-1: config 0 descriptor??
[ 1193.214524][    T9] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1193.223798][    T9] pwc: recv_control_msg error -32 req 02 val 2700
[ 1193.231375][    T9] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1193.238591][    T9] pwc: recv_control_msg error -32 req 04 val 1000
[ 1193.245434][    T9] pwc: recv_control_msg error -32 req 04 val 1300
[ 1193.443013][    T9] pwc: recv_control_msg error -32 req 04 val 1400
[ 1193.450634][    T9] pwc: recv_control_msg error -32 req 02 val 2000
[ 1193.741062][T20604] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[ 1193.868317][ T5893] logitech 0003:046D:C295.0030: hidraw0: USB HID v0.01 Device [HID 046d:c295] on usb-dummy_hcd.6-1/input0
[ 1193.889165][ T5893] logitech 0003:046D:C295.0030: no inputs found
[ 1193.999778][ T6371] usb 7-1: USB disconnect, device number 18
[ 1195.336090][    T9] pwc: recv_control_msg error -71 req 04 val 1500
[ 1195.343778][    T9] pwc: recv_control_msg error -71 req 02 val 2500
[ 1195.352399][    T9] pwc: recv_control_msg error -71 req 02 val 2400
[ 1195.360009][    T9] pwc: recv_control_msg error -71 req 02 val 2600
[ 1195.367129][    T9] pwc: recv_control_msg error -71 req 02 val 2900
[ 1195.373981][    T9] pwc: recv_control_msg error -71 req 02 val 2800
[ 1195.384093][    T9] pwc: recv_control_msg error -71 req 04 val 1100
[ 1195.406426][    T9] pwc: recv_control_msg error -71 req 04 val 1200
[ 1195.431517][    T9] pwc: Registered as video103.
[ 1195.561384][    T9] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input121
[ 1195.967122][    T9] usb 4-1: USB disconnect, device number 121
[ 1197.485577][    T9] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[ 1197.661021][    T9] usb 4-1: Using ep0 maxpacket: 8
[ 1198.030988][    T9] usb 4-1: config 0 interface 0 altsetting 32 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1198.041888][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1198.049487][    T9] usb 4-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[ 1198.065718][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1198.085935][    T9] usb 4-1: config 0 descriptor??
[ 1198.563531][T20680] FAULT_INJECTION: forcing a failure.
[ 1198.563531][T20680] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1198.576853][T20680] CPU: 0 UID: 0 PID: 20680 Comm: syz.2.3761 Not tainted syzkaller #0 PREEMPT(full) 
[ 1198.576876][T20680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1198.576886][T20680] Call Trace:
[ 1198.576892][T20680]  <TASK>
[ 1198.576899][T20680]  dump_stack_lvl+0x16c/0x1f0
[ 1198.576934][T20680]  should_fail_ex+0x512/0x640
[ 1198.576958][T20680]  _copy_from_iter+0x29f/0x1720
[ 1198.576982][T20680]  ? __alloc_skb+0x200/0x380
[ 1198.577004][T20680]  ? __pfx__copy_from_iter+0x10/0x10
[ 1198.577024][T20680]  ? netlink_autobind.isra.0+0x158/0x370
[ 1198.577059][T20680]  netlink_sendmsg+0x820/0xdd0
[ 1198.577089][T20680]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1198.577123][T20680]  ____sys_sendmsg+0xa98/0xc70
[ 1198.577142][T20680]  ? copy_msghdr_from_user+0x10a/0x160
[ 1198.577164][T20680]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1198.577192][T20680]  ___sys_sendmsg+0x134/0x1d0
[ 1198.577217][T20680]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1198.577243][T20680]  ? __lock_acquire+0x622/0x1c90
[ 1198.577302][T20680]  __sys_sendmsg+0x16d/0x220
[ 1198.577325][T20680]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1198.577363][T20680]  do_syscall_64+0xcd/0xfa0
[ 1198.577392][T20680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1198.577409][T20680] RIP: 0033:0x7f237478efc9
[ 1198.577424][T20680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1198.577441][T20680] RSP: 002b:00007f2375687038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1198.577458][T20680] RAX: ffffffffffffffda RBX: 00007f23749e5fa0 RCX: 00007f237478efc9
[ 1198.577469][T20680] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1198.577479][T20680] RBP: 00007f2375687090 R08: 0000000000000000 R09: 0000000000000000
[ 1198.577490][T20680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1198.577499][T20680] R13: 00007f23749e6038 R14: 00007f23749e5fa0 R15: 00007ffff33947c8
[ 1198.577525][T20680]  </TASK>
[ 1199.153293][    T9] holtek 0003:1241:5015.0031: unknown main item tag 0x0
[ 1199.170717][    T9] holtek 0003:1241:5015.0031: unknown main item tag 0x0
[ 1199.213283][    T9] holtek 0003:1241:5015.0031: unknown main item tag 0x0
[ 1199.245951][    T9] holtek 0003:1241:5015.0031: unknown main item tag 0x0
[ 1199.252949][    T9] holtek 0003:1241:5015.0031: unknown main item tag 0x0
[ 1199.314003][    T9] holtek 0003:1241:5015.0031: unknown main item tag 0x0
[ 1199.341831][    T9] holtek 0003:1241:5015.0031: unknown main item tag 0x0
[ 1199.373573][    T9] holtek 0003:1241:5015.0031: hidraw0: USB HID v54.8a Device [HID 1241:5015] on usb-dummy_hcd.3-1/input0
[ 1199.420475][   T30] audit: type=1400 audit(1762056274.368:2368): avc:  denied  { create } for  pid=20696 comm="syz.2.3767" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1199.445925][    T9] holtek 0003:1241:5015.0031: no inputs found
[ 1199.463634][    T9] usb 4-1: USB disconnect, device number 122
[ 1199.498986][   T30] audit: type=1400 audit(1762056274.398:2369): avc:  denied  { ioctl } for  pid=20696 comm="syz.2.3767" path="socket:[71032]" dev="sockfs" ino=71032 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1199.591794][T20695] fido_id[20695]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1199.763733][T20704] netlink: 'syz.2.3768': attribute type 13 has an invalid length.
[ 1200.245553][ T6371] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[ 1200.459412][ T6371] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1200.530983][ T6371] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1200.843689][ T6371] usb 3-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[ 1200.864174][ T6371] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1200.887309][ T6371] usb 3-1: config 0 descriptor??
[ 1201.205557][ T6104] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 1201.647396][ T6104] usb 7-1: config 1 has an invalid interface number: 7 but max is 0
[ 1201.659406][ T6104] usb 7-1: config 1 has no interface number 0
[ 1201.666452][ T6104] usb 7-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[ 1201.721942][ T6104] usb 7-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[ 1201.778108][ T6104] usb 7-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1201.856176][ T6104] usb 7-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[ 1201.885716][ T6104] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1201.974029][ T6104] usb 7-1: Product: syz
[ 1202.008833][ T6104] usb 7-1: Manufacturer: syz
[ 1202.020730][ T6104] usb 7-1: SerialNumber: syz
[ 1202.107124][T20722] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1202.401069][T20722] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1202.780135][ T6104] usb 7-1: Incompatible driver and firmware versions
[ 1203.309131][    T9] usb 7-1: USB disconnect, device number 19
[ 1203.343290][T20761] netlink: 'syz.3.3789': attribute type 13 has an invalid length.
[ 1203.484546][ T6371] usbhid 3-1:0.0: can't add hid device: -71
[ 1203.495642][ T6371] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1203.523888][ T6371] usb 3-1: USB disconnect, device number 119
[ 1203.611648][T20768] FAULT_INJECTION: forcing a failure.
[ 1203.611648][T20768] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1203.625271][T20768] CPU: 0 UID: 0 PID: 20768 Comm: syz.4.3794 Not tainted syzkaller #0 PREEMPT(full) 
[ 1203.625294][T20768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1203.625304][T20768] Call Trace:
[ 1203.625310][T20768]  <TASK>
[ 1203.625316][T20768]  dump_stack_lvl+0x16c/0x1f0
[ 1203.625346][T20768]  should_fail_ex+0x512/0x640
[ 1203.625371][T20768]  strncpy_from_user+0x3b/0x2e0
[ 1203.625393][T20768]  getname_flags.part.0+0x8f/0x550
[ 1203.625421][T20768]  getname_flags+0x93/0xf0
[ 1203.625438][T20768]  __x64_sys_renameat2+0xd4/0x130
[ 1203.625463][T20768]  do_syscall_64+0xcd/0xfa0
[ 1203.625489][T20768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.625505][T20768] RIP: 0033:0x7ffaf878efc9
[ 1203.625520][T20768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1203.625535][T20768] RSP: 002b:00007ffaf9569038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[ 1203.625552][T20768] RAX: ffffffffffffffda RBX: 00007ffaf89e5fa0 RCX: 00007ffaf878efc9
[ 1203.625564][T20768] RDX: 0000000000000004 RSI: 00002000000000c0 RDI: 0000000000000004
[ 1203.625574][T20768] RBP: 00007ffaf9569090 R08: 0000000000000002 R09: 0000000000000000
[ 1203.625583][T20768] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[ 1203.625594][T20768] R13: 00007ffaf89e6038 R14: 00007ffaf89e5fa0 R15: 00007ffd7c450eb8
[ 1203.625620][T20768]  </TASK>
[ 1203.825710][ T6104] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[ 1204.147271][ T6104] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1204.165593][ T6104] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1204.196805][ T6104] usb 4-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[ 1204.206474][ T6104] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1204.226053][ T6104] usb 4-1: config 0 descriptor??
[ 1206.166534][   T30] audit: type=1400 audit(1762056281.108:2370): avc:  denied  { accept } for  pid=20802 comm="syz.6.3804" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1206.253679][ T6104] usbhid 4-1:0.0: can't add hid device: -71
[ 1206.259895][ T6104] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1206.373809][ T6104] usb 4-1: USB disconnect, device number 123
[ 1206.602185][T20815] FAULT_INJECTION: forcing a failure.
[ 1206.602185][T20815] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1206.619687][T20815] CPU: 0 UID: 0 PID: 20815 Comm: syz.4.3807 Not tainted syzkaller #0 PREEMPT(full) 
[ 1206.619711][T20815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1206.619721][T20815] Call Trace:
[ 1206.619727][T20815]  <TASK>
[ 1206.619733][T20815]  dump_stack_lvl+0x16c/0x1f0
[ 1206.619764][T20815]  should_fail_ex+0x512/0x640
[ 1206.619786][T20815]  _copy_to_user+0x32/0xd0
[ 1206.619808][T20815]  video_usercopy+0xf43/0x1720
[ 1206.619835][T20815]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1206.619858][T20815]  ? selinux_kernel_read_file+0x120/0x130
[ 1206.619878][T20815]  ? __pfx_video_usercopy+0x10/0x10
[ 1206.619918][T20815]  v4l2_ioctl+0x1bd/0x250
[ 1206.619940][T20815]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1206.619963][T20815]  __x64_sys_ioctl+0x18e/0x210
[ 1206.619994][T20815]  do_syscall_64+0xcd/0xfa0
[ 1206.620021][T20815]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1206.620038][T20815] RIP: 0033:0x7ffaf878efc9
[ 1206.620051][T20815] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1206.620068][T20815] RSP: 002b:00007ffaf9569038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1206.620083][T20815] RAX: ffffffffffffffda RBX: 00007ffaf89e5fa0 RCX: 00007ffaf878efc9
[ 1206.620094][T20815] RDX: 0000200000000040 RSI: 00000000c0405602 RDI: 0000000000000003
[ 1206.620105][T20815] RBP: 00007ffaf9569090 R08: 0000000000000000 R09: 0000000000000000
[ 1206.620114][T20815] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1206.620124][T20815] R13: 00007ffaf89e6038 R14: 00007ffaf89e5fa0 R15: 00007ffd7c450eb8
[ 1206.620149][T20815]  </TASK>
[ 1206.785238][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1207.565548][   T43] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[ 1207.748888][   T43] usb 7-1: Using ep0 maxpacket: 32
[ 1207.846450][   T43] usb 7-1: config 0 has an invalid interface number: 85 but max is 0
[ 1207.858166][   T43] usb 7-1: config 0 has no interface number 0
[ 1207.864293][   T43] usb 7-1: config 0 interface 85 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1207.903319][   T43] usb 7-1: config 0 interface 85 has no altsetting 0
[ 1207.976694][   T43] usb 7-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1207.985789][   T43] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1207.993750][   T43] usb 7-1: Product: syz
[ 1207.998064][   T43] usb 7-1: Manufacturer: syz
[ 1208.002668][   T43] usb 7-1: SerialNumber: syz
[ 1208.010025][   T43] usb 7-1: config 0 descriptor??
[ 1208.042270][   T43] appletouch 7-1:0.85: Could not find int-in endpoint
[ 1208.050913][   T43] appletouch 7-1:0.85: probe with driver appletouch failed with error -5
[ 1208.060065][   T43] usbhid 7-1:0.85: couldn't find an input interrupt endpoint
[ 1208.264355][   T43] usb 7-1: USB disconnect, device number 20
[ 1209.848874][ T5924] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1209.861500][T20855] binder: 20845:20855 ioctl c0306201 0 returned -14
[ 1210.860281][T20876] program syz.6.3828 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1210.975536][   T30] audit: type=1400 audit(1762056285.848:2371): avc:  denied  { accept } for  pid=20870 comm="syz.6.3828" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 1210.995543][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1211.244408][T20874] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3826'.
[ 1211.257512][T20874] bridge_slave_1: left allmulticast mode
[ 1211.276288][T20874] bridge_slave_1: left promiscuous mode
[ 1211.282205][T20874] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1211.352797][T20874] bridge_slave_0: left allmulticast mode
[ 1211.359433][T20874] bridge_slave_0: left promiscuous mode
[ 1211.367405][T20874] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1213.246781][T20892] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3832'.
[ 1213.585825][T12147] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[ 1213.705573][ T5893] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[ 1213.739708][T12147] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1213.756659][T12147] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1213.801806][T20904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3836'.
[ 1213.862742][T12147] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1213.872047][T12147] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1213.880343][T12147] usb 4-1: SerialNumber: syz
[ 1213.926921][ T5893] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC7, changing to 0x87
[ 1213.938673][ T5893] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 197, changing to 11
[ 1213.950208][ T5893] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 41835, setting to 1024
[ 1213.965619][ T5893] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1213.985629][ T5893] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1214.001786][ T5893] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1214.046074][ T5893] usb 7-1: config 0 descriptor??
[ 1214.131244][T12147] usb 4-1: 0:2 : does not exist
[ 1214.136428][T12147] usb 4-1: unit 5: unexpected type 0x09
[ 1214.153527][T12147] usb 4-1: USB disconnect, device number 124
[ 1214.192959][T18086] udevd[18086]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1214.352133][T20905] fuse: Bad value for 'fd'
[ 1216.008537][T20916] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3840'.
[ 1216.017596][T20916] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3840'.
[ 1216.836994][ T5893] usbhid 7-1:0.0: can't add hid device: -71
[ 1216.862447][ T5893] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1216.923524][ T5893] usb 7-1: USB disconnect, device number 21
[ 1219.604672][T20958] tipc: Started in network mode
[ 1219.615580][T20958] tipc: Node identity 4, cluster identity 4711
[ 1219.632623][T20958] tipc: Node number set to 4
[ 1219.725537][    T9] usb 4-1: new high-speed USB device number 125 using dummy_hcd
[ 1219.883294][T20964] FAULT_INJECTION: forcing a failure.
[ 1219.883294][T20964] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1219.905575][    T9] usb 4-1: Using ep0 maxpacket: 32
[ 1219.912390][    T9] usb 4-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[ 1219.925742][    T9] usb 4-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[ 1219.936187][T20964] CPU: 1 UID: 0 PID: 20964 Comm: syz.0.3853 Not tainted syzkaller #0 PREEMPT(full) 
[ 1219.936210][T20964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1219.936219][T20964] Call Trace:
[ 1219.936225][T20964]  <TASK>
[ 1219.936233][T20964]  dump_stack_lvl+0x16c/0x1f0
[ 1219.936260][T20964]  should_fail_ex+0x512/0x640
[ 1219.936281][T20964]  _copy_to_user+0x32/0xd0
[ 1219.936302][T20964]  video_usercopy+0xf43/0x1720
[ 1219.936328][T20964]  ? __pfx_subdev_do_ioctl_lock+0x10/0x10
[ 1219.936348][T20964]  ? selinux_kernel_read_file+0x120/0x130
[ 1219.936366][T20964]  ? __pfx_video_usercopy+0x10/0x10
[ 1219.936403][T20964]  v4l2_ioctl+0x1bd/0x250
[ 1219.936424][T20964]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1219.936446][T20964]  __x64_sys_ioctl+0x18e/0x210
[ 1219.936469][T20964]  do_syscall_64+0xcd/0xfa0
[ 1219.936494][T20964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1219.936510][T20964] RIP: 0033:0x7efcf898efc9
[ 1219.936522][T20964] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1219.936536][T20964] RSP: 002b:00007efcf9746038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1219.936552][T20964] RAX: ffffffffffffffda RBX: 00007efcf8be5fa0 RCX: 00007efcf898efc9
[ 1219.936562][T20964] RDX: 00002000000000c0 RSI: 00000000c0585605 RDI: 0000000000000003
[ 1219.936571][T20964] RBP: 00007efcf9746090 R08: 0000000000000000 R09: 0000000000000000
[ 1219.936581][T20964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1219.936590][T20964] R13: 00007efcf8be6038 R14: 00007efcf8be5fa0 R15: 00007ffde27fe988
[ 1219.936612][T20964]  </TASK>
[ 1220.158992][    T9] usb 4-1: config 155 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1220.170434][    T9] usb 4-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[ 1220.186993][    T9] usb 4-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[ 1220.197093][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1220.212021][    T9] usb 4-1: Product: syz
[ 1220.217296][    T9] usb 4-1: Manufacturer: syz
[ 1220.221898][    T9] usb 4-1: SerialNumber: syz
[ 1220.324549][T20971] netlink: 'syz.0.3855': attribute type 1 has an invalid length.
[ 1220.332471][T20971] netlink: 244 bytes leftover after parsing attributes in process `syz.0.3855'.
[ 1220.422295][    T9] imon:imon_find_endpoints: no valid input (IR) endpoint found
[ 1220.699116][    T9] imon 4-1:155.0: unable to initialize intf0, err -19
[ 1221.291559][    T9] imon:imon_probe: failed to initialize context!
[ 1221.297997][    T9] imon 4-1:155.0: unable to register, err -19
[ 1221.969675][ T6104] usb 4-1: USB disconnect, device number 125
[ 1222.221630][T20968] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3855'.
[ 1222.230647][T20968] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3855'.
[ 1223.093714][T20996] netlink: 11852 bytes leftover after parsing attributes in process `syz.2.3860'.
[ 1223.230204][T20999] ipt_rpfilter: unknown options
[ 1223.585291][   T30] audit: type=1400 audit(1762056298.528:2372): avc:  denied  { connect } for  pid=20998 comm="syz.3.3862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[ 1224.036473][   T43] usb 3-1: new high-speed USB device number 120 using dummy_hcd
[ 1224.606031][   T43] usb 3-1: Using ep0 maxpacket: 16
[ 1224.690939][   T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1224.705605][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1224.727288][   T43] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1224.755813][   T43] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1224.831354][ T5893] usb 4-1: new full-speed USB device number 126 using dummy_hcd
[ 1224.839420][   T43] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1225.041822][   T43] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1225.097425][   T43] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1225.158922][T21020] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3869'.
[ 1225.168035][T21020] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3869'.
[ 1225.200406][   T43] usb 3-1: Manufacturer: syz
[ 1225.209213][   T43] usb 3-1: config 0 descriptor??
[ 1225.216953][ T5893] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1225.225159][ T5893] usb 4-1: not running at top speed; connect to a high speed hub
[ 1225.260125][ T5893] usb 4-1: New USB device found, idVendor=04e8, idProduct=6889, bcdDevice=93.dd
[ 1225.276757][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1225.489017][ T5893] usb 4-1: Product: syz
[ 1225.493217][ T5893] usb 4-1: Manufacturer: syz
[ 1225.538078][ T5893] usb 4-1: SerialNumber: syz
[ 1225.556912][   T43] rc_core: IR keymap rc-hauppauge not found
[ 1225.563712][   T43] Registered IR keymap rc-empty
[ 1225.573517][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.638405][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.676769][   T43] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[ 1225.721746][   T43] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input127
[ 1225.725275][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.737487][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.781478][T21016] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3867'.
[ 1225.785867][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.836644][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.856747][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.886335][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.916793][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.946472][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.966495][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1225.988424][T21035] netlink: 'syz.4.3871': attribute type 1 has an invalid length.
[ 1225.989340][T21035] netlink: 244 bytes leftover after parsing attributes in process `syz.4.3871'.
[ 1226.152731][   T43] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[ 1226.176743][   T43] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1226.176764][   T43] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1226.184785][   T43] usb 3-1: USB disconnect, device number 120
[ 1226.298576][T21037] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3871'.
[ 1226.298710][T21037] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3871'.
[ 1226.323386][ T5893] kalmia 4-1:205.0: probe with driver kalmia failed with error -22
[ 1226.447838][ T5893] usb 4-1: USB disconnect, device number 126
[ 1226.781968][T21033] tty tty3: ldisc open failed (-12), clearing slot 2
[ 1226.911431][T21044] FAULT_INJECTION: forcing a failure.
[ 1226.911431][T21044] name failslab, interval 1, probability 0, space 0, times 0
[ 1226.911466][T21044] CPU: 1 UID: 0 PID: 21044 Comm: syz.3.3874 Not tainted syzkaller #0 PREEMPT(full) 
[ 1226.911478][T21044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1226.911485][T21044] Call Trace:
[ 1226.911489][T21044]  <TASK>
[ 1226.911494][T21044]  dump_stack_lvl+0x16c/0x1f0
[ 1226.911514][T21044]  should_fail_ex+0x512/0x640
[ 1226.911527][T21044]  ? fs_reclaim_acquire+0xae/0x150
[ 1226.911541][T21044]  should_failslab+0xc2/0x120
[ 1226.911554][T21044]  __kmalloc_noprof+0xdd/0x880
[ 1226.911570][T21044]  ? tomoyo_encode2+0x100/0x3e0
[ 1226.911585][T21044]  ? tomoyo_encode2+0x100/0x3e0
[ 1226.911596][T21044]  tomoyo_encode2+0x100/0x3e0
[ 1226.911609][T21044]  tomoyo_unix_entry+0x341/0x650
[ 1226.911622][T21044]  ? __pfx_tomoyo_unix_entry+0x10/0x10
[ 1226.911635][T21044]  ? kasan_save_stack+0x42/0x60
[ 1226.911653][T21044]  tomoyo_socket_connect_permission+0x31f/0x360
[ 1226.911667][T21044]  ? __pfx_tomoyo_socket_connect_permission+0x10/0x10
[ 1226.911683][T21044]  ? __lock_acquire+0x622/0x1c90
[ 1226.911704][T21044]  security_socket_connect+0x9b/0x240
[ 1226.911723][T21044]  __sys_connect_file+0x8f/0x1a0
[ 1226.911738][T21044]  io_connect+0x207/0x740
[ 1226.911751][T21044]  ? __pfx_io_connect+0x10/0x10
[ 1226.911766][T21044]  __io_issue_sqe+0xe8/0x7c0
[ 1226.911780][T21044]  io_issue_sqe+0x85/0x1000
[ 1226.911796][T21044]  ? io_connect_prep+0x28b/0x350
[ 1226.911808][T21044]  io_submit_sqes+0x94d/0x2710
[ 1226.911831][T21044]  __do_sys_io_uring_enter+0xd69/0x1630
[ 1226.911856][T21044]  ? __fget_files+0x20e/0x3c0
[ 1226.911867][T21044]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[ 1226.911885][T21044]  ? fput+0x9b/0xd0
[ 1226.911898][T21044]  ? ksys_write+0x1ac/0x250
[ 1226.911908][T21044]  ? __pfx_ksys_write+0x10/0x10
[ 1226.911922][T21044]  do_syscall_64+0xcd/0xfa0
[ 1226.911940][T21044]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1226.911951][T21044] RIP: 0033:0x7f1c1cd8efc9
[ 1226.911960][T21044] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1226.911970][T21044] RSP: 002b:00007f1c1dc66038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1226.911980][T21044] RAX: ffffffffffffffda RBX: 00007f1c1cfe5fa0 RCX: 00007f1c1cd8efc9
[ 1226.911987][T21044] RDX: 000000000000067f RSI: 0000000000003516 RDI: 0000000000000009
[ 1226.911993][T21044] RBP: 00007f1c1dc66090 R08: 0000000000000000 R09: 0000000000000000
[ 1226.911999][T21044] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000001
[ 1226.912006][T21044] R13: 00007f1c1cfe6038 R14: 00007f1c1cfe5fa0 R15: 00007fff5764f388
[ 1226.912020][T21044]  </TASK>
[ 1226.997497][ T5893] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[ 1227.750200][ T5893] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC7, changing to 0x87
[ 1227.750232][ T5893] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 197, changing to 11
[ 1227.750258][ T5893] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 41835, setting to 1024
[ 1227.750282][ T5893] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1227.750317][ T5893] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1227.750336][ T5893] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1227.757032][ T5893] usb 7-1: config 0 descriptor??
[ 1227.855583][   T10] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[ 1228.015994][   T10] usb 4-1: Using ep0 maxpacket: 8
[ 1228.026977][   T10] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1228.027024][   T10] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1228.027045][   T10] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1228.027088][   T10] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1228.027109][   T10] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1228.027145][   T10] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1228.027165][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1228.044170][T21059] fuse: Bad value for 'fd'
[ 1229.192819][   T10] usb 4-1: usb_control_msg returned -32
[ 1229.192846][   T10] usbtmc 4-1:16.0: can't read capabilities
[ 1229.226762][T21060] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3878'.
[ 1229.684128][T21077] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3881'.
[ 1230.463153][T21086] netlink: 'syz.2.3883': attribute type 1 has an invalid length.
[ 1230.471120][T21086] netlink: 244 bytes leftover after parsing attributes in process `syz.2.3883'.
[ 1230.646821][T21085] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3883'.
[ 1230.656095][T21085] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3883'.
[ 1230.909598][T18660] usb 4-1: USB disconnect, device number 127
[ 1230.934601][ T5893] usbhid 7-1:0.0: can't add hid device: -71
[ 1230.950970][ T5893] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1230.995324][ T5893] usb 7-1: USB disconnect, device number 22
[ 1231.041583][T21094] FAULT_INJECTION: forcing a failure.
[ 1231.041583][T21094] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1231.130533][T21094] CPU: 0 UID: 0 PID: 21094 Comm: syz.3.3887 Not tainted syzkaller #0 PREEMPT(full) 
[ 1231.130558][T21094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1231.130568][T21094] Call Trace:
[ 1231.130574][T21094]  <TASK>
[ 1231.130581][T21094]  dump_stack_lvl+0x16c/0x1f0
[ 1231.130608][T21094]  should_fail_ex+0x512/0x640
[ 1231.130631][T21094]  _copy_from_user+0x2e/0xd0
[ 1231.130652][T21094]  vmci_host_unlocked_ioctl+0x789/0x2040
[ 1231.130671][T21094]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[ 1231.130689][T21094]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1231.130719][T21094]  ? do_vfs_ioctl+0x128/0x14f0
[ 1231.130742][T21094]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1231.130764][T21094]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1231.130792][T21094]  ? hook_file_ioctl_common+0x145/0x410
[ 1231.130819][T21094]  ? selinux_file_ioctl+0x180/0x270
[ 1231.130835][T21094]  ? selinux_file_ioctl+0xb4/0x270
[ 1231.130853][T21094]  ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10
[ 1231.130871][T21094]  __x64_sys_ioctl+0x18e/0x210
[ 1231.130896][T21094]  do_syscall_64+0xcd/0xfa0
[ 1231.130922][T21094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1231.130938][T21094] RIP: 0033:0x7f1c1cd8efc9
[ 1231.130952][T21094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1231.130971][T21094] RSP: 002b:00007f1c1dc66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1231.130988][T21094] RAX: ffffffffffffffda RBX: 00007f1c1cfe5fa0 RCX: 00007f1c1cd8efc9
[ 1231.130999][T21094] RDX: 0000200000000180 RSI: 00000000000007b0 RDI: 0000000000000003
[ 1231.131010][T21094] RBP: 00007f1c1dc66090 R08: 0000000000000000 R09: 0000000000000000
[ 1231.131020][T21094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1231.131030][T21094] R13: 00007f1c1cfe6038 R14: 00007f1c1cfe5fa0 R15: 00007fff5764f388
[ 1231.131059][T21094]  </TASK>
[ 1233.228498][T21108] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5129 sclass=netlink_route_socket pid=21108 comm=syz.0.3890
[ 1233.435564][   T30] audit: type=1400 audit(1762056308.378:2373): avc:  denied  { write } for  pid=21113 comm="syz.4.3892" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1234.814412][ T5893] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[ 1235.066207][ T5893] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC7, changing to 0x87
[ 1235.092701][ T5893] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 197, changing to 11
[ 1235.386088][T21142] netlink: 'syz.0.3901': attribute type 1 has an invalid length.
[ 1235.394077][T21142] netlink: 244 bytes leftover after parsing attributes in process `syz.0.3901'.
[ 1235.450830][ T5893] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 41835, setting to 1024
[ 1235.515553][ T5893] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1235.559412][ T5893] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1235.574297][T21140] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3901'.
[ 1235.583511][T21140] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3901'.
[ 1235.615585][ T5893] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1235.663037][ T5893] usb 7-1: config 0 descriptor??
[ 1235.865593][T14344] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[ 1235.945470][T21147] fuse: Bad value for 'fd'
[ 1237.189250][T14344] usb 4-1: Using ep0 maxpacket: 16
[ 1237.236446][T14344] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1237.261208][T14344] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1237.272726][T14344] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1237.285760][T14344] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1237.296348][T14344] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1237.311142][T14344] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1237.323560][T14344] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1237.331969][T14344] usb 4-1: Manufacturer: syz
[ 1237.366335][T14344] usb 4-1: config 0 descriptor??
[ 1237.655560][T14344] rc_core: IR keymap rc-hauppauge not found
[ 1237.661579][T14344] Registered IR keymap rc-empty
[ 1238.345775][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1238.375248][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1238.375577][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1238.608559][T14344] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[ 1238.701409][T14344] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input129
[ 1239.542353][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1239.562975][ T5893] usbhid 7-1:0.0: can't add hid device: -71
[ 1239.595582][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1239.700699][ T5893] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1239.715163][ T5893] usb 7-1: USB disconnect, device number 23
[ 1239.786353][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1239.865842][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1239.885810][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1239.905562][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1239.945581][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1239.975545][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1240.055407][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1240.086436][T14344] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[ 1240.815799][T14344] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1240.853874][T14344] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1240.899646][T14344] usb 4-1: USB disconnect, device number 2
[ 1241.065498][ T5893] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[ 1241.318494][T21191] netlink: 'syz.3.3913': attribute type 1 has an invalid length.
[ 1241.327466][T21191] netlink: 244 bytes leftover after parsing attributes in process `syz.3.3913'.
[ 1241.396841][ T5893] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1241.421674][ T5893] usb 7-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config
[ 1242.336010][ T5924] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1242.517804][ T5893] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1242.527196][ T5893] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1242.541799][ T5893] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1242.555518][ T5893] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1242.563578][ T5893] usb 7-1: Product: syz
[ 1242.570480][ T5893] usb 7-1: Manufacturer: syz
[ 1242.608454][ T5893] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1242.633754][T21195] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3913'.
[ 1242.699435][T21195] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3913'.
[ 1243.458665][ T5893] usb 7-1: USB disconnect, device number 24
[ 1245.066287][T21221] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1245.072835][T21221] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1245.102017][T21221] vhci_hcd vhci_hcd.0: Device attached
[ 1245.330281][T21230] netlink: 20 bytes leftover after parsing attributes in process `syz.6.3923'.
[ 1245.335570][   T43] usb 3-1: new high-speed USB device number 121 using dummy_hcd
[ 1245.350677][T14344] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[ 1245.422750][   T10] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 1245.575557][   T43] usb 3-1: Using ep0 maxpacket: 32
[ 1245.583557][   T43] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[ 1245.602490][   T43] usb 3-1: config 0 has no interface number 0
[ 1245.609060][   T43] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1245.621139][   T43] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1245.631316][   T43] usb 3-1: config 0 interface 85 has no altsetting 0
[ 1245.640703][   T43] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1245.652409][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1245.655592][   T10] usb 4-1: Using ep0 maxpacket: 16
[ 1245.661342][   T43] usb 3-1: Product: syz
[ 1245.669235][   T10] usb 4-1: config 0 has no interfaces?
[ 1245.670250][   T43] usb 3-1: Manufacturer: syz
[ 1245.675915][   T10] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[ 1245.680899][   T43] usb 3-1: SerialNumber: syz
[ 1245.689728][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1245.945592][   T43] usb 3-1: config 0 descriptor??
[ 1245.951968][   T10] usb 4-1: config 0 descriptor??
[ 1245.987281][T21233] program syz.6.3924 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1246.193514][   T10] usb 4-1: USB disconnect, device number 3
[ 1246.196559][T21222] vhci_hcd: connection closed
[ 1246.201165][   T37] vhci_hcd: stop threads
[ 1246.210877][   T37] vhci_hcd: release socket
[ 1246.215532][   T37] vhci_hcd: disconnect device
[ 1246.255575][T14344] vhci_hcd: vhci_device speed not set
[ 1246.373731][T21239] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (virtio1-input.0)
[ 1246.491540][   T43] appletouch 3-1:0.85: Geyser mode initialized.
[ 1246.592151][   T43] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input130
[ 1246.695497][   T10] usb 3-1: USB disconnect, device number 121
[ 1246.707553][   T10] appletouch 3-1:0.85: input: appletouch disconnected
[ 1247.217231][   T10] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[ 1247.280897][   T30] audit: type=1400 audit(1762056322.218:2374): avc:  denied  { unmount } for  pid=19104 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1247.339192][T21249] netlink: 'syz.4.3928': attribute type 1 has an invalid length.
[ 1247.347372][T21249] netlink: 244 bytes leftover after parsing attributes in process `syz.4.3928'.
[ 1247.628546][T21254] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3929'.
[ 1247.628808][   T10] usb 4-1: Invalid ep0 maxpacket: 9
[ 1247.645635][T21254] bridge_slave_1: left allmulticast mode
[ 1247.651289][T21254] bridge_slave_1: left promiscuous mode
[ 1247.666298][T21254] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1247.699937][T21254] bridge_slave_0: left allmulticast mode
[ 1247.707498][T21254] bridge_slave_0: left promiscuous mode
[ 1247.716597][T21254] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1247.775756][   T10] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[ 1247.865136][T21258] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3930'.
[ 1247.881545][T21248] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3928'.
[ 1247.890551][T21248] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3928'.
[ 1247.945537][   T10] usb 4-1: Invalid ep0 maxpacket: 9
[ 1247.951093][   T10] usb usb4-port1: attempt power cycle
[ 1248.317502][T21264] audit: audit_lost=8 audit_rate_limit=0 audit_backlog_limit=64
[ 1248.326200][T21264] audit: out of memory in audit_log_start
[ 1248.346190][   T10] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[ 1248.497617][T21267] bridge0: entered promiscuous mode
[ 1248.502898][T21267] bridge0: entered allmulticast mode
[ 1248.860754][   T10] usb 4-1: Invalid ep0 maxpacket: 9
[ 1249.005534][   T10] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[ 1249.025947][   T10] usb 4-1: Invalid ep0 maxpacket: 9
[ 1249.148826][   T10] usb usb4-port1: unable to enumerate USB device
[ 1249.405327][T21284] loop7: detected capacity change from 0 to 7
[ 1249.412735][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1249.421970][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1249.431090][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1249.440326][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1249.451598][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1249.460836][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1249.607563][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1249.616769][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1249.644395][T21289] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1250.378205][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1250.387379][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1250.500174][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1250.509369][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1250.565583][T21284] ldm_validate_partition_table(): Disk read failed.
[ 1250.572296][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1250.581527][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1250.635465][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1250.644641][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1250.655487][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1250.664671][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1250.673342][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[ 1250.682530][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[ 1250.690453][T21284] Dev loop7: unable to read RDB block 0
[ 1250.759856][T21284]  loop7: unable to read partition table
[ 1250.776093][T21284] loop7: partition table beyond EOD, truncated
[ 1250.809145][T21284] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1251.085727][T18660] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 1251.825870][T18660] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1251.834939][T18660] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1251.861387][T21308] program syz.0.3945 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1251.913114][T18660] usb 4-1: Product: syz
[ 1251.963859][T18660] usb 4-1: Manufacturer: syz
[ 1252.066243][T18660] usb 4-1: SerialNumber: syz
[ 1252.498848][T21322] netlink: 165 bytes leftover after parsing attributes in process `syz.0.3952'.
[ 1252.741593][T21325] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3953'.
[ 1253.057925][T18660] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[ 1253.080060][T18660] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[ 1253.776209][   T30] audit: type=1804 audit(1762056328.718:2375): pid=21295 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.3943" name="/newroot/204/file0" dev="tmpfs" ino=1094 res=1 errno=0
[ 1253.798753][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1254.858230][T21295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1254.868968][T21295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1254.887875][T21295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1254.901897][T21295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1254.968390][T21363] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[ 1254.974935][T21363] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1254.983006][T21363] vhci_hcd vhci_hcd.0: Device attached
[ 1255.201335][T18660] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[ 1255.235635][ T5893] usb 33-1: new high-speed USB device number 2 using vhci_hcd
[ 1255.292142][T18660] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1255.393292][T18660] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1255.562727][T18660] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[ 1255.647882][T14344] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 1256.020435][T21364] vhci_hcd: connection reset by peer
[ 1256.055388][T18660] usb 4-1: USB disconnect, device number 8
[ 1256.474427][   T37] vhci_hcd: stop threads
[ 1256.479823][   T37] vhci_hcd: release socket
[ 1256.494085][   T37] vhci_hcd: disconnect device
[ 1256.630122][T21379] netlink: 165 bytes leftover after parsing attributes in process `syz.4.3970'.
[ 1256.882589][T14344] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC7, changing to 0x87
[ 1256.895731][T14344] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 197, changing to 11
[ 1256.907500][T14344] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 41835, setting to 1024
[ 1256.988519][T14344] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1257.043176][T21383] netlink: 'syz.0.3971': attribute type 13 has an invalid length.
[ 1257.262444][T14344] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1257.320395][T14344] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1257.342819][T14344] usb 3-1: config 0 descriptor??
[ 1257.976194][T14344] usbhid 3-1:0.0: can't add hid device: -71
[ 1257.982537][T14344] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1258.020089][T14344] usb 3-1: USB disconnect, device number 122
[ 1258.703609][T21395] netlink: 'syz.4.3975': attribute type 10 has an invalid length.
[ 1258.714752][T21395] netlink: 55 bytes leftover after parsing attributes in process `syz.4.3975'.
[ 1260.425562][ T5893] vhci_hcd: vhci_device speed not set
[ 1262.605635][ T6104] usb 7-1: new high-speed USB device number 25 using dummy_hcd
[ 1262.815231][ T6104] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1262.828849][ T6104] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1262.905620][ T6104] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1262.919438][ T6104] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1262.928681][ T6104] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1263.124825][ T6104] usb 7-1: config 0 descriptor??
[ 1263.270408][T21448] netlink: 'syz.3.3989': attribute type 1 has an invalid length.
[ 1263.278379][T21448] netlink: 244 bytes leftover after parsing attributes in process `syz.3.3989'.
[ 1263.586778][ T6104] usbhid 7-1:0.0: can't add hid device: -71
[ 1263.665997][ T6104] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1263.692749][ T6104] usb 7-1: USB disconnect, device number 25
[ 1264.062956][T21446] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3989'.
[ 1264.071957][T21446] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3989'.
[ 1265.469145][T21466] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1265.763499][T21466] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1266.045264][T21466] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1266.095631][   T43] usb 7-1: new high-speed USB device number 26 using dummy_hcd
[ 1266.537144][   T43] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1266.561397][   T43] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1266.608972][   T43] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1266.644896][   T43] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1266.670249][   T43] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1266.695770][   T43] usb 7-1: config 0 descriptor??
[ 1266.707194][T21466] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1268.020979][  T992] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1268.196228][T18562] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1268.212896][   T43] plantronics 0003:047F:FFFF.0032: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[ 1268.224882][T18562] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1268.262554][  T992] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1268.505672][T14344] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 1268.631676][T21476] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3994'.
[ 1268.697452][T21476] netlink: 'syz.6.3994': attribute type 11 has an invalid length.
[ 1268.725974][T14344] usb 4-1: Using ep0 maxpacket: 8
[ 1268.745838][T14344] usb 4-1: config 0 interface 0 altsetting 32 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1268.746000][T14344] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1268.746349][T14344] usb 4-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[ 1268.746449][T14344] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1268.833645][T14344] usb 4-1: config 0 descriptor??
[ 1269.103077][ T7011] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1269.103186][ T7011] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1269.103205][ T7011] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1269.103223][ T7011] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1269.510370][T14344] holtek 0003:1241:5015.0033: unknown main item tag 0x0
[ 1269.510424][T14344] holtek 0003:1241:5015.0033: unknown main item tag 0x0
[ 1269.510446][T14344] holtek 0003:1241:5015.0033: unknown main item tag 0x0
[ 1269.510465][T14344] holtek 0003:1241:5015.0033: unknown main item tag 0x0
[ 1269.510485][T14344] holtek 0003:1241:5015.0033: unknown main item tag 0x0
[ 1269.510506][T14344] holtek 0003:1241:5015.0033: unknown main item tag 0x0
[ 1269.510525][T14344] holtek 0003:1241:5015.0033: unknown main item tag 0x0
[ 1269.521082][T14344] holtek 0003:1241:5015.0033: hidraw1: USB HID v54.8a Device [HID 1241:5015] on usb-dummy_hcd.3-1/input0
[ 1269.521117][T14344] holtek 0003:1241:5015.0033: no inputs found
[ 1269.709016][T18660] usb 4-1: USB disconnect, device number 9
[ 1270.506508][T14344] usb 7-1: USB disconnect, device number 26
[ 1270.642173][   T30] audit: type=1326 audit(1762056345.588:2376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.4.4010" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffaf878efc9 code=0x0
[ 1271.755513][T14344] usb 7-1: new high-speed USB device number 27 using dummy_hcd
[ 1271.895558][T14344] usb 7-1: device descriptor read/64, error -71
[ 1272.253114][T14344] usb 7-1: new high-speed USB device number 28 using dummy_hcd
[ 1272.263738][   T30] audit: type=1400 audit(1762056347.118:2377): avc:  denied  { setopt } for  pid=21554 comm="syz.3.4019" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1272.328642][T21559] warn_alloc: 1 callbacks suppressed
[ 1272.328680][T21559] syz.3.4019: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1272.329036][T21559] CPU: 0 UID: 0 PID: 21559 Comm: syz.3.4019 Not tainted syzkaller #0 PREEMPT(full) 
[ 1272.329059][T21559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1272.329071][T21559] Call Trace:
[ 1272.329078][T21559]  <TASK>
[ 1272.329086][T21559]  dump_stack_lvl+0x16c/0x1f0
[ 1272.329121][T21559]  warn_alloc+0x248/0x3a0
[ 1272.329151][T21559]  ? __pfx_warn_alloc+0x10/0x10
[ 1272.329176][T21559]  ? __pfx_stack_trace_save+0x10/0x10
[ 1272.329214][T21559]  ? kasan_save_stack+0x42/0x60
[ 1272.329232][T21559]  ? kasan_save_stack+0x33/0x60
[ 1272.329267][T21559]  ? kasan_save_track+0x14/0x30
[ 1272.329290][T21559]  ? xskq_create+0x52/0x1d0
[ 1272.329320][T21559]  ? xsk_setsockopt+0x74e/0x9a0
[ 1272.329346][T21559]  ? do_sock_setsockopt+0xf3/0x1d0
[ 1272.329378][T21559]  ? xskq_create+0xfb/0x1d0
[ 1272.329399][T21559]  __vmalloc_node_range_noprof+0xfbc/0x1480
[ 1272.329440][T21559]  ? xskq_create+0xfb/0x1d0
[ 1272.329464][T21559]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1272.329490][T21559]  ? xskq_create+0xfb/0x1d0
[ 1272.329508][T21559]  vmalloc_user_noprof+0x9e/0xe0
[ 1272.329527][T21559]  ? xskq_create+0xfb/0x1d0
[ 1272.329547][T21559]  xskq_create+0xfb/0x1d0
[ 1272.329569][T21559]  xsk_setsockopt+0x74e/0x9a0
[ 1272.329588][T21559]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1272.329615][T21559]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1272.329637][T21559]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1272.329656][T21559]  do_sock_setsockopt+0xf3/0x1d0
[ 1272.329682][T21559]  __sys_setsockopt+0x1a0/0x230
[ 1272.329706][T21559]  __x64_sys_setsockopt+0xbd/0x160
[ 1272.329725][T21559]  ? do_syscall_64+0x91/0xfa0
[ 1272.329751][T21559]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1272.329774][T21559]  do_syscall_64+0xcd/0xfa0
[ 1272.329799][T21559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1272.329813][T21559] RIP: 0033:0x7f1c1cd8efc9
[ 1272.329825][T21559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1272.329840][T21559] RSP: 002b:00007f1c1dbe2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1272.329857][T21559] RAX: ffffffffffffffda RBX: 00007f1c1cfe6360 RCX: 00007f1c1cd8efc9
[ 1272.329867][T21559] RDX: 0000000000000006 RSI: 000000000000011b RDI: 000000000000000b
[ 1272.329875][T21559] RBP: 00007f1c1ce11f91 R08: 0000000000000004 R09: 0000000000000000
[ 1272.329883][T21559] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1272.329892][T21559] R13: 00007f1c1cfe63f8 R14: 00007f1c1cfe6360 R15: 00007fff5764f388
[ 1272.329913][T21559]  </TASK>
[ 1272.330030][T21559] Mem-Info:
[ 1272.330081][T21559] active_anon:102014 inactive_anon:0 isolated_anon:0
[ 1272.330081][T21559]  active_file:24120 inactive_file:4884 isolated_file:0
[ 1272.330081][T21559]  unevictable:768 dirty:640 writeback:0
[ 1272.330081][T21559]  slab_reclaimable:11358 slab_unreclaimable:107841
[ 1272.330081][T21559]  mapped:48007 shmem:93179 pagetables:1601
[ 1272.330081][T21559]  sec_pagetables:0 bounce:0
[ 1272.330081][T21559]  kernel_misc_reclaimable:0
[ 1272.330081][T21559]  free:1217688 free_pcp:21971 free_cma:0
[ 1272.330148][T21559] Node 0 active_anon:408056kB inactive_anon:0kB active_file:96480kB inactive_file:19400kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:192028kB dirty:2560kB writeback:0kB shmem:371180kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12808kB pagetables:6256kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1272.330214][T21559] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:148kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1272.330282][T21559] Node 0 DMA free:15328kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:32kB local_pcp:0kB free_cma:0kB
[ 1272.330379][T21559] lowmem_reserve[]: 0 2485 2487 2487 2487
[ 1272.331344][T21559] Node 0 DMA32 free:991560kB boost:0kB min:34108kB low:42632kB high:51156kB reserved_highatomic:0KB free_highatomic:0KB active_anon:408056kB inactive_anon:0kB active_file:96480kB inactive_file:19400kB unevictable:1536kB writepending:2560kB zspages:0kB present:3129332kB managed:2544868kB mlocked:0kB bounce:0kB free_pcp:41012kB local_pcp:28412kB free_cma:0kB
[ 1272.331962][T21559] lowmem_reserve[]: 0 0 1 1 1
[ 1272.332185][T21559] Node 0 Normal free:0kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1900kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1272.332263][T21559] lowmem_reserve[]: 0 0 0 0 0
[ 1272.332432][T21559] Node 1 Normal free:3863864kB boost:0kB min:55768kB low:69708kB high:83648kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:136kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:46832kB local_pcp:33844kB free_cma:0kB
[ 1272.332582][T21559] lowmem_reserve[]: 0 0 0 0 0
[ 1272.332734][T21559] Node 0 DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15328kB
[ 1272.333300][T21559] Node 0 DMA32: 154*4kB (UME) 743*8kB (UE) 384*16kB (UME) 196*32kB (UE) 23*64kB (UE) 38*128kB (UME) 44*256kB (UE) 27*512kB (UE) 17*1024kB (UME) 9*2048kB (UME) 221*4096kB (UM) = 991456kB
[ 1272.334030][T21559] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1272.334433][T21559] Node 1 Normal: 3*4kB (UM) 6*8kB (UME) 9*16kB (UE) 107*32kB (UME) 85*64kB (UME) 26*128kB (UME) 7*256kB (UME) 5*512kB (UME) 1*1024kB (M) 2*2048kB (ME) 938*4096kB (M) = 3863916kB
[ 1272.335151][T21559] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1272.335189][T21559] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1272.335227][T21559] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1272.335244][T21559] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1272.335284][T21559] 122179 total pagecache pages
[ 1272.335313][T21559] 0 pages in swap cache
[ 1272.335344][T21559] Free swap  = 124996kB
[ 1272.335374][T21559] Total swap = 124996kB
[ 1272.335462][T21559] 2097051 pages RAM
[ 1272.335496][T21559] 0 pages HighMem/MovableOnly
[ 1272.335527][T21559] 428744 pages reserved
[ 1272.335559][T21559] 0 pages cma reserved
[ 1272.456748][T14344] usb 7-1: device descriptor read/64, error -71
[ 1272.605264][T14344] usb usb7-port1: attempt power cycle
[ 1273.135566][T14344] usb 7-1: new high-speed USB device number 29 using dummy_hcd
[ 1273.166360][T14344] usb 7-1: device descriptor read/8, error -71
[ 1273.425569][T14344] usb 7-1: new high-speed USB device number 30 using dummy_hcd
[ 1273.446056][T14344] usb 7-1: device descriptor read/8, error -71
[ 1273.481907][ T7011] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1273.585585][T14344] usb usb7-port1: unable to enumerate USB device
[ 1276.434080][T21588] program syz.6.4028 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1277.490166][T21601] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4033'.
[ 1280.307101][T21629] ptrace attach of "./syz-executor exec"[17408] was attempted by ""[21629]
[ 1280.319632][T21629] ubi: mtd0 is already attached to ubi31
[ 1280.681019][T21639] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1280.737156][T21639] bond0: (slave rose0): Enslaving as an active interface with an up link
[ 1280.819729][T21646] FAULT_INJECTION: forcing a failure.
[ 1280.819729][T21646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1280.850558][T21646] CPU: 1 UID: 0 PID: 21646 Comm: syz.6.4048 Not tainted syzkaller #0 PREEMPT(full) 
[ 1280.850583][T21646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1280.850593][T21646] Call Trace:
[ 1280.850599][T21646]  <TASK>
[ 1280.850607][T21646]  dump_stack_lvl+0x16c/0x1f0
[ 1280.850638][T21646]  should_fail_ex+0x512/0x640
[ 1280.850663][T21646]  _copy_to_user+0x32/0xd0
[ 1280.850688][T21646]  copy_fid_info_to_user+0x43e/0x6e0
[ 1280.850719][T21646]  ? __pfx_copy_fid_info_to_user+0x10/0x10
[ 1280.850744][T21646]  ? __might_fault+0x13b/0x190
[ 1280.850777][T21646]  fanotify_read+0x13a0/0x2850
[ 1280.850819][T21646]  ? __pfx_fanotify_read+0x10/0x10
[ 1280.850843][T21646]  ? inode_has_perm+0x183/0x1d0
[ 1280.850869][T21646]  ? file_has_perm+0x27d/0x350
[ 1280.850896][T21646]  ? __pfx_file_has_perm+0x10/0x10
[ 1280.850924][T21646]  ? get_pid_task+0xfc/0x250
[ 1280.850945][T21646]  ? selinux_file_permission+0x126/0x660
[ 1280.850964][T21646]  ? __pfx_woken_wake_function+0x10/0x10
[ 1280.850989][T21646]  ? bpf_lsm_file_permission+0x9/0x10
[ 1280.851004][T21646]  ? security_file_permission+0x71/0x210
[ 1280.851025][T21646]  ? rw_verify_area+0xcf/0x6c0
[ 1280.851050][T21646]  ? __pfx_fanotify_read+0x10/0x10
[ 1280.851077][T21646]  vfs_read+0x1e4/0xcf0
[ 1280.851100][T21646]  ? __pfx_vfs_read+0x10/0x10
[ 1280.851114][T21646]  ? find_held_lock+0x2b/0x80
[ 1280.851137][T21646]  ? __fget_files+0x204/0x3c0
[ 1280.851158][T21646]  ? __fget_files+0x20e/0x3c0
[ 1280.851183][T21646]  ksys_read+0x12a/0x250
[ 1280.851199][T21646]  ? __pfx_ksys_read+0x10/0x10
[ 1280.851223][T21646]  do_syscall_64+0xcd/0xfa0
[ 1280.851251][T21646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1280.851269][T21646] RIP: 0033:0x7f8d2d18efc9
[ 1280.851284][T21646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1280.851300][T21646] RSP: 002b:00007f8d2e10d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1280.851318][T21646] RAX: ffffffffffffffda RBX: 00007f8d2d3e5fa0 RCX: 00007f8d2d18efc9
[ 1280.851330][T21646] RDX: 000000000000006f RSI: 0000200000000340 RDI: 0000000000000004
[ 1280.851341][T21646] RBP: 00007f8d2e10d090 R08: 0000000000000000 R09: 0000000000000000
[ 1280.851350][T21646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1280.851360][T21646] R13: 00007f8d2d3e6038 R14: 00007f8d2d3e5fa0 R15: 00007fff7d4f3218
[ 1280.851386][T21646]  </TASK>
[ 1282.936775][ T6104] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[ 1284.077359][ T6104] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1284.110308][ T6104] usb 7-1: config 1 has an invalid descriptor of length 247, skipping remainder of the config
[ 1284.190902][ T6104] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1284.227028][ T6104] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1284.270442][ T6104] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1284.280137][ T6104] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1284.295460][ T6104] usb 7-1: Product: syz
[ 1284.398906][ T6104] usb 7-1: Manufacturer: syz
[ 1284.936535][ T6104] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1285.025519][ T6371] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 1285.162227][ T6104] usb 7-1: USB disconnect, device number 31
[ 1285.199274][ T6371] usb 4-1: Using ep0 maxpacket: 32
[ 1285.233979][ T6371] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1285.253778][ T6371] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1285.271904][ T6371] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1285.295511][ T6371] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1285.310338][ T6371] usb 4-1: config 0 descriptor??
[ 1286.306985][ T6371] ft260 0003:0403:6030.0034: unknown main item tag 0x7
[ 1286.510029][ T6371] ft260 0003:0403:6030.0034: chip code: 6424 8183
[ 1286.794919][ T6371] ft260 0003:0403:6030.0034: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.3-1/input0
[ 1286.911356][ T6371] ft260 0003:0403:6030.0034: failed to retrieve status: -32, no wakeup
[ 1287.129984][ T6104] usb 4-1: USB disconnect, device number 10
[ 1289.378288][T21786] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4075'.
[ 1291.206489][T21809] FAULT_INJECTION: forcing a failure.
[ 1291.206489][T21809] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1291.219989][T21809] CPU: 0 UID: 0 PID: 21809 Comm: syz.0.4086 Not tainted syzkaller #0 PREEMPT(full) 
[ 1291.220015][T21809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1291.220027][T21809] Call Trace:
[ 1291.220034][T21809]  <TASK>
[ 1291.220041][T21809]  dump_stack_lvl+0x16c/0x1f0
[ 1291.220074][T21809]  should_fail_ex+0x512/0x640
[ 1291.220099][T21809]  _copy_from_iter+0x29f/0x1720
[ 1291.220125][T21809]  ? __alloc_skb+0x200/0x380
[ 1291.220149][T21809]  ? __pfx__copy_from_iter+0x10/0x10
[ 1291.220171][T21809]  ? netlink_autobind.isra.0+0x158/0x370
[ 1291.220208][T21809]  netlink_sendmsg+0x820/0xdd0
[ 1291.220245][T21809]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1291.220281][T21809]  ____sys_sendmsg+0xa98/0xc70
[ 1291.220300][T21809]  ? copy_msghdr_from_user+0x10a/0x160
[ 1291.220323][T21809]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1291.220353][T21809]  ___sys_sendmsg+0x134/0x1d0
[ 1291.220378][T21809]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1291.220399][T21809]  ? __lock_acquire+0x622/0x1c90
[ 1291.220467][T21809]  __sys_sendmsg+0x16d/0x220
[ 1291.220492][T21809]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1291.220533][T21809]  do_syscall_64+0xcd/0xfa0
[ 1291.220562][T21809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1291.220581][T21809] RIP: 0033:0x7efcf898efc9
[ 1291.220596][T21809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1291.220613][T21809] RSP: 002b:00007efcf9746038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1291.220632][T21809] RAX: ffffffffffffffda RBX: 00007efcf8be5fa0 RCX: 00007efcf898efc9
[ 1291.220644][T21809] RDX: 0000000000000034 RSI: 0000200000000540 RDI: 0000000000000003
[ 1291.220655][T21809] RBP: 00007efcf9746090 R08: 0000000000000000 R09: 0000000000000000
[ 1291.220665][T21809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1291.220676][T21809] R13: 00007efcf8be6038 R14: 00007efcf8be5fa0 R15: 00007ffde27fe988
[ 1291.220701][T21809]  </TASK>
[ 1293.156967][ T5816] Bluetooth: hci0: command 0x0406 tx timeout
[ 1294.384934][T21844] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4093'.
[ 1294.585487][    T9] usb 7-1: new high-speed USB device number 32 using dummy_hcd
[ 1294.854267][    T9] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1294.865298][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1294.895309][    T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1295.373471][    T9] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1295.388320][    T9] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1295.401743][    T9] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1295.414692][    T9] usb 7-1: Manufacturer: syz
[ 1295.438528][    T9] usb 7-1: config 0 descriptor??
[ 1296.163983][   T30] audit: type=1400 audit(1762056371.108:2378): avc:  denied  { write } for  pid=21873 comm="syz.0.4104" name="usbmon6" dev="devtmpfs" ino=734 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1296.189344][T21874] 9pnet_fd: Insufficient options for proto=fd
[ 1296.355469][T14343] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1296.411892][T21883] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4106'.
[ 1297.457655][    T9] usbhid 7-1:0.0: can't add hid device: -71
[ 1297.474357][    T9] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1297.646834][    T9] usb 7-1: USB disconnect, device number 32
[ 1297.785658][T21896] kvm: MWAIT instruction emulated as NOP!
[ 1299.645901][   T10] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[ 1299.805962][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[ 1299.812588][   T10] usb 7-1: Using ep0 maxpacket: 32
[ 1299.827547][   T10] usb 7-1: config 0 has an invalid interface number: 85 but max is 0
[ 1299.845690][   T10] usb 7-1: config 0 has no interface number 0
[ 1299.868980][   T10] usb 7-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1299.917198][   T10] usb 7-1: config 0 interface 85 has no altsetting 0
[ 1300.029618][   T10] usb 7-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1300.039383][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1300.055553][   T10] usb 7-1: Product: syz
[ 1300.059791][   T10] usb 7-1: Manufacturer: syz
[ 1300.533369][   T10] usb 7-1: SerialNumber: syz
[ 1300.541977][   T10] usb 7-1: config 0 descriptor??
[ 1300.574518][T21920] ip6tnl1: entered promiscuous mode
[ 1300.810096][   T10] appletouch 7-1:0.85: Failed to read mode from device.
[ 1300.826567][   T10] appletouch 7-1:0.85: probe with driver appletouch failed with error -5
[ 1300.933509][   T30] audit: type=1326 audit(1762056375.878:2379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21911 comm="syz.4.4112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1301.094478][   T30] audit: type=1326 audit(1762056375.908:2380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21911 comm="syz.4.4112" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffaf878efc9 code=0x7ffc0000
[ 1301.331476][   T10] usb 7-1: USB disconnect, device number 33
[ 1301.669077][T21941] FAULT_INJECTION: forcing a failure.
[ 1301.669077][T21941] name failslab, interval 1, probability 0, space 0, times 0
[ 1302.204257][T21941] CPU: 1 UID: 0 PID: 21941 Comm: syz.2.4117 Not tainted syzkaller #0 PREEMPT(full) 
[ 1302.204284][T21941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1302.204295][T21941] Call Trace:
[ 1302.204301][T21941]  <TASK>
[ 1302.204308][T21941]  dump_stack_lvl+0x16c/0x1f0
[ 1302.204340][T21941]  should_fail_ex+0x512/0x640
[ 1302.204361][T21941]  ? __kmalloc_noprof+0xca/0x880
[ 1302.204389][T21941]  should_failslab+0xc2/0x120
[ 1302.204410][T21941]  __kmalloc_noprof+0xdd/0x880
[ 1302.204434][T21941]  ? input_ff_create+0x84/0x350
[ 1302.204464][T21941]  ? input_ff_create+0x84/0x350
[ 1302.204479][T21941]  input_ff_create+0x84/0x350
[ 1302.204500][T21941]  uinput_ioctl_handler.isra.0+0x1181/0x1df0
[ 1302.204523][T21941]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1302.204548][T21941]  ? __pfx_uinput_ioctl_handler.isra.0+0x10/0x10
[ 1302.204567][T21941]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1302.204593][T21941]  ? rcu_is_watching+0x12/0xc0
[ 1302.204616][T21941]  ? irqentry_exit+0x3b/0x90
[ 1302.204642][T21941]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1302.204677][T21941]  ? security_file_ioctl+0xfc/0x240
[ 1302.204695][T21941]  ? security_file_ioctl+0x47/0x240
[ 1302.204715][T21941]  ? security_file_ioctl+0x47/0x240
[ 1302.204735][T21941]  ? __pfx_uinput_ioctl+0x10/0x10
[ 1302.204756][T21941]  __x64_sys_ioctl+0x18e/0x210
[ 1302.204783][T21941]  do_syscall_64+0xcd/0xfa0
[ 1302.204812][T21941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1302.204830][T21941] RIP: 0033:0x7f237478efc9
[ 1302.204848][T21941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1302.204866][T21941] RSP: 002b:00007f2375687038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1302.204884][T21941] RAX: ffffffffffffffda RBX: 00007f23749e5fa0 RCX: 00007f237478efc9
[ 1302.204896][T21941] RDX: 0000000000000000 RSI: 0000000000005501 RDI: 0000000000000004
[ 1302.204907][T21941] RBP: 00007f2375687090 R08: 0000000000000000 R09: 0000000000000000
[ 1302.204918][T21941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1302.204928][T21941] R13: 00007f23749e6038 R14: 00007f23749e5fa0 R15: 00007ffff33947c8
[ 1302.204955][T21941]  </TASK>
[ 1302.855520][ T5893] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 1302.978094][ T6104] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 1303.569536][   T10] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[ 1303.597220][ T5893] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1303.606076][ T5893] usb 4-1: config 1 has an invalid descriptor of length 49, skipping remainder of the config
[ 1303.617423][ T5893] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1303.629807][ T5893] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1303.644495][ T5893] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1303.654102][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1303.662281][ T5893] usb 4-1: Product: syz
[ 1303.666826][ T5893] usb 4-1: Manufacturer: syz
[ 1303.667262][ T6104] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1303.675997][ T5893] cdc_wdm 4-1:1.0: skipping garbage
[ 1303.685931][ T6104] usb 3-1: config 1 has an invalid descriptor of length 56, skipping remainder of the config
[ 1303.687340][ T5893] cdc_wdm 4-1:1.0: skipping garbage
[ 1303.696742][ T6104] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1303.710821][ T6104] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1303.711631][ T5893] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1303.776210][ T6104] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1303.783173][   T10] usb 7-1: Using ep0 maxpacket: 16
[ 1303.789473][ T6104] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1303.800227][ T6104] usb 3-1: Product: syz
[ 1303.804407][ T6104] usb 3-1: Manufacturer: syz
[ 1303.809859][   T10] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1303.823525][ T6104] cdc_wdm 3-1:1.0: skipping garbage
[ 1303.824836][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1303.842772][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1303.843579][ T6104] cdc_wdm 3-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1303.852879][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1303.870603][   T10] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1303.885020][   T10] usb 7-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1303.894916][   T10] usb 7-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1303.903240][ T6104] usb 4-1: USB disconnect, device number 11
[ 1303.904017][   T10] usb 7-1: Manufacturer: syz
[ 1303.921119][   T10] usb 7-1: config 0 descriptor??
[ 1304.054370][ T6371] usb 3-1: USB disconnect, device number 123
[ 1304.185557][   T10] rc_core: IR keymap rc-hauppauge not found
[ 1304.191459][   T10] Registered IR keymap rc-empty
[ 1304.196504][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.216205][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.236276][   T10] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0
[ 1304.250779][   T10] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input134
[ 1304.271272][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.295529][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.315602][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.335574][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.355763][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.375604][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.395543][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.415926][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.435501][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.459452][   T10] mceusb 7-1:0.0: Error: mce write submit urb error = -90
[ 1304.500486][   T10] mceusb 7-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1304.509891][   T10] mceusb 7-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1304.709730][   T10] usb 7-1: USB disconnect, device number 34
[ 1305.582238][ T1142] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1305.616140][    T9] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 1305.786315][    T9] usb 3-1: Using ep0 maxpacket: 32
[ 1305.883422][    T9] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[ 1306.010637][    T9] usb 3-1: config 0 has no interface number 0
[ 1306.095708][    T9] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1306.135642][    T9] usb 3-1: config 0 interface 85 has no altsetting 0
[ 1306.164874][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1306.185458][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1306.193478][    T9] usb 3-1: Product: syz
[ 1306.215593][    T9] usb 3-1: Manufacturer: syz
[ 1306.220234][    T9] usb 3-1: SerialNumber: syz
[ 1306.236643][    T9] usb 3-1: config 0 descriptor??
[ 1306.485164][    T9] appletouch 3-1:0.85: Failed to read mode from device.
[ 1306.495661][    T9] appletouch 3-1:0.85: probe with driver appletouch failed with error -5
[ 1306.725323][T22020] FAULT_INJECTION: forcing a failure.
[ 1306.725323][T22020] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1306.738617][T22020] CPU: 1 UID: 0 PID: 22020 Comm: syz.4.4144 Not tainted syzkaller #0 PREEMPT(full) 
[ 1306.738641][T22020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1306.738651][T22020] Call Trace:
[ 1306.738658][T22020]  <TASK>
[ 1306.738665][T22020]  dump_stack_lvl+0x16c/0x1f0
[ 1306.738694][T22020]  should_fail_ex+0x512/0x640
[ 1306.738719][T22020]  _copy_to_user+0x32/0xd0
[ 1306.738744][T22020]  simple_read_from_buffer+0xcb/0x170
[ 1306.738776][T22020]  proc_fail_nth_read+0x197/0x240
[ 1306.738798][T22020]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1306.738821][T22020]  ? rw_verify_area+0xcf/0x6c0
[ 1306.738847][T22020]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1306.738868][T22020]  vfs_read+0x1e4/0xcf0
[ 1306.738888][T22020]  ? __pfx___mutex_lock+0x10/0x10
[ 1306.738906][T22020]  ? __pfx_vfs_read+0x10/0x10
[ 1306.738929][T22020]  ? __fget_files+0x20e/0x3c0
[ 1306.738954][T22020]  ksys_read+0x12a/0x250
[ 1306.738971][T22020]  ? __pfx_ksys_read+0x10/0x10
[ 1306.738989][T22020]  ? fput+0x9b/0xd0
[ 1306.739013][T22020]  do_syscall_64+0xcd/0xfa0
[ 1306.739041][T22020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1306.739060][T22020] RIP: 0033:0x7ffaf878d9dc
[ 1306.739074][T22020] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1306.739091][T22020] RSP: 002b:00007ffaf9569030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1306.739109][T22020] RAX: ffffffffffffffda RBX: 00007ffaf89e5fa0 RCX: 00007ffaf878d9dc
[ 1306.739121][T22020] RDX: 000000000000000f RSI: 00007ffaf95690a0 RDI: 0000000000000008
[ 1306.739132][T22020] RBP: 00007ffaf9569090 R08: 0000000000000000 R09: 0000000000000000
[ 1306.739143][T22020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1306.739153][T22020] R13: 00007ffaf89e6038 R14: 00007ffaf89e5fa0 R15: 00007ffd7c450eb8
[ 1306.739180][T22020]  </TASK>
[ 1306.745485][ T5893] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[ 1307.040206][    T9] usb 3-1: USB disconnect, device number 124
[ 1307.112996][ T5893] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1307.124969][ T5893] usb 7-1: config 1 has an invalid descriptor of length 49, skipping remainder of the config
[ 1307.147318][ T5893] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1307.664569][ T5893] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1307.706194][ T5893] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1307.741089][ T5893] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1307.767243][ T5893] usb 7-1: Product: syz
[ 1307.816331][ T5893] usb 7-1: Manufacturer: syz
[ 1307.842744][ T5893] cdc_wdm 7-1:1.0: skipping garbage
[ 1307.856318][ T5893] cdc_wdm 7-1:1.0: skipping garbage
[ 1307.861767][ T5893] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1308.268436][    T9] usb 7-1: USB disconnect, device number 35
[ 1309.821839][T22078] lo: entered allmulticast mode
[ 1309.851428][T22078] tunl0: entered allmulticast mode
[ 1309.890583][T22078] gre0: entered allmulticast mode
[ 1309.928550][T22078] gretap0: entered allmulticast mode
[ 1309.942401][T22078] erspan0: entered allmulticast mode
[ 1309.951633][T22078] ip_vti0: entered allmulticast mode
[ 1309.973598][T22078] ip6_vti0: entered allmulticast mode
[ 1310.006505][T22078] sit0: entered allmulticast mode
[ 1310.029981][T22078] ip6tnl0: entered allmulticast mode
[ 1310.057317][T22078] ip6gre0: entered allmulticast mode
[ 1310.074215][T22078] syz_tun: entered allmulticast mode
[ 1310.090009][T22078] ip6gretap0: entered allmulticast mode
[ 1310.118381][T22078] vcan0: entered allmulticast mode
[ 1310.148564][T22078] bond0: entered allmulticast mode
[ 1310.153738][T22078] bond_slave_0: entered allmulticast mode
[ 1310.202146][T22078] bond_slave_1: entered allmulticast mode
[ 1310.228799][T22078] team0: entered allmulticast mode
[ 1310.233952][T22078] team_slave_0: entered allmulticast mode
[ 1310.265457][T22078] team_slave_1: entered allmulticast mode
[ 1310.288819][T22078] dummy0: entered allmulticast mode
[ 1310.316198][T22078] nlmon0: entered allmulticast mode
[ 1310.346289][T22078] caif0: entered allmulticast mode
[ 1310.372843][T22078] batadv0: entered allmulticast mode
[ 1310.386037][T22078] vxcan0: entered allmulticast mode
[ 1310.395927][T22078] vxcan1: entered allmulticast mode
[ 1310.405126][T22078] veth0: entered allmulticast mode
[ 1310.414277][T22078] veth1: entered allmulticast mode
[ 1310.432247][T22078] wg0: entered allmulticast mode
[ 1310.474963][T22078] wg1: entered allmulticast mode
[ 1310.490553][T22078] wg2: entered allmulticast mode
[ 1310.521888][T22078] veth0_to_bridge: entered allmulticast mode
[ 1310.532512][T22078] bridge_slave_0: entered allmulticast mode
[ 1310.541041][T22078] veth1_to_bridge: entered allmulticast mode
[ 1310.553881][T22078] bridge_slave_1: entered allmulticast mode
[ 1310.563815][T22078] veth0_to_bond: entered allmulticast mode
[ 1310.577517][T22078] veth1_to_bond: entered allmulticast mode
[ 1310.596032][T22078] veth0_to_team: entered allmulticast mode
[ 1310.612202][T22078] veth1_to_team: entered allmulticast mode
[ 1310.636003][T22078] veth0_to_batadv: entered allmulticast mode
[ 1310.675071][T22078] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1310.703960][T22078] batadv_slave_0: entered allmulticast mode
[ 1310.721492][T22078] veth1_to_batadv: entered allmulticast mode
[ 1310.738189][T22078] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1310.752508][T22078] batadv_slave_1: entered allmulticast mode
[ 1310.790969][T22078] xfrm0: entered allmulticast mode
[ 1310.819058][T22078] veth0_to_hsr: entered allmulticast mode
[ 1310.836801][T22078] hsr_slave_0: entered allmulticast mode
[ 1310.848386][T22078] veth1_to_hsr: entered allmulticast mode
[ 1310.868994][T22078] hsr_slave_1: entered allmulticast mode
[ 1310.884139][T22078] hsr0: entered allmulticast mode
[ 1310.914899][T22078] veth1_virt_wifi: entered allmulticast mode
[ 1310.953171][T22078] veth0_virt_wifi: entered allmulticast mode
[ 1310.966313][T22078] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[ 1310.974613][T22078] veth1_vlan: entered allmulticast mode
[ 1310.981460][T22078] veth0_vlan: entered allmulticast mode
[ 1310.994864][T22078] vlan0: entered allmulticast mode
[ 1311.000301][T22078] vlan1: entered allmulticast mode
[ 1311.006833][T22078] macvlan0: entered allmulticast mode
[ 1311.013216][T22078] macvlan1: entered allmulticast mode
[ 1311.019231][T22078] ipvlan0: entered allmulticast mode
[ 1311.024671][T22078] ipvlan1: entered allmulticast mode
[ 1311.033201][T22078] veth1_macvtap: entered allmulticast mode
[ 1311.040954][T22078] veth0_macvtap: entered allmulticast mode
[ 1311.048761][T22078] macvtap0: entered allmulticast mode
[ 1311.056588][T22078] macsec0: entered allmulticast mode
[ 1311.063824][T22078] geneve0: entered allmulticast mode
[ 1311.072871][T22078] geneve1: entered allmulticast mode
[ 1311.083133][T22078] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[ 1311.097374][T22078] netdevsim netdevsim2 netdevsim1: entered allmulticast mode
[ 1311.109360][T22078] netdevsim netdevsim2 netdevsim2: entered allmulticast mode
[ 1311.120599][T22078] netdevsim netdevsim2 netdevsim3: entered allmulticast mode
[ 1311.138485][T22078] mac80211_hwsim hwsim22 wlan0: entered allmulticast mode
[ 1311.150410][T22078] mac80211_hwsim hwsim23 wlan1: entered allmulticast mode
[ 1311.159702][T22078] sit1: entered allmulticast mode
[ 1311.193813][T22098] bridge0: entered allmulticast mode
[ 1311.241548][T22098] team0: Failed to send options change via netlink (err -105)
[ 1311.261965][T22098] team0: Port device bridge0 added
[ 1311.300390][   T37] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1311.314745][   T37] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1311.330998][   T37] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1311.355356][   T37] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1311.935852][   T30] audit: type=1400 audit(1762056386.878:2381): avc:  denied  { unmount } for  pid=17868 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[ 1312.005617][   T30] audit: type=1400 audit(1762056386.958:2382): avc:  denied  { mounton } for  pid=22134 comm="syz.4.4183" path="/204/file0" dev="tmpfs" ino=1081 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 1312.183732][T22140] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[ 1312.413761][T22150] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1312.746882][T22162] program syz.2.4195 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1313.968526][T22238] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1314.786600][   T30] audit: type=1400 audit(1762056389.738:2383): avc:  denied  { write } for  pid=22264 comm="syz.0.4235" name="urandom" dev="devtmpfs" ino=9 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[ 1315.284602][T22281] ------------[ cut here ]------------
[ 1315.291385][T22281] WARNING: CPU: 0 PID: 22281 at fs/exec.c:118 path_noexec+0x1ca/0x230
[ 1315.299944][T22281] Modules linked in:
[ 1315.304649][T22281] CPU: 0 UID: 0 PID: 22281 Comm: syz.6.4244 Not tainted syzkaller #0 PREEMPT(full) 
[ 1315.314148][T22281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1315.324755][T22281] RIP: 0010:path_noexec+0x1ca/0x230
[ 1315.330044][T22281] Code: ff 83 e3 02 48 89 de e8 84 27 83 ff 48 85 db 41 0f 95 c4 e8 08 2c 83 ff 44 89 e0 5b 5d 41 5c e9 fc 95 29 09 e8 f7 2b 83 ff 90 <0f> 0b 90 e9 47 ff ff ff e8 79 b8 eb ff e9 a8 fe ff ff e8 6f b8 eb
[ 1315.350315][T22281] RSP: 0018:ffffc9000c1e7c60 EFLAGS: 00010283
[ 1315.356476][T22281] RAX: 00000000000000dc RBX: ffff888140ab2fe0 RCX: ffffc9000d27c000
[ 1315.364461][T22281] RDX: 0000000000080000 RSI: ffffffff8239e1a9 RDI: 0000000000000007
[ 1315.372492][T22281] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[ 1315.380514][T22281] R10: 0000000000000000 R11: 0000000000000001 R12: 0000200000000000
[ 1315.388564][T22281] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000000
[ 1315.397077][T22281] FS:  00007f8d2e10d6c0(0000) GS:ffff888124a08000(0000) knlGS:0000000000000000
[ 1315.406291][T22281] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1315.412891][T22281] CR2: 000000110c3958e3 CR3: 000000005c326000 CR4: 00000000003526f0
[ 1315.420955][T22281] Call Trace:
[ 1315.424242][T22281]  <TASK>
[ 1315.427371][T22281]  do_mmap+0xd23/0x1210
[ 1315.431545][T22281]  ? __pfx_do_mmap+0x10/0x10
[ 1315.436205][T22281]  ? __pfx_down_write_killable+0x10/0x10
[ 1315.441855][T22281]  vm_mmap_pgoff+0x29e/0x470
[ 1315.446503][T22281]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1315.451642][T22281]  ? __fget_files+0x20e/0x3c0
[ 1315.456383][T22281]  ksys_mmap_pgoff+0x32c/0x5c0
[ 1315.461186][T22281]  __x64_sys_mmap+0x125/0x190
[ 1315.465911][T22281]  do_syscall_64+0xcd/0xfa0
[ 1315.470437][T22281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1315.476457][T22281] RIP: 0033:0x7f8d2d18efc9
[ 1315.480886][T22281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1315.501328][T22281] RSP: 002b:00007f8d2e10d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1315.510044][T22281] RAX: ffffffffffffffda RBX: 00007f8d2d3e5fa0 RCX: 00007f8d2d18efc9
[ 1315.518067][T22281] RDX: 0000000003000007 RSI: 0000000000003000 RDI: 0000200000000000
[ 1315.526093][T22281] RBP: 00007f8d2d211f91 R08: 0000000000000008 R09: 0000000000000000
[ 1315.534106][T22281] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[ 1315.542160][T22281] R13: 00007f8d2d3e6038 R14: 00007f8d2d3e5fa0 R15: 00007fff7d4f3218
[ 1315.550204][T22281]  </TASK>
[ 1315.553228][T22281] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1315.560510][T22281] CPU: 0 UID: 0 PID: 22281 Comm: syz.6.4244 Not tainted syzkaller #0 PREEMPT(full) 
[ 1315.569891][T22281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1315.579948][T22281] Call Trace:
[ 1315.583247][T22281]  <TASK>
[ 1315.586161][T22281]  dump_stack_lvl+0x3d/0x1f0
[ 1315.590749][T22281]  vpanic+0x640/0x6f0
[ 1315.594723][T22281]  ? path_noexec+0x1ca/0x230
[ 1315.599302][T22281]  panic+0xca/0xd0
[ 1315.603022][T22281]  ? __pfx_panic+0x10/0x10
[ 1315.607449][T22281]  check_panic_on_warn+0xab/0xb0
[ 1315.612398][T22281]  __warn+0xf6/0x3c0
[ 1315.616290][T22281]  ? path_noexec+0x1ca/0x230
[ 1315.620876][T22281]  report_bug+0x3c3/0x580
[ 1315.625197][T22281]  ? path_noexec+0x1ca/0x230
[ 1315.629776][T22281]  handle_bug+0x184/0x210
[ 1315.634091][T22281]  exc_invalid_op+0x17/0x50
[ 1315.638580][T22281]  asm_exc_invalid_op+0x1a/0x20
[ 1315.643431][T22281] RIP: 0010:path_noexec+0x1ca/0x230
[ 1315.648620][T22281] Code: ff 83 e3 02 48 89 de e8 84 27 83 ff 48 85 db 41 0f 95 c4 e8 08 2c 83 ff 44 89 e0 5b 5d 41 5c e9 fc 95 29 09 e8 f7 2b 83 ff 90 <0f> 0b 90 e9 47 ff ff ff e8 79 b8 eb ff e9 a8 fe ff ff e8 6f b8 eb
[ 1315.668213][T22281] RSP: 0018:ffffc9000c1e7c60 EFLAGS: 00010283
[ 1315.674264][T22281] RAX: 00000000000000dc RBX: ffff888140ab2fe0 RCX: ffffc9000d27c000
[ 1315.682223][T22281] RDX: 0000000000080000 RSI: ffffffff8239e1a9 RDI: 0000000000000007
[ 1315.690176][T22281] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000
[ 1315.698127][T22281] R10: 0000000000000000 R11: 0000000000000001 R12: 0000200000000000
[ 1315.706084][T22281] R13: 0000000000000001 R14: 0000000000000002 R15: 0000000000000000
[ 1315.714047][T22281]  ? path_noexec+0x1c9/0x230
[ 1315.718651][T22281]  do_mmap+0xd23/0x1210
[ 1315.722802][T22281]  ? __pfx_do_mmap+0x10/0x10
[ 1315.727378][T22281]  ? __pfx_down_write_killable+0x10/0x10
[ 1315.733000][T22281]  vm_mmap_pgoff+0x29e/0x470
[ 1315.737580][T22281]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[ 1315.742696][T22281]  ? __fget_files+0x20e/0x3c0
[ 1315.747389][T22281]  ksys_mmap_pgoff+0x32c/0x5c0
[ 1315.752154][T22281]  __x64_sys_mmap+0x125/0x190
[ 1315.756821][T22281]  do_syscall_64+0xcd/0xfa0
[ 1315.761320][T22281]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1315.767260][T22281] RIP: 0033:0x7f8d2d18efc9
[ 1315.771659][T22281] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1315.791251][T22281] RSP: 002b:00007f8d2e10d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[ 1315.799649][T22281] RAX: ffffffffffffffda RBX: 00007f8d2d3e5fa0 RCX: 00007f8d2d18efc9
[ 1315.807607][T22281] RDX: 0000000003000007 RSI: 0000000000003000 RDI: 0000200000000000
[ 1315.815561][T22281] RBP: 00007f8d2d211f91 R08: 0000000000000008 R09: 0000000000000000
[ 1315.823517][T22281] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000
[ 1315.831485][T22281] R13: 00007f8d2d3e6038 R14: 00007f8d2d3e5fa0 R15: 00007fff7d4f3218
[ 1315.839451][T22281]  </TASK>
[ 1315.842675][T22281] Kernel Offset: disabled
[ 1315.847062][T22281] Rebooting in 86400 seconds..