last executing test programs:

5m49.575405162s ago: executing program 2 (id=30):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000180))
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
write$dsp(r5, 0x0, 0x0)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r6, 0x3b88, &(0x7f0000000200)={0xc, r7})
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r6, 0x3b70, &(0x7f0000000540)={0x28})
write$dsp(r5, 0x0, 0x0)
ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0)
r8 = getpid()
syz_open_procfs(r8, 0x0)
r9 = socket$inet6(0xa, 0x1, 0x0)
connect$inet6(r9, &(0x7f0000000000)={0xa, 0x4e22, 0x380000, @rand_addr=' \x01\x00'}, 0x1c)

5m48.485223489s ago: executing program 2 (id=34):
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000000200)={&(0x7f00000000c0)=[{0x4, 0x5201, 0x0, 0x0}, {0xc, 0xb010, 0x0, 0x0}], 0x2})

5m47.825912265s ago: executing program 2 (id=37):
syz_io_uring_setup(0xd1, 0x0, 0x0, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
ioctl$EXT4_IOC_CHECKPOINT(0xffffffffffffffff, 0x4004662b, &(0x7f00000000c0)=0x2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r3)
sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)=ANY=[@ANYBLOB="046fbadaa888ebb918280f4d5a6190cef5bf24380a4f4ff6750eed14f6b9f0c06980ab86a769f4509703c9d0cd355d993eb7b21742432dd1883c85e3b648db0f7027531592d9363a31e238591a8b581ff0b029c35e9a4f2b11e59a92c6d2d65876c268d142fb44e5697b3416ea383076227a2c3f7529203d0ab02a5cfe7e48ceccb55fcb986621cb4d9a3656dc2adb4b30afffc2cd063160549d0384a006462ca1a90814f3197b58e1136fe15ab3c37ddc6e6c02e14de5e2c70e3d7badd44ddfe1195768079a2ab45b41b33811b62b873068c2fd7318aa16a91478162971e33603592157b2ce1bfcfa004fcd99d59adf44a06f8bb82605e20d593728f17fe88f646bbc594a6da406ae8f292523db0760fc5d529de38cf36160e168e8574a436d", @ANYRES16=r4, @ANYBLOB="010000000000000000000100000008000100030000000800020001000000040004800400088024000c8004000b801c000b8008000900afe859770800090080369b"], 0x50}}, 0x0)
r5 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r5, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24)
sendmmsg(r5, &(0x7f0000005c00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x18}}], 0x1, 0x0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r5, 0x84, 0x13, &(0x7f0000000180)={0x0, 0x6}, &(0x7f0000000340)=0x8)

5m44.116109181s ago: executing program 2 (id=45):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x400, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x11a)
mknodat(r1, &(0x7f00000003c0)='./file0\x00', 0xc000, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca0200000000000000adcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d070490893616810a121ff4feedd1d176b313b9fc7bf31ddff431a4a50760ce18a76c4b7aa73cec3eec984c76d16f798c436410f3f4a41715e736a132c3cb9421be0b3c2bd40b75896c007fa2d47e3d8392d905d582b8eff689b0f493770c91e8c2e8bd0b08ffa4fd0289b04b0ea024768d196ef721314d68d29988b01871c6ea39f95a0b77744caadd24867acab274e8e4bf3fb44df31e15ffdce52f9f60ffe"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000012c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f00000001c0)={@cgroup=r3, r3, 0x2f}, 0x20)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000780)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="2f00000018000000040000", @ANYBLOB="c084d15b041c"], 0x20)
removexattr(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)=@known='com.apple.FinderInfo\x00')
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000c00)={0x44, 0x0, &(0x7f0000000a80)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0xfc, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

5m42.962916678s ago: executing program 2 (id=49):
r0 = fsopen(&(0x7f0000000280)='cifs\x00', 0x0)
keyctl$chown(0x4, 0x0, 0xee01, 0xee00)
r1 = fsopen(&(0x7f0000000040)='udf\x00', 0x1)
fcntl$dupfd(r1, 0x406, r1)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000100)='mode\x00', &(0x7f0000000080), 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0xb, 0x0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
r2 = add_key$keyring(&(0x7f0000000340), &(0x7f0000000380)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r3 = add_key(&(0x7f00000000c0)='ceph\x00', &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000001a00), 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000200)='source', &(0x7f0000000000)='\\\\\xe9\x838\x9d<\f\x91\a\xd4$\xae$\x91&6n @\xf4M\xba\xf2<\xd6A\xdb\xd7\xbeY@g\xcc\xca\n@\x06\xa3\xfe%\x11\xc9\xc5\xc4\x96\xb7b\xa7\x15R.\xa3`fd\xdc\x8b\x18rBl{\x82\\\xbeA\x17\n\f\xcd=\'\x11\x1bZ\x8e\xb1\xc3j$v\xefw\x96\\\\\xa2\xfc\xe3\xb8\xc7\x0f\xaa\x01\x00\x00\x00;\xd5\xcd4g+\xbd\xd1\xe0R\x9d\x18\x19a:\xa2\xdf\xbe\x8b\x89\x81', 0x0)
pipe2$watch_queue(&(0x7f0000001180)={0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
r6 = add_key(&(0x7f0000000000)='id_legacy\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, r3)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r5, 0x0)
syz_open_dev$radio(&(0x7f0000000040), 0x2, 0x2)
r7 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000000)={0x2, @pix={0x80000000, 0x0, 0x3136564e, 0x5, 0x0, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x2}})
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r5, 0x5760, 0x6)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x121a02, 0x0)
sendfile(r9, r8, &(0x7f0000002700)=0x23, 0x1c)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r5, 0xffffffffffffffff)
add_key$user(0x0, 0x0, 0x0, 0x0, r6)

5m41.13054218s ago: executing program 2 (id=58):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb34902, 0x1000006, 0x28011, r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x24, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xb9}, @NFTA_PAYLOAD_BASE={0x8}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xb0}}, 0x0)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)

5m40.054032529s ago: executing program 32 (id=58):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb34902, 0x1000006, 0x28011, r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_INNER_TYPE={0x8, 0x2, 0x1, 0x0, 0x84}, @NFTA_INNER_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_INNER_NUM={0x8}, @NFTA_INNER_EXPR={0x24, 0x5, 0x0, 0x1, @payload={{0xc}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_PAYLOAD_OFFSET={0x8, 0x3, 0x1, 0x0, 0xb9}, @NFTA_PAYLOAD_BASE={0x8}]}}}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0xb0}}, 0x0)
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0)

4m41.055430415s ago: executing program 3 (id=194):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r4, &(0x7f0000007fc0), 0x800001d, 0x0)
recvmmsg(r4, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

4m39.190446197s ago: executing program 3 (id=196):
r0 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x400246}, &(0x7f0000000340)=<r1=>0x0, &(0x7f00000006c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_MSG_RING={0x28, 0x40, 0x0, r0, 0x0, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x4c6e, 0xc67a, 0x8, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000004ac0), 0x0, 0x8000)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_setup(0x3454, &(0x7f0000000080)={0x0, 0xffffaffb, 0x40, 0x1, 0x33d, 0x0, r0})
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="01002cbd701004000000050000000600010005000000080009"], 0x3c}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYRES16, @ANYBLOB="00f0bcbd7000fddbdf25060000000c000f0003000000000000000c0016000a6100000000000005000d000000000008001700", @ANYRES32, @ANYBLOB="0c0016000700000000000000080019000000000014002000fe8000000000000000000000000000aa060001000b000000"], 0x6c}, 0x1, 0x0, 0x0, 0x20004000}, 0x44000)

4m31.599045406s ago: executing program 3 (id=218):
mount$tmpfs(0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x1c0)
r0 = landlock_create_ruleset(0x0, 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0/file0\x00', 0x200000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000001080)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x140, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, 0x0, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f000014f000)={0x0, 0x0, &(0x7f00000bfff0)={&(0x7f00000007c0)=ANY=[@ANYBLOB="b8000000140001000000000000000000ff01000000000000000000000000000100"/60, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00?'], 0xb8}, 0x1, 0xfffff000}, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000280)={0x100, r2}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
close(r1)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x100}, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
close(r0)

4m30.642920036s ago: executing program 3 (id=220):
mknod(&(0x7f0000000000)='./bus\x00', 0x10, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x301040, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x278, 0x3c, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x244, 0xfc, 0x0, 0x1, [@nested={0x240, 0x8, 0x0, 0x1, [@generic="afca5ff5d515226501d9fac3908ff02f8d09509c26adb6b5d864484d04d69b4da5d7a52bfaaaad3a5c25aa473a0456cf81bd4d74603377984679d221e2a018985f995b9c1787285a3068593180b924ed8d0940610e751d4177f4fdaa3b647713ec058a87aa46f52171df898c7a05121abccd3e66c0d455d5497f9b88f86e97ac669b2ac8acdde2137a259ace56f95c5e39e7db5a34433901da46f369d9dd5ca3e90600b07d4664e1d96191edfaa947604e2f1f75db04", @generic="9bd8923e183ceaf32e67fb16888c806403ecd4458012965b4bf87d769bf5e030474a90f0f8b743003256111a88037a5489878dc68d48348280c55d31a3ea6fc747a0cf299e10637fbc9a618a6bcadf0f6caf923a1dfbd1f2ba8fa08ddffc28b9a387e3b2b35d8a4ac3ea722e6f6089", @generic="cc683eecda71ba25b3f72797dc417fca84d9d8f8baa94057192947b92000ba5770c7b084403a03adc1a2f42acd35c86093d2150d1d0a70f422e4f73eac96a9de66ddc93cb95cbfce68d52b80505ad2cb11893f86e6c26ea10f484762e841ee827d794612312cd37ad973b2ab2986bb65f84b670790bad3776ef66f76955009f71065c51850d6b375827b6e3666e469312a118278044cc8c60724f9c11c75aee12f40a3f53f995cc20d3fef674b2e46dfdf9d48685be6be74cf4374ae2c3627d82fb3523b86a6b5eecc7c852e62b45b72141293a9e3fb1096a448ff5bce3586b50be5d12cbf9a80bca166", @generic="f0e79ebd68b11bafb7f0fcc690fd1895afce6ae42d8ab38b9ebbfedf6d80c37c89ead9c8af0ec8b3f4a81f88d0"]}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x9, 0x2, 0x0, 0x1, [@generic="97f0972655"]}, @typed={0x8, 0x5, 0x0, 0x0, @u32=0x9}]}, 0x278}, 0x1, 0x0, 0x0, 0xc000}, 0x4040)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r3 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r2, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r4=>r3}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r1, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, r4, {0x4}}, './file0\x00'})
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
futimesat(r5, 0x0, 0x0)
mount(&(0x7f00000000c0), &(0x7f0000000440)='./bus\x00', 0x0, 0x8c7c88, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x3800004, &(0x7f0000000100)={[{@verity_off}, {@volatile}, {@uuid_on}, {@uuid_null}, {@verity_require}], [{@pcr={'pcr', 0x3d, 0xd}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@dont_measure}, {@obj_type={'obj_type', 0x3d, ',!.[:/'}}, {@smackfsfloor={'smackfsfloor', 0x3d, '/dev/ptmx\x00'}}, {@appraise}]})
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NLBL_CALIPSO_C_REMOVE(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[], 0x1c}}, 0x8080)
bind$netlink(r4, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdbfc, 0x100000}, 0xc)
ptrace(0x10, r6)
ptrace$setregs(0xd, r6, 0x7fffffff, &(0x7f00000003c0))
ptrace$cont(0x20, r6, 0x0, 0x0)
open(&(0x7f00000002c0)='./bus\x00', 0x0, 0x66)

4m30.127019226s ago: executing program 3 (id=223):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000340)=ANY=[@ANYBLOB="17eb82a49330c987e49d0030000000300f000000000000000011000000008000007ad9bf8e2c0be7332aeeff9363c3fa1391cb33612774cb4157278d6bd00c0dd509b225084ce93ed28773b844614d4507a983c467e2cdb5d8fe5688de68307748a537986f86acd68430c6d60bb784cf7a802afa22a29592f26bc1d6a0be84a64eeb2f432ddcc5dbe3"], 0x0, 0x4c, 0x0, 0x0, 0x0, 0x10000}, 0x28)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000004200)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[])
read$FUSE(r3, &(0x7f00000021c0)={0x2020}, 0x2020)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000000)={@local, 0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r4, 0x7a8, &(0x7f0000000540)={{@hyper, 0x2}, @hyper, 0x0, 0x0, 0x5e})
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
creat(&(0x7f0000000040)='./bus\x00', 0x8)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x2)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000001000/0x4000)=nil, 0x3)
r5 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, 0x0)
ioctl$USBDEVFS_RESETEP(r5, 0x80045503, &(0x7f0000000000)={0x8})
ioctl$USBDEVFS_IOCTL(r5, 0x80045505, 0x0)

4m29.586026352s ago: executing program 3 (id=224):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_emit_ethernet(0x1e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaad15c8ba848e33c2eb7e9a0aaaaaa0180c2000000000c0400000015010000da3b99121880e22e"], 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000300)={0x2, @pix_mp={0x4, 0x0, 0x384c4150, 0x4, 0x0, [{0x0, 0xf}, {0x20010}, {}, {0x1000000}, {0x3, 0x8}, {0x2fe}, {0x0, 0x7ff}, {0x800000}], 0xf, 0x0, 0x0, 0x2}})
syz_open_dev$tty1(0xc, 0x4, 0x4)
r0 = syz_open_dev$radio(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000040)={0x8, 0x5, 0xace, 0x80000000, 0x7, 0x184, 0x7aa2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000440)={<r2=>0xffffffffffffffff})
sendto$rxrpc(r2, 0x0, 0x0, 0xcf76046f7e4ded7b, 0x0, 0xb)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
r4 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @private=0xa010501, 0x0, 0x0, 'none\x00', 0xa}, 0x2c)
setsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000080), 0x4)
mknod$loop(&(0x7f00000001c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

4m28.874078288s ago: executing program 33 (id=224):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_emit_ethernet(0x1e, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaad15c8ba848e33c2eb7e9a0aaaaaa0180c2000000000c0400000015010000da3b99121880e22e"], 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000300)={0x2, @pix_mp={0x4, 0x0, 0x384c4150, 0x4, 0x0, [{0x0, 0xf}, {0x20010}, {}, {0x1000000}, {0x3, 0x8}, {0x2fe}, {0x0, 0x7ff}, {0x800000}], 0xf, 0x0, 0x0, 0x2}})
syz_open_dev$tty1(0xc, 0x4, 0x4)
r0 = syz_open_dev$radio(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_S_HW_FREQ_SEEK(r0, 0x40305652, &(0x7f0000000040)={0x8, 0x5, 0xace, 0x80000000, 0x7, 0x184, 0x7aa2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000440)={<r2=>0xffffffffffffffff})
sendto$rxrpc(r2, 0x0, 0x0, 0xcf76046f7e4ded7b, 0x0, 0xb)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
r4 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x100000011, @private=0xa010501, 0x0, 0x0, 'none\x00', 0xa}, 0x2c)
setsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000080), 0x4)
mknod$loop(&(0x7f00000001c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
link(&(0x7f0000001240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000001040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

10.046541491s ago: executing program 0 (id=935):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0xee31b000)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x7, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r1, @ANYRES8=r2], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x18, '\x00', 0x0, @cgroup_skb}, 0x94)
r5 = fsmount(r3, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r4, r5, 0x1, 0x0, @void}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd604d000000140601fe8000000000000000000000000000aafe8000000000000000000000000000aa00004001", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500200009db25844"], 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r7, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r9 = accept(r6, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0xc000}, 0xc810)
recvfrom(r8, &(0x7f0000000180)=""/60, 0x3c, 0x4140, 0x0, 0x0)

8.115199782s ago: executing program 4 (id=937):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xd, 0xa, 0x4, 0x5}, 0x48)
syz_emit_ethernet(0x19a, &(0x7f00000018c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb080045f9018c006500000021907864010101ac141431440c1d71e0000001000000084424a1c16401010101000000e000000200f1ff0dac1414aa0000050c6401010200000007441ce783e000000100000002000000000000da200a0101000000000b41dadd181414aa830b5dac1414bb6401010086430000000306020602050cda9c9faf1341f6b19311050fd1de09efef1739a42bdf040965000f4f2eec53cfdccf30c088ec852c01035e070c03cf1c171e34f4836e07018d0998cf33e39ae6e94414e373e000000100000006ffffffff00000007004e214e2004819078a63af727de459657a95bcdd7661133f3212b221f45d5bfdcaa8dd9d1428889aea6db3c1a052270f4b648d80940f9b50331fdb17c80c2d1753fbaaecb1e25081c55063d228159d54b6c265365aa8ad63a0f3d24fd94a2971016bec473e233b8ffa6b08133a909061c08b85df3edd4f04e367dd7c162a405a6459b11776ab376e3d3b3781c22ce970a9fcb3ca4743408c1fedf9189c6330a6652c081722fc96c9c6aa16362b0eeb309d3cddb17b820946ea80edf041e65a5fc79581ae5006d70f45af0cd4f13258e427e02ca6193c1d192ed06806cdf5c5ad32e58b00bca6116a8b56092b4141c100a1fea94cc50ef00e2ae8c337b76346db2b694dde1676b968d7b90f85239c5995cd960f87da8b1a730e6551680a4c12e1d9893bfe8b9a14755fc8df9de01145de911b70a5b7942b5097bd35bfd8b632ec6e801a896647c5e2427a673312fb109cbdd4c341c807ab5ab36a748f83d9d4002d39813801937702d"], 0x0)
syz_emit_ethernet(0x6c, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaae43f6642531e08004500005e0000e00004119078000000000000000000004e20004a907861100000def48de5c654f72ea99c40db3b71a3690af830459c173cf562a07df94d83ed7e27a6b529d7aae75bde5f28a5be3b953ddeb7a9fd6367b418cc690c474ee8694db00bb047345f99233c9e23d4b49312949eb4ba2066be256c7c505263a5ad8854ccaa353bcaa5b4989df6fbbee20b8f1ca71784590f104be17fb50543e7e4521d7b0f8e789db7c9936f13d6f028e9363bbd0171b2e57a24e0672070ed93798a3e826937390a60a8310fa8a796095af3da8606c9e176"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_submit(0x0, 0x0, 0x0)
move_pages(0x0, 0x3, &(0x7f00000001c0)=[&(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffc000/0x1000)=nil], &(0x7f0000000340), &(0x7f0000000380)=[0x0, 0x0], 0x2)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r3)
r4 = openat$cgroup_freezer_state(r3, &(0x7f0000000080), 0x2, 0x0)
sendfile(r4, r4, 0x0, 0x8000002)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0xa4001, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)={0x14, 0x3e, 0x107, 0xdffffffe, 0x0, {0x1, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0xca00, 0x41)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x12, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000071120b000000000095"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x2c, '\x00', 0x0, @cgroup_sock_addr=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
openat$cgroup_ro(r5, &(0x7f0000000240)='cgroup.stat\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb010018000000000000000c000000dcfeffff03000000010007000000c2f3d76e6502acba00691d4bfc60d54473"], 0x0, 0x27, 0x0, 0x1}, 0x28)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="7fb6f3996a4a050be9440000000201010800000000000000000200000424000e8006000340000400000600034000030000060003400006000006000340000400000c0006"], 0x44}, 0x1, 0x0, 0x0, 0x11}, 0x4802)

8.100111553s ago: executing program 0 (id=938):
socket(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r3])
ioctl$KVM_GET_VCPU_EVENTS(r4, 0xc048aeca, &(0x7f0000000080))

8.04326103s ago: executing program 1 (id=939):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)={0x94, r1, 0x4, 0x70bd2d, 0x25dfdbfc, {}, [@NL80211_ATTR_SOCKET_OWNER={0x4}, @NL80211_ATTR_USER_REG_HINT_TYPE={0x8, 0x9a, 0x1}, @NL80211_ATTR_REG_RULES={0x64, 0x22, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x4}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xd}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x6}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0xa7}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x5}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x8}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x6}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x2}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x3c5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xffffff81}]}]}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x6}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x2e}]}, 0x94}, 0x1, 0x0, 0x0, 0x81}, 0x24044044)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000800)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8937, &(0x7f0000000000)={'netdevsim0\x00', @random="010000201000"})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000440)=ANY=[@ANYBLOB="18070000020000000000e62e22603b37587dc65c2080809185000000004000851000000200000020001000000000009500007b000000009500000000000000f1b95a17ce1a3875d97d8352bf24e702668b0eaa82680b37f1f360c57bd4ccf9cfe8886aecc22caf14ca31e60e86563ad09fdfa5e4288a01dfe949c8eadc11ce45eaad0c7b94874bf78ca032dd482dcacc463028874d0489cf4342c7883d5ed6a12a5a70559941817d658eb7fe98e366002d71677d7637bfc8eb78ef4540c9bfff46eca6a01cc05284526758bd59d3ec359bdcc4b9b3a59f017f27a12c009c6ba585d6c7b683021e9e5283fbeae5b4963fe3d0249cd7c8119b647dea314b2827e40fdd091d00000000b2f16286ad"], &(0x7f0000000180)='syzkaller\x00', 0x6, 0x8b, &(0x7f0000000080)=""/139}, 0x94)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000140)=0x89c, 0x4)
syz_usb_connect(0x0, 0x3e, &(0x7f0000001100)=ANY=[@ANYBLOB="1201000020dafb2099041010f5050102030109022c00010000000009040000016f2bae000824020100000000092402020000000200090585da20"], 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xfffffffffffffffc, 0x129200)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r4, 0xc0045540, &(0x7f0000000040)=0xffffffff)

6.776577782s ago: executing program 4 (id=941):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r0, 0x4161, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r0, 0x40044160, 0x3)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket(0xa, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000200)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000001980)=@assoc_value={r3, 0x8}, 0x8)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sched_switch\x00', r4, 0x0, 0xfff7fffffffffff5}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f0000002580)={0x0, 0x0, &(0x7f0000002540)={&(0x7f0000000640)=ANY=[@ANYBLOB="ec010000", @ANYRES16=r6, @ANYBLOB="010026bd7000fcdbdf25010000001400020077673100000000000000000000000000060006004e210000a80108809c0100801400040002004e20e00000020000000000000000f400098028000080060001000a00000014000200fe8000000000000000000000000000aa050003000300000040000080060001000a00000014000200fc0000000000000000000000000000000500030002000000060001000200000008000200ac14143505000300010000000400008028000080060001000a0000001400020000000000000000000000000000000001050003000300000028000080060001000a00000014000200fe800000000000000000000000000018050003000100000034000080060001000200000008000200000000000500030000000000060001000200000008000200ffffffff050003000100000024000200cb34a705eb260cac33665ea60219bd3ddd18816074c501038ca8a9ee8efb50e808000a0001000000080003000200000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff1400040002004e240a010100000000000000000024000100f44da367a88ee6564f020211456727082f5cebee8b1bf5eb7337341b459b392204000080040000801400dec5dc177a32d643b559b12bac090200776731000000000000000000"], 0x1ec}, 0x1, 0x0, 0x0, 0x4000000}, 0x20004000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x2)
r7 = landlock_create_ruleset(0x0, 0x0, 0x0)
landlock_restrict_self(r7, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
sendmsg$NL802154_CMD_GET_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x40810)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f0000000580), 0xa, 0x0)

6.603503122s ago: executing program 4 (id=943):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x1f)
mount$9p_fd(0x0, 0x0, 0x0, 0x80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00'}, 0x18)
syz_open_procfs(0x0, &(0x7f0000000000)='environ\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)

6.507750241s ago: executing program 0 (id=944):
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet(0x2b, 0x801, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r4, 0x40046f41, &(0x7f0000000440)=0x1f)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r5 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000240)='uid', &(0x7f00000008c0)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
shmctl$IPC_RMID(0x0, 0x0)
mount(&(0x7f00000000c0)=@nullb, 0x0, 0x0, 0x208000, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$netlink(0x10, 0x3, 0x0)
r6 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r6, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff000000000000000458000b040000945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)
socket$nl_generic(0x10, 0x3, 0x10)

5.541408307s ago: executing program 0 (id=946):
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r0, 0x5411, &(0x7f0000002280)={'syzkaller0\x00', @random="001300"})

4.908569301s ago: executing program 1 (id=947):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1, 0x31, 0xffffffffffffffff, 0x8871b000)
unshare(0x400)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r0, &(0x7f00000000c0)={0x1d, 0x0, 0x0, {0x2, 0x0, 0x4}}, 0x18) (fail_nth: 4)

4.33177363s ago: executing program 1 (id=948):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44045}, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
syz_io_uring_setup(0x49f, 0x0, 0x0, &(0x7f0000000040))
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x20440, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = userfaultfd(0x801)
getsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, 0x0, &(0x7f0000000280))
r4 = getpid()
process_vm_readv(r4, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r3, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
read$msr(r1, 0x0, 0x0)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="54000000040601020000000000000000050000010900020073797a3200000000050001000700000005000100070000000900020073797a30000000000900020073797a31000000000900020073797a3000000000311603667fe80aee72fc129b8045aa8cee463c57709c524b05d961a59d4001eed272baf1e8dd3f811a664fad1a9b604269c04b2b6cef8783ffce4073eb2fda48159aecbfd19fc8441a3b7ccb29d09052246b70fa3e1dd34c45ffe555373ca32f1212aaa9c681fc3903410fc6a74af5be650fc85367c1f72aaab58624b6cfc11210a66133ed9962"], 0x54}, 0x1, 0x0, 0x0, 0x40018}, 0x800)
landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001fc0), 0xa0000, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r5, 0x400c6615, &(0x7f0000002000)={0x0, @aes128})

4.331368631s ago: executing program 5 (id=949):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0xee31b000)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x7, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r1, @ANYRES8=r2], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x18, '\x00', 0x0, @cgroup_skb}, 0x94)
r5 = fsmount(r3, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r4, r5, 0x1, 0x0, @void}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd604d000000140601fe8000000000000000000000000000aafe8000000000000000000000000000aa00004001", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500200009db25844"], 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r7, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r9 = accept(r6, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0xc000}, 0xc810)
recvfrom(r8, &(0x7f0000000180)=""/60, 0x3c, 0x4140, 0x0, 0x0)

4.229903443s ago: executing program 0 (id=950):
socket$nl_route(0x10, 0x3, 0x0)
connect$pppl2tp(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x11, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0100000006000000ab"], 0x50)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x3, r2}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540), 0x395}, 0x24048000)
unshare(0x6a040000)
syz_open_dev$vbi(&(0x7f00000002c0), 0x0, 0x2)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r3, 0x4020565a, &(0x7f0000000080)={0x5, 0x2})
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x2)

3.391828169s ago: executing program 6 (id=951):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
map_shadow_stack(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x8f)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4}, &(0x7f0000000000), &(0x7f0000000080)=r2}, 0x20)
recvmsg$unix(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000300)=""/78, 0x4e}], 0x1}, 0x40020000)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0))
socket(0x40000000015, 0x5, 0x0)
socket$igmp6(0xa, 0x3, 0x3a)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r5, 0x58, &(0x7f0000000180)}, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket(0x40000000015, 0x5, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000380)={0x0, 0xc941, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000200)=<r7=>0x0, &(0x7f0000000280))
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r6, 0x84, 0x1e, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)

3.288119104s ago: executing program 5 (id=952):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0xffe}, 0x10)
write(r0, &(0x7f0000000180)="1d04000012005f0214f9f4070000fbe40a0000000000", 0x41d)

3.139419681s ago: executing program 1 (id=953):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040)={0x28, 0x0, 0x2710, @my=0x0}, 0x10)

3.087755926s ago: executing program 1 (id=954):
socket(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r4, 0x4048aecb, &(0x7f0000000080)=ANY=[@ANYRES16=r3])
ioctl$KVM_GET_VCPU_EVENTS(r4, 0xc048aeca, &(0x7f0000000080))

2.991217707s ago: executing program 5 (id=955):
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="10007d8005", @ANYRES8=0x0, @ANYRES16], 0x2c}}, 0x0) (async)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r2, @ANYBLOB="10007d8005", @ANYRES8=0x0, @ANYRES16], 0x2c}}, 0x0)
syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0) (async)
r3 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r3, 0xc06864b8, &(0x7f0000000580)={0x0, 0xc1, 0x80, 0x3231564e, 0x3, [0x2], [0x80ffff], [], [0x400000000000001]})
write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000017c0)={0x8, {"aba2e739caf79cbcbd4b1c4670eb6f78f67331bf7acafa29cec3fcc77f455b41992626086d746ab40bbc55062ffba66f07b1a7d062b078d3c1289541678528a33222d263f15a33c71d2bbf00184c0ae378c38fb4f1f2ef6265d58f3f6b11a7bd4b8ac1b8ef6cd62d4e6dacd79826566d3048e73a49efed36e32550b81c9ce0afca64f8d3b26e0bb652953db354252fc4df48c3f19291c03a36b0d8a52bc2fd2e0b25f61e3d746d47d2596a34099cd7cbc668067f8acc553f6f97b785ac58395fedff5b89ca1083266ae5d44fd0c78e3e2b2a5647e27989b4025c551b864d1af4835e53a05c148325350992f1b2c9662e34a5a12d141a36b30eb69ea8c1c095a881fc8d4398aa216c47ec0f120505b047ecbaab2eacb9c856270d0e628c447fb4490cb8b5feec9fdd132ceed90cd58cecd8853fbfc6e5cd2db3d1d6bf5d82ccf2ae8d9c5b20984500e16372f098d9b451cc9d0d3ed3289cfd2b26e1560055d21170a51de502c65f1f9fe95eb993ee74ef66b6fd5c41acdb5abb62da3d14beacbf11d7ac3d07ef6222f5fe3b99ff35681a754425c105c5fb4620aa745c360d087345178f1e2494e7096d459cf0aa0c88dc10ba6d8ad6db5daf1e0b874f7fd3f2840db83e433902a244a3084a9826855214864291c9d351c092d1a27620a8faac563fa20ba484e05d386b17fe1e4371e57eb3dbd9f56811949cb3fa72442e429feef1b7875e0a7fae2bd2172bb7d53ee54fea007ded6e1798aac129764d022f06bf27335faba7876fd6eb23797b5691e3364c77a8ebccdf4f2e9328e25cd5feb2bd8bcab402bc860984ebbf825626358ce9f70c235e80d927ae9cbba13b73746e60f3b4d6d8366fe55a48476c51426fcdc985a26598b0fdf02de29bb1ddfeef2f0d158cbf6bd0ac60e61711690938bb2db470b9a80eed7fc2234a8a40a21e27d89b3d47a7161c398c1972dfab8da941f18136d5cc801113f64cdefc85080252c9d466d1725df6ad09ac1ccae22076d64123cdf4f288322638866af4c0673407341c797f164337de0713270e56ca46d8bf8c9f03949d35451a94e944bc2ae1419ff1a3aafa166ad55867f51e2f7ce1060e6556f837122a60bf1ec28a9dd70f0f9dd34f468947fef13e029096784714916e31e97e7a4124313c7233413effc9708567959f18050050048438251a95253c2ce7632df7c81df33a173a8a674416bbdd0de5844fbb09a1456e9baccea74124bc5b1b9fe28291fec50c6756a9f995c22316d53e58648550da035ad175beb38adb0793554c85509ed914b8edd0c68c05addc420d14c9a6337fa386bd7ad87cd279a5384b867a3fb937b73f5336abe27b53622754bacf47703295363db518f776412f8a642db40ad107c40ff707f7de239553fb7a31fa7795482e84a58dbf9c9d21aa619e411b09332527bd9c6a8dd84e4b05a42e22b8311c4e88da86346736691dafab1134d1f2c78577727d6daf50d38a1b1d953c7014cda463270d22c35c62232416e00f5d99bf840fa506b62142c1e7aed4f422ff22826aa789315f8270afef38426e95811695ecb77fab6949d8c42a1e9fea8b0248cc1e0d2f66413c82fc0bc80d6272bed3a24c079711fad0d647e3e48e7a4b8a0a00d5b02fe1d2008a78f96f8e7e292443d47f6e2c3d2d4abc664766d24758080c5a22c5d33a44f6fb19eea4e8666c95a2cde11c5f28f9ee4deb326d590e23bce924137fffaba4791aaf45d8048cec6bcc379e1531e71bb408268457bc49cffe606bb81fd5780140b20cd7050ca3881f7939b893b9c548abe775385ff208b45d55964c9707682913cec9cf82da70af33cc28692d84608f36b9ff3d84801e6e2b7efc74a241559de48591f7580f101d6f974d540e57e87457ca917f9ca42c24473ba0d2ab1dfcd0fcf9014e87b2689257443d1753eb465c41c310a092e33d85ff576ffce2d5ae284b4fe6298117d6fdb66208ebe197cc3e514b20cf5a0e96aa71af11a4dc9d10590e624578cc6209bc70bb467208f26ee09b700fdf8e0fa7832a754759b89346d35286e94daa94c90f76fb47725d4f3b7e5ab1d926d42938227537e83c7cc92dd03a1309464e0c3c91b5baaf317bd6a9a43a3b3dc61a165cf071bba73bf8e6a6a6ce3ee32e17ac09cf1f9c3980700ca53f8e4560e91a13216d2f52f9dd3f50339dc57d611a70aa7883f4168c4d8beb3e130b8f212bf6d6953ff6a3febe9f6a3a7986adfa2fc8e9aed278fc86c18399494d7c071ae4f2d2410a9504df7bd9b4e4a811f4ec3ce03be6472d7a61c88f478889a84b4506f2b5d421c47492c5f2d920ad92aae1bf4ca3170e78c6dde66f5f435d781eda01461753471184076b12efba8f9ab46f45e63a1ef3433033204ae353319bd04af34dc18408def325edfb3a51f0514a5f4822fca4289abf61ffd963fd90ab16b108ed9520cb58421a54a1c391770057bda233379cf7f51783efd48ec3fea781f6eed5c858c69bb59060605ca8a92fb335ad5499408134463b15673613f16234864a005f0511dc7abefe54aa509c3aa73405d2807fb610fd34163c684922ebb0b0ce747fce356d192a0c4d3690b72ebad4fa3083c3000c2d4113ef8785ee81ad3252ec12b8ad32e4b5a596fb9b89ff89de20f1965b6083cebd73349efd8f8f862d4b2ee9f0439dc3c6f9cff8719c57721bc7e1626407ededddc04a5269576692e865406a12428c743b7f27c4fd27e3091633105734c3de5ed816c2fa64115a2c330ce9125e652fe302df3e46b4502b9d1ed1a6b654dc4d1c0b78d8419692b461ebf22b5f82a47f09bc44d5888b48df913f331fc492d62d602efcec6e01e3c3202717b0cae10da607bc608ce4e8d260ecfac350de85c881e1289952ce3d441a3e93c3bdfb1d6af67ba0f3a9ae0965784b8231deca6f7b0d24ec1b4e8f28ab4e14cd092e0aa2f4edf939b1df6a388435f5f7ffdab01083f01c4aa5e2f6dbcaf36b80ef118d7335bcb4683afa962d542d64dc4afef5e2d84a6c6425b23c3a29cf5f72f93312038ab37dabfdc3683bc20df0a19ef6a76de45a291151e40d0c7c2b799d119d76a25babecab7d2a84cbef0461c2b14fef3c8b3f1335be197111792efdee08065261c9c8bedab1caa6a2750646681347cf5a8ce091ac9227c6d05d9c70a411867ad71950e0e1fd52f9ef293d95213796436dfa6a5cef2ba318e60467b992864a730ba45b34cc40eba6fd9c9733660d51cfbe243dda280744e01683a3aae04785d5e764bca7cf24d3a4bf8f8f7a87b5c06124b72a587b7957a73eb47c2a5470c6fe96c7be28788ddfdf0629020bb60140cb01980c71e80e40a269df052be3ccc83377ac38807dab028ba00a7d2919d589510ea77bf8c9d0710d889088b3afdda90407bf52096ab8d003d975d004654479b2c91488e793e8660d8a2672bebf151ec4dcdafe85365f8875c53a360074ce946177af88ed009b05b0734d9c37b3afc4079c6f6ff5b9ccbab4fa11030d1ee09e61b2e59886310f4fc73632fc349297fc3713f750a78a7b8a986228cfb7378573eb81c5062ea02b50bb5056bc26fb61a2a886fa6ea6dc17f0a13fc90e7deda3dd7f36ea03344a8e3b50b858c9ca3f4f1fb035ed0840ba664ef8314121c17c86fed9b23480c720a7666a3773f07a6cb3154206a3c1e69c5001e3ef1e45bc5d733459d5c328ed2465fbe0c3ca4a292267cb21d8a8a0c8d275f32875cacc00ef33ab4dfbf88d6119cf793fcfba4910ecd6d1a6bc05231ceb737e7a7300dc0be58da7188014e33e24b847f9ae278a9e0d934f1ca7b60dc19972539f91c01b6abd99c62e47ccf7482a1855643fb9a6b7f0855b08963463f128fa323204a0b17981b2a4a6e0e7dbd31b6b09f5ddca71750651f2a2ec66624483f5778b8a44239dd2883e6a1c6e2162f86f8997158ea16dc9d5fc16462db1b2accbb01cab55b87ed84a51df33c60ea464f688021b6ec7fc86f3f53f49fea8dde61535dec5be9f32de871f793d157eb4d2e22d1e55cdb1c5d20300d6f3031461c573a15594740912b202f7833c7100b0124068e7e757d8d842a8e63ffd31f8f42d100bf97d5afeb036743689461683c8cf165609ac1875ac47740992b1b8a05d85ed7339ce5f34d0c6ac38f55ee75e9e95421abd2fef2b307bac8c3de03e3d5ccc04984e22b132419f4d5e51b5b328f6d0da15bc7e97ecff3685cd3ddb804c74f32da4f56ebde2bf8d7ad669b0122c2dc19907bac38d5461562ab7ac6532f0458ceb6ee26baeced6ba8004bbb7744df52cea0202b2fc02e2b3f04d1b441af457c181e44fd24b8f163b5d3673c6cf1ab14eb17b2369488c6c2d9c52ee4ea2bbc7701faa83131e7be5dc2554a824e184daec36dd6c10c1f331c9dbbf33718dbc09305d7b8f462484e94a46ee829bfa31b58d152ef1ab509b047455aa7d7eab17ddc802e2a8b0f5d5c57c20271d29016543836960c45246253e0055246b774e563e2f1d0e874bcdd9f132464ebbc7317fc005eb58aaacbfdaa184dbef3e991fcefbee97250adb75ab88a3af056201082b61c1c8e55b196dda55a86b6f37fa557bfa6bc3028a874a97db32e1d3c93669e266446d6c74b0b8cecf965e20936fd32e17a03f147bbb9f9839effe4337c1497114fed4e51d09f54cdc6a099cac72c536e768808994c2ce67c07c791f95e73c631f7016e524097803809b9666cda729c042ac81e37fc41bc10e1ed24232d52976d6327914884d85948237cfc8410e862508cf64c167b0345fc5ba0845dba292efb578baf4901ee8924dbf465d35af4caddd803d32da4663ce734fc534de448c4f7bd35104fd1678f25bb87160711cd2de4c59b9472683f17803c520cf6281f60328205c3b6355fd92acf4331c42bedc934433a640ec1fb5d18ca37b5f2baf9ad0e03b577f0d61b34eee318aef0393fafc5972cdc262b6171d11c9dff5b54d7e1d4b10c2cdafa2fcf7df503b748481d6c66754b7a63bd3e488947ccf547f7acd72c45abafc436ae6cf14e57b3b2376fea53e19972207ce3c36eb29c95b515f9abb06c17e3d072caecd9d4649b7fb1634b1564c140c54e1ec3890fa710016e0d45781dbb43ca60c187c1739d67ea865c56f02c2a15c7f361b5b4e023c8b7fb65c7c52f2d2667464b31712b608238af696eab0365d0ac6dcaefeceabf6ba2304c9fefc8efb609b22d3cffc0fa2b383800053c09a7dd4181b925dcf810d198452a1adcb82362558e8762342df845440f03dff34859bec8288dae7ddf3e3b5b73cef91205a6297ec3cbaba46e24ef8ddd7c67798e31eff30023778ca0f59a71804f93e80c3d39114a8db551e67ee4a6c04a3bc4d691e49197d7ced2a259ef73bb60096cb53ac6253fbad850d706b0dee9e48c8615c80c5d8b9156f73c4ebde3d2ba2606607fef23c75a992df56990055a7db9427cac408c452c389007f1912ed64f89af6c4b988bc0cafbbceee1b0570ea0eebf7c1ef2ff746a5526b157c0d3ff1d6da6ed7a7bf667583f8c6579fe8fd44ec43e5d27b662842cb74938cd69d0ac759b55ac71c81143fdf2e996412c3624dc50caa7d727b25b7e3e1eece52d488acf7d6863aaf06219daf15949e494e280b78a97c2f439ed68d473bde4a2460f6d3dff378ef7a2c0a6a1b28a62450196504eacd115e8d3cde500b2e0a0b162c3d6927424ae9e81b16a8f493313b6fcac3ebe34597390bf9140621df1b3e3651cb6308ccdda9a5829f161029e25d41e1b5174945ca7194998209cd3a2988cf97bd886f2904b8db8d278b0704a1fdb3ef", 0x1000}}, 0x1006)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000002580), 0x802, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r5 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r5, 0x6, 0x0, 0x0, 0x0) (async)
fsconfig$FSCONFIG_SET_FLAG(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
r7 = openat(r6, &(0x7f0000000340)='.\x00', 0x0, 0x131)
lseek(r7, 0x0, 0x2)
ioctl$UI_END_FF_ERASE(r4, 0x400c55cb, &(0x7f00000025c0)={0xe, 0x7ff, 0x3}) (async)
ioctl$UI_END_FF_ERASE(r4, 0x400c55cb, &(0x7f00000025c0)={0xe, 0x7ff, 0x3})
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r8, 0xaf01, 0x0)

2.592567345s ago: executing program 5 (id=956):
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
r1 = syz_open_dev$swradio(&(0x7f0000000940), 0x1, 0x2)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f0000000a80)={0x6, @pix_mp={0x7, 0x6, 0x38415262, 0xa, 0x8, [{0x6e}, {0x9, 0x7fffffff}, {0x7, 0xbe0}, {0x3, 0xe3a}, {0x1, 0x4}, {0x4, 0x8}, {0xce16}, {0x7}], 0x7, 0x7f, 0x1, 0x1, 0x5}})
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0)

2.590680513s ago: executing program 1 (id=957):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xf, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
read$FUSE(0xffffffffffffffff, &(0x7f0000000080)={0x2020}, 0x2020)
r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x40001)
write$cgroup_pressure(r1, &(0x7f0000000080)={'some', 0x20, 0x9, 0x20, 0xff}, 0x2f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0, 0x0, 0x1}, 0x18)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r2, 0x0, 0x0, 0x20044044, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x7}, 0x1c)
socket$nl_generic(0x10, 0x3, 0x10)
mknod(&(0x7f0000000000)='./bus\x00', 0x10, 0x0)
ioctl$VIDIOC_S_CROP(0xffffffffffffffff, 0x4014563c, &(0x7f0000000100)={0x9, {0xe, 0x9, 0x1, 0x2}})
openat$userio(0xffffffffffffff9c, 0x0, 0x690282, 0x0)
getxattr(0x0, &(0x7f0000001400)=@known='system.posix_acl_default\x00', 0x0, 0x0)
clock_getres(0xfffffffffffffff1, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000180)='w', 0x1}], 0x1, 0x1)
ioctl$SNDCTL_DSP_POST(0xffffffffffffffff, 0x5008, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, 0x0, 0x240000d4)
openat$kvm(0xffffffffffffff9c, 0x0, 0x200200, 0x0)

2.445665024s ago: executing program 4 (id=958):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="38000000540001000000000000c4000007008209", @ANYRES32, @ANYBLOB="20000100", @ANYRES32, @ANYBLOB], 0x38}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.363895972s ago: executing program 5 (id=959):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b34343b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d326d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a0000002900", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000cb9f2cfcc837c14b000000000000000000000000000000000000000200000000000000ffffe2ffe0ffffff000000000000000000000000000000000000000000000000000000000000e1069346585daf1fd012000002000000"], 0xb8}}, 0x4004)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[], 0xb8}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000002c0)={&(0x7f0000000000)=""/74, 0x30c000, 0x800, 0x0, 0x4}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000540)={r1, 0x58, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000640)={'syztnl1\x00', &(0x7f00000007c0)={'ip6gre0\x00', r4, 0x4, 0x50, 0x2, 0x7ff, 0x6, @private2={0xfc, 0x2, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x40, 0x10, 0xd0a, 0x9}})
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
clock_nanosleep(0x9, 0x0, &(0x7f0000000680)={0x0, 0x989680}, 0x0)

2.294385223s ago: executing program 6 (id=960):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
close(0xffffffffffffffff)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r0, 0x5411, &(0x7f0000002280)={'syzkaller0\x00', @random="001300"})

2.211041247s ago: executing program 0 (id=961):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x256c, 0x6d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x5, "17321748"}]}}, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000480)={0xffffffffffffffb7, 0x0, &(0x7f0000000140)={0x0, 0x3, 0xa9, @string={0x0, 0x3, "2bf5229236477936886c2d"}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f00000009c0)={0x2c, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000300)={0x24, 0x0, &(0x7f00000002c0)={0x0, 0x3, 0xe, @string={0xe, 0x3, "6932c4882c10090000000000"}}, 0x0, 0x0}, 0x0)
unshare(0x44040000)
r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r1)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x1a6)
write$FUSE_INIT(r3, &(0x7f0000000140)={0x50}, 0xffd3)
r4 = getpgrp(0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_GUEST_MEMFD(r7, 0xc040aed4, &(0x7f00000001c0)={0x200001fe0000})
fallocate(r8, 0x1, 0x100000000, 0x80000000)
timer_gettime(0x0, 0x0)
syz_clone3(&(0x7f0000000480)={0x20000180, 0x0, 0x0, 0x0, {0x37}, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[r4], 0x1}, 0x58)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r9, 0x29, 0x33, &(0x7f0000000140)=0xf, 0x4)
setsockopt$inet6_int(r9, 0x29, 0x42, &(0x7f0000000040)=0xf2b, 0x4)
getsockopt$inet6_buf(r9, 0x29, 0x6, &(0x7f00000000c0)=""/21, &(0x7f0000000080)=0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x3, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="180200000200000000000000000000008500000011000000850000005000000095"], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40}, 0x94)

2.172129269s ago: executing program 4 (id=962):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0xee31b000)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x7, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r1, @ANYRES8=r2], &(0x7f0000000080)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x18, '\x00', 0x0, @cgroup_skb}, 0x94)
r5 = fsmount(r3, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000200)={r4, r5, 0x1, 0x0, @void}, 0x10)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd604d000000140601fe8000000000000000000000000000aafe8000000000000000000000000000aa00004001", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500200009db25844"], 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r6)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r7, 0x0)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r8, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r9 = accept(r6, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0xc000}, 0xc810)
recvfrom(r8, &(0x7f0000000180)=""/60, 0x3c, 0x4140, 0x0, 0x0)

2.105482116s ago: executing program 6 (id=963):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x0, 0x0, [@sadb_address={0x2, 0x18, 0x0, 0x0, 0xe, @in={0x2, 0x4, @multicast1=0xe0000009}}, @sadb_sa={0x2, 0x1, 0x4d2, 0x0, 0x0, 0x0, 0x2, 0x40000000}, @sadb_address={0x3, 0x5, 0x0, 0x20, 0x0, @in={0x2, 0x4e9d, @loopback}}]}, 0x50}}, 0x0)

1.775899155s ago: executing program 6 (id=964):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44045}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
syz_io_uring_setup(0x49f, 0x0, 0x0, &(0x7f0000000040))
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x20440, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = userfaultfd(0x801)
getsockopt$inet_sctp6_SCTP_NODELAY(0xffffffffffffffff, 0x84, 0x3, 0x0, &(0x7f0000000280))
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r2, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
read$msr(r0, 0x0, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
r4 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001fc0), 0xa0000, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r4, 0x400c6615, &(0x7f0000002000)={0x0, @aes128})

1.70207752s ago: executing program 5 (id=965):
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="180000", @ANYRES16, @ANYBLOB="09030000000000fdff072000adce04000280"], 0x18}, 0x1, 0xf000000}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
io_setup(0x20, &(0x7f0000001140)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0xf, 0x400000000000, 0x25, 0x8, 0x8, r0, 0x0, 0x0, 0x3, 0x0, 0x2}])
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x68942, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$inet6(0xa, 0x3, 0x2f)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f0000000000)={'wg2\x00', <r6=>0x0})
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000100)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@loopback, 0x0, 0x0, 0xffff, 0x0, 0xa, 0x0, 0x0, 0x0, r6}, {0x0, 0x80000000, 0x0, 0x0, 0x2000000000}, {0x0, 0xffffffff80000000}, 0x0, 0x0, 0x1}, {{@in=@loopback, 0x0, 0x6c}, 0x0, @in6=@empty, 0xfffffffc, 0x0, 0x0, 0x3, 0x0, 0x0, 0x95c0}}, 0xe8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB], 0x0, 0x42, 0x0, 0x1}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, 0x0, &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x30}}, 0x94)
r7 = socket(0x10, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000002000)=""/102400, 0x19000)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r10 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r10, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r9, &(0x7f0000000440)={@val, @void, @eth={@broadcast, @remote, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, {0x0, 0x6558, 0x18, 0x0, @wg=@data={0x4, 0x0, 0x5865}}}}}}}, 0x3e)
write(r7, &(0x7f0000000000)="240000001e005f80004000000000000002000000010000000000080008000100000303ff", 0x24)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x12, 0x3, &(0x7f0000000000)=ANY=[@ANYRESDEC=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, 0x1e}, 0x94)

880.51861ms ago: executing program 4 (id=966):
unshare(0x26020480)
socket$xdp(0x2c, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0xf6c52000)
r0 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, 0x0, 0x0)
recvmsg(r0, &(0x7f00000025c0)={&(0x7f0000000000)=@can, 0x80, &(0x7f0000001540)=[{&(0x7f0000000080)=""/243, 0xf3}, {&(0x7f0000000180)=""/254, 0xfe}, {&(0x7f0000000280)=""/5, 0x5}, {&(0x7f00000002c0)=""/216, 0xd8}, {&(0x7f00000003c0)=""/16, 0x10}, {&(0x7f0000000400)=""/177, 0xb1}, {&(0x7f00000004c0)=""/4096, 0x1000}, {&(0x7f00000014c0)=""/113, 0x71}], 0x8, &(0x7f00000015c0)=""/4096, 0x1000}, 0xb1186c96b358f9e1)

245.049018ms ago: executing program 6 (id=967):
r0 = open(&(0x7f0000000000)='./file0\x00', 0x404980, 0x90)
ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000040)={'veth1_vlan\x00', {0x2, 0x0, @multicast2}}) (async)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r0, 0x8040942d, &(0x7f0000000080)) (async)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, &(0x7f00000000c0)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}) (async)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000100)={<r1=>0x0, 0x0, 0x5}, &(0x7f0000000140)=0x8)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000180)={<r2=>r1, @in={{0x2, 0x4e20, @multicast1}}}, &(0x7f0000000240)=0x84)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000280)={0xfffffff7, 0x7, 0xfffffffc, 0x1, 0x2}) (async)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000002c0)={r2, 0x3}, &(0x7f0000000300)=0x8) (async)
keyctl$session_to_parent(0x12) (async)
pipe2$watch_queue(&(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
sendmsg$NFT_BATCH(r4, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000540)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELRULE={0xd0, 0x8, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_USERDATA={0x80, 0x7, 0x1, 0x0, "911aab579aeb7b8ec02e366a090d80e1549c94066ca16673187920e9954fdd89e66ebaede45a9613f8831f25ae765c7596b59395a5c7867ad72c6e3932f418abf9e103d2d43e650f0fc3748f462a46397ec6e10ca7e3359238fe105743287346bffdbcefcf3ea565909bc8f984cd47879d37e39111de3aa27db5b04c"}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @bitwise={{0xc}, @void}}]}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x8}, @NFT_OBJECT_LIMIT=@NFTA_OBJ_TABLE={0x9, 0x1, 'syz1\x00'}}, @NFT_MSG_NEWSETELEM={0x38, 0xc, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x3}, @NFT_OBJECT_CT_HELPER=@NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x170}, 0x1, 0x0, 0x0, 0x4000}, 0x4040020) (async)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000600), r0)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r0, &(0x7f0000000700)={&(0x7f00000005c0), 0xc, &(0x7f00000006c0)={&(0x7f0000000640)={0x60, r5, 0x800, 0x70bd27, 0x25dfdbfd, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x10)
io_submit(0x0, 0x2, &(0x7f0000000900)=[&(0x7f00000007c0)={0x0, 0x0, 0x0, 0x2, 0x4, 0xffffffffffffffff, &(0x7f0000000740)="c5623630e2ad64967232ec627cbd799cd70be3a7e195d7c0bfb0974a403f6cd9af83651b39bc35de2f852299cb25b10b48a6d32cf1a9c3df11e44d6ff5008b56e6d922cb03d1caecceb9813d8c00780d31a6c9af3c20a9c38cec", 0x5a, 0x2, 0x0, 0x3, r4}, &(0x7f00000008c0)={0x0, 0x0, 0x0, 0x8, 0x686, r3, &(0x7f0000000800)="7806485291af074cb3d5287ff1a4358c934843c283ff0c5b54b751c1dd2b26047d23ca27ff6179e15b868c0c5a318dacf14d32f921b108d5282cc50d211a8e954bdd4efe75e716c497c33e55ec956bcc5b0b8b7b52d9844f83083f1f9ea42dafc219f867fb862734024c216d2bd30357285dcafe6ba39435904f22144ede0e3011e57f38d5d741fb26f14dc0c71e44626dc2a17fa4f543cf495197af0222c92518f6ab041dd5ea", 0xa7, 0x2}]) (async)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000940)={0x4, <r6=>0x0, 0x2})
ioctl$DRM_IOCTL_SG_ALLOC(r0, 0xc0106438, &(0x7f0000000980)={0x100000001, r6})
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r4, 0x84, 0x78, &(0x7f00000009c0)=r1, 0x4) (async)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000a00)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r0, 0xab00, r7) (async)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a80), r4) (async)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000ac0)={'wlan0\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r4, &(0x7f0000000f80)={&(0x7f0000000a40)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000f40)={&(0x7f0000000b00)={0x404, r9, 0x418, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0xfb3, 0x37}}}}, [@NL80211_ATTR_TID_CONFIG={0x298, 0x11d, 0x0, 0x1, [{0x38, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x75}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x8037}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xd8}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x1}]}, {0x4}, {0x21c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x208, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x40, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x1, 0x7, 0x1, 0x8, 0xffff, 0x7, 0x9]}}, @NL80211_TXRATE_LEGACY={0x13, 0x1, [0x16, 0x12, 0x16, 0x76, 0x5b, 0x48, 0x12, 0x24, 0x2, 0x48, 0x6c, 0x6, 0x0, 0x16, 0xc]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x29d, 0x7, 0x6ad, 0x800, 0x10, 0x5, 0x3ff, 0xffff]}}]}, @NL80211_BAND_60GHZ={0x44, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x6, 0x1000, 0x7, 0xe4a, 0x1, 0xa, 0xea9]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_LEGACY={0x12, 0x1, [0x12, 0x5, 0x58, 0x4, 0x5, 0xb, 0x1b, 0x5, 0x5, 0xb, 0xc, 0x4, 0x2, 0x33]}]}, @NL80211_BAND_5GHZ={0x40, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_HE_LTF={0x5}, @NL80211_TXRATE_LEGACY={0x19, 0x1, [0x1, 0x1b, 0x1, 0xc, 0x48, 0x6, 0x1b, 0x48, 0x30, 0xb, 0x1b, 0x60, 0x16, 0x12, 0x2, 0x5, 0xc, 0x24, 0x36, 0x2, 0x30]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_GI={0x5}]}, @NL80211_BAND_60GHZ={0x4c, 0x2, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0x21, 0x2, [{}, {0x5, 0x9}, {0x6, 0xa}, {0x5, 0x5}, {0x0, 0x2}, {0x1}, {0x1, 0x3}, {0x3, 0x8}, {0x4, 0xa}, {0x0, 0x3}, {0x3, 0xa}, {0x1}, {0x1, 0x2}, {0x3, 0x6}, {0x3, 0x6}, {0x3, 0x4}, {0x0, 0x3}, {0x1, 0x7}, {0x1, 0x2}, {0x2, 0x7}, {0x5, 0x6}, {0x1, 0xa}, {0x5, 0x7}, {0x3, 0xa}, {0x0, 0x1}, {0x7, 0x9}, {0x1, 0x9}, {0x2, 0x9}, {0x5, 0x4}]}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x2, 0x9, 0x9, 0xfffc, 0x9, 0x8, 0xac3, 0x9]}}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}]}, @NL80211_BAND_5GHZ={0x3c, 0x1, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x1, 0xb581, 0x8, 0xff, 0x1, 0x9, 0x6, 0x101]}}, @NL80211_TXRATE_VHT={0x14, 0x3, {[0x1ff, 0x0, 0x5, 0x69e, 0x8, 0x4, 0xf, 0x1]}}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}]}, @NL80211_BAND_6GHZ={0x38, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HT={0x1a, 0x2, [{0x2, 0x9}, {0x3, 0xa}, {0x6, 0x1}, {0x2, 0x3}, {0x3, 0x4}, {0x0, 0x7}, {0x4, 0x6}, {0x1, 0x2}, {0x5, 0x8}, {0x5}, {0x6}, {0x3, 0x9}, {0x1, 0x3}, {0x2, 0x9}, {0x0, 0x9}, {0x0, 0x8}, {0x7, 0x5}, {0x1}, {0x3, 0x2}, {0x7, 0x6}, {0x6, 0x7}, {0x3, 0x4}]}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}, @NL80211_BAND_6GHZ={0x80, 0x3, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0x800, 0x2, 0xcf25, 0x998, 0x40, 0xff, 0x6c, 0x10]}}, @NL80211_TXRATE_LEGACY={0x15, 0x1, [0xc, 0xe, 0x30, 0x36, 0x60, 0xb, 0x6, 0x4, 0x4, 0x12, 0x4, 0x12, 0x1, 0x4, 0x9, 0x6, 0x75]}, @NL80211_TXRATE_HT={0x33, 0x2, [{0x5, 0x4}, {0x0, 0x1}, {0x2, 0x1}, {0x5, 0x2}, {0x7, 0x9}, {0x3, 0x4}, {0x7, 0x8}, {0x1, 0x8}, {0x5, 0xa}, {0x7, 0x4}, {0x5, 0x1}, {0x0, 0xa}, {0x4, 0x9}, {0x3, 0x1}, {0x3, 0x1}, {0x6, 0x1}, {0x6, 0x8}, {0x7, 0x8}, {0x0, 0x5}, {0x1, 0x6}, {0x2, 0x3}, {0x3, 0x6}, {0x6, 0x3}, {0x0, 0x6}, {0x0, 0x1}, {0x0, 0x3}, {0x6, 0x3}, {0x6, 0x9}, {0x6, 0x7}, {0x7, 0x8}, {0x4, 0xa}, {0x5}, {0x2, 0x5}, {0x0, 0x6}, {0x4, 0x6}, {0x0, 0x9}, {0x0, 0x3}, {0x2, 0x1}, {0x3, 0x8}, {0x6, 0x7}, {0x2, 0x6}, {0x7, 0x8}, {0x0, 0x4}, {0x0, 0x7}, {0x2, 0x6}, {0x2, 0x1a}, {0x3, 0xa}]}, @NL80211_TXRATE_LEGACY={0x1a, 0x1, [0x4, 0x18, 0x0, 0x19, 0xc, 0xc, 0x18, 0x4, 0x36, 0x18, 0x6, 0x16, 0xf5d775a9d33d342a, 0x4267fdac70131bea, 0x16, 0x1, 0x18, 0x6, 0x3, 0x1, 0x60, 0x5]}]}]}]}, {0x4}, {0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xc5}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0xfffffffffffffffe}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x52}]}]}, @NL80211_ATTR_TID_CONFIG={0x24, 0x11d, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xffffffffffffff33}]}]}, @NL80211_ATTR_TID_CONFIG={0x7c, 0x11d, 0x0, 0x1, [{0x78, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x74, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x70, 0x0, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xfffb, 0x4, 0x7fff, 0xf983, 0xd, 0xc, 0x3, 0x200]}}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x2, 0x7, 0xfe, 0x7, 0x5, 0xaa, 0x400, 0x3]}}, @NL80211_TXRATE_GI={0x5}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x0, 0xffff, 0x7f, 0x6, 0xff40, 0x7f, 0x9, 0xa]}}]}]}]}]}, @NL80211_ATTR_TID_CONFIG={0xa4, 0x11d, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0x81}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xf5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xc4}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x9}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_NOACK={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x4e}]}]}]}, 0x404}, 0x1, 0x0, 0x0, 0x20010015}, 0x4)
r11 = socket$netlink(0x10, 0x3, 0x4)
keyctl$session_to_parent(0x12) (async)
ioctl$IOMMU_VFIO_IOAS$GET(r4, 0x3b88, &(0x7f0000000fc0)={0xc, <r12=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000001000)={0x28, 0x0, r12, 0x0, &(0x7f0000ff2000/0xc000)=nil, 0xc000, 0x1}) (async)
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001080), r11)
sendmsg$NL80211_CMD_GET_SCAN(r4, &(0x7f0000001140)={&(0x7f0000001040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000001100)={&(0x7f00000010c0)={0x28, r13, 0x8, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r10}, @val={0xc, 0x99, {0x2, 0x13}}}}, ["", ""]}, 0x28}}, 0x44000) (async)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r0, 0x5760, 0x9) (async)
connect$unix(r0, &(0x7f0000001180)=@abs={0x1, 0x0, 0x4e22}, 0x6e)

0s ago: executing program 6 (id=968):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
write$P9_RLERRORu(0xffffffffffffffff, 0x0, 0x1f)
mount$9p_fd(0x0, 0x0, 0x0, 0x80, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00'}, 0x18)
syz_open_procfs(0x0, &(0x7f0000000000)='environ\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)

kernel console output (not intermixed with test programs):

91.600088][ T2149] usb 5-1: Using ep0 maxpacket: 8
[  291.622279][ T2149] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  291.670257][ T2149] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  291.682450][ T2149] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  291.724438][ T2149] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  291.748709][   T43] usb 2-1: USB disconnect, device number 15
[  291.771110][ T2149] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  291.789741][ T2149] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.462712][ T2149] usb 5-1: GET_CAPABILITIES returned 0
[  292.490552][ T2149] usbtmc 5-1:16.0: can't read capabilities
[  292.725209][ T5978] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  293.624883][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.634475][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.646339][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.655474][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.664602][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.673712][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.682831][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.691933][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.701089][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.710205][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.719313][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.728428][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.737529][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.746625][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.755725][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  293.764810][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  293.784437][ T5978] usb 2-1: device descriptor read/all, error -71
[  294.052245][ T5916] usb 5-1: USB disconnect, device number 14
[  294.417020][ T8101] syz.6.494 (8101) used greatest stack depth: 19320 bytes left
[  295.871755][ T8114] FAULT_INJECTION: forcing a failure.
[  295.871755][ T8114] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  295.871790][ T8114] CPU: 0 UID: 0 PID: 8114 Comm: syz.4.499 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  295.871812][ T8114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  295.871823][ T8114] Call Trace:
[  295.871831][ T8114]  <TASK>
[  295.871840][ T8114]  dump_stack_lvl+0x189/0x250
[  295.871866][ T8114]  ? __pfx____ratelimit+0x10/0x10
[  295.871896][ T8114]  ? __pfx_dump_stack_lvl+0x10/0x10
[  295.871917][ T8114]  ? __pfx__printk+0x10/0x10
[  295.871954][ T8114]  should_fail_ex+0x414/0x560
[  295.871987][ T8114]  _copy_to_user+0x31/0xb0
[  295.872011][ T8114]  video_usercopy+0xeb2/0x14f0
[  295.872048][ T8114]  ? __pfx___video_do_ioctl+0x10/0x10
[  295.872071][ T8114]  ? __pfx_video_usercopy+0x10/0x10
[  295.872092][ T8114]  ? smack_file_ioctl+0x2a9/0x340
[  295.872173][ T8114]  ? __fget_files+0x2a/0x420
[  295.872190][ T8114]  ? __fget_files+0x3a0/0x420
[  295.872211][ T8114]  v4l2_ioctl+0x18a/0x1e0
[  295.872234][ T8114]  ? __pfx_v4l2_ioctl+0x10/0x10
[  295.872255][ T8114]  __se_sys_ioctl+0xf9/0x170
[  295.872281][ T8114]  do_syscall_64+0xfa/0x3b0
[  295.872316][ T8114]  ? lockdep_hardirqs_on+0x9c/0x150
[  295.872345][ T8114]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.872383][ T8114]  ? clear_bhb_loop+0x60/0xb0
[  295.872408][ T8114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  295.872429][ T8114] RIP: 0033:0x7f739278e929
[  295.872447][ T8114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  295.872465][ T8114] RSP: 002b:00007f73936b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  295.872486][ T8114] RAX: ffffffffffffffda RBX: 00007f73929b5fa0 RCX: 00007f739278e929
[  295.872509][ T8114] RDX: 0000200000000040 RSI: 00000000c0405602 RDI: 0000000000000003
[  295.872522][ T8114] RBP: 00007f73936b1090 R08: 0000000000000000 R09: 0000000000000000
[  295.872535][ T8114] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  295.872546][ T8114] R13: 0000000000000000 R14: 00007f73929b5fa0 R15: 00007ffcb18b2628
[  295.872585][ T8114]  </TASK>
[  296.742639][ T8126] netlink: 32 bytes leftover after parsing attributes in process `syz.4.500'.
[  297.723603][ T8137] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  297.785347][ T8140] netlink: 'syz.5.504': attribute type 2 has an invalid length.
[  298.015813][ T8144] FAULT_INJECTION: forcing a failure.
[  298.015813][ T8144] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  298.015846][ T8144] CPU: 0 UID: 0 PID: 8144 Comm: syz.0.505 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  298.015868][ T8144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  298.015879][ T8144] Call Trace:
[  298.015886][ T8144]  <TASK>
[  298.015895][ T8144]  dump_stack_lvl+0x189/0x250
[  298.015920][ T8144]  ? __pfx____ratelimit+0x10/0x10
[  298.015949][ T8144]  ? __pfx_dump_stack_lvl+0x10/0x10
[  298.015971][ T8144]  ? __pfx__printk+0x10/0x10
[  298.015995][ T8144]  ? __might_fault+0xb0/0x130
[  298.016034][ T8144]  should_fail_ex+0x414/0x560
[  298.016064][ T8144]  _copy_from_user+0x2d/0xb0
[  298.016087][ T8144]  ___sys_sendmsg+0x158/0x2a0
[  298.016116][ T8144]  ? __pfx____sys_sendmsg+0x10/0x10
[  298.016183][ T8144]  ? __might_fault+0xb0/0x130
[  298.016214][ T8144]  __sys_sendmmsg+0x227/0x430
[  298.016242][ T8144]  ? __pfx___sys_sendmmsg+0x10/0x10
[  298.016263][ T8144]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  298.016317][ T8144]  ? ksys_write+0x22a/0x250
[  298.016345][ T8144]  ? __pfx_ksys_write+0x10/0x10
[  298.016368][ T8144]  ? rcu_is_watching+0x15/0xb0
[  298.016395][ T8144]  __x64_sys_sendmmsg+0xa0/0xc0
[  298.016421][ T8144]  do_syscall_64+0xfa/0x3b0
[  298.016437][ T8144]  ? lockdep_hardirqs_on+0x9c/0x150
[  298.016482][ T8144]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.016502][ T8144]  ? clear_bhb_loop+0x60/0xb0
[  298.016527][ T8144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.016545][ T8144] RIP: 0033:0x7ff68a58e929
[  298.016563][ T8144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.016579][ T8144] RSP: 002b:00007ff68b450038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  298.016601][ T8144] RAX: ffffffffffffffda RBX: 00007ff68a7b5fa0 RCX: 00007ff68a58e929
[  298.016614][ T8144] RDX: 00000000000002e9 RSI: 0000200000000480 RDI: 0000000000000003
[  298.016627][ T8144] RBP: 00007ff68b450090 R08: 0000000000000000 R09: 0000000000000000
[  298.016639][ T8144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.016650][ T8144] R13: 0000000000000000 R14: 00007ff68a7b5fa0 R15: 00007ffe815384c8
[  298.016680][ T8144]  </TASK>
[  299.572412][ T8154] comedi comedi2: fl512: I/O port conflict (0x10,16)
[  299.705601][ T8153] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  301.870547][ T2149] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  302.042670][ T2149] usb 6-1: Using ep0 maxpacket: 16
[  302.075049][ T2149] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  302.110513][ T2149] usb 6-1: New USB device found, idVendor=05ac, idProduct=0220, bcdDevice= 0.00
[  302.163773][ T2149] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  302.208620][ T2149] usb 6-1: config 0 descriptor??
[  302.377613][ T5155] Bluetooth: hci3: unexpected event for opcode 0x2023
[  302.453433][ T8204] netlink: 40 bytes leftover after parsing attributes in process `syz.1.517'.
[  302.478988][ T8204] netlink: 40 bytes leftover after parsing attributes in process `syz.1.517'.
[  303.561537][ T8197] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  304.832332][ T8219] netlink: 20 bytes leftover after parsing attributes in process `syz.4.520'.
[  304.966522][ T8227] netlink: 'syz.1.521': attribute type 2 has an invalid length.
[  305.270502][ T5978] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  305.448782][ T5978] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  305.469546][ T5978] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  305.589667][ T5978] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  305.605462][ T2149] usbhid 6-1:0.0: can't add hid device: -71
[  305.634493][ T2149] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  305.651454][ T8242] overlayfs: failed to resolve './file0': -2
[  305.661296][ T5978] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  305.706579][ T5978] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.711548][ T2149] usb 6-1: USB disconnect, device number 7
[  305.750410][ T5978] usb 7-1: Product: syz
[  305.754649][ T5978] usb 7-1: Manufacturer: syz
[  305.790730][ T5978] usb 7-1: SerialNumber: syz
[  305.820106][ T5978] hub 7-1:1.0: bad descriptor, ignoring hub
[  305.826094][ T5978] hub 7-1:1.0: probe with driver hub failed with error -5
[  306.044471][ T5978] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 8 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  306.244154][ T8253] netlink: 'syz.5.528': attribute type 1 has an invalid length.
[  306.270499][ T8257] netlink: 8 bytes leftover after parsing attributes in process `syz.1.529'.
[  306.571036][ T8266] sch_fq: defrate 4294967295 ignored.
[  306.917095][ T5916] usb 7-1: USB disconnect, device number 8
[  306.923486][ T5155] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  307.063593][ T5916] usblp0: removed
[  310.154679][   T30] audit: type=1326 audit(1752223210.137:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  310.283607][ T8287] IPVS: set_ctl: invalid protocol: 51 172.30.0.5:20002
[  310.638490][ T8287] sctp: [Deprecated]: syz.4.534 (pid 8287) Use of int in maxseg socket option.
[  310.638490][ T8287] Use struct sctp_assoc_value instead
[  311.332228][   T30] audit: type=1326 audit(1752223210.147:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  311.483292][   T30] audit: type=1326 audit(1752223210.157:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f739278d3df code=0x7ffc0000
[  311.536288][   T30] audit: type=1326 audit(1752223210.157:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  311.558248][   T30] audit: type=1326 audit(1752223210.157:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  311.605252][   T30] audit: type=1326 audit(1752223210.157:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  311.627930][   T30] audit: type=1326 audit(1752223210.157:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  311.649725][   T30] audit: type=1326 audit(1752223210.157:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  311.692812][   T30] audit: type=1326 audit(1752223210.157:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  311.845231][   T30] audit: type=1326 audit(1752223210.157:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.4.534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  313.110515][ T2149] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  313.291954][ T2149] usb 6-1: Using ep0 maxpacket: 8
[  313.307199][ T2149] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  313.330984][ T2149] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  313.344849][ T2149] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  313.358028][ T2149] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  313.414260][ T2149] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  313.427918][ T2149] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  313.441899][ T2149] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.695647][ T2149] usb 6-1: usb_control_msg returned -32
[  313.710620][ T2149] usbtmc 6-1:16.0: can't read capabilities
[  313.768795][ T8320] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  313.896950][ T8320] FAULT_INJECTION: forcing a failure.
[  313.896950][ T8320] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  313.930223][ T8320] CPU: 0 UID: 0 PID: 8320 Comm: syz.0.542 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  313.930251][ T8320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  313.930262][ T8320] Call Trace:
[  313.930269][ T8320]  <TASK>
[  313.930277][ T8320]  dump_stack_lvl+0x189/0x250
[  313.930302][ T8320]  ? __pfx____ratelimit+0x10/0x10
[  313.930329][ T8320]  ? __pfx_dump_stack_lvl+0x10/0x10
[  313.930349][ T8320]  ? __pfx__printk+0x10/0x10
[  313.930382][ T8320]  should_fail_ex+0x414/0x560
[  313.930412][ T8320]  strncpy_from_user+0x36/0x290
[  313.930440][ T8320]  getname_flags+0xf3/0x540
[  313.930462][ T8320]  __x64_sys_renameat2+0xba/0xe0
[  313.930492][ T8320]  do_syscall_64+0xfa/0x3b0
[  313.930508][ T8320]  ? lockdep_hardirqs_on+0x9c/0x150
[  313.930533][ T8320]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.930550][ T8320]  ? clear_bhb_loop+0x60/0xb0
[  313.930571][ T8320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.930596][ T8320] RIP: 0033:0x7ff68a58e929
[  313.930612][ T8320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.930627][ T8320] RSP: 002b:00007ff68b450038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  313.930645][ T8320] RAX: ffffffffffffffda RBX: 00007ff68a7b5fa0 RCX: 00007ff68a58e929
[  313.930658][ T8320] RDX: ffffffffffffff9c RSI: 0000200000000000 RDI: ffffffffffffff9c
[  313.930670][ T8320] RBP: 00007ff68b450090 R08: 0000000000000002 R09: 0000000000000000
[  313.930680][ T8320] R10: 00002000000021c0 R11: 0000000000000246 R12: 0000000000000001
[  313.930691][ T8320] R13: 0000000000000000 R14: 00007ff68a7b5fa0 R15: 00007ffe815384c8
[  313.930718][ T8320]  </TASK>
[  314.426650][ T8327] netlink: 4 bytes leftover after parsing attributes in process `syz.6.544'.
[  315.773996][ T8343] FAULT_INJECTION: forcing a failure.
[  315.773996][ T8343] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  315.798407][ T8343] CPU: 1 UID: 0 PID: 8343 Comm: syz.0.547 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  315.798439][ T8343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  315.798453][ T8343] Call Trace:
[  315.798462][ T8343]  <TASK>
[  315.798471][ T8343]  dump_stack_lvl+0x189/0x250
[  315.798500][ T8343]  ? __pfx____ratelimit+0x10/0x10
[  315.798533][ T8343]  ? __pfx_dump_stack_lvl+0x10/0x10
[  315.798557][ T8343]  ? __pfx__printk+0x10/0x10
[  315.798583][ T8343]  ? __might_fault+0xb0/0x130
[  315.798625][ T8343]  should_fail_ex+0x414/0x560
[  315.798671][ T8343]  _copy_from_iter+0x1db/0x16f0
[  315.798706][ T8343]  ? rcu_is_watching+0x15/0xb0
[  315.798730][ T8343]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  315.798760][ T8343]  ? __pfx__copy_from_iter+0x10/0x10
[  315.798784][ T8343]  ? __build_skb_around+0x257/0x3e0
[  315.798812][ T8343]  ? netlink_sendmsg+0x642/0xb30
[  315.798836][ T8343]  ? skb_put+0x11b/0x210
[  315.798865][ T8343]  netlink_sendmsg+0x6b2/0xb30
[  315.798901][ T8343]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.798935][ T8343]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  315.798965][ T8343]  ? __pfx_netlink_sendmsg+0x10/0x10
[  315.799018][ T8343]  __sock_sendmsg+0x219/0x270
[  315.799055][ T8343]  ____sys_sendmsg+0x505/0x830
[  315.799088][ T8343]  ? __pfx_____sys_sendmsg+0x10/0x10
[  315.799125][ T8343]  ? import_iovec+0x74/0xa0
[  315.799152][ T8343]  ___sys_sendmsg+0x21f/0x2a0
[  315.799181][ T8343]  ? __pfx____sys_sendmsg+0x10/0x10
[  315.799247][ T8343]  ? __fget_files+0x2a/0x420
[  315.799265][ T8343]  ? __fget_files+0x3a0/0x420
[  315.799296][ T8343]  __x64_sys_sendmsg+0x19b/0x260
[  315.799337][ T8343]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  315.799372][ T8343]  ? __pfx_ksys_write+0x10/0x10
[  315.799397][ T8343]  ? rcu_is_watching+0x15/0xb0
[  315.799445][ T8343]  ? do_syscall_64+0xbe/0x3b0
[  315.799470][ T8343]  do_syscall_64+0xfa/0x3b0
[  315.799488][ T8343]  ? lockdep_hardirqs_on+0x9c/0x150
[  315.799517][ T8343]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.799538][ T8343]  ? clear_bhb_loop+0x60/0xb0
[  315.799563][ T8343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.799583][ T8343] RIP: 0033:0x7ff68a58e929
[  315.799602][ T8343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  315.799620][ T8343] RSP: 002b:00007ff68b450038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  315.799641][ T8343] RAX: ffffffffffffffda RBX: 00007ff68a7b5fa0 RCX: 00007ff68a58e929
[  315.799656][ T8343] RDX: 0000000000040040 RSI: 00002000000003c0 RDI: 0000000000000004
[  315.799670][ T8343] RBP: 00007ff68b450090 R08: 0000000000000000 R09: 0000000000000000
[  315.799690][ T8343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  315.799702][ T8343] R13: 0000000000000000 R14: 00007ff68a7b5fa0 R15: 00007ffe815384c8
[  315.799744][ T8343]  </TASK>
[  316.077534][    C1] vkms_vblank_simulate: vblank timer overrun
[  316.282089][ T5978] usb 6-1: USB disconnect, device number 8
[  316.510107][ T5916] usb 7-1: new low-speed USB device number 9 using dummy_hcd
[  316.869301][ T8354] FAULT_INJECTION: forcing a failure.
[  316.869301][ T8354] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  316.969864][ T8354] CPU: 0 UID: 0 PID: 8354 Comm: syz.5.550 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  316.969894][ T8354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  316.969907][ T8354] Call Trace:
[  316.969915][ T8354]  <TASK>
[  316.969980][ T8354]  dump_stack_lvl+0x189/0x250
[  316.970008][ T8354]  ? __pfx____ratelimit+0x10/0x10
[  316.970037][ T8354]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.970058][ T8354]  ? __pfx__printk+0x10/0x10
[  316.970085][ T8354]  ? __pfx_binder_debug+0x10/0x10
[  316.970116][ T8354]  should_fail_ex+0x414/0x560
[  316.970148][ T8354]  _copy_to_user+0x31/0xb0
[  316.970172][ T8354]  binder_ioctl_write_read+0x9517/0xa000
[  316.970209][ T8354]  ? is_bpf_text_address+0x26/0x2b0
[  316.970233][ T8354]  ? kernel_text_address+0xa5/0xe0
[  316.970265][ T8354]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  316.970304][ T8354]  ? __pfx_binder_ioctl_write_read+0x10/0x10
[  316.970325][ T8354]  ? stack_trace_save+0x9c/0xe0
[  316.970350][ T8354]  ? stack_depot_save_flags+0x40/0x900
[  316.970387][ T8354]  ? kasan_save_track+0x4f/0x80
[  316.970410][ T8354]  ? kasan_save_track+0x3e/0x80
[  316.970431][ T8354]  ? kasan_save_free_info+0x46/0x50
[  316.970449][ T8354]  ? __kasan_slab_free+0x62/0x70
[  316.970472][ T8354]  ? kfree+0x18e/0x440
[  316.970494][ T8354]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  316.970519][ T8354]  ? security_file_ioctl+0xcb/0x2d0
[  316.970545][ T8354]  ? __se_sys_ioctl+0x47/0x170
[  316.970583][ T8354]  ? do_syscall_64+0xfa/0x3b0
[  316.970601][ T8354]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.970631][ T8354]  ? __lock_acquire+0xab9/0xd20
[  316.970649][ T8354]  ? binder_debug+0x13f/0x1b0
[  316.970678][ T8354]  ? __pfx_binder_debug+0x10/0x10
[  316.970698][ T8354]  ? do_raw_spin_lock+0x121/0x290
[  316.970753][ T8354]  ? _raw_spin_unlock+0x28/0x50
[  316.970777][ T8354]  ? binder_get_thread+0x178/0x6d0
[  316.970804][ T8354]  binder_ioctl+0x3e0/0x19c0
[  316.970832][ T8354]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  316.970859][ T8354]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  316.970886][ T8354]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  316.970911][ T8354]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  316.970938][ T8354]  ? __pfx_binder_ioctl+0x10/0x10
[  316.970958][ T8354]  ? smack_log+0xef/0x3f0
[  316.970981][ T8354]  ? __pfx_smack_log+0x10/0x10
[  316.971002][ T8354]  ? smk_access+0x14c/0x4e0
[  316.971029][ T8354]  ? smk_tskacc+0x2fc/0x370
[  316.971056][ T8354]  ? smack_file_ioctl+0x2a9/0x340
[  316.971082][ T8354]  ? __pfx_smack_file_ioctl+0x10/0x10
[  316.971117][ T8354]  ? __fget_files+0x2a/0x420
[  316.971133][ T8354]  ? __fget_files+0x3a0/0x420
[  316.971149][ T8354]  ? __fget_files+0x2a/0x420
[  316.971170][ T8354]  ? bpf_lsm_file_ioctl+0x9/0x20
[  316.971187][ T8354]  ? __pfx_binder_ioctl+0x10/0x10
[  316.971214][ T8354]  __se_sys_ioctl+0xf9/0x170
[  316.971239][ T8354]  do_syscall_64+0xfa/0x3b0
[  316.971256][ T8354]  ? lockdep_hardirqs_on+0x9c/0x150
[  316.971283][ T8354]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.971301][ T8354]  ? clear_bhb_loop+0x60/0xb0
[  316.971324][ T8354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.971365][ T8354] RIP: 0033:0x7f5eef58e929
[  316.971383][ T8354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.971398][ T8354] RSP: 002b:00007f5ef0457038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  316.971418][ T8354] RAX: ffffffffffffffda RBX: 00007f5eef7b5fa0 RCX: 00007f5eef58e929
[  316.971431][ T8354] RDX: 0000200000000640 RSI: 00000000c0306201 RDI: 0000000000000004
[  316.971443][ T8354] RBP: 00007f5ef0457090 R08: 0000000000000000 R09: 0000000000000000
[  316.971454][ T8354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.971464][ T8354] R13: 0000000000000000 R14: 00007f5eef7b5fa0 R15: 00007ffd9ea86738
[  316.971493][ T8354]  </TASK>
[  317.483001][ T8361] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  317.496625][ T8361] qnx6: wrong signature (magic) in superblock #1.
[  317.503256][ T8361] qnx6: unable to read the first superblock
[  317.610373][ T5916] usb 7-1: Invalid ep0 maxpacket: 16
[  317.618714][ T8354] binder: 8353:8354 ioctl c0306201 200000000640 returned -14
[  317.780517][ T5916] usb 7-1: new low-speed USB device number 10 using dummy_hcd
[  318.450092][ T5916] usb 7-1: Invalid ep0 maxpacket: 16
[  318.470405][ T5916] usb usb7-port1: attempt power cycle
[  318.910795][ T5916] usb 7-1: new low-speed USB device number 11 using dummy_hcd
[  319.089968][  T978] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  319.108595][ T5916] usb 7-1: Invalid ep0 maxpacket: 16
[  319.390337][  T978] usb 6-1: Using ep0 maxpacket: 8
[  319.427250][  T978] usb 6-1: config 0 interface 0 altsetting 254 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  319.535504][  T978] usb 6-1: config 0 interface 0 has no altsetting 0
[  320.009835][  T978] usb 6-1: New USB device found, idVendor=0b05, idProduct=1869, bcdDevice= 0.00
[  320.076314][  T978] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.144929][  T978] usb 6-1: config 0 descriptor??
[  320.239280][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  320.239301][   T30] audit: type=1326 audit(1752223220.217:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8388 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  320.375560][   T30] audit: type=1326 audit(1752223220.217:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8388 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  320.408301][ T8393] IPVS: set_ctl: invalid protocol: 51 172.30.0.1:20002
[  320.450108][   T24] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  320.465905][ T8393] sctp: [Deprecated]: syz.0.558 (pid 8393) Use of int in maxseg socket option.
[  320.465905][ T8393] Use struct sctp_assoc_value instead
[  320.480088][   T30] audit: type=1326 audit(1752223220.217:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8388 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff68a58d3df code=0x7ffc0000
[  320.564002][   T30] audit: type=1326 audit(1752223220.217:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8388 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  320.610099][   T24] usb 5-1: Using ep0 maxpacket: 16
[  320.618444][  T978] asus 0003:0B05:1869.0005: unbalanced delimiter at end of report description
[  320.651048][   T24] usb 5-1: config 252 has an invalid interface number: 15 but max is 0
[  320.652546][  T978] asus 0003:0B05:1869.0005: Asus hid parse failed: -22
[  320.671081][   T30] audit: type=1326 audit(1752223220.257:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8388 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  320.671343][   T30] audit: type=1326 audit(1752223220.257:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8388 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  320.671558][   T30] audit: type=1326 audit(1752223220.257:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8388 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  320.671697][   T30] audit: type=1326 audit(1752223220.257:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8388 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  320.671881][   T30] audit: type=1326 audit(1752223220.267:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8388 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  320.672078][   T30] audit: type=1326 audit(1752223220.267:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8388 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff68a58d290 code=0x7ffc0000
[  320.759652][   T24] usb 5-1: config 252 has no interface number 0
[  320.822714][   T24] usb 5-1: config 252 interface 15 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  320.854971][   T24] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=2b.29
[  320.869360][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.055609][   T24] usb 5-1: Product: syz
[  321.060937][   T24] usb 5-1: Manufacturer: syz
[  321.071411][   T24] usb 5-1: SerialNumber: syz
[  321.111494][  T978] asus 0003:0B05:1869.0005: probe with driver asus failed with error -22
[  321.747026][  T978] usb 6-1: USB disconnect, device number 9
[  321.909768][   T24] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  322.132516][ T3507] usb 5-1: Failed to submit usb control message: -71
[  322.139621][ T3507] usb 5-1: unable to send the bmi data to the device: -71
[  322.150000][   T24] usb 5-1: USB disconnect, device number 15
[  322.170922][ T3507] usb 5-1: unable to get target info from device
[  322.180997][ T8412] ip6t_REJECT: TCP_RESET illegal for non-tcp
[  322.189949][ T3507] usb 5-1: could not get target info (-71)
[  322.405530][ T3507] usb 5-1: could not probe fw (-71)
[  323.533397][ T8424] FAULT_INJECTION: forcing a failure.
[  323.533397][ T8424] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  323.546784][ T8424] CPU: 0 UID: 0 PID: 8424 Comm: syz.4.565 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  323.546813][ T8424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  323.546825][ T8424] Call Trace:
[  323.546834][ T8424]  <TASK>
[  323.546843][ T8424]  dump_stack_lvl+0x189/0x250
[  323.546874][ T8424]  ? __pfx____ratelimit+0x10/0x10
[  323.546907][ T8424]  ? __pfx_dump_stack_lvl+0x10/0x10
[  323.546928][ T8424]  ? __pfx__printk+0x10/0x10
[  323.546955][ T8424]  ? __might_fault+0xb0/0x130
[  323.547004][ T8424]  should_fail_ex+0x414/0x560
[  323.547039][ T8424]  _copy_from_user+0x2d/0xb0
[  323.547064][ T8424]  video_usercopy+0x354/0x14f0
[  323.547096][ T8424]  ? smk_tskacc+0x2fc/0x370
[  323.547121][ T8424]  ? __pfx___video_do_ioctl+0x10/0x10
[  323.547145][ T8424]  ? __pfx_video_usercopy+0x10/0x10
[  323.547167][ T8424]  ? smack_file_ioctl+0x2a9/0x340
[  323.547212][ T8424]  ? __fget_files+0x2a/0x420
[  323.547246][ T8424]  ? __fget_files+0x3a0/0x420
[  323.547269][ T8424]  v4l2_ioctl+0x18a/0x1e0
[  323.547294][ T8424]  ? __pfx_v4l2_ioctl+0x10/0x10
[  323.547318][ T8424]  __se_sys_ioctl+0xf9/0x170
[  323.547347][ T8424]  do_syscall_64+0xfa/0x3b0
[  323.547367][ T8424]  ? lockdep_hardirqs_on+0x9c/0x150
[  323.547397][ T8424]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.547418][ T8424]  ? clear_bhb_loop+0x60/0xb0
[  323.547452][ T8424]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.547472][ T8424] RIP: 0033:0x7f739278e929
[  323.547490][ T8424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.547509][ T8424] RSP: 002b:00007f73936b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  323.547531][ T8424] RAX: ffffffffffffffda RBX: 00007f73929b5fa0 RCX: 00007f739278e929
[  323.547546][ T8424] RDX: 0000200000000240 RSI: 00000000c0d05605 RDI: 0000000000000003
[  323.547559][ T8424] RBP: 00007f73936b1090 R08: 0000000000000000 R09: 0000000000000000
[  323.547572][ T8424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.547584][ T8424] R13: 0000000000000000 R14: 00007f73929b5fa0 R15: 00007ffcb18b2628
[  323.547617][ T8424]  </TASK>
[  325.202708][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  325.241883][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  326.349019][ T5943] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  326.533761][ T5943] usb 2-1: Using ep0 maxpacket: 16
[  326.591294][ T5943] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  326.620993][ T5943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  326.650119][ T5943] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  326.687817][ T5943] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  326.756290][ T5943] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  326.956863][ T5943] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  327.030563][ T5943] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  327.075612][ T5943] usb 2-1: Manufacturer: syz
[  327.186142][ T5943] usb 2-1: config 0 descriptor??
[  328.117335][ T5943] rc_core: IR keymap rc-hauppauge not found
[  328.124970][ T5943] Registered IR keymap rc-empty
[  328.130544][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  328.150094][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  328.188152][ T5943] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  328.267294][ T5943] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input14
[  328.378453][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  328.387557][    C0] mceusb 2-1:0.0: long-range (0x1) receiver active
[  328.437918][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  328.470259][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  328.567594][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  328.732201][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  329.748766][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  329.790133][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  329.816210][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  329.865207][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  329.920026][ T5943] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  329.970291][ T5943] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  330.043607][ T5943] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x1 active)
[  330.275696][ T5943] usb 2-1: USB disconnect, device number 18
[  332.261376][ T5845] Bluetooth: hci3: command 0x0405 tx timeout
[  333.343182][ T8530] 9pnet: Could not find request transport: rdma0
[  333.772553][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  333.772610][   T30] audit: type=1326 audit(1752223233.747:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.6.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc7d8e929 code=0x7ffc0000
[  334.070715][ T8528] IPVS: set_ctl: invalid protocol: 51 172.30.0.7:20002
[  334.127008][ T8528] sctp: [Deprecated]: syz.6.589 (pid 8528) Use of int in maxseg socket option.
[  334.127008][ T8528] Use struct sctp_assoc_value instead
[  334.143921][ T2149] IPVS: starting estimator thread 0...
[  334.180631][   T30] audit: type=1326 audit(1752223233.817:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.6.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc7d8e929 code=0x7ffc0000
[  334.242340][ T8537] IPVS: using max 24 ests per chain, 57600 per kthread
[  334.275889][   T30] audit: type=1326 audit(1752223233.827:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.6.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f4bc7d8d3df code=0x7ffc0000
[  334.384842][   T30] audit: type=1326 audit(1752223233.827:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.6.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc7d8e929 code=0x7ffc0000
[  334.464423][   T30] audit: type=1326 audit(1752223233.827:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.6.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc7d8e929 code=0x7ffc0000
[  334.540094][   T30] audit: type=1326 audit(1752223233.837:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.6.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f4bc7d8e929 code=0x7ffc0000
[  335.532994][   T30] audit: type=1326 audit(1752223233.837:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.6.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc7d8e929 code=0x7ffc0000
[  335.565557][   T30] audit: type=1326 audit(1752223233.837:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.6.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f4bc7d8e929 code=0x7ffc0000
[  335.664710][   T30] audit: type=1326 audit(1752223233.837:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.6.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4bc7d8e929 code=0x7ffc0000
[  335.961938][   T30] audit: type=1326 audit(1752223233.837:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8527 comm="syz.6.589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4bc7d8d290 code=0x7ffc0000
[  336.040292][ T8562] FAULT_INJECTION: forcing a failure.
[  336.040292][ T8562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.053509][ T8562] CPU: 0 UID: 0 PID: 8562 Comm: syz.5.594 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  336.053539][ T8562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  336.053564][ T8562] Call Trace:
[  336.053574][ T8562]  <TASK>
[  336.053583][ T8562]  dump_stack_lvl+0x189/0x250
[  336.053616][ T8562]  ? __pfx____ratelimit+0x10/0x10
[  336.053649][ T8562]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.053672][ T8562]  ? __pfx__printk+0x10/0x10
[  336.053712][ T8562]  should_fail_ex+0x414/0x560
[  336.053748][ T8562]  _copy_to_user+0x31/0xb0
[  336.053775][ T8562]  simple_read_from_buffer+0xe1/0x170
[  336.053814][ T8562]  proc_fail_nth_read+0x1df/0x250
[  336.053857][ T8562]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  336.053885][ T8562]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  336.053913][ T8562]  vfs_read+0x200/0x980
[  336.053941][ T8562]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[  336.053977][ T8562]  ? __pfx___mutex_lock+0x10/0x10
[  336.053999][ T8562]  ? __pfx_vfs_read+0x10/0x10
[  336.054031][ T8562]  ? __rcu_read_unlock+0x84/0xe0
[  336.054061][ T8562]  ? __fget_files+0x3a0/0x420
[  336.054078][ T8562]  ? __fget_files+0x2a/0x420
[  336.054107][ T8562]  ksys_read+0x145/0x250
[  336.054137][ T8562]  ? __pfx_ksys_read+0x10/0x10
[  336.054176][ T8562]  ? rcu_is_watching+0x15/0xb0
[  336.054204][ T8562]  ? do_syscall_64+0xbe/0x3b0
[  336.054228][ T8562]  do_syscall_64+0xfa/0x3b0
[  336.054248][ T8562]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.054268][ T8562]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  336.054287][ T8562]  ? clear_bhb_loop+0x60/0xb0
[  336.054313][ T8562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.054333][ T8562] RIP: 0033:0x7f5eef58d33c
[  336.054351][ T8562] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  336.054374][ T8562] RSP: 002b:00007f5ef0415030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  336.054396][ T8562] RAX: ffffffffffffffda RBX: 00007f5eef7b6160 RCX: 00007f5eef58d33c
[  336.054410][ T8562] RDX: 000000000000000f RSI: 00007f5ef04150a0 RDI: 0000000000000007
[  336.054422][ T8562] RBP: 00007f5ef0415090 R08: 0000000000000000 R09: 0000000000000000
[  336.054433][ T8562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.054444][ T8562] R13: 0000000000000000 R14: 00007f5eef7b6160 R15: 00007ffd9ea86738
[  336.054476][ T8562]  </TASK>
[  337.282457][ T8577] tmpfs: Unknown parameter ''
[  338.792205][   T30] kauditd_printk_skb: 52 callbacks suppressed
[  338.792224][   T30] audit: type=1326 audit(1752223238.777:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8586 comm="syz.0.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  338.853459][   T30] audit: type=1326 audit(1752223238.807:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8586 comm="syz.0.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  338.961670][ T8597] IPVS: set_ctl: invalid protocol: 51 172.30.0.1:20002
[  338.981573][   T30] audit: type=1326 audit(1752223238.807:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8586 comm="syz.0.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  338.990355][ T8597] sctp: [Deprecated]: syz.0.601 (pid 8597) Use of int in maxseg socket option.
[  338.990355][ T8597] Use struct sctp_assoc_value instead
[  339.056671][   T30] audit: type=1326 audit(1752223238.867:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8586 comm="syz.0.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  339.100334][   T30] audit: type=1326 audit(1752223238.867:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8586 comm="syz.0.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  339.160194][ T5943] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  340.179994][ T5943] usb 7-1: Using ep0 maxpacket: 32
[  340.220866][ T5943] usb 7-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  340.246942][   T30] audit: type=1326 audit(1752223238.867:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8586 comm="syz.0.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  340.580526][ T5943] usb 7-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  340.640760][ T8610] netlink: 104 bytes leftover after parsing attributes in process `syz.4.604'.
[  340.771821][ T5943] usb 7-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  340.869606][   T30] audit: type=1326 audit(1752223238.887:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8586 comm="syz.0.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff68a58d290 code=0x7ffc0000
[  340.933729][ T5943] usb 7-1: config 155 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  340.974596][ T5943] usb 7-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  341.362587][   T30] audit: type=1326 audit(1752223238.887:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8586 comm="syz.0.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  341.642221][   T30] audit: type=1326 audit(1752223238.887:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8586 comm="syz.0.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  341.898405][ T5943] usb 7-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  341.910033][ T5943] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.320086][   T30] audit: type=1326 audit(1752223238.887:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8586 comm="syz.0.601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  342.342157][ T5943] usb 7-1: Product: syz
[  342.380290][ T5943] usb 7-1: can't set config #155, error -71
[  342.408110][ T5943] usb 7-1: USB disconnect, device number 13
[  344.322280][ T8638] xt_hashlimit: size too large, truncated to 1048576
[  346.090211][ T5943] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  346.278831][ T5155] Bluetooth: hci3: unexpected cc 0x0809 length: 68 > 4
[  346.286587][ T5155] Bluetooth: hci3: unexpected event for opcode 0x0809
[  346.480123][ T5943] usb 5-1: Using ep0 maxpacket: 32
[  346.607921][ T5943] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  346.702120][ T8653] random: crng reseeded on system resumption
[  346.730967][ T5943] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  346.762051][ T5943] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  346.794830][ T5943] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  346.814273][ T5943] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  346.847479][ T5943] usb 5-1: Product: syz
[  346.855479][ T5943] usb 5-1: Manufacturer: syz
[  346.860395][ T5943] usb 5-1: SerialNumber: syz
[  347.129365][ T5943] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input15
[  347.435250][ T8658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  347.549161][ T8658] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  347.568912][ T8673] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  347.685111][ T5943] usb 5-1: USB disconnect, device number 16
[  347.944272][ T5943] appletouch 5-1:1.0: input: appletouch disconnected
[  350.726464][ T8712] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  353.070014][ T8754] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  353.468568][ T8760] netlink: 'syz.6.636': attribute type 1 has an invalid length.
[  353.705093][ T8760] 8021q: adding VLAN 0 to HW filter on device bond1
[  353.879652][ T8772] bond1: (slave ip6erspan0): making interface the new active one
[  354.079238][ T8772] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  355.890015][   T43] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  356.076587][   T43] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  356.096235][ T8807] netlink: 8 bytes leftover after parsing attributes in process `syz.4.646'.
[  356.115083][   T43] usb 1-1: config 0 interface 0 has no altsetting 0
[  356.142856][   T43] usb 1-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[  356.158312][ T8807] netlink: 24 bytes leftover after parsing attributes in process `syz.4.646'.
[  356.279898][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.300975][   T43] usb 1-1: config 0 descriptor??
[  357.598162][ T8824] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  358.141049][   T43] input: HID 054c:03d5 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:054C:03D5.0006/input/input16
[  358.284081][   T43] sony 0003:054C:03D5.0006: input,hidraw0: USB HID v0.00 Joystick [HID 054c:03d5] on usb-dummy_hcd.0-1/input0
[  359.131692][ T5978] usb 1-1: USB disconnect, device number 18
[  360.354377][ T8854] FAULT_INJECTION: forcing a failure.
[  360.354377][ T8854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  360.430048][ T8854] CPU: 1 UID: 0 PID: 8854 Comm: syz.4.655 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  360.430073][ T8854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  360.430082][ T8854] Call Trace:
[  360.430088][ T8854]  <TASK>
[  360.430095][ T8854]  dump_stack_lvl+0x189/0x250
[  360.430117][ T8854]  ? __pfx____ratelimit+0x10/0x10
[  360.430140][ T8854]  ? __pfx_dump_stack_lvl+0x10/0x10
[  360.430155][ T8854]  ? __pfx__printk+0x10/0x10
[  360.430174][ T8854]  ? __might_fault+0xb0/0x130
[  360.430203][ T8854]  should_fail_ex+0x414/0x560
[  360.430228][ T8854]  _copy_from_iter+0x1db/0x16f0
[  360.430245][ T8854]  ? rcu_is_watching+0x15/0xb0
[  360.430262][ T8854]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  360.430284][ T8854]  ? __pfx__copy_from_iter+0x10/0x10
[  360.430309][ T8854]  ? __build_skb_around+0x257/0x3e0
[  360.430330][ T8854]  ? netlink_sendmsg+0x642/0xb30
[  360.430347][ T8854]  ? skb_put+0x11b/0x210
[  360.430366][ T8854]  netlink_sendmsg+0x6b2/0xb30
[  360.430390][ T8854]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.430413][ T8854]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  360.430433][ T8854]  ? __pfx_netlink_sendmsg+0x10/0x10
[  360.430451][ T8854]  __sock_sendmsg+0x219/0x270
[  360.430476][ T8854]  ____sys_sendmsg+0x505/0x830
[  360.430517][ T8854]  ? __pfx_____sys_sendmsg+0x10/0x10
[  360.430543][ T8854]  ? import_iovec+0x74/0xa0
[  360.430562][ T8854]  ___sys_sendmsg+0x21f/0x2a0
[  360.430583][ T8854]  ? __pfx____sys_sendmsg+0x10/0x10
[  360.430629][ T8854]  ? __fget_files+0x2a/0x420
[  360.430642][ T8854]  ? __fget_files+0x3a0/0x420
[  360.430663][ T8854]  __x64_sys_sendmsg+0x19b/0x260
[  360.430686][ T8854]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  360.430713][ T8854]  ? __pfx_ksys_write+0x10/0x10
[  360.430735][ T8854]  ? rcu_is_watching+0x15/0xb0
[  360.430755][ T8854]  ? do_syscall_64+0xbe/0x3b0
[  360.430774][ T8854]  do_syscall_64+0xfa/0x3b0
[  360.430786][ T8854]  ? lockdep_hardirqs_on+0x9c/0x150
[  360.430808][ T8854]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.430822][ T8854]  ? clear_bhb_loop+0x60/0xb0
[  360.430840][ T8854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  360.430853][ T8854] RIP: 0033:0x7f739278e929
[  360.430867][ T8854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  360.430879][ T8854] RSP: 002b:00007f7393690038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  360.430896][ T8854] RAX: ffffffffffffffda RBX: 00007f73929b6080 RCX: 00007f739278e929
[  360.430906][ T8854] RDX: 0000000020000000 RSI: 0000200000000140 RDI: 0000000000000007
[  360.430916][ T8854] RBP: 00007f7393690090 R08: 0000000000000000 R09: 0000000000000000
[  360.430925][ T8854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  360.430938][ T8854] R13: 0000000000000000 R14: 00007f73929b6080 R15: 00007ffcb18b2628
[  360.430961][ T8854]  </TASK>
[  362.167259][ T8876] syzkaller0: entered promiscuous mode
[  362.253637][ T8876] syzkaller0: entered allmulticast mode
[  362.398294][ T8875] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  363.597309][ T8887] FAULT_INJECTION: forcing a failure.
[  363.597309][ T8887] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  363.706627][ T8887] CPU: 1 UID: 0 PID: 8887 Comm: syz.5.663 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  363.706658][ T8887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  363.706667][ T8887] Call Trace:
[  363.706674][ T8887]  <TASK>
[  363.706680][ T8887]  dump_stack_lvl+0x189/0x250
[  363.706702][ T8887]  ? __pfx____ratelimit+0x10/0x10
[  363.706725][ T8887]  ? __pfx_dump_stack_lvl+0x10/0x10
[  363.706740][ T8887]  ? __pfx__printk+0x10/0x10
[  363.706759][ T8887]  ? __might_fault+0xb0/0x130
[  363.706844][ T8887]  should_fail_ex+0x414/0x560
[  363.706868][ T8887]  _copy_from_iter+0x1db/0x16f0
[  363.706886][ T8887]  ? rcu_is_watching+0x15/0xb0
[  363.706902][ T8887]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  363.706924][ T8887]  ? __pfx__copy_from_iter+0x10/0x10
[  363.706939][ T8887]  ? __build_skb_around+0x257/0x3e0
[  363.706958][ T8887]  ? netlink_sendmsg+0x642/0xb30
[  363.706975][ T8887]  ? skb_put+0x11b/0x210
[  363.706993][ T8887]  netlink_sendmsg+0x6b2/0xb30
[  363.707017][ T8887]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.707046][ T8887]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  363.707065][ T8887]  ? __pfx_netlink_sendmsg+0x10/0x10
[  363.707083][ T8887]  __sock_sendmsg+0x219/0x270
[  363.707107][ T8887]  ____sys_sendmsg+0x505/0x830
[  363.707129][ T8887]  ? __pfx_____sys_sendmsg+0x10/0x10
[  363.707154][ T8887]  ? import_iovec+0x74/0xa0
[  363.707173][ T8887]  ___sys_sendmsg+0x21f/0x2a0
[  363.707193][ T8887]  ? __pfx____sys_sendmsg+0x10/0x10
[  363.707237][ T8887]  ? __fget_files+0x2a/0x420
[  363.707250][ T8887]  ? __fget_files+0x3a0/0x420
[  363.707271][ T8887]  __x64_sys_sendmsg+0x19b/0x260
[  363.707298][ T8887]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  363.707326][ T8887]  ? __pfx_ksys_write+0x10/0x10
[  363.707350][ T8887]  ? rcu_is_watching+0x15/0xb0
[  363.707389][ T8887]  ? do_syscall_64+0xbe/0x3b0
[  363.707411][ T8887]  do_syscall_64+0xfa/0x3b0
[  363.707430][ T8887]  ? lockdep_hardirqs_on+0x9c/0x150
[  363.707470][ T8887]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.707493][ T8887]  ? clear_bhb_loop+0x60/0xb0
[  363.707515][ T8887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.707529][ T8887] RIP: 0033:0x7f5eef58e929
[  363.707542][ T8887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  363.707554][ T8887] RSP: 002b:00007f5ef0457038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  363.707570][ T8887] RAX: ffffffffffffffda RBX: 00007f5eef7b5fa0 RCX: 00007f5eef58e929
[  363.707581][ T8887] RDX: 0000000000000084 RSI: 0000200000000000 RDI: 0000000000000003
[  363.707590][ T8887] RBP: 00007f5ef0457090 R08: 0000000000000000 R09: 0000000000000000
[  363.707598][ T8887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  363.707607][ T8887] R13: 0000000000000000 R14: 00007f5eef7b5fa0 R15: 00007ffd9ea86738
[  363.707629][ T8887]  </TASK>
[  364.150581][ T8894] sctp: [Deprecated]: syz.5.664 (pid 8894) Use of struct sctp_assoc_value in delayed_ack socket option.
[  364.150581][ T8894] Use struct sctp_sack_info instead
[  364.245766][ T8896] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  364.360049][   T43] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  364.368584][ T8896] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  364.479936][ T5923] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[  364.521154][   T43] usb 2-1: Using ep0 maxpacket: 16
[  364.528940][   T43] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  364.540295][   T43] usb 2-1: config 0 interface 0 has no altsetting 0
[  364.619946][ T5923] usb 6-1: device descriptor read/64, error -71
[  364.672611][   T43] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  364.754344][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.796109][   T43] usb 2-1: config 0 descriptor??
[  364.900197][ T5923] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[  365.039977][ T5923] usb 6-1: device descriptor read/64, error -71
[  365.180548][ T5923] usb usb6-port1: attempt power cycle
[  365.520337][ T5923] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[  365.928979][ T8914] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  365.956244][ T8914] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  365.974038][ T5923] usb 6-1: device descriptor read/8, error -71
[  366.074656][ T8892] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  366.136844][ T8892] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  366.183681][ T8892] netlink: 'syz.1.665': attribute type 1 has an invalid length.
[  366.250429][ T5923] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[  366.272638][   T43] nzxt-smart2 0003:1E71:2009.0007: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  366.305242][ T5923] usb 6-1: device descriptor read/8, error -71
[  366.443015][ T5923] usb usb6-port1: unable to enumerate USB device
[  366.668555][ T5923] usb 2-1: USB disconnect, device number 19
[  367.215714][ T8929] FAULT_INJECTION: forcing a failure.
[  367.215714][ T8929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.229378][ T8929] CPU: 1 UID: 0 PID: 8929 Comm: syz.4.672 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  367.229405][ T8929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  367.229418][ T8929] Call Trace:
[  367.229426][ T8929]  <TASK>
[  367.229435][ T8929]  dump_stack_lvl+0x189/0x250
[  367.229464][ T8929]  ? __pfx____ratelimit+0x10/0x10
[  367.229495][ T8929]  ? __pfx_dump_stack_lvl+0x10/0x10
[  367.229517][ T8929]  ? __pfx__printk+0x10/0x10
[  367.229544][ T8929]  ? __might_fault+0xb0/0x130
[  367.229585][ T8929]  should_fail_ex+0x414/0x560
[  367.229619][ T8929]  _copy_from_iter+0x1db/0x16f0
[  367.229644][ T8929]  ? rcu_is_watching+0x15/0xb0
[  367.229668][ T8929]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  367.229700][ T8929]  ? __pfx__copy_from_iter+0x10/0x10
[  367.229721][ T8929]  ? __build_skb_around+0x257/0x3e0
[  367.229748][ T8929]  ? netlink_sendmsg+0x642/0xb30
[  367.229770][ T8929]  ? skb_put+0x11b/0x210
[  367.229798][ T8929]  netlink_sendmsg+0x6b2/0xb30
[  367.229837][ T8929]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.229869][ T8929]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  367.229897][ T8929]  ? __pfx_netlink_sendmsg+0x10/0x10
[  367.229921][ T8929]  __sock_sendmsg+0x219/0x270
[  367.229955][ T8929]  ____sys_sendmsg+0x505/0x830
[  367.229987][ T8929]  ? __pfx_____sys_sendmsg+0x10/0x10
[  367.230022][ T8929]  ? import_iovec+0x74/0xa0
[  367.230049][ T8929]  ___sys_sendmsg+0x21f/0x2a0
[  367.230100][ T8929]  ? __pfx____sys_sendmsg+0x10/0x10
[  367.230160][ T8929]  ? __fget_files+0x2a/0x420
[  367.230177][ T8929]  ? __fget_files+0x3a0/0x420
[  367.230222][ T8929]  __x64_sys_sendmsg+0x19b/0x260
[  367.230251][ T8929]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  367.230287][ T8929]  ? __pfx_ksys_write+0x10/0x10
[  367.230322][ T8929]  ? do_syscall_64+0xbe/0x3b0
[  367.230345][ T8929]  do_syscall_64+0xfa/0x3b0
[  367.230363][ T8929]  ? lockdep_hardirqs_on+0x9c/0x150
[  367.230392][ T8929]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.230412][ T8929]  ? clear_bhb_loop+0x60/0xb0
[  367.230437][ T8929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.230455][ T8929] RIP: 0033:0x7f739278e929
[  367.230473][ T8929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.230490][ T8929] RSP: 002b:00007f739366f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.230512][ T8929] RAX: ffffffffffffffda RBX: 00007f73929b6160 RCX: 00007f739278e929
[  367.230526][ T8929] RDX: 0000000000004040 RSI: 0000200000000340 RDI: 0000000000000007
[  367.230539][ T8929] RBP: 00007f739366f090 R08: 0000000000000000 R09: 0000000000000000
[  367.230551][ T8929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.230562][ T8929] R13: 0000000000000000 R14: 00007f73929b6160 R15: 00007ffcb18b2628
[  367.230605][ T8929]  </TASK>
[  367.715165][ T8931] usb usb9: usbfs: process 8931 (syz.6.673) did not claim interface 0 before use
[  367.988938][ T8938] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  368.029149][ T8941] netlink: 8 bytes leftover after parsing attributes in process `syz.0.675'.
[  368.425027][ T8946] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  370.384927][ T8969] gfs2: Unexpected value for 'acl'
[  370.401814][ T8969] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  370.928890][ T8966] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  370.984419][ T8969] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  371.359773][ T8980] FAULT_INJECTION: forcing a failure.
[  371.359773][ T8980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  371.387475][ T8980] CPU: 0 UID: 0 PID: 8980 Comm: syz.4.687 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  371.387506][ T8980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  371.387518][ T8980] Call Trace:
[  371.387526][ T8980]  <TASK>
[  371.387534][ T8980]  dump_stack_lvl+0x189/0x250
[  371.387562][ T8980]  ? __pfx____ratelimit+0x10/0x10
[  371.387594][ T8980]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.387617][ T8980]  ? __pfx__printk+0x10/0x10
[  371.387657][ T8980]  should_fail_ex+0x414/0x560
[  371.387691][ T8980]  _copy_to_user+0x31/0xb0
[  371.387716][ T8980]  simple_read_from_buffer+0xe1/0x170
[  371.387751][ T8980]  proc_fail_nth_read+0x1df/0x250
[  371.387776][ T8980]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  371.387799][ T8980]  ? rw_verify_area+0x258/0x650
[  371.387825][ T8980]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  371.387846][ T8980]  vfs_read+0x200/0x980
[  371.387893][ T8980]  ? __pfx___mutex_lock+0x10/0x10
[  371.387914][ T8980]  ? __pfx_vfs_read+0x10/0x10
[  371.387942][ T8980]  ? __fget_files+0x2a/0x420
[  371.387965][ T8980]  ? __fget_files+0x3a0/0x420
[  371.387982][ T8980]  ? __fget_files+0x2a/0x420
[  371.388010][ T8980]  ksys_read+0x145/0x250
[  371.388039][ T8980]  ? __pfx_ksys_read+0x10/0x10
[  371.388073][ T8980]  ? do_syscall_64+0xbe/0x3b0
[  371.388096][ T8980]  do_syscall_64+0xfa/0x3b0
[  371.388113][ T8980]  ? lockdep_hardirqs_on+0x9c/0x150
[  371.388142][ T8980]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.388162][ T8980]  ? clear_bhb_loop+0x60/0xb0
[  371.388186][ T8980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.388204][ T8980] RIP: 0033:0x7f739278d33c
[  371.388222][ T8980] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  371.388239][ T8980] RSP: 002b:00007f73936b1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  371.388261][ T8980] RAX: ffffffffffffffda RBX: 00007f73929b5fa0 RCX: 00007f739278d33c
[  371.388275][ T8980] RDX: 000000000000000f RSI: 00007f73936b10a0 RDI: 0000000000000004
[  371.388286][ T8980] RBP: 00007f73936b1090 R08: 0000000000000000 R09: 0000000000000000
[  371.388309][ T8980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.388320][ T8980] R13: 0000000000000000 R14: 00007f73929b5fa0 R15: 00007ffcb18b2628
[  371.388350][ T8980]  </TASK>
[  371.718636][ T8986] usb usb9: usbfs: process 8986 (syz.6.689) did not claim interface 0 before use
[  372.089913][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  372.089933][   T30] audit: type=1800 audit(1752223272.057:557): pid=8990 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.688" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  372.680985][ T8978] syz.1.688: attempt to access beyond end of device
[  372.680985][ T8978] nbd1: rw=6144, sector=128, nr_sectors = 8 limit=0
[  372.694232][ T8978] gfs2: error -5 reading superblock
[  375.664737][ T9021] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  376.615560][ T9032] FAULT_INJECTION: forcing a failure.
[  376.615560][ T9032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.636368][ T9032] CPU: 1 UID: 0 PID: 9032 Comm: syz.5.702 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  376.636398][ T9032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  376.636410][ T9032] Call Trace:
[  376.636419][ T9032]  <TASK>
[  376.636436][ T9032]  dump_stack_lvl+0x189/0x250
[  376.636464][ T9032]  ? __pfx____ratelimit+0x10/0x10
[  376.636494][ T9032]  ? __pfx_dump_stack_lvl+0x10/0x10
[  376.636515][ T9032]  ? __pfx__printk+0x10/0x10
[  376.636542][ T9032]  ? __might_fault+0xb0/0x130
[  376.636580][ T9032]  should_fail_ex+0x414/0x560
[  376.636613][ T9032]  _copy_from_iter+0x1db/0x16f0
[  376.636636][ T9032]  ? rcu_is_watching+0x15/0xb0
[  376.636659][ T9032]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  376.636690][ T9032]  ? __pfx__copy_from_iter+0x10/0x10
[  376.636712][ T9032]  ? __build_skb_around+0x257/0x3e0
[  376.636737][ T9032]  ? netlink_sendmsg+0x642/0xb30
[  376.636759][ T9032]  ? skb_put+0x11b/0x210
[  376.636787][ T9032]  netlink_sendmsg+0x6b2/0xb30
[  376.636829][ T9032]  ? __pfx_netlink_sendmsg+0x10/0x10
[  376.636861][ T9032]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  376.636888][ T9032]  ? __pfx_netlink_sendmsg+0x10/0x10
[  376.636913][ T9032]  __sock_sendmsg+0x219/0x270
[  376.636948][ T9032]  ____sys_sendmsg+0x505/0x830
[  376.636979][ T9032]  ? __pfx_____sys_sendmsg+0x10/0x10
[  376.637020][ T9032]  ? import_iovec+0x74/0xa0
[  376.637048][ T9032]  ___sys_sendmsg+0x21f/0x2a0
[  376.637076][ T9032]  ? __pfx____sys_sendmsg+0x10/0x10
[  376.637184][ T9032]  ? __fget_files+0x2a/0x420
[  376.637203][ T9032]  ? __fget_files+0x3a0/0x420
[  376.637233][ T9032]  __x64_sys_sendmsg+0x19b/0x260
[  376.637263][ T9032]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  376.637301][ T9032]  ? __pfx_ksys_write+0x10/0x10
[  376.637326][ T9032]  ? rcu_is_watching+0x15/0xb0
[  376.637354][ T9032]  ? do_syscall_64+0xbe/0x3b0
[  376.637378][ T9032]  do_syscall_64+0xfa/0x3b0
[  376.637396][ T9032]  ? lockdep_hardirqs_on+0x9c/0x150
[  376.637427][ T9032]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.637447][ T9032]  ? clear_bhb_loop+0x60/0xb0
[  376.637472][ T9032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.637492][ T9032] RIP: 0033:0x7f5eef58e929
[  376.637511][ T9032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.637528][ T9032] RSP: 002b:00007f5ef0457038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  376.637550][ T9032] RAX: ffffffffffffffda RBX: 00007f5eef7b5fa0 RCX: 00007f5eef58e929
[  376.637565][ T9032] RDX: 0000000000000090 RSI: 00002000000002c0 RDI: 0000000000000004
[  376.637578][ T9032] RBP: 00007f5ef0457090 R08: 0000000000000000 R09: 0000000000000000
[  376.637590][ T9032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.637601][ T9032] R13: 0000000000000000 R14: 00007f5eef7b5fa0 R15: 00007ffd9ea86738
[  376.637633][ T9032]  </TASK>
[  378.319623][ T9048] usb usb9: usbfs: process 9048 (syz.4.703) did not claim interface 0 before use
[  379.445435][ T9064] could not allocate digest TFM handle cryptd(blake2b-160)
[  380.276741][ T5923] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  380.471639][ T5923] usb 2-1: device descriptor read/64, error -71
[  380.786223][ T9090] FAULT_INJECTION: forcing a failure.
[  380.786223][ T9090] name failslab, interval 1, probability 0, space 0, times 0
[  380.922848][ T9090] CPU: 1 UID: 0 PID: 9090 Comm: syz.0.717 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  380.922880][ T9090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  380.922894][ T9090] Call Trace:
[  380.922902][ T9090]  <TASK>
[  380.922912][ T9090]  dump_stack_lvl+0x189/0x250
[  380.922942][ T9090]  ? __pfx____ratelimit+0x10/0x10
[  380.922974][ T9090]  ? __pfx_dump_stack_lvl+0x10/0x10
[  380.922997][ T9090]  ? __pfx__printk+0x10/0x10
[  380.923031][ T9090]  ? __pfx___might_resched+0x10/0x10
[  380.923062][ T9090]  should_fail_ex+0x414/0x560
[  380.923099][ T9090]  should_failslab+0xa8/0x100
[  380.923146][ T9090]  __kmalloc_noprof+0xcb/0x4f0
[  380.923175][ T9090]  ? do_insn_ioctl+0xfb/0x480
[  380.923212][ T9090]  do_insn_ioctl+0xfb/0x480
[  380.923248][ T9090]  comedi_unlocked_ioctl+0xa96/0xf40
[  380.923288][ T9090]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  380.923316][ T9090]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  380.923347][ T9090]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  380.923375][ T9090]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  380.923405][ T9090]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  380.923432][ T9090]  ? smack_log+0xef/0x3f0
[  380.923457][ T9090]  ? __pfx_smack_log+0x10/0x10
[  380.923480][ T9090]  ? smk_access+0x14c/0x4e0
[  380.923514][ T9090]  ? smk_tskacc+0x2fc/0x370
[  380.923555][ T9090]  ? smack_file_ioctl+0x2a9/0x340
[  380.923584][ T9090]  ? __pfx_smack_file_ioctl+0x10/0x10
[  380.923623][ T9090]  ? __fget_files+0x2a/0x420
[  380.923646][ T9090]  ? bpf_lsm_file_ioctl+0x9/0x20
[  380.923665][ T9090]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  380.923692][ T9090]  __se_sys_ioctl+0xf9/0x170
[  380.923720][ T9090]  do_syscall_64+0xfa/0x3b0
[  380.923738][ T9090]  ? lockdep_hardirqs_on+0x9c/0x150
[  380.923775][ T9090]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.923795][ T9090]  ? clear_bhb_loop+0x60/0xb0
[  380.923819][ T9090]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.923837][ T9090] RIP: 0033:0x7ff68a58e929
[  380.923855][ T9090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.923872][ T9090] RSP: 002b:00007ff68b450038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  380.923894][ T9090] RAX: ffffffffffffffda RBX: 00007ff68a7b5fa0 RCX: 00007ff68a58e929
[  380.923908][ T9090] RDX: 0000200000000000 RSI: 000000008028640c RDI: 0000000000000003
[  380.923920][ T9090] RBP: 00007ff68b450090 R08: 0000000000000000 R09: 0000000000000000
[  380.923932][ T9090] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  380.923942][ T9090] R13: 0000000000000000 R14: 00007ff68a7b5fa0 R15: 00007ffe815384c8
[  380.923974][ T9090]  </TASK>
[  381.191288][ T5923] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  381.330084][ T5923] usb 2-1: device descriptor read/64, error -71
[  381.442024][ T5923] usb usb2-port1: attempt power cycle
[  381.809974][ T5923] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  381.876896][ T5923] usb 2-1: device descriptor read/8, error -71
[  382.220265][ T5923] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  382.298174][ T5923] usb 2-1: device descriptor read/8, error -71
[  382.455730][ T9105] netlink: 'syz.6.724': attribute type 2 has an invalid length.
[  382.544677][ T5923] usb usb2-port1: unable to enumerate USB device
[  382.561220][ T9102] netlink: 4 bytes leftover after parsing attributes in process `syz.4.723'.
[  383.571866][ T9117] overlayfs: missing 'lowerdir'
[  383.936577][ T9120] usb usb9: usbfs: process 9120 (syz.4.728) did not claim interface 0 before use
[  384.904618][ T9134] netlink: 40 bytes leftover after parsing attributes in process `syz.5.731'.
[  386.660876][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  386.667308][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  387.949953][ T5978] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  388.569404][ T5978] usb 6-1: Using ep0 maxpacket: 32
[  390.231175][ T5978] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  390.263575][ T5978] usb 6-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  390.277732][ T5978] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  390.286142][ T5978] usb 6-1: Product: syz
[  390.290858][ T5978] usb 6-1: Manufacturer: syz
[  390.296693][ T5978] usb 6-1: SerialNumber: syz
[  390.300627][   T30] audit: type=1326 audit(1752223290.247:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9179 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  390.306173][ T5978] usb 6-1: config 0 descriptor??
[  390.370985][   T30] audit: type=1326 audit(1752223290.247:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9179 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  390.396208][ T9183] IPVS: set_ctl: invalid protocol: 51 172.30.0.1:20002
[  390.413389][ T9183] sctp: [Deprecated]: syz.0.745 (pid 9183) Use of int in maxseg socket option.
[  390.413389][ T9183] Use struct sctp_assoc_value instead
[  390.654288][   T30] audit: type=1326 audit(1752223290.257:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9179 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff68a58d3df code=0x7ffc0000
[  391.102257][   T30] audit: type=1326 audit(1752223290.257:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9179 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  391.126138][   T30] audit: type=1326 audit(1752223290.257:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9179 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  391.147631][   T30] audit: type=1326 audit(1752223290.277:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9179 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  391.231932][ T9188] netlink: 8 bytes leftover after parsing attributes in process `syz.4.746'.
[  391.240891][ T9188] netlink: 4 bytes leftover after parsing attributes in process `syz.4.746'.
[  391.572131][   T30] audit: type=1326 audit(1752223290.277:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9179 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  391.600928][   T30] audit: type=1326 audit(1752223290.277:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9179 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  391.797872][ T5978] usb 6-1: can't set config #0, error -71
[  391.808562][ T5978] usb 6-1: USB disconnect, device number 14
[  391.824870][ T6091] udevd[6091]: setting mode of /dev/bus/usb/006/014 to 020664 failed: No such file or directory
[  392.058600][ T6091] udevd[6091]: setting owner of /dev/bus/usb/006/014 to uid=0, gid=0 failed: No such file or directory
[  392.115219][   T30] audit: type=1326 audit(1752223290.277:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9179 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  392.930942][   T30] audit: type=1326 audit(1752223290.277:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9179 comm="syz.0.745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff68a58e929 code=0x7ffc0000
[  393.301778][ T9200] kvm: vcpu 0: requested 64 ns lapic timer period limited to 200000 ns
[  393.417895][ T9212] Invalid option length (1048372) for dns_resolver key
[  393.828459][ T9218] IPVS: set_ctl: invalid protocol: 51 172.30.0.7:20002
[  393.841547][ T9218] sctp: [Deprecated]: syz.6.752 (pid 9218) Use of int in maxseg socket option.
[  393.841547][ T9218] Use struct sctp_assoc_value instead
[  394.237141][ T9216] netlink: 16 bytes leftover after parsing attributes in process `syz.5.753'.
[  394.271548][ T9219] IPVS: sync thread started: state = BACKUP, mcast_ifn = wg0, syncid = 4, id = 0
[  394.412625][ T9222] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  394.521050][ T9226] overlayfs: missing 'lowerdir'
[  395.529982][  T978] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  395.706205][ T9252] kvm: pic: non byte write
[  395.802940][ T9255] program syz.0.764 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  395.905178][  T978] usb 2-1: unable to get BOS descriptor or descriptor too short
[  395.932140][  T978] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  395.982491][  T978] usb 2-1: config 1 has no interface number 1
[  396.007073][  T978] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  396.092409][  T978] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  396.179996][  T978] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.188398][  T978] usb 2-1: Product: syz
[  396.219954][  T978] usb 2-1: Manufacturer: syz
[  396.224637][  T978] usb 2-1: SerialNumber: syz
[  396.544133][ T9260] usb usb9: usbfs: process 9260 (syz.0.766) did not claim interface 0 before use
[  397.240036][ T5916] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  397.429974][ T5916] usb 7-1: Using ep0 maxpacket: 8
[  397.440501][ T5916] usb 7-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  397.463534][ T5916] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.500803][ T5916] usb 7-1: Product: syz
[  397.514891][ T5916] usb 7-1: Manufacturer: syz
[  397.537767][ T5916] usb 7-1: SerialNumber: syz
[  397.569447][ T5916] usb 7-1: config 0 descriptor??
[  398.105578][  T978] usb 2-1: 2:1 : no or invalid class specific endpoint descriptor
[  398.140013][  T978] usb 2-1: 2:1 : unsupported sample bitwidth 8 in 5 bytes
[  398.439208][ T9274] overlayfs: failed to resolve './file0': -2
[  401.118180][  T978] usb 2-1: USB disconnect, device number 24
[  401.559954][   T24] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  401.777192][ T6091] udevd[6091]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  402.000186][   T24] usb 6-1: Using ep0 maxpacket: 16
[  402.293350][ T5916] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  402.378077][ T5916] gspca_sunplus: reg_w_riv err -71
[  402.401790][   T24] usb 6-1: unable to read config index 0 descriptor/start: -71
[  402.436755][ T5916] sunplus 7-1:0.0: probe with driver sunplus failed with error -71
[  402.452573][   T24] usb 6-1: can't read configurations, error -71
[  402.494347][ T5916] usb 7-1: USB disconnect, device number 14
[  402.600508][ T9300] FAULT_INJECTION: forcing a failure.
[  402.600508][ T9300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  402.715892][ T9300] CPU: 1 UID: 0 PID: 9300 Comm: syz.0.775 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  402.715924][ T9300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  402.715937][ T9300] Call Trace:
[  402.715946][ T9300]  <TASK>
[  402.715954][ T9300]  dump_stack_lvl+0x189/0x250
[  402.715983][ T9300]  ? __pfx____ratelimit+0x10/0x10
[  402.716014][ T9300]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.716036][ T9300]  ? __pfx__printk+0x10/0x10
[  402.716063][ T9300]  ? __might_fault+0xb0/0x130
[  402.716110][ T9300]  should_fail_ex+0x414/0x560
[  402.716145][ T9300]  _copy_from_user+0x2d/0xb0
[  402.716169][ T9300]  do_sock_getsockopt+0x1cd/0x650
[  402.716198][ T9300]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  402.716234][ T9300]  ? do_syscall_64+0x40/0x3b0
[  402.716253][ T9300]  ? __fget_files+0x3a0/0x420
[  402.716271][ T9300]  ? __fget_files+0x2a/0x420
[  402.716298][ T9300]  __x64_sys_getsockopt+0x1a5/0x250
[  402.716322][ T9300]  ? do_syscall_64+0x40/0x3b0
[  402.716342][ T9300]  ? do_syscall_64+0x40/0x3b0
[  402.716365][ T9300]  do_syscall_64+0xfa/0x3b0
[  402.716382][ T9300]  ? lockdep_hardirqs_on+0x9c/0x150
[  402.716411][ T9300]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.716486][ T9300]  ? clear_bhb_loop+0x60/0xb0
[  402.716511][ T9300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.716530][ T9300] RIP: 0033:0x7ff68a58e929
[  402.716548][ T9300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.716565][ T9300] RSP: 002b:00007ff68b450038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  402.716586][ T9300] RAX: ffffffffffffffda RBX: 00007ff68a7b5fa0 RCX: 00007ff68a58e929
[  402.716601][ T9300] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000003
[  402.716612][ T9300] RBP: 00007ff68b450090 R08: 0000200000000000 R09: 0000000000000000
[  402.716624][ T9300] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  402.716637][ T9300] R13: 0000000000000000 R14: 00007ff68a7b5fa0 R15: 00007ffe815384c8
[  402.716667][ T9300]  </TASK>
[  403.910644][ T9306] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  403.965496][ T5916] kernel write not supported for file task/431/attr/keycreate (pid: 5916 comm: kworker/0:4)
[  404.317818][ T9320] netlink: 28 bytes leftover after parsing attributes in process `syz.0.782'.
[  404.426826][ T9322] FAULT_INJECTION: forcing a failure.
[  404.426826][ T9322] name failslab, interval 1, probability 0, space 0, times 0
[  404.474312][ T9322] CPU: 0 UID: 0 PID: 9322 Comm: syz.6.780 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  404.474344][ T9322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  404.474356][ T9322] Call Trace:
[  404.474365][ T9322]  <TASK>
[  404.474375][ T9322]  dump_stack_lvl+0x189/0x250
[  404.474404][ T9322]  ? __pfx____ratelimit+0x10/0x10
[  404.474437][ T9322]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.474460][ T9322]  ? __pfx__printk+0x10/0x10
[  404.474501][ T9322]  should_fail_ex+0x414/0x560
[  404.474536][ T9322]  should_failslab+0xa8/0x100
[  404.474571][ T9322]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  404.474600][ T9322]  ? cpuacct_charge+0x117/0x320
[  404.474622][ T9322]  ? __alloc_skb+0x112/0x2d0
[  404.474648][ T9322]  __alloc_skb+0x112/0x2d0
[  404.474686][ T9322]  _sctp_make_chunk+0x5e/0x430
[  404.474722][ T9322]  sctp_make_heartbeat+0xa7/0x470
[  404.474746][ T9322]  ? __switch_to+0xd74/0x1600
[  404.474778][ T9322]  ? __pfx_sctp_make_heartbeat+0x10/0x10
[  404.474799][ T9322]  ? __lock_acquire+0xab9/0xd20
[  404.474825][ T9322]  ? sctp_transport_hold+0x142/0x1c0
[  404.474854][ T9322]  ? __pfx_sctp_transport_hold+0x10/0x10
[  404.474888][ T9322]  sctp_sf_do_prm_requestheartbeat+0x32/0x280
[  404.474924][ T9322]  sctp_do_sm+0x1e7/0x5a20
[  404.474953][ T9322]  ? __pfx_sctp_pname+0x10/0x10
[  404.474982][ T9322]  ? __pfx_sctp_hash_cmp+0x10/0x10
[  404.475026][ T9322]  ? __pfx_sctp_do_sm+0x10/0x10
[  404.475056][ T9322]  ? __pfx_sctp_hash_key+0x10/0x10
[  404.475082][ T9322]  ? __pfx_sctp_hash_obj+0x10/0x10
[  404.475151][ T9322]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  404.475177][ T9322]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  404.475201][ T9322]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  404.475228][ T9322]  ? sctp_v6_addr_to_user+0x217/0x420
[  404.475265][ T9322]  sctp_primitive_REQUESTHEARTBEAT+0x98/0xc0
[  404.475299][ T9322]  sctp_apply_peer_addr_params+0xdf/0x1880
[  404.475338][ T9322]  sctp_setsockopt_peer_addr_params+0x5e5/0x940
[  404.475380][ T9322]  sctp_setsockopt+0x709/0x1200
[  404.475404][ T9322]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  404.475428][ T9322]  do_sock_setsockopt+0x25a/0x3e0
[  404.475455][ T9322]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  404.475485][ T9322]  ? __fget_files+0x2a/0x420
[  404.475513][ T9322]  __x64_sys_setsockopt+0x18b/0x220
[  404.475544][ T9322]  do_syscall_64+0xfa/0x3b0
[  404.475563][ T9322]  ? lockdep_hardirqs_on+0x9c/0x150
[  404.475591][ T9322]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.475611][ T9322]  ? clear_bhb_loop+0x60/0xb0
[  404.475635][ T9322]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.475655][ T9322] RIP: 0033:0x7f4bc7d8e929
[  404.475672][ T9322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.475695][ T9322] RSP: 002b:00007f4bc8c02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  404.475716][ T9322] RAX: ffffffffffffffda RBX: 00007f4bc7fb6080 RCX: 00007f4bc7d8e929
[  404.475731][ T9322] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000003
[  404.475743][ T9322] RBP: 00007f4bc8c02090 R08: 000000000000009c R09: 0000000000000000
[  404.475755][ T9322] R10: 0000200000000a00 R11: 0000000000000246 R12: 0000000000000001
[  404.475767][ T9322] R13: 0000000000000001 R14: 00007f4bc7fb6080 R15: 00007ffdafa43ff8
[  404.475799][ T9322]  </TASK>
[  404.948452][ T9302] FAULT_INJECTION: forcing a failure.
[  404.948452][ T9302] name failslab, interval 1, probability 0, space 0, times 0
[  404.961787][ T9302] CPU: 0 UID: 0 PID: 9302 Comm: syz.1.776 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  404.961816][ T9302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  404.961829][ T9302] Call Trace:
[  404.961837][ T9302]  <TASK>
[  404.961846][ T9302]  dump_stack_lvl+0x189/0x250
[  404.961876][ T9302]  ? __pfx____ratelimit+0x10/0x10
[  404.961908][ T9302]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.961932][ T9302]  ? __pfx__printk+0x10/0x10
[  404.961978][ T9302]  ? __pfx___might_resched+0x10/0x10
[  404.962001][ T9302]  ? fs_reclaim_acquire+0x7d/0x100
[  404.962028][ T9302]  should_fail_ex+0x414/0x560
[  404.962062][ T9302]  should_failslab+0xa8/0x100
[  404.962095][ T9302]  kmem_cache_alloc_noprof+0x73/0x3c0
[  404.962124][ T9302]  ? prepare_creds+0x31/0x6c0
[  404.962156][ T9302]  prepare_creds+0x31/0x6c0
[  404.962188][ T9302]  copy_creds+0x106/0xa10
[  404.962224][ T9302]  copy_process+0x95d/0x3b80
[  404.962269][ T9302]  ? get_pid_task+0x20/0x1f0
[  404.962304][ T9302]  ? __pfx_copy_process+0x10/0x10
[  404.962332][ T9302]  ? rcu_read_lock_any_held+0xb3/0x120
[  404.962366][ T9302]  kernel_clone+0x224/0x7f0
[  404.962395][ T9302]  ? __pfx_kernel_clone+0x10/0x10
[  404.962442][ T9302]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  404.962471][ T9302]  __x64_sys_clone+0x18b/0x1e0
[  404.962501][ T9302]  ? __pfx___x64_sys_clone+0x10/0x10
[  404.962557][ T9302]  ? __pfx_ksys_write+0x10/0x10
[  404.962592][ T9302]  ? do_syscall_64+0xbe/0x3b0
[  404.962615][ T9302]  do_syscall_64+0xfa/0x3b0
[  404.962633][ T9302]  ? lockdep_hardirqs_on+0x9c/0x150
[  404.962663][ T9302]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.962682][ T9302]  ? clear_bhb_loop+0x60/0xb0
[  404.962708][ T9302]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.962727][ T9302] RIP: 0033:0x7f677258e929
[  404.962745][ T9302] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.962762][ T9302] RSP: 002b:00007f67733a5fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  404.962785][ T9302] RAX: ffffffffffffffda RBX: 00007f67727b5fa0 RCX: 00007f677258e929
[  404.962799][ T9302] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020223000
[  404.962889][ T9302] RBP: 00007f67733a6090 R08: 0000000000000000 R09: 0000000000000000
[  404.962903][ T9302] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  404.962914][ T9302] R13: 0000000000000000 R14: 00007f67727b5fa0 R15: 00007ffc97e99348
[  404.962947][ T9302]  </TASK>
[  405.479927][ T5943] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  406.007917][ T9336] XFS (nullb0): Invalid superblock magic number
[  406.262763][ T5943] usb 5-1: Using ep0 maxpacket: 8
[  406.524569][ T5943] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  406.539867][ T5943] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.548268][ T5943] usb 5-1: Product: syz
[  406.569685][ T5943] usb 5-1: Manufacturer: syz
[  406.574492][ T5943] usb 5-1: SerialNumber: syz
[  406.588702][ T5943] usb 5-1: config 0 descriptor??
[  407.412292][  T978] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  407.880144][  T978] usb 6-1: Using ep0 maxpacket: 8
[  410.030458][ T9365] FAULT_INJECTION: forcing a failure.
[  410.030458][ T9365] name failslab, interval 1, probability 0, space 0, times 0
[  410.040201][  T978] usb 6-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  410.076834][ T9365] CPU: 1 UID: 0 PID: 9365 Comm: syz.0.791 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  410.076866][ T9365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  410.076879][ T9365] Call Trace:
[  410.076888][ T9365]  <TASK>
[  410.076900][ T9365]  dump_stack_lvl+0x189/0x250
[  410.076930][ T9365]  ? __pfx____ratelimit+0x10/0x10
[  410.076962][ T9365]  ? __pfx_dump_stack_lvl+0x10/0x10
[  410.076984][ T9365]  ? __pfx__printk+0x10/0x10
[  410.077013][ T9365]  ? __pfx___might_resched+0x10/0x10
[  410.077036][ T9365]  ? fs_reclaim_acquire+0x7d/0x100
[  410.077062][ T9365]  should_fail_ex+0x414/0x560
[  410.077103][ T9365]  should_failslab+0xa8/0x100
[  410.077136][ T9365]  __kmalloc_noprof+0xcb/0x4f0
[  410.077164][ T9365]  ? anon_vma_name_alloc+0x40/0xf0
[  410.077197][ T9365]  anon_vma_name_alloc+0x40/0xf0
[  410.077235][ T9365]  prctl_set_vma+0x18b/0x400
[  410.077273][ T9365]  __se_sys_prctl+0x27e/0x1940
[  410.077306][ T9365]  ? __pfx___se_sys_prctl+0x10/0x10
[  410.077333][ T9365]  ? rcu_is_watching+0x15/0xb0
[  410.077362][ T9365]  ? do_syscall_64+0xbe/0x3b0
[  410.077380][ T9365]  ? __x64_sys_prctl+0x20/0xc0
[  410.077412][ T9365]  do_syscall_64+0xfa/0x3b0
[  410.077429][ T9365]  ? lockdep_hardirqs_on+0x9c/0x150
[  410.077458][ T9365]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.077478][ T9365]  ? clear_bhb_loop+0x60/0xb0
[  410.077501][ T9365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.077520][ T9365] RIP: 0033:0x7ff68a58e929
[  410.077537][ T9365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.077555][ T9365] RSP: 002b:00007ff68b450038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  410.077577][ T9365] RAX: ffffffffffffffda RBX: 00007ff68a7b5fa0 RCX: 00007ff68a58e929
[  410.077591][ T9365] RDX: 000020000043b000 RSI: 0000000000000000 RDI: 0000000053564d41
[  410.077603][ T9365] RBP: 00007ff68b450090 R08: 0000200000000080 R09: 0000000000000000
[  410.077617][ T9365] R10: fffffffffffffdb5 R11: 0000000000000246 R12: 0000000000000001
[  410.077628][ T9365] R13: 0000000000000000 R14: 00007ff68a7b5fa0 R15: 00007ffe815384c8
[  410.077658][ T9365]  </TASK>
[  410.321539][  T978] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.331519][ T9361] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  410.364865][  T978] usb 6-1: config 0 descriptor??
[  410.372710][  T978] usb 6-1: can't set config #0, error -71
[  410.572143][  T978] usb 6-1: USB disconnect, device number 17
[  410.614260][ T5943] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  410.634964][ T5943] gspca_sunplus: reg_w_riv err -71
[  410.645346][ T5943] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  410.671337][ T9382] netlink: 8 bytes leftover after parsing attributes in process `syz.5.795'.
[  410.705738][ T5943] usb 5-1: USB disconnect, device number 17
[  410.759205][ T9382] batadv0: entered promiscuous mode
[  410.804902][ T9382] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  411.009147][ T9385] overlayfs: failed to resolve './file0': -2
[  411.602957][ T9392] netlink: 28 bytes leftover after parsing attributes in process `syz.4.798'.
[  411.820526][   T30] kauditd_printk_skb: 53 callbacks suppressed
[  411.820548][   T30] audit: type=1326 audit(1752223311.807:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9401 comm="syz.4.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  411.865440][ T9396] netlink: 4 bytes leftover after parsing attributes in process `syz.5.800'.
[  411.980129][   T30] audit: type=1326 audit(1752223311.827:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9401 comm="syz.4.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  412.476371][   T30] audit: type=1326 audit(1752223311.867:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9401 comm="syz.4.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f739278d3df code=0x7ffc0000
[  412.537948][   T30] audit: type=1326 audit(1752223311.867:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9401 comm="syz.4.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  412.618324][   T30] audit: type=1326 audit(1752223311.867:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9401 comm="syz.4.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  412.720174][   T30] audit: type=1326 audit(1752223311.877:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9401 comm="syz.4.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  412.778633][   T30] audit: type=1326 audit(1752223311.877:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9401 comm="syz.4.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  413.111220][ T9410] fuse: Unknown parameter 'grou00000000000000000000'
[  413.168237][   T30] audit: type=1326 audit(1752223311.877:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9401 comm="syz.4.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  413.400133][   T30] audit: type=1326 audit(1752223311.877:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9401 comm="syz.4.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f739278d290 code=0x7ffc0000
[  413.470131][   T30] audit: type=1326 audit(1752223311.877:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9401 comm="syz.4.801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f739278e929 code=0x7ffc0000
[  414.961240][   T24] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  415.659993][   T24] usb 7-1: device descriptor read/64, error -71
[  415.936196][   T24] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[  416.098394][   T24] usb 7-1: device descriptor read/64, error -71
[  416.231867][   T24] usb usb7-port1: attempt power cycle
[  416.390089][ T5916] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  416.669011][   T24] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[  416.712475][   T24] usb 7-1: device descriptor read/8, error -71
[  416.801688][ T5916] usb 2-1: config 0 has an invalid interface number: 153 but max is 0
[  416.811134][ T5916] usb 2-1: config 0 has no interface number 0
[  416.817850][ T5916] usb 2-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice=b4.98
[  416.869863][ T5916] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.920956][ T5916] usb 2-1: config 0 descriptor??
[  416.932227][ T9446] fuse: Unknown parameter 'group_i00000000000000000000'
[  416.945314][ T5916] gspca_main: vc032x-2.14.0 probing 0ac8:c301
[  416.950059][   T24] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[  417.010571][   T24] usb 7-1: device descriptor read/8, error -71
[  417.130277][   T24] usb usb7-port1: unable to enumerate USB device
[  417.342660][ T9457] netlink: 104 bytes leftover after parsing attributes in process `syz.0.818'.
[  417.471906][ T5916] gspca_vc032x: reg_w err -110
[  417.478167][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  417.771982][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  417.791007][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  417.809467][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  417.897664][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  417.920485][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  417.942491][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  417.960696][ T9461] netlink: 'syz.5.820': attribute type 2 has an invalid length.
[  417.988778][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.022929][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.041771][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.056744][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.069381][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.102745][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.115396][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.134101][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.139656][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.193288][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.216824][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.235180][ T5916] gspca_vc032x: I2c Bus Busy Wait 00
[  418.266582][ T5916] gspca_vc032x: Unknown sensor...
[  418.283922][ T5916] vc032x 2-1:0.153: probe with driver vc032x failed with error -22
[  418.446924][ T5916] usb 2-1: USB disconnect, device number 25
[  418.482111][   T24] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[  418.639978][   T24] usb 7-1: Using ep0 maxpacket: 16
[  418.651422][   T24] usb 7-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47
[  418.670164][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.684439][   T24] usb 7-1: Product: syz
[  418.738799][ T9482] fuse: Unknown parameter 'group_i00000000000000000000'
[  418.859852][   T24] usb 7-1: Manufacturer: syz
[  418.864543][   T24] usb 7-1: SerialNumber: syz
[  418.890907][   T24] usb 7-1: config 0 descriptor??
[  418.912724][   T24] gspca_main: sn9c2028-2.14.0 probing 0c45:800a
[  419.103409][   T24] gspca_sn9c2028: read1 error -32
[  419.547797][ T9497] netlink: 104 bytes leftover after parsing attributes in process `syz.1.831'.
[  419.612806][   T24] gspca_sn9c2028: read1 error -110
[  419.860925][   T24] sn9c2028 7-1:0.0: probe with driver sn9c2028 failed with error -110
[  421.712224][   T43] usb 7-1: USB disconnect, device number 19
[  421.892346][ T9511] fuse: Unknown parameter 'group_i00000000000000000000'
[  422.461830][ T9518] netlink: 'syz.0.841': attribute type 2 has an invalid length.
[  422.614903][ T9520] netlink: 12 bytes leftover after parsing attributes in process `syz.1.843'.
[  422.690243][ T9520] netlink: 56 bytes leftover after parsing attributes in process `syz.1.843'.
[  422.770207][ T9520] netlink: 8 bytes leftover after parsing attributes in process `syz.1.843'.
[  422.831820][ T9524] binder: 9519:9524 ioctl c0306201 2000000003c0 returned -14
[  424.986567][ T9532] sch_fq: defrate 0 ignored.
[  426.560459][ T9555] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  426.765450][ T9549] Can't find a SQUASHFS superblock on nullb0
[  427.446266][ T9574] netlink: 'syz.5.857': attribute type 2 has an invalid length.
[  427.477489][ T9574] fuse: Bad value for 'fd'
[  427.657249][ T9579] netlink: 'syz.0.859': attribute type 2 has an invalid length.
[  427.665173][ T5953] usb 7-1: new high-speed USB device number 20 using dummy_hcd
[  427.940106][ T5155] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  428.820346][ T5953] usb 7-1: Using ep0 maxpacket: 32
[  428.858358][ T5953] usb 7-1: config 0 has an invalid interface number: 184 but max is 0
[  428.858405][ T5953] usb 7-1: config 0 has no interface number 0
[  428.858562][ T5953] usb 7-1: config 0 interface 184 has no altsetting 0
[  428.887437][ T5953] usb 7-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  428.887484][ T5953] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.887561][ T5953] usb 7-1: Product: syz
[  428.887608][ T5953] usb 7-1: Manufacturer: syz
[  428.887672][ T5953] usb 7-1: SerialNumber: syz
[  429.013651][ T5953] usb 7-1: config 0 descriptor??
[  429.092434][ T5953] smsc75xx v1.0.0
[  429.872951][ T5953] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  429.872995][ T5953] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  430.673894][ T9590] 9pnet_fd: Insufficient options for proto=fd
[  430.993819][ T9595] netlink: 104 bytes leftover after parsing attributes in process `syz.5.863'.
[  431.899444][ T9602] gfs2: Unexpected value for 'acl'
[  431.929296][ T9602] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  432.172546][ T9571] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  432.487984][ T9593] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  432.618592][ T9602] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  432.770801][ T9571] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  432.941626][ T5953] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000118: -71
[  434.070309][ T5953] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to write RX_ADDRH: -71
[  434.123124][ T5953] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): Failed to set mac address
[  434.132937][ T5953] smsc75xx 7-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  434.142693][ T5953] smsc75xx 7-1:0.184: probe with driver smsc75xx failed with error -71
[  434.159995][ T5953] usb 7-1: USB disconnect, device number 20
[  434.359115][ T9619] FAULT_INJECTION: forcing a failure.
[  434.359115][ T9619] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  434.745068][ T9619] CPU: 1 UID: 0 PID: 9619 Comm: syz.4.868 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  434.745101][ T9619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  434.745113][ T9619] Call Trace:
[  434.745121][ T9619]  <TASK>
[  434.745130][ T9619]  dump_stack_lvl+0x189/0x250
[  434.745158][ T9619]  ? __pfx____ratelimit+0x10/0x10
[  434.745191][ T9619]  ? __pfx_dump_stack_lvl+0x10/0x10
[  434.745214][ T9619]  ? __pfx__printk+0x10/0x10
[  434.745243][ T9619]  ? fs_reclaim_acquire+0x7d/0x100
[  434.745273][ T9619]  should_fail_ex+0x414/0x560
[  434.745307][ T9619]  prepare_alloc_pages+0x213/0x610
[  434.745337][ T9619]  __alloc_frozen_pages_noprof+0x123/0x370
[  434.745358][ T9619]  ? __netlink_deliver_tap+0x404/0x850
[  434.745385][ T9619]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  434.745418][ T9619]  ? policy_nodemask+0x27c/0x720
[  434.745446][ T9619]  ? __lock_acquire+0xab9/0xd20
[  434.745472][ T9619]  alloc_pages_mpol+0x232/0x4a0
[  434.745509][ T9619]  vma_alloc_folio_noprof+0xe4/0x200
[  434.745544][ T9619]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  434.745588][ T9619]  folio_prealloc+0x30/0x180
[  434.745620][ T9619]  __handle_mm_fault+0x2c88/0x5620
[  434.745669][ T9619]  ? __pfx___handle_mm_fault+0x10/0x10
[  434.745719][ T9619]  ? find_vma+0xe7/0x160
[  434.745747][ T9619]  ? __pfx_find_vma+0x10/0x10
[  434.745777][ T9619]  handle_mm_fault+0x2d5/0x7f0
[  434.745817][ T9619]  do_user_addr_fault+0x764/0x1390
[  434.745882][ T9619]  exc_page_fault+0x76/0xf0
[  434.745918][ T9619]  asm_exc_page_fault+0x26/0x30
[  434.745937][ T9619] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  434.745964][ T9619] Code: 00 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 e9 0f 00 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  434.745981][ T9619] RSP: 0018:ffffc9000400f4f8 EFLAGS: 00050206
[  434.746000][ T9619] RAX: ffff888078310001 RBX: ffff888078310067 RCX: 0000000000000e35
[  434.746015][ T9619] RDX: 0000000000000000 RSI: ffff888078310067 RDI: 0000200000001b00
[  434.746028][ T9619] RBP: ffffc9000400f650 R08: ffff888078310e9b R09: 1ffff1100f0621d3
[  434.746042][ T9619] R10: dffffc0000000000 R11: ffffed100f0621d4 R12: dffffc0000000000
[  434.746055][ T9619] R13: 0000000000000e35 R14: 00007ffffffff000 R15: 0000200000002935
[  434.746089][ T9619]  _copy_to_iter+0x5f6/0x16f0
[  434.746123][ T9619]  ? __pfx__copy_to_iter+0x10/0x10
[  434.746141][ T9619]  ? __skb_try_recv_from_queue+0x2b2/0x730
[  434.746248][ T9619]  ? __skb_try_recv_datagram+0x3da/0x4e0
[  434.746283][ T9619]  __skb_datagram_iter+0xf8/0x990
[  434.746315][ T9619]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  434.746353][ T9619]  skb_copy_datagram_iter+0xc5/0x230
[  434.746386][ T9619]  netlink_recvmsg+0x2ab/0xa30
[  434.746423][ T9619]  ? __pfx_netlink_recvmsg+0x10/0x10
[  434.746478][ T9619]  ? __lock_acquire+0xab9/0xd20
[  434.746501][ T9619]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[  434.746529][ T9619]  ? security_socket_recvmsg+0x7e/0x2e0
[  434.746557][ T9619]  ? __pfx_netlink_recvmsg+0x10/0x10
[  434.746582][ T9619]  sock_recvmsg+0x229/0x270
[  434.746618][ T9619]  ____sys_recvmsg+0x1c9/0x460
[  434.746667][ T9619]  ? __pfx_____sys_recvmsg+0x10/0x10
[  434.746709][ T9619]  ? import_iovec+0x74/0xa0
[  434.746736][ T9619]  ___sys_recvmsg+0x1b5/0x510
[  434.746768][ T9619]  ? __pfx____sys_recvmsg+0x10/0x10
[  434.746821][ T9619]  ? __fget_files+0x3a0/0x420
[  434.746863][ T9619]  do_recvmmsg+0x307/0x770
[  434.746899][ T9619]  ? __pfx_do_recvmmsg+0x10/0x10
[  434.746939][ T9619]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  434.746980][ T9619]  __x64_sys_recvmmsg+0x190/0x240
[  434.747010][ T9619]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  434.747034][ T9619]  ? rcu_is_watching+0x15/0xb0
[  434.747062][ T9619]  ? do_syscall_64+0xbe/0x3b0
[  434.747085][ T9619]  do_syscall_64+0xfa/0x3b0
[  434.747102][ T9619]  ? lockdep_hardirqs_on+0x9c/0x150
[  434.747132][ T9619]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.747151][ T9619]  ? clear_bhb_loop+0x60/0xb0
[  434.747175][ T9619]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  434.747194][ T9619] RIP: 0033:0x7f739278e929
[  434.747212][ T9619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  434.747228][ T9619] RSP: 002b:00007f73936b1038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  434.747248][ T9619] RAX: ffffffffffffffda RBX: 00007f73929b5fa0 RCX: 00007f739278e929
[  434.747262][ T9619] RDX: 0000000000000001 RSI: 0000200000000500 RDI: 0000000000000003
[  434.747274][ T9619] RBP: 00007f73936b1090 R08: 0000000000000000 R09: 0000000000000000
[  434.747286][ T9619] R10: 0000000000000120 R11: 0000000000000246 R12: 0000000000000001
[  434.747297][ T9619] R13: 0000000000000000 R14: 00007f73929b5fa0 R15: 00007ffcb18b2628
[  434.747329][ T9619]  </TASK>
[  436.447961][ T9639] netlink: 'syz.1.876': attribute type 2 has an invalid length.
[  437.871230][ T9646] netlink: 4 bytes leftover after parsing attributes in process `syz.6.878'.
[  438.265320][ T2149] usb 7-1: new high-speed USB device number 21 using dummy_hcd
[  438.346526][    C1] raw-gadget.0 gadget.6: ignoring, device is not running
[  438.480082][ T2149] usb 7-1: device descriptor read/64, error -32
[  438.821548][ T2149] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[  439.132034][ T2149] usb 7-1: Using ep0 maxpacket: 32
[  439.248104][ T2149] usb 7-1: config 0 has an invalid interface number: 12 but max is 0
[  439.358319][ T2149] usb 7-1: config 0 has no interface number 0
[  439.413392][ T2149] usb 7-1: config 0 interface 12 has no altsetting 0
[  439.504697][ T2149] usb 7-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  439.575442][ T2149] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.595519][ T2149] usb 7-1: Product: syz
[  439.606738][ T2149] usb 7-1: Manufacturer: syz
[  439.637773][ T2149] usb 7-1: SerialNumber: syz
[  439.885659][ T9660] FAULT_INJECTION: forcing a failure.
[  439.885659][ T9660] name failslab, interval 1, probability 0, space 0, times 0
[  439.918201][ T2149] usb 7-1: config 0 descriptor??
[  439.963188][ T9660] CPU: 1 UID: 0 PID: 9660 Comm: syz.0.880 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  439.963219][ T9660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  439.963232][ T9660] Call Trace:
[  439.963241][ T9660]  <TASK>
[  439.963250][ T9660]  dump_stack_lvl+0x189/0x250
[  439.963284][ T9660]  ? __pfx____ratelimit+0x10/0x10
[  439.963316][ T9660]  ? __pfx_dump_stack_lvl+0x10/0x10
[  439.963340][ T9660]  ? __pfx__printk+0x10/0x10
[  439.963374][ T9660]  ? __pfx___might_resched+0x10/0x10
[  439.963402][ T9660]  ? fs_reclaim_acquire+0x7d/0x100
[  439.963429][ T9660]  should_fail_ex+0x414/0x560
[  439.963464][ T9660]  should_failslab+0xa8/0x100
[  439.963497][ T9660]  __kmalloc_noprof+0xcb/0x4f0
[  439.963526][ T9660]  ? snd_pcm_hw_refine+0x967/0x1640
[  439.963558][ T9660]  snd_pcm_hw_refine+0x967/0x1640
[  439.963615][ T9660]  ? __pfx_snd_pcm_hw_refine+0x10/0x10
[  439.963679][ T9660]  ? __asan_memset+0x22/0x50
[  439.963702][ T9660]  ? snd_pcm_oss_change_params_locked+0x7a0/0x3e40
[  439.963735][ T9660]  ? snd_pcm_oss_change_params_locked+0x800/0x3e40
[  439.963771][ T9660]  snd_pcm_oss_change_params_locked+0xa84/0x3e40
[  439.963810][ T9660]  ? __pfx___mutex_trylock_common+0x10/0x10
[  439.963886][ T9660]  ? trace_contention_end+0x39/0x120
[  439.963910][ T9660]  ? __mutex_lock+0x330/0xe80
[  439.963934][ T9660]  ? trace_sched_exit_tp+0x38/0x120
[  439.963966][ T9660]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  439.963995][ T9660]  ? snd_pcm_oss_read+0x1f9/0x8d0
[  439.964031][ T9660]  ? preempt_schedule_irq+0xde/0x150
[  439.964071][ T9660]  ? irqentry_exit+0x74/0x90
[  439.964105][ T9660]  snd_pcm_oss_read+0x26a/0x8d0
[  439.964146][ T9660]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  439.964175][ T9660]  vfs_read+0x200/0x980
[  439.964199][ T9660]  ? trace_irq_disable+0x37/0x110
[  439.964236][ T9660]  ? __pfx_vfs_read+0x10/0x10
[  439.964261][ T9660]  ? irqentry_exit+0x74/0x90
[  439.964290][ T9660]  ? lockdep_hardirqs_on+0x9c/0x150
[  439.964337][ T9660]  ksys_read+0x145/0x250
[  439.964406][ T9660]  ? __pfx_ksys_read+0x10/0x10
[  439.964431][ T9660]  ? rcu_is_watching+0x15/0xb0
[  439.964487][ T9660]  ? do_syscall_64+0xbe/0x3b0
[  439.964509][ T9660]  do_syscall_64+0xfa/0x3b0
[  439.964529][ T9660]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.964548][ T9660]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  439.964567][ T9660]  ? clear_bhb_loop+0x60/0xb0
[  439.964591][ T9660]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.964611][ T9660] RIP: 0033:0x7ff68a58e929
[  439.964630][ T9660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.964647][ T9660] RSP: 002b:00007ff68b40e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  439.964669][ T9660] RAX: ffffffffffffffda RBX: 00007ff68a7b6160 RCX: 00007ff68a58e929
[  439.964684][ T9660] RDX: 0000000000001000 RSI: 00002000000002c0 RDI: 0000000000000004
[  439.964697][ T9660] RBP: 00007ff68b40e090 R08: 0000000000000000 R09: 0000000000000000
[  439.964708][ T9660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  439.964720][ T9660] R13: 0000000000000001 R14: 00007ff68a7b6160 R15: 00007ffe815384c8
[  439.964753][ T9660]  </TASK>
[  441.452188][ T9669] QAT: Device 7 not found
[  441.988036][ T2149] f81534 7-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  442.040193][ T2149] f81534 7-1:0.12: f81534_find_config_idx: read failed: -71
[  442.047623][ T2149] f81534 7-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  442.109914][ T2149] f81534 7-1:0.12: probe with driver f81534 failed with error -71
[  442.165104][ T2149] usb 7-1: USB disconnect, device number 22
[  442.380117][ T9682] netlink: 104 bytes leftover after parsing attributes in process `syz.5.888'.
[  444.546765][ T5943] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  445.166311][ T5943] usb 1-1: unable to get BOS descriptor or descriptor too short
[  445.180125][ T5943] usb 1-1: not running at top speed; connect to a high speed hub
[  445.194196][ T5943] usb 1-1: config 4 has an invalid interface number: 32 but max is 0
[  445.213667][ T5943] usb 1-1: config 4 has no interface number 0
[  445.265822][ T5943] usb 1-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=f1.50
[  445.278050][ T5943] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.310286][ T5943] usb 1-1: Product: syz
[  445.323661][ T5943] usb 1-1: Manufacturer: syz
[  445.342558][ T5943] usb 1-1: SerialNumber: syz
[  445.354317][ T9706] netlink: 4 bytes leftover after parsing attributes in process `syz.6.896'.
[  445.363469][ T5953] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  445.407613][ T9706] netlink: 8 bytes leftover after parsing attributes in process `syz.6.896'.
[  445.483058][ T9706] batadv0: entered promiscuous mode
[  445.520515][ T5953] usb 6-1: Using ep0 maxpacket: 32
[  445.521111][ T9706] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  446.208586][ T5953] usb 6-1: unable to read config index 0 descriptor/start: -61
[  446.216312][ T5953] usb 6-1: can't read configurations, error -61
[  446.350675][ T5953] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  446.358372][ T5978] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  446.539884][ T5953] usb 6-1: Using ep0 maxpacket: 32
[  446.581869][ T5953] usb 6-1: unable to read config index 0 descriptor/start: -61
[  446.609750][ T5978] usb 2-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  446.650589][ T5953] usb 6-1: can't read configurations, error -61
[  447.147237][ T5978] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.155813][ T5953] usb usb6-port1: attempt power cycle
[  447.161505][ T5978] usb 2-1: Product: syz
[  447.168329][ T5978] usb 2-1: Manufacturer: syz
[  447.175412][ T5978] usb 2-1: SerialNumber: syz
[  447.408024][ T9721] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  447.578570][ T5953] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  447.621662][ T5978] usb 2-1: config 0 descriptor??
[  447.630254][ T5953] usb 6-1: Using ep0 maxpacket: 32
[  447.724736][ T5978] gspca_main: sunplus-2.14.0 probing 055f:c230
[  447.824590][ T5943] usb 1-1: Found UVC 0.02 device syz (17dc:0202)
[  447.845272][ T5953] usb 6-1: unable to read config index 0 descriptor/start: -71
[  447.853673][ T5953] usb 6-1: can't read configurations, error -71
[  447.897050][ T5943] usb 1-1: No valid video chain found.
[  447.906457][ T5943] usb 1-1: USB disconnect, device number 19
[  447.947642][ T1299] ieee802154 phy0 wpan0: encryption failed: -22
[  447.959516][ T1299] ieee802154 phy1 wpan1: encryption failed: -22
[  448.476825][ T5978] gspca_sunplus: reg_r err -71
[  448.596516][ T5978] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[  448.635468][ T5978] usb 2-1: USB disconnect, device number 26
[  449.463860][ T9742] netlink: 'syz.5.907': attribute type 2 has an invalid length.
[  449.630157][   T43] usb 7-1: new full-speed USB device number 23 using dummy_hcd
[  450.154867][   T43] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  450.175585][   T43] usb 7-1: config 0 has no interface number 0
[  450.200041][   T43] usb 7-1: too many endpoints for config 0 interface 1 altsetting 210: 113, using maximum allowed: 30
[  450.222883][   T43] usb 7-1: config 0 interface 1 altsetting 210 has 0 endpoint descriptors, different from the interface descriptor's value: 113
[  450.249847][   T43] usb 7-1: config 0 interface 1 has no altsetting 0
[  450.367589][   T43] usb 7-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  450.484816][ T9755] FAULT_INJECTION: forcing a failure.
[  450.484816][ T9755] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  450.498040][ T9755] CPU: 0 UID: 0 PID: 9755 Comm: syz.5.910 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  450.498068][ T9755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  450.498081][ T9755] Call Trace:
[  450.498091][ T9755]  <TASK>
[  450.498100][ T9755]  dump_stack_lvl+0x189/0x250
[  450.498146][ T9755]  ? __pfx____ratelimit+0x10/0x10
[  450.498176][ T9755]  ? __pfx_dump_stack_lvl+0x10/0x10
[  450.498198][ T9755]  ? __pfx__printk+0x10/0x10
[  450.498236][ T9755]  should_fail_ex+0x414/0x560
[  450.498327][ T9755]  _copy_to_user+0x31/0xb0
[  450.498352][ T9755]  put_itimerspec64+0x168/0x1d0
[  450.498372][ T9755]  ? __pfx_put_itimerspec64+0x10/0x10
[  450.498394][ T9755]  ? preempt_schedule_thunk+0x16/0x30
[  450.498430][ T9755]  __x64_sys_timer_gettime+0x14c/0x1d0
[  450.498458][ T9755]  ? __pfx___x64_sys_timer_gettime+0x10/0x10
[  450.498494][ T9755]  ? do_syscall_64+0xbe/0x3b0
[  450.498519][ T9755]  do_syscall_64+0xfa/0x3b0
[  450.498538][ T9755]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.498576][ T9755]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  450.498594][ T9755]  ? clear_bhb_loop+0x60/0xb0
[  450.498617][ T9755]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.498635][ T9755] RIP: 0033:0x7f5eef58e929
[  450.498658][ T9755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  450.498675][ T9755] RSP: 002b:00007f5ef0415038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e0
[  450.498696][ T9755] RAX: ffffffffffffffda RBX: 00007f5eef7b6160 RCX: 00007f5eef58e929
[  450.498709][ T9755] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000000
[  450.498721][ T9755] RBP: 00007f5ef0415090 R08: 0000000000000000 R09: 0000000000000000
[  450.498732][ T9755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.498743][ T9755] R13: 0000000000000000 R14: 00007f5eef7b6160 R15: 00007ffd9ea86738
[  450.498772][ T9755]  </TASK>
[  450.880041][   T43] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.520255][   T43] usb 7-1: config 0 descriptor??
[  451.617872][ T9764] trusted_key: syz.4.914 sent an empty control message without MSG_MORE.
[  451.630654][ T9765] netlink: 'syz.4.914': attribute type 2 has an invalid length.
[  451.643723][ T9765] netlink: 12 bytes leftover after parsing attributes in process `syz.4.914'.
[  451.670349][ T9764] netlink: 'syz.4.914': attribute type 2 has an invalid length.
[  451.683743][ T9764] netlink: 12 bytes leftover after parsing attributes in process `syz.4.914'.
[  452.300615][ T5953] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  452.671668][ T5953] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 512, setting to 64
[  452.706772][ T5953] usb 5-1: New USB device found, idVendor=5fc9, idProduct=0061, bcdDevice=cd.47
[  452.732210][ T5953] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.812542][ T5953] usb 5-1: Product: syz
[  452.816894][ T5953] usb 5-1: Manufacturer: syz
[  452.824088][ T5953] usb 5-1: SerialNumber: syz
[  452.834055][ T5953] usb 5-1: config 0 descriptor??
[  453.116046][ T5953] usb 5-1: USB disconnect, device number 18
[  453.167989][   T43] usb 7-1: string descriptor 0 read error: -71
[  453.190785][   T43] usb 7-1: selecting invalid altsetting 1
[  453.281378][ T9780] capability: warning: `syz.0.917' uses 32-bit capabilities (legacy support in use)
[  453.464513][   T43] dvb_ttusb_budget: ttusb_init_controller: error
[  453.574656][ T2149] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  453.754459][   T43] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  454.002141][ T2149] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  454.019362][   T43] DVB: Unable to find symbol cx22700_attach()
[  454.031261][ T2149] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  454.054515][ T2149] usb 1-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  454.084730][ T2149] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  454.111492][ T2149] usb 1-1: config 0 descriptor??
[  454.242481][   T43] DVB: Unable to find symbol tda10046_attach()
[  455.026996][   T43] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  455.084127][   T43] usb 7-1: USB disconnect, device number 23
[  455.597689][ T9787] overlayfs: failed to resolve './file0': -2
[  455.807188][ T2149] kye 0003:0458:5011.0008: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  456.257465][ T2149] kye 0003:0458:5011.0008: hidraw0: USB HID vff.fe Device [HID 0458:5011] on usb-dummy_hcd.0-1/input0
[  456.304139][ T9799] netlink: 4 bytes leftover after parsing attributes in process `syz.5.921'.
[  456.319400][ T2149] kye 0003:0458:5011.0008: tablet-enabling feature report not found
[  456.346601][ T2149] kye 0003:0458:5011.0008: tablet enabling failed
[  456.480326][   T43] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[  456.630352][   T43] usb 7-1: Using ep0 maxpacket: 16
[  456.756124][   T43] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  456.776735][ T5923] usb 1-1: USB disconnect, device number 20
[  457.254986][   T43] usb 7-1: string descriptor 0 read error: -71
[  457.426418][   T43] usb 7-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  457.450056][   T43] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  457.499377][   T43] usb 7-1: config 0 descriptor??
[  457.520550][   T43] usb 7-1: can't set config #0, error -71
[  457.576617][   T43] usb 7-1: USB disconnect, device number 24
[  458.821689][ T9825] fuse: Bad value for 'user_id'
[  458.826619][ T9825] fuse: Bad value for 'user_id'
[  459.076955][ T9827] netlink: 'syz.0.930': attribute type 2 has an invalid length.
[  459.618854][ T9831] syz.4.931 (9831) used greatest stack depth: 16536 bytes left
[  461.327772][ T9850] CIFS: VFS: Malformed UNC in devname
[  463.089152][ T9861] sctp: [Deprecated]: syz.4.941 (pid 9861) Use of struct sctp_assoc_value in delayed_ack socket option.
[  463.089152][ T9861] Use struct sctp_sack_info instead
[  463.100089][ T2149] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  463.359824][ T2149] usb 2-1: Using ep0 maxpacket: 32
[  463.385418][ T2149] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  463.411549][ T5978] usb 7-1: new low-speed USB device number 25 using dummy_hcd
[  463.430473][ T2149] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  463.445271][ T2149] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  463.453735][ T2149] usb 2-1: Product: syz
[  463.458007][ T2149] usb 2-1: Manufacturer: syz
[  463.462836][ T2149] usb 2-1: SerialNumber: syz
[  464.007052][ T2149] usb 2-1: config 0 descriptor??
[  464.020208][ T5978] usb 7-1: Invalid ep0 maxpacket: 16
[  464.049428][ T9856] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  464.125088][ T2149] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  464.161770][ T5978] usb 7-1: new low-speed USB device number 26 using dummy_hcd
[  464.179453][ T9876] xt_TCPMSS: Only works on TCP SYN packets
[  464.350893][ T5978] usb 7-1: Invalid ep0 maxpacket: 16
[  464.357156][ T9876] bridge0: port 2(bridge_slave_1) entered disabled state
[  464.366746][ T9876] bridge0: port 1(bridge_slave_0) entered disabled state
[  464.391866][ T5978] usb usb7-port1: attempt power cycle
[  464.415103][ T2149] usb 2-1: USB disconnect, device number 27
[  464.727103][ T9876] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  464.757194][ T9876] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  464.765469][ T5978] usb 7-1: new low-speed USB device number 27 using dummy_hcd
[  464.790704][ T5978] usb 7-1: Invalid ep0 maxpacket: 16
[  464.940434][ T5978] usb 7-1: new low-speed USB device number 28 using dummy_hcd
[  464.949974][ T9876] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  464.958897][ T9876] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  464.969679][ T9876] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  464.984937][ T9876] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  465.010604][ T5978] usb 7-1: Invalid ep0 maxpacket: 16
[  465.027927][ T5978] usb usb7-port1: unable to enumerate USB device
[  465.057379][ T9882] FAULT_INJECTION: forcing a failure.
[  465.057379][ T9882] name failslab, interval 1, probability 0, space 0, times 0
[  465.072552][ T9882] CPU: 0 UID: 0 PID: 9882 Comm: syz.1.947 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  465.072583][ T9882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  465.072596][ T9882] Call Trace:
[  465.072604][ T9882]  <TASK>
[  465.072613][ T9882]  dump_stack_lvl+0x189/0x250
[  465.072641][ T9882]  ? __pfx____ratelimit+0x10/0x10
[  465.072673][ T9882]  ? __pfx_dump_stack_lvl+0x10/0x10
[  465.072696][ T9882]  ? __pfx__printk+0x10/0x10
[  465.072727][ T9882]  ? __pfx___might_resched+0x10/0x10
[  465.072750][ T9882]  ? fs_reclaim_acquire+0x7d/0x100
[  465.072779][ T9882]  should_fail_ex+0x414/0x560
[  465.072814][ T9882]  should_failslab+0xa8/0x100
[  465.072848][ T9882]  kmem_cache_alloc_noprof+0x73/0x3c0
[  465.072876][ T9882]  ? __pmd_alloc+0xc6/0x3b0
[  465.072908][ T9882]  __pmd_alloc+0xc6/0x3b0
[  465.072940][ T9882]  __handle_mm_fault+0xa63/0x5620
[  465.072980][ T9882]  ? mt_find+0x46f/0x5f0
[  465.073005][ T9882]  ? __pfx___handle_mm_fault+0x10/0x10
[  465.073057][ T9882]  ? find_vma+0xe7/0x160
[  465.073091][ T9882]  ? __pfx_find_vma+0x10/0x10
[  465.073121][ T9882]  handle_mm_fault+0x2d5/0x7f0
[  465.073161][ T9882]  do_user_addr_fault+0x764/0x1390
[  465.073212][ T9882]  exc_page_fault+0x76/0xf0
[  465.073246][ T9882]  asm_exc_page_fault+0x26/0x30
[  465.073265][ T9882] RIP: 0010:rep_movs_alternative+0x30/0x90
[  465.073291][ T9882] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 3d 00 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08
[  465.073308][ T9882] RSP: 0018:ffffc90002fd7d58 EFLAGS: 00050202
[  465.073327][ T9882] RAX: 00007ffffffff001 RBX: 0000000000000018 RCX: 0000000000000018
[  465.073341][ T9882] RDX: 0000000000000001 RSI: 00002000000000c0 RDI: ffffc90002fd7dc0
[  465.073354][ T9882] RBP: ffffc90002fd7eb8 R08: ffffc90002fd7dd7 R09: 1ffff920005fafba
[  465.073369][ T9882] R10: dffffc0000000000 R11: fffff520005fafbb R12: 00002000000000c0
[  465.073384][ T9882] R13: ffff888078688000 R14: ffffc90002fd7dc0 R15: 00002000000000c0
[  465.073483][ T9882]  _copy_from_user+0x7a/0xb0
[  465.073509][ T9882]  __sys_bind+0x199/0x3e0
[  465.073536][ T9882]  ? __pfx___sys_bind+0x10/0x10
[  465.073571][ T9882]  ? __pfx_ksys_write+0x10/0x10
[  465.073601][ T9882]  ? rcu_is_watching+0x15/0xb0
[  465.073643][ T9882]  __x64_sys_bind+0x7a/0x90
[  465.073665][ T9882]  do_syscall_64+0xfa/0x3b0
[  465.073682][ T9882]  ? lockdep_hardirqs_on+0x9c/0x150
[  465.073711][ T9882]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.073730][ T9882]  ? clear_bhb_loop+0x60/0xb0
[  465.073755][ T9882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.073794][ T9882] RIP: 0033:0x7f677258e929
[  465.073811][ T9882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  465.073828][ T9882] RSP: 002b:00007f67733a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  465.073847][ T9882] RAX: ffffffffffffffda RBX: 00007f67727b5fa0 RCX: 00007f677258e929
[  465.073861][ T9882] RDX: 0000000000000018 RSI: 00002000000000c0 RDI: 0000000000000003
[  465.073873][ T9882] RBP: 00007f67733a6090 R08: 0000000000000000 R09: 0000000000000000
[  465.073885][ T9882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  465.073896][ T9882] R13: 0000000000000000 R14: 00007f67727b5fa0 R15: 00007ffc97e99348
[  465.073928][ T9882]  </TASK>
[  465.411119][ T9876] batadv0: left promiscuous mode
[  468.110455][  T978] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  468.643081][  T978] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  468.797923][  T978] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  468.838737][  T978] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  468.916764][  T978] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.038431][  T978] usb 1-1: config 0 descriptor??
[  469.825304][ T9946] ==================================================================
[  469.825389][ T9946] BUG: KASAN: global-out-of-bounds in bit_putcs+0x135b/0x1a50
[  469.825480][ T9946] Read of size 1 at addr ffffffff8be45980 by task syz.1.957/9946
[  469.825499][ T9946] 
[  469.825539][ T9946] CPU: 1 UID: 0 PID: 9946 Comm: syz.1.957 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  469.825605][ T9946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.825620][ T9946] Call Trace:
[  469.825630][ T9946]  <TASK>
[  469.825639][ T9946]  dump_stack_lvl+0x189/0x250
[  469.825665][ T9946]  ? __virt_addr_valid+0x1c8/0x5c0
[  469.825720][ T9946]  ? rcu_is_watching+0x15/0xb0
[  469.825750][ T9946]  ? __kasan_check_byte+0x12/0x40
[  469.825783][ T9946]  ? __pfx_dump_stack_lvl+0x10/0x10
[  469.825805][ T9946]  ? rcu_is_watching+0x15/0xb0
[  469.825828][ T9946]  ? lock_release+0x4b/0x3e0
[  469.825850][ T9946]  ? __virt_addr_valid+0x1c8/0x5c0
[  469.825874][ T9946]  ? __virt_addr_valid+0x4a5/0x5c0
[  469.825899][ T9946]  print_report+0xd2/0x2b0
[  469.825932][ T9946]  ? bit_putcs+0x135b/0x1a50
[  469.825958][ T9946]  kasan_report+0x118/0x150
[  469.825989][ T9946]  ? bit_putcs+0x135b/0x1a50
[  469.826017][ T9946]  bit_putcs+0x135b/0x1a50
[  469.826061][ T9946]  ? __pfx_bit_putcs+0x10/0x10
[  469.826083][ T9946]  ? bit_cursor+0x16d0/0x1f80
[  469.826110][ T9946]  ? fb_get_color_depth+0x162/0x280
[  469.826136][ T9946]  fbcon_putcs+0x3e5/0x5f0
[  469.826159][ T9946]  ? __pfx_bit_putcs+0x10/0x10
[  469.826183][ T9946]  do_update_region+0x388/0x440
[  469.826254][ T9946]  update_region+0x1ce/0x490
[  469.826285][ T9946]  vcs_write+0xd65/0x1260
[  469.826323][ T9946]  ? try_to_wake_up+0x81b/0x1290
[  469.826363][ T9946]  ? __pfx_vcs_write+0x10/0x10
[  469.826383][ T9946]  ? security_file_permission+0x75/0x290
[  469.826417][ T9946]  ? rw_verify_area+0x258/0x650
[  469.826443][ T9946]  ? __pfx_vcs_write+0x10/0x10
[  469.826466][ T9946]  vfs_write+0x27e/0xa90
[  469.826498][ T9946]  ? __pfx_vfs_write+0x10/0x10
[  469.826526][ T9946]  ? __fget_files+0x2a/0x420
[  469.826547][ T9946]  ? __fget_files+0x2a/0x420
[  469.826564][ T9946]  ? __fget_files+0x3a0/0x420
[  469.826581][ T9946]  ? __fget_files+0x2a/0x420
[  469.826604][ T9946]  ksys_write+0x145/0x250
[  469.826634][ T9946]  ? __pfx_ksys_write+0x10/0x10
[  469.826660][ T9946]  ? rcu_is_watching+0x15/0xb0
[  469.826684][ T9946]  ? do_syscall_64+0xbe/0x3b0
[  469.826707][ T9946]  do_syscall_64+0xfa/0x3b0
[  469.826725][ T9946]  ? lockdep_hardirqs_on+0x9c/0x150
[  469.826770][ T9946]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.826791][ T9946]  ? clear_bhb_loop+0x60/0xb0
[  469.826814][ T9946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.826835][ T9946] RIP: 0033:0x7f677258e929
[  469.826853][ T9946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.826871][ T9946] RSP: 002b:00007f6773364038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  469.826895][ T9946] RAX: ffffffffffffffda RBX: 00007f67727b6160 RCX: 00007f677258e929
[  469.826912][ T9946] RDX: 000000000000002f RSI: 0000200000000080 RDI: 0000000000000003
[  469.826925][ T9946] RBP: 00007f6772610b39 R08: 0000000000000000 R09: 0000000000000000
[  469.826938][ T9946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  469.826950][ T9946] R13: 0000000000000000 R14: 00007f67727b6160 R15: 00007ffc97e99348
[  469.826972][ T9946]  </TASK>
[  469.826979][ T9946] 
[  469.826985][ T9946] The buggy address belongs to the variable:
[  469.827025][ T9946]  fontdata_8x16+0x1360/0x1480
[  469.827074][ T9946] 
[  469.827080][ T9946] The buggy address belongs to the physical page:
[  469.827094][ T9946] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0xbe45
[  469.827142][ T9946] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff)
[  469.827172][ T9946] raw: 00fff00000002000 ffffea00002f9148 ffffea00002f9148 0000000000000000
[  469.827191][ T9946] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  469.827203][ T9946] page dumped because: kasan: bad access detected
[  469.827238][ T9946] page_owner info is not present (never set?)
[  469.827275][ T9946] 
[  469.827281][ T9946] Memory state around the buggy address:
[  469.827318][ T9946]  ffffffff8be45880: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[  469.827334][ T9946]  ffffffff8be45900: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[  469.827348][ T9946] >ffffffff8be45980: f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9 f9
[  469.827359][ T9946]                    ^
[  469.827371][ T9946]  ffffffff8be45a00: f9 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00
[  469.827416][ T9946]  ffffffff8be45a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  469.827427][ T9946] ==================================================================
[  469.827481][ T9946] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  469.827504][ T9946] CPU: 1 UID: 0 PID: 9946 Comm: syz.1.957 Not tainted 6.16.0-rc5-syzkaller-00121-gbc9ff192a6c9 #0 PREEMPT(full) 
[  469.827530][ T9946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.827544][ T9946] Call Trace:
[  469.827553][ T9946]  <TASK>
[  469.827561][ T9946]  dump_stack_lvl+0x99/0x250
[  469.827589][ T9946]  ? __asan_memcpy+0x40/0x70
[  469.827615][ T9946]  ? __pfx_dump_stack_lvl+0x10/0x10
[  469.827640][ T9946]  ? __pfx__printk+0x10/0x10
[  469.827673][ T9946]  panic+0x2db/0x790
[  469.827699][ T9946]  ? __pfx_panic+0x10/0x10
[  469.827724][ T9946]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  469.827765][ T9946]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  469.827795][ T9946]  ? print_memory_metadata+0x314/0x400
[  469.827829][ T9946]  ? bit_putcs+0x135b/0x1a50
[  469.827852][ T9946]  check_panic_on_warn+0x89/0xb0
[  469.827884][ T9946]  ? bit_putcs+0x135b/0x1a50
[  469.827908][ T9946]  end_report+0x78/0x160
[  469.827937][ T9946]  kasan_report+0x129/0x150
[  469.827969][ T9946]  ? bit_putcs+0x135b/0x1a50
[  469.827998][ T9946]  bit_putcs+0x135b/0x1a50
[  469.828044][ T9946]  ? __pfx_bit_putcs+0x10/0x10
[  469.828066][ T9946]  ? bit_cursor+0x16d0/0x1f80
[  469.828096][ T9946]  ? fb_get_color_depth+0x162/0x280
[  469.828123][ T9946]  fbcon_putcs+0x3e5/0x5f0
[  469.828147][ T9946]  ? __pfx_bit_putcs+0x10/0x10
[  469.828173][ T9946]  do_update_region+0x388/0x440
[  469.828210][ T9946]  update_region+0x1ce/0x490
[  469.828242][ T9946]  vcs_write+0xd65/0x1260
[  469.828262][ T9946]  ? try_to_wake_up+0x81b/0x1290
[  469.828302][ T9946]  ? __pfx_vcs_write+0x10/0x10
[  469.828322][ T9946]  ? security_file_permission+0x75/0x290
[  469.828354][ T9946]  ? rw_verify_area+0x258/0x650
[  469.828380][ T9946]  ? __pfx_vcs_write+0x10/0x10
[  469.828402][ T9946]  vfs_write+0x27e/0xa90
[  469.828436][ T9946]  ? __pfx_vfs_write+0x10/0x10
[  469.828465][ T9946]  ? __fget_files+0x2a/0x420
[  469.828487][ T9946]  ? __fget_files+0x2a/0x420
[  469.828504][ T9946]  ? __fget_files+0x3a0/0x420
[  469.828522][ T9946]  ? __fget_files+0x2a/0x420
[  469.828546][ T9946]  ksys_write+0x145/0x250
[  469.828576][ T9946]  ? __pfx_ksys_write+0x10/0x10
[  469.828602][ T9946]  ? rcu_is_watching+0x15/0xb0
[  469.828629][ T9946]  ? do_syscall_64+0xbe/0x3b0
[  469.828676][ T9946]  do_syscall_64+0xfa/0x3b0
[  469.828696][ T9946]  ? lockdep_hardirqs_on+0x9c/0x150
[  469.828729][ T9946]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.828756][ T9946]  ? clear_bhb_loop+0x60/0xb0
[  469.828781][ T9946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.828802][ T9946] RIP: 0033:0x7f677258e929
[  469.828833][ T9946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.828851][ T9946] RSP: 002b:00007f6773364038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  469.828873][ T9946] RAX: ffffffffffffffda RBX: 00007f67727b6160 RCX: 00007f677258e929
[  469.828889][ T9946] RDX: 000000000000002f RSI: 0000200000000080 RDI: 0000000000000003
[  469.828903][ T9946] RBP: 00007f6772610b39 R08: 0000000000000000 R09: 0000000000000000
[  469.828917][ T9946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  469.828930][ T9946] R13: 0000000000000000 R14: 00007f67727b6160 R15: 00007ffc97e99348
[  469.828953][ T9946]  </TASK>
[  469.829459][ T9946] Kernel Offset: disabled