last executing test programs:

1m24.148001259s ago: executing program 3 (id=1075):
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0), 0x8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newnexthop={0x30, 0x68, 0x1, 0x3, 0x80000000, {}, [@NHA_GROUP={0x4}, @NHA_GATEWAY={0x14, 0x6, @in6_addr=@dev={0xfe, 0x80, '\x00', 0x17}}]}, 0x30}}, 0x40000)
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000005c0)={'ip6gretap0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x700, &(0x7f0000000440)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="3b844100d5432f"], 0xdd12}], 0x1}, 0x20040890)

1m24.08809349s ago: executing program 3 (id=1076):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(0xffffffffffffffff, 0x40082102, &(0x7f0000000080))
socket$pppl2tp(0x18, 0x1, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'veth0\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000180)=0x19ca, 0x4)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548", 0x36, 0x0, &(0x7f0000000540)={0xc9, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)

1m23.867691047s ago: executing program 3 (id=1077):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000200)=0x3)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000280)=0x3)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000540)=0x1)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000001c0))

1m21.758292952s ago: executing program 3 (id=1085):
r0 = syz_open_dev$video(&(0x7f0000000000), 0x0, 0x0)
ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000940)={0xa, 0x0, 0x2, {0x8000, 0x8, 0x8, 0x2}})
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)="c01803002e000b12", 0x8}], 0x1}, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="100000001d14"], 0x10}, 0x1, 0x0, 0x0, 0x20000014}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/rt_cache\x00')
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2a05404, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x262)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x28, r5, 0x400, 0x70bd2e, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_KEY_DEFAULT_MGMT={0x4}, @NL80211_ATTR_KEY_IDX={0x5}]}, 0x28}, 0x1, 0x0, 0x0, 0xba83542b86c80fd3}, 0x4)
syz_emit_ethernet(0x22, &(0x7f0000000080)={@local, @random="429e82211cf8", @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x2, 0x0, 0x14, 0x65, 0x0, 0x2, 0x29, 0x0, @rand_addr=0x64010100, @broadcast}}}}}, 0x0)
r8 = syz_open_dev$vim2m(&(0x7f0000000500), 0x22, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0xb1eb, 0xfa, 0x67, 0x9}, {0x351, 0x10, 0x2}]})
ioctl$vim2m_VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f0000000600)={0x1, @vbi={0x8, 0x8, 0x6, 0x35323645, [0x0, 0x2], [0x40, 0xfffffffd], 0x108}})

1m19.455288194s ago: executing program 3 (id=1093):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000080008d804dd0000000000000109022400010000a008090400fe01030001000921fffffd0122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async, rerun: 32)
syz_usb_control_io(r0, &(0x7f0000000080)={0x2c, &(0x7f0000000340)=ANY=[@ANYBLOB="001105"], 0x0, 0x0, 0x0, 0x0}, 0x0) (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x100) (async)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000040)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]}) (async)
rmdir(&(0x7f0000000200)='./file0/file1\x00') (async)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x2, 0x40402) (async)
r2 = syz_open_dev$I2C(&(0x7f0000000140), 0xffffffff, 0x2c0800)
ioctl$DVB_DEMUX_DMX_EXPBUF(r1, 0xc00c6f3e, &(0x7f0000000180)={0x4, 0x0, <r3=>r2})
ioctl$I2C_SMBUS(r3, 0x720, &(0x7f00000000c0)={0x0, 0xb, 0x8, &(0x7f0000000100)={0x58, "c4b25d0efca5b50cb79883016df3b7b492504b659d3423438e79ba5e34c2a66b86"}}) (async)
r4 = socket$inet_udp(0x2, 0x2, 0x0) (async)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_ABS_SETUP(r5, 0x401c5504, &(0x7f0000000340)={0x400000100002f}) (async)
write$uinput_user_dev(r5, &(0x7f0000000800)={'syz1\x00', {0x0, 0x10, 0x2, 0x9}, 0x3, [0x0, 0x0, 0x0, 0x40000, 0x1, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x3, 0x0, 0x0, 0x4000, 0x20, 0x400, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x40000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x9, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800296, 0x100, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, 0xfffffffc, 0x0, 0x0, 0xfffffffc, 0x6, 0x0, 0x0, 0x6, 0x5f1, 0x3], [0x0, 0x0, 0x8, 0x0, 0x0, 0x5, 0x7, 0x80, 0x0, 0x2, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x7, 0xfffffffc, 0x768, 0x0, 0x7, 0x5, 0xfffffffc, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x400, 0x0, 0x200, 0x0, 0x2, 0x0, 0x3, 0x5, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0xfffffffd, 0x0, 0x20000008, 0x0, 0x80000001, 0x7, 0x0, 0x0, 0x0, 0xffff], [0x4, 0xfc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x1, 0x0, 0x0, 0x0, 0x4, 0x1000, 0x80, 0x0, 0x200, 0x0, 0xffffffff, 0x0, 0xfffffffc, 0x0, 0xfffffffd, 0xffffffff, 0x0, 0x0, 0x9fa, 0x0, 0x0, 0x7ff, 0x4, 0x0, 0x0, 0x921, 0x0, 0x0, 0x2, 0x0, 0x6, 0x0, 0x0, 0xbda6, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x800, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfff, 0x6, 0x0, 0x0, 0x0, 0x0, 0x8], [0x40000000, 0x0, 0x635, 0x0, 0x8000000, 0x3, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8, 0x9, 0x0, 0xbd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffd, 0x6, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x101, 0x7ffffffd, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcaa, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x4]}, 0x45c)
ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x3) (async)
r6 = inotify_init()
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1) (async)
r7 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xfffffffb}}, {{0xa, 0x0, 0x20000000, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0x2}}}, 0x108) (async)
r8 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r8, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108) (async, rerun: 64)
setsockopt$inet6_group_source_req(r8, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x1, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4e23, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}}}}, 0x108) (rerun: 64)
close_range(r6, 0xffffffffffffffff, 0x0)
r9 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r9, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x2}}, {{0xa, 0x0, 0x10000006, @remote}}}, 0x108) (async, rerun: 32)
ioctl$UI_DEV_CREATE(r5, 0x5501) (async, rerun: 32)
ioctl$UI_SET_KEYBIT(r5, 0x40045565, 0xe3)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000540)=@raw={'raw\x00', 0x8, 0x3, 0x4e8, 0x0, 0xa, 0xd0e0000, 0x328, 0x100, 0x450, 0x1d8, 0x1d8, 0x450, 0x1d8, 0x3, 0x0, {[{{@ip={@local, @loopback, 0xffffffff, 0xff, 'batadv0\x00', 'erspan0\x00', {0xff}, {0xff}, 0x1, 0x3, 0x10}, 0x0, 0x2c8, 0x328, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xbbbd40b804cbae}}, @common=@unspec=@bpf1={{0x230}, @fd}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @empty, 0x7008, 0x4, [0x22, 0x36, 0x16, 0x35, 0x14, 0x8, 0x3, 0x8, 0x1f, 0x6, 0x2b, 0x3c, 0xc, 0x2d, 0x15, 0x3e], 0x2, 0xb, 0x7}}}, {{@uncond, 0x3202, 0xc0, 0x128, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x2}}, @inet=@rpfilter={{0x28}, {0x6}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x2, 0x7, 0x8001, 0x1, 'pptp\x00', 'syz0\x00', {0x7}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x548)

1m19.200539992s ago: executing program 3 (id=1097):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), 0xffffffffffffffff)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000500), 0x101002, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000280)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x34}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0xf, 0x4, 0x8, 0xb}, 0x48)
r5 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r3, r4, 0x7, 0x0, @val=@tcx={@void, @value=r3}}, 0x1c)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000007c0)={r5, 0x0, 0x0}, 0x10)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r2, 0x80000000)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB="5bf80054", @ANYRES16=r1, @ANYBLOB="010026bd7040fbdbdf251400000008000100000000000800010002000000"], 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x10)
sendmsg$nl_route(r2, 0x0, 0x20000004)
openat$fb1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)

1m19.122020119s ago: executing program 32 (id=1097):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), 0xffffffffffffffff)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000500), 0x101002, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000280)=ANY=[], &(0x7f00000000c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x34}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0xf, 0x4, 0x8, 0xb}, 0x48)
r5 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000100)={r3, r4, 0x7, 0x0, @val=@tcx={@void, @value=r3}}, 0x1c)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000007c0)={r5, 0x0, 0x0}, 0x10)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x4000011, r2, 0x80000000)
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB="5bf80054", @ANYRES16=r1, @ANYBLOB="010026bd7040fbdbdf251400000008000100000000000800010002000000"], 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x10)
sendmsg$nl_route(r2, 0x0, 0x20000004)
openat$fb1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)

4.8509488s ago: executing program 0 (id=1710):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000600)={0x18, &(0x7f0000000340)={0x20, 0x31, 0x2, "2edc"}, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB="b0000000", @ANYRES16, @ANYBLOB="01"], 0xb0}}, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc0105b08, &(0x7f0000000040))

1.761645712s ago: executing program 4 (id=1733):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03", 0x3}], 0x1}, 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYRES32=r3], 0x1c}}, 0x4008054)
write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='\fw'], 0x14)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0), 0x4)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000250001"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0xd0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x9, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000ff0f0000000000000200000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020002000000008530ae99b6c4b6d6a100000039000008b70000000000000095000000200000f35311c28aa9f7f100"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @cgroup_sock=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040))

1.676980476s ago: executing program 4 (id=1734):
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1048001, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000002600), r1)
sendmsg$NFC_CMD_GET_DEVICE(r1, &(0x7f0000002840)={0x0, 0x0, &(0x7f0000002800)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010026bd7000fedbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="27008304dcb3bf993764b8ff909394276adc2ac5fa1b1babd5d96f81eb76d47e96499cfac8421cf2caf54bc936f3e8570fdac16796a81ed2da38cd4ef580a21e7a853c44b90f910d97a17e46010400000000000012ca5ea24a5417050b1410f57007023e54d1a0b214dd063c1ef766ccaab7aaead797a5cb5cf70bb3da954982183ba53d2b6b3dfb3b25c426171c6ac5d350baf720df1674a07c196dd2b965e2c60037188bd9909f21753447d0"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4)
chdir(&(0x7f0000000080)='./file1\x00')
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r6=>r5}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r3, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, r6, {0x4}}, './file0\x00'})

1.613093096s ago: executing program 4 (id=1735):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000580)="b318"})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000480)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40406301, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

1.612816226s ago: executing program 0 (id=1736):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="18020000000000000000000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000230000009500"], &(0x7f0000000080)='GPL\x00'}, 0x94)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x2}, 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r3, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f0000000340)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
setsockopt$TIPC_MCAST_BROADCAST(r3, 0x10f, 0x85)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r4, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="440000001000030428bd78000008000000000000", @ANYRES32=0x0, @ANYBLOB="46060900000000001c02128009000100766c616e000000000c010002000000080005000000000e00", @ANYRES32=r6, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x20000600}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="5800000010001fff000000000100000000000000", @ANYRES32=0x0, @ANYBLOB="0000000008440000300012800b00010067656e6576650000200002801400070000000000000000000000000000000001050004000100000008000a00", @ANYRES32=r4], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.53884455s ago: executing program 2 (id=1737):
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{}, @HCI_OP_LE_SET_SCAN_ENABLE={{0x40}, 0x6}}}, 0x9)
prctl$PR_MCE_KILL(0x4e, 0x1, 0x0)
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f0000000140)={0x0, "5622d02e54e0090aa90108e267cd87ab932cf729f85c7bd8fa1cea70f891568c", 0x0, 0x1})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x89f0, &(0x7f0000001440)={'bridge0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x8, 0x0, 0x1}})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, 0x0, 0x20040084)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$kcm(0x11, 0x3, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r7, 0x8914, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000d40)=@newtfilter={0xb4, 0x2c, 0xd27, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0x4}, {}, {0x8, 0xfff2}}, [@filter_kind_options=@f_u32={{0x8}, {0x88, 0x2, [@TCA_U32_SEL={0x84, 0x5, {0x5, 0x9, 0x9, 0x8, 0x4, 0x8001, 0x6, 0x0, [{0x1e93, 0x8001, 0x0, 0x9}, {0x963, 0x6, 0xaf0}, {0x25, 0x81, 0x7, 0x6}, {0x5509, 0xff, 0x7, 0x8}, {0x8, 0x400, 0x80000000, 0xefc}, {0x3, 0x5, 0x8, 0xffff}, {0xe, 0x81, 0x7, 0x1}]}}]}}]}, 0xb4}, 0x1, 0x0, 0x0, 0x44000}, 0x20000000)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
setsockopt$sock_attach_bpf(r6, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r6, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r8, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000200)="27030200000214000e00002f74214b34586d47423cddcb0000008000008276000000000000006e81a357601e3876", 0x2e}], 0x1}, 0x5)
getsockopt$MRT(r3, 0x0, 0xd0, &(0x7f0000000040), &(0x7f0000000080)=0x4)

1.538713734s ago: executing program 1 (id=1738):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f00000003c0)={'wpan0\x00'})
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x28}}, 0x4040800)

1.538502146s ago: executing program 0 (id=1739):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000007100)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004180)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9464a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x1, {0x6, 0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x0, {0x40, 0x0, 0xb, 0xfffc, 0x0, 0x1, 0x0, 0xffffffff, 0x120, 0x2000, 0xa8, r2, r3, 0x501, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB], 0x50)
write$FUSE_INIT(r0, &(0x7f0000000440)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x1086cce0, 0x40, 0x73, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}}, 0x50)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x300000d, 0x1)
ioctl$BLKPG(r4, 0x40084d02, &(0x7f0000000580)={0x2, 0x0, 0x0, 0x0})

1.46369725s ago: executing program 1 (id=1740):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r1, 0xaea2, 0x2)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000400)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000002003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182f0098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca88e961efffb4e1aa25d8a17deef0c8694c4395fc97aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016e8672a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c4fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a360e12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

1.409447792s ago: executing program 0 (id=1741):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x20800, 0x0) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$binder(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x1000810, 0x0) (async)
chroot(&(0x7f0000000200)='./file0\x00') (async)
umount2(&(0x7f0000000000)='./file0\x00', 0x0) (async)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[@ANYRES16=r0, @ANYRESDEC=r2], 0x30}}, 0x0) (async)
r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x10000, 0x0)
ioctl$KVM_CAP_MAX_VCPU_ID(r3, 0x4068aea3, &(0x7f0000000240)={0x80, 0x0, 0xc6}) (async, rerun: 32)
connect$unix(r1, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e) (async, rerun: 32)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff) (async)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r6=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)={0x24, r5, 0x1, 0x4070bd28, 0x25dfdbfe, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r6}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x24}}, 0x4000018)
sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x4c, r5, 0x1, 0x70bd28, 0x25dfdbff, {}, [@BATADV_ATTR_VLANID={0x6, 0x28, 0x4}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}, @BATADV_ATTR_TPMETER_TEST_TIME={0x8, 0xb, 0x8}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x7}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x36}]}, 0x4c}}, 0x4000) (async)
munlock(&(0x7f0000168000/0x3000)=nil, 0x3000) (async, rerun: 64)
r7 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 64)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'veth1\x00', <r8=>0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r10, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x20, 0x8, 0xb, 0xfffff024}, {0x6, 0xfe, 0x0, 0x2000000}]}, 0x10) (async)
sendmmsg(r9, &(0x7f0000001c00), 0x400000000000159, 0x40840)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r8, {0x5}, {0xffff, 0xffff}, {0x9, 0xffe0}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x800}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0xf) (async)
mlock(&(0x7f0000ffc000/0x3000)=nil, 0x3000)
sendmsg$802154_raw(r3, &(0x7f00000006c0)={&(0x7f0000000480)={0x24, @none={0x0, 0x2}}, 0x14, &(0x7f0000000680)={&(0x7f0000000580)="a9f75c6c3677f018f5ac30d89132290839676a93ba4c5720821e209de1be45179fd62ccedec216e9c0b78f1b9a2c2d88c0bc856e684c8f840eda57def701e78da9fa6134d1f1c4ba28f1bc7ecace1ed19052a402e0bc1e869ca4000f7f431e5ad24c599bf9204188205f25fe4cda66efac17699f7b35eac4b5c3234ece868e3131b184e30ee7bf83e647585d956f3d7d761ce5a8a83d5c437eb8ca023f5ee7bef765dc4106603efb1b7e3bf097c27a8cd83b9f921e35f8582f7909f835d92054a185727313fb6f773578d141c263c36851f09c50e75253b9", 0xd8}, 0x1, 0x0, 0x0, 0x4080}, 0x4000000) (async, rerun: 32)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0) (rerun: 32)

1.409320784s ago: executing program 0 (id=1742):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03", 0x3}], 0x1}, 0x0)
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYRES32=r3], 0x1c}}, 0x4008054)
write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='\fw'], 0x14)
r4 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0), 0x4)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000250001"], 0x14}, 0x1, 0x0, 0x0, 0x10}, 0xd0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x9, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000ff0f0000000000000200000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020002000000008530ae99b6c4b6d6a100000039000008b70000000000000095000000200000f35311c28aa9f7f100"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @cgroup_sock=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, r4, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000040))

1.408502442s ago: executing program 2 (id=1743):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000000, 0x5d032, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x208})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000, 0x0, 0xff01})

1.323342416s ago: executing program 1 (id=1744):
bpf$TOKEN_CREATE(0x24, &(0x7f00000002c0), 0x8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=@newnexthop={0x30, 0x68, 0x1, 0x3, 0x80000000, {}, [@NHA_GROUP={0x4}, @NHA_GATEWAY={0x14, 0x6, @in6_addr=@dev={0xfe, 0x80, '\x00', 0x17}}]}, 0x30}}, 0x40000)
r0 = socket(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000005c0)={'ip6gretap0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @remote}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffec8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="3b844100d5432f"], 0xdd12}], 0x1, 0x0, 0x8100}, 0x20040890)

1.32314755s ago: executing program 2 (id=1745):
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000068e04d206f0e2c586831010203010902240001000000000904000002ff47d000090509e702008000040905", @ANYBLOB="b707"], 0x0)
syz_open_dev$evdev(&(0x7f0000000340), 0x40, 0x41)

1.322656208s ago: executing program 0 (id=1746):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200000000100905"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000600)={0x18, &(0x7f0000000340)={0x20, 0x31, 0x2, "2edc"}, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB="b0000000", @ANYRES16, @ANYBLOB="01"], 0xb0}}, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc0105b08, &(0x7f0000000040))

1.271752504s ago: executing program 1 (id=1747):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0x9)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000))
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xb3d)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)}, 0x4048081)
getsockopt$bt_hci(0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000100)=""/62, &(0x7f0000000140)=0x3e)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r2, 0x89f0, &(0x7f00000001c0)={'bridge0\x00', &(0x7f0000000080)=@ethtool_ringparam={0x7, 0x0, 0x20040000, 0x0, 0x2, 0x10004000, 0x7, 0x400, 0x7}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r3 = io_uring_setup(0x524, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r4, 0x11, 0x67, &(0x7f0000000000)=0x4, 0x4)
connect$inet6(r4, &(0x7f00000002c0)={0xa, 0x4e25, 0x1, @empty, 0x5}, 0x1c)
modify_ldt$read_default(0x2, 0xffffffffffffffff, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x4c841, 0x0, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000100)="6a5ef6c7a90ac35bf5b18da6b08b63f0387c8f7f13130b3ee3871dbb4a0d325cdd99bccb4d680d44a0d27f33aead55a52f0205a2d806ac71ce15a63677070ed1c41c5d4b18b684123f9eb65a881e385bc499c4e4369022aab10d5fa284789023ee9522d82401e400d5c498cc5a8a4924b20cb60d234dbabf4ef95674d9b185b42a23ff22cc2ec801279a5c5d07f3e60bcc0f1a2ff5e33631ae094cccfcb330d39cb2b96a6adbbc633a19a81c62419bf4a15c6cf63537af8a6b5c7dc27719f3205a8b1d44db7fcdaae09300475c0c49e3a2578e9b39bd08e96d4ace66fc8c6ed3807bb3da8f4f4e", 0xe7}, {&(0x7f0000000200)="25af2adee6d1e17f6a3321d4a910550cb504a3244c765b66da749c0ed76021d8778dde13b61c03d5192699e1a9a0406233820c5b", 0x34}, {&(0x7f0000000080)="d4d0ad3ac2808d41926d3ad0a5491931de733acb3f21", 0x16}, {&(0x7f0000000640)="16bf01ba738705349fc82f3929741a06499bed592a865822f0904949ce9047227db859f0c03cf3611e239efeabb740fddfd443c2c60e54a473e34a5109c0cc9cc3a0e9b76b8acb06e17a6d08b9b1a3ce4dd60196a677bc78744aa00bddc04774bdfecf985524b0bd5cb721bd00472b8f3d42afc0808c91f7ac80f59a51ff3c9e09a12bcc359ff3ecff3cab479e22d10ad3699cbc135dcf5a564f11e762422d3191402f9eb0740a0d8aac62366fba08f00c5f40a917bb416d165be256d35f2179df76230dc72f5b68254926ed5e1fa58f", 0xd0}, {0x0}], 0x5, &(0x7f0000000c00)=ANY=[], 0x320}}], 0x1, 0x0)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)

1.207605968s ago: executing program 1 (id=1748):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_GUEST_MEMFD(r1, 0xc040aed4, &(0x7f0000000080)={0x200001fe0000, 0x3})
ioctl$KVM_SET_USER_MEMORY_REGION2(r1, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0xa7000, &(0x7f0000ffc000/0x2000)=nil, 0x0, r2})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r3, 0xc040aed5, &(0x7f00000000c0)={0xd000, 0x7000}) (fail_nth: 30)

993.219865ms ago: executing program 1 (id=1749):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000226aa140070ad0001310010203010902240001000000000904000002bd22f00009050303000000000009058a"], 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f00000005c0)={0x14, 0x0, &(0x7f0000000580)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

672.677611ms ago: executing program 4 (id=1750):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x188)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x20040004)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000280)="d05a9850a9", 0xfffffd83, 0x0)
r1 = add_key$keyring(&(0x7f0000000400), &(0x7f0000000480)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000004c0)="c3000000891036000000000000006dfcee0dcd03bc7abfbffe813047a56551db26d506aa19e911f4f91231258a4e5ff62b266622032ed95ad7daf2d3a415c8fdb391af8a26ffca5ee997ca11e6ca75240cbc4b9b6d49f07b53b13ee5f12f536e8493eca26531b7e5db622e3e7ccfc78c039ac5a68396c1ea037829c3c1bc59297162f4a97cb79af3e911b02913150b1e7eef7992cc69b91be0da9653675b4d48ab8a4d549e7f77a7e517d04bec22a58381f5f6fcffd284c21994ace2db79355db2fc669eca44471559502c3018a5bd3049e50fce6d31b5035ccf225059f88c9787120000000000000000000000000091768f53a823dd8c5ae7635c910167e30fd0665a0ba3b65582e65e61466980721b71af8776b4aa226cc20d0ec3d33e8fa9a48a3de726e7db0547b5f9a5970e65e403c3b9846586df1264c40e233a34582f8a529994c1ca024d7c600f8c1a70ef741a18fbb11958a39e733333fa9c05918c005600b57b057e4a3a4645275550c711fd0000000000000000", 0x179, r1)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r2, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
mprotect(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x0)
sigaltstack(&(0x7f0000000240)={&(0x7f0000001c00)=""/4095, 0x80000000, 0xfff}, 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000380)='./file1/file0\x00', 0x82, 0xc)
move_mount(r7, &(0x7f0000000140)='./bus\x00', r7, &(0x7f0000000640)='./file1/file1\x00', 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r8=>0x0)
timer_settime(r8, 0x1, &(0x7f0000000040)={{}, {0x0, 0x3938700}}, 0x0)
chdir(&(0x7f00000001c0)='./bus\x00')
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000800)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0\x00', 0x0)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r9, &(0x7f0000000f80)=""/4096, 0x1000)

501.483728ms ago: executing program 4 (id=1751):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$COMEDI_CANCEL(r0, 0x6407)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000180)={0x73622a85, 0x2301, 0x400000000000001})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000100), 0x208e24b)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e23, @local}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1, 0x28011, r3, 0x0)
readlink(&(0x7f0000000040)='./file0/file0/file0/file0/file0\x00', &(0x7f0000000080)=""/158, 0x9e)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r1, r2, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x10, 0x0, &(0x7f0000002580)=[@request_death], 0x0, 0x0, 0x0})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x74}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
read$FUSE(r0, &(0x7f0000000480)={0x2020}, 0x2020)

383.553749ms ago: executing program 4 (id=1752):
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000380)={{0xc, 0xfff, 0x4b, 0x8007}, 'syz0\x00', 0x41})
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, 0x0, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x5501, 0x0)
syz_open_dev$evdev(&(0x7f0000000040), 0xfffffffffffffffe, 0xc83c0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000440)={'ipvlan0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001300)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x4, 0xa}, {}, {0xb}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_IIF={0x8, 0x4, r6}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc858}, 0x8004)
close_range(r3, 0xffffffffffffffff, 0x0)
sendmsg$TIPC_NL_MEDIA_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd700100000000030000005800018044000400200001000a00002000000000fe800000000000000000000000000010f8000000200002000a17000000000005ff010000000000000002000000000001000000000d0001007564703a73797a3000000000"], 0x6c}}, 0x8000)
brk(0x200000ffc000)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
write$uinput_user_dev(r2, &(0x7f0000000600)={'syz1\x00', {0x1, 0x4, 0x5, 0xe0e6}, 0x4b, [0x7, 0x4, 0x6, 0x7d49, 0x1000, 0xffffffd3, 0x8, 0x5, 0x1ff, 0x2, 0x8, 0x955, 0x6, 0x6, 0x400, 0x9, 0x1654, 0x6, 0x10, 0x8001, 0x0, 0x10, 0x1, 0x7f9, 0x1, 0x10000, 0x4, 0x2e7a462d, 0x80000000, 0x1, 0x3, 0x4, 0xd, 0x10001, 0x10, 0x9d3f, 0x8, 0x2, 0x6, 0x8001, 0xe, 0xc3dc, 0x1, 0x100, 0xfffffff7, 0x100, 0x9, 0x80000001, 0x8000, 0x8, 0x8, 0x4, 0x80000001, 0x8001, 0x776, 0x4, 0x3, 0x8, 0x0, 0x80000, 0x6, 0x7, 0x8000, 0x4], [0xffffffff, 0x0, 0x9, 0x6, 0x3, 0x8000, 0x2, 0x5, 0x46c8d566, 0x5, 0xc3, 0x5, 0x7, 0x7, 0x7, 0x0, 0x3ff, 0x7, 0x2, 0x3, 0x9, 0x4, 0xc3, 0x7, 0xd, 0x1, 0x1ff, 0x9, 0x2, 0x7, 0x2, 0x7, 0x4, 0x80000001, 0x401, 0x1, 0x81, 0xffffffff, 0x73dc, 0x5, 0x2, 0x7, 0xe68b, 0x9, 0xfffffff0, 0xc27, 0xf, 0x10000, 0x3ff, 0x100, 0x7, 0x68, 0x1, 0x7fffffff, 0x7, 0x7f, 0x1000, 0x9, 0x7ff, 0x1, 0x0, 0x4, 0x2, 0x5], [0x18, 0x7, 0x1, 0xd, 0x80000, 0x9, 0xe, 0x2, 0x9, 0x7, 0x9, 0x7, 0x10001, 0xc23, 0xd, 0x0, 0x0, 0x0, 0x80000000, 0xaee, 0x1, 0x6, 0x1, 0x6, 0x10000, 0x1, 0xfffffff8, 0x5, 0xed99f3e, 0x3, 0x1ff, 0x9, 0x2b1, 0x4, 0x400, 0x7fffffff, 0x9, 0x101, 0x0, 0xc91, 0x2, 0x3, 0x8, 0x1, 0x87, 0x6, 0x7, 0x9, 0x80000000, 0xc4, 0xf8000, 0x9, 0x2, 0x4, 0xe, 0x1ff, 0xd6, 0x2a, 0x3, 0x200, 0x3, 0x3, 0xf526, 0x3], [0x1, 0x1, 0x5, 0x7, 0xfffff800, 0x8, 0x3, 0x4e, 0xf0ba, 0x1, 0x3a, 0x5, 0xa0000, 0xe, 0x4, 0x2, 0x1, 0x3, 0x7ff, 0x4, 0x6, 0x9, 0x4, 0x2, 0x6, 0xfffffffd, 0x7, 0x5, 0xf, 0x7, 0x4, 0x2, 0x6, 0x9, 0xff, 0x3, 0x6, 0xf, 0x6, 0x0, 0xfffffffa, 0x3000, 0x3, 0x6, 0xffff0001, 0x2cae, 0x8000, 0x5, 0x3, 0x3, 0x8, 0x81, 0xfffffc00, 0xb, 0x3, 0x3, 0x2, 0x8, 0x7, 0x1, 0x7, 0x80, 0x0, 0x1]}, 0x45c)

53.427492ms ago: executing program 2 (id=1753):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x4, &(0x7f0000000400)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x11, 0x30}, [@ldst={0x6, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000080)='GPL\x00', 0x40004, 0xc2, &(0x7f000000cf3d)=""/194, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x10000000}, 0x94)

53.228543ms ago: executing program 2 (id=1754):
rt_sigprocmask(0x0, &(0x7f0000000240)={[0xfffffffffffffffd]}, 0x0, 0x8)
r0 = gettid()
r1 = getpid()
rt_tgsigqueueinfo(r1, r0, 0x1f, &(0x7f0000000080)={0x1000d, 0x23, 0x2})
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffffffff5]}, 0x8, 0x80000)
readv(r2, &(0x7f0000000300)=[{&(0x7f0000000380)=""/4096, 0x1000}], 0x1)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_DV_TIMINGS(r3, 0xc0945662, &(0x7f0000000140)={0x0, 0x0, '\x00', {0x0, @reserved}})
pipe2$watch_queue(&(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1048001, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x2, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r5 = socket(0x40000000015, 0x5, 0x0)
getsockopt(r5, 0x200000000114, 0x5, &(0x7f0000019380)=""/102399, &(0x7f0000000000)=0x18fff)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r7 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r8 = open(&(0x7f0000000000)='.\x00', 0x0, 0x244)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r7, 0xc0189379, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r9=>r8}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r6, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, r9, {0x4}}, './file0\x00'})

0s ago: executing program 2 (id=1755):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x7ffffffe, r1, &(0x7f0000000080)={0x10000000})
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x800, 0x0)
r3 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x101200, 0x8, 0x20}, 0x18)
r4 = socket$inet6(0xa, 0x80003, 0xff)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r5, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0x600, 0x1}}, 0x20)
r6 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x9, @mcast2}, 0x1c)
mmap$snddsp(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1000002, 0x810, 0xffffffffffffffff, 0xe000)
syz_emit_ethernet(0x66, &(0x7f0000001880)={@broadcast, @random, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x22, 0x58, 0x66, 0x0, 0xe0, 0x2f, 0x0, @local, @local}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x2}, {0x0, 0x0, 0x1}, {0x1, 0x0, 0x1, 0x1}, {0x8, 0x88be, 0x1, {{0xc, 0x1, 0x80, 0x3, 0x1, 0x0, 0x3, 0x9}, 0x1, {0x9}}}, {0x8, 0x22eb, 0x4, {{0x7, 0x2, 0x1, 0x3, 0x1, 0x0, 0x3, 0x4}, 0x2, {0x7, 0x1, 0x0, 0x5, 0x0, 0x0, 0x3, 0x1}}}, {0x8, 0x6558, 0x3}}}}}}, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000240)='hugetlbfs\x00', 0x2200890, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x31, &(0x7f0000000140)=0x4, 0x4)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(r8, 0x4188aec6, &(0x7f0000001a80)={0x0, [{0x3, 0x0, 0x90, 0x0}, {0x1, 0x0, 0x7, 0x0}, {0x1, 0x0, 0x4, 0x0}, {0x1, 0x0, 0x252d, 0x0}, {0x2, 0x0, 0x7e, 0x0}, {0x5, 0x0, 0x4, 0x0}, {0x0, 0x0, 0x85a, 0x0}, {0x3, 0x0, 0x7, 0x0}, {0x0, 0x0, 0x9, 0x0}, {0x1, 0x0, 0xffff, 0x0}, {0x2, 0x0, 0x6, 0x0}, {0x4, 0x0, 0x401, 0x0}, {0x0, 0x0, 0xbf, 0x0}, {0x0, 0x0, 0xff, 0x0}, {0x1, 0x3, 0xe2, 0x0}, {0x0, 0x0, 0x9, 0x0}]})
statx(r3, &(0x7f0000000080)='./file0\x00', 0x400, 0x10, &(0x7f0000000800))
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, 0x0, <r9=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004300)="00e7a0633e8438bafa888b9b02144af32e296a0a01dc194d649b6fa26d6d5e63bac4a04baeeb8aacb22c6eec461b67db6a737737c6d2687acb00572f92e3fdb5d0cb2f11121c557a943020200755bcab77b39c406b733239e2bb1175b9322ba39dc7d67da8f77aed1714dae2e6c24c3ea96be9d151c6ab7b3c54bbe507b8b2461fb4be8dc90042184af6d48f8ace16abb5e3fc943cf61cdb75624a259bdb5f7829b9775820f85f2d1a6ee6c6c2af4fd41ab8a41ecb2612abf13cd2c6f9f3e6db505e4bbe68cc000cf5fa6d5636191a4b366ab59af52132a3f9678d4ed1bd577bacffb3b52850804005eebf3dfa4763168ff30490a11acdbbf4c3312a45f30139f6b72b1e7cdec185006bb30e0e8fa88da2cefc718cae7e9830f7ca101e4e23c6bd16bfacf4a9927fb13af4b79c86ab999beda4ad396abdda354a42fb4ef21d6749175dc21a0cf9191aa4f90d274b50370a580ad8dcd166d2b06c0d8b071973c3fde30f7e2bc371a51ca5866bf8b24eaac75bf482dd4436b214ff62d32e20df223b0b680ede28b3a49e66e330a8a3ecace0db9855d235d5ff23765e742d1a739c2ac8743f4c62664a3b347279da55a1a5b16e1e2828b584a013577d50f890e3894d9e8d6bfccdfb2b70221f12a7fac24b7a8818edce72b65f622c77bf1312771a2c0d805ec9a25c536c91868762032255be78903b77b2c1a773a03996fabba69214e76f5df6df0375b592692a2c3c86c75a3be56fe598ddaea0b9901d20db7e43e128e04e5509283f833c24c625887288459db5727210ba9a301fb8c934dd1d8dca68039fe5b2e1a8d7cdfc6d875e5851098100c3cd42544ed90bb55b58d20a501fabbc485d148c615a3b070fa0520da2ed68ee115a4411d5418b47f3d95616096f67a7a36d68f1e8df82eca8ef96fb4a96b3422fe046a37ea5f5967513a559bd770fecab7228b0692f439765c9e9c6ea4fc608e0b27f9b49064dd2f9ac06f83f6d87ebc61fa3a29bb5ed39641245ce8cf43770df32a84838802b0827ca5a40e2003915e2ed108a005637bb028d29bd2cfd28a1bd55e67ed1b6b7b72163c27c4b0e36d1b134d6dfdb165a66fb46498fc04bb8053b84098af5b18758631d1318d625a6fa4d3ce5a4d3a90e10c6363a26b5ae96c2d56f87ad21a6118af6847d041f88f852ddc3f250c088ef5cb31198f3ac81cff9a5bab26ed56c09f8416188974e08349f7da28fc754b98c1ac4ea0060ac1e1b1c49f7dbadbc59254b265dc418cab9ac14e2bbecc4c3103543e37984efb1f61315e10d2b422732217d3a9b0cfe4561f3765d3bda60be239e02bdc164dd631582e8c87dd8fa60d63dcf9e7f3dadc4ce5e4433a42425b8ee8cb8a2defab0bf9b6109c90b5655b79b18c06884f2670a985d454e08e54de69f645cb0cbb70620bd988ee717c310ae77b4abe81c01c6e7f47268ee20bc30b9062830917705682eba2c5ef966b877f33294aa5f8b29d3dd5ed92302087f34fa18d19a005de05f925e3e93c8c0f24507ff20cd23d9ae5452c32ff58c78ccdb1ab32c98edfaa6d2c3971934ca8f849ac360c286566eb72b0793f12cef84bd282368d533247ee750f18aeda484167f3d680e4aaa3aa0694441d4ff6a71531f1a30f87eeb71afd04c5d686e1f86f27586f4e2c8ff77c09612ba1af9b3fb93efd31af42f8e0498f35d07c662b743a08f2839cad8f95b90cbb4fc0ed2ca45dd093a549cde4c6ff08ce09a2cbc6f9f78b6f96643357f92f8f403202742057731fd3e343a87c0affe803cfdbddb8c2694ab63f2dc35da705624747e30a943000fc82c40f10e1975d2e2ec15aefd531b6dbc053606b054dc976f44d5b5a5f37e9c08532ce16cf8bca55ab6c814ceb855ab50b8b52620f8645a9dc25fcb732080d84bf39c3ebb235b4d96da527b64ec4b72f69e91d16a4efcaf76f2e1f968ca68a06f60b01ec7becc9ffd7877c0992cb0f80fb3daabc039513896bd7697843be06aba53e7761e11e075c61ef2d84283746feeb3f0d456ba4be27843350fe43e7c1110b4439489139f6dae01c43f23ec71f08d3042663c65e059d368e4e2c6e49de45bf078d3182a1bc1208bc59379e705aa3309579947409f2a8b3d79099c8619f916e7a6fa333d2312a274247156b8c25cbcfcc59ef13339c700f56a8691dff39bd4338789001872c0d90929037dc0ad99b380a6ba73f331f73f9274f4c2bf5233d7482edf37bf6ffed4f2c0ee44a1d57cae0d644f25591dc03bf837571a82d0c31b61be7ff85a5b3843e8f96a50eaa43f5c137ecfc4e4530d08a2afa4ba02fcc50117a4ad0d5862302017639344c82749f673dbd650e49b35302d0acbab45c0973198291bb42b4cfcd3b0c252074341ea8eca19e122cd234da6d41bf5eedb706e16c17687ed8b84db67130796d26b94eac83bbcd785b603242bd6252c155711efd7dd22cc54e1eaf6d910d0f22c701f3d4da0314dd2829c6ee13bbcbd126558b47b8066bf0766c792a012315bd29bfeda8f28a2c1f4e638b701758e19a0e5bd5b4f19048b00a877d956292e345f8a3a8367892f955bcb5e50ca145ec5e2c9309e25941bd277e393aaad38f9b72a42514b27da6856223c37a1fc1327fa760551d3fdeb0b222ab180b16c9eea138cf4f327e88fdfee293c5b6b007028eb796a60772148282dcd17ffc1c90ed8b6540ede933545ed5a5301d6ff39734444ff3d85cda4ac3befa5083a4685e9e231eba4a91a35f4f7f48fd5ac2447c64c010e2a9f8e80691c95460e1995444466ec5f3cd71fe509a26ff0b7f3254bc8c3255e903834e841b37c70b267fb33deb0d1ed4ea84a869453ba508fc255b12cf847103d5195046c930ae4a75c956f22fcfe4186d547686b54bd7a534940d5d62216994eac0e8ed3bd2bd59354e6b9c6b5b10511d54a8b928040f1e13c4a423b0cf519fc6e9673df5c48c0778c7edb8fa8d8ace77463a77d2d6313160e1ee72742953e433b670400d59c93464fd91520847db238610ed0c289fc55647881a7d6257cf28090c75a6f19df079cfd35742a74a5ab270314f7c8039c20ff0f3f543d029b75a741b5dc6425241ac2ffabf1f96288e6d4ba34da09fb6049c2c8753fbd41fdb4bc68c57bf374ef4feb0df00c41319debb26afba2ff39e1799a1c2137f4e920ee5b02d93789b6b0c853e8143dae5b08ee85da2ea7c31803610ce797293ea95c16ade6dae2afb008e59d8b9505737f008b5227df5f1e4eb5d707f502698a17ead9b1f5ec09dff34248ff2fb153dc6df4812e39754a4baa42e1d8b77fbddef3ca091701ac28ae5fd422dbd8db5b122d3965383abc37a52d2fca5ce56eba974dba3d059cefe40e3c35c9daa8ae31198214303c1dcb90d58fc983ccfd504fa43925636f94b128d44e8aa5cd3ecfabd50a84062d03f7508a0575ab65ecc749d3ef566fdbc529a8139b7a7fb3a9bd784df52cddc6f2699044ba47615163fbbe19f3d88d38a8b71fe52b2611ca74341429d1cef1a7e350545be29d2caa560e60352cab074c298c44ca2c07f9795ce52f10aa3e2fcdef371f24e309b19e52218881f25a4674527edbe3b3bd0b9b536d810c6f9500c0c81bcfd9a440dd91c1d35c52758d2b2ae1a8497bb394c4f09d3947cf777727b0d1daf5ac4fe4fa3c247a791702cb84b96321b7fec81bf549d4eb5d6dafe019b26187417c68b064e4308908535a3e77b6cd3e28caaf12d726f15590b7958e40134d045a38cbb689131a7e85532f1c63dd4bac9e4d00645cd7b2b71704563f3738b92044a8153f6ba717800ab7cb238175c376d7add2c5ec38e4c856f1ab9c3ee33f6ca6d576ae908dd290e4bae23470182e253765e04e8eb02a791c4396a511ef467879a9e2818b8a4b1b0b39a6c44e816e3ebf6e3be93929dfcb38d5dad7d20b60215447674d0608b8b02331ac20e57083cb9b4449fecbb149441aea0ad82f00a82d87d743fc80d410922bc20923516885440f43c9f32beb81ce148def6140952583a7825c2d2fe012d52d30ef66d32a8a0864ac5c1737e2506228d41ff0515ee80be4cf012927dde0fd2a07cac68eff8c4437f2844d4df07936fd8753e5909f962c5c767f8719cc295bdfa8a16f3f36ff56e34d7b14b6b8c46d5af248b04a9c5396f84990e23d145670950bce5f5638e5e2cea37c371a4483729338f1305cbb32fa1c05dd9d21d2a69e5fa3abe9a2dad2237be20b4088393c04aa66cf13718de4bffac72f641a8c017a1d5568fa15a6a06e4dc833874ec95af6f115bdadf15179bfc8c4e3e64f26f1299e282c4ab397340934efc1e601afc630fe195e8ae7d8da1310568cab4f2fad085d0ec39710d8b7c812b3fd55c6f50925bcfc90fbcb35b8daa0f1e1f69d82fae2034039f7ad6921694ed48a55a68bc541e6d86f1e33c261a92d48b50eb58a03d8e31b2f6564a4ddc3ee988d0dc47b4b610a9a9dcb87571b5c1edb3362df0ec3d58872157e0f7247dfa8100b4478b705702a5620c9201010f40232327550db333e845dbecd6aadbd0a94c064862b1100b6dd45ece811b8c0275e3753e11b4bcd8bc5ed7668e72afa5bc5cc17b4c313273755f532ecfdefdf2d5c47999453a3b7c158d98332f0bd3a820cfb2c8c3bcd43197e7395a032cec6e41662079f2f654965aebc393e22b5c8516d9b8ad01e33ee481a4ac46a2df304dadeaa9e5274d340aaebe14dcea315fe1279f1a41a5c7aa8c94bf4b3d48757503171f53488e01210145e62c0de7c39737848dbdb1b207d4d33b8de180b020e8a76b1b521905e5e3ce97292f8558fb68efdee774681bfffcf1dc3eef35f660dd1659a32950de2d50e762313beee330d9c2a9fe8ce5e4e61ddd86378d3551335f6ef62053d3b248a8c33a11abdf3f3aa1975a15f4a6957a13d5b12a44d0f2b52b9a2d996e98c630c0f2abca80c7ae89efcf81ae284a0d19582cb1319d207077e5657d245533181ed6e07e0f7647123fc46c37bd75b4f4d181112b4a08acdcf445332cb9dde69a0923dd9244dd2ecd818b19588939922e3b2d8dd9d9fed95fa55b0e4564b38aca2c4d24eebc634664400177fbdeaeb278bb1d8eb11baf4be5c87d4f8d9a855bfa75df4c51fb4eec87a27c59df9a47d82523b08022a1c0fb22ff6f93c3d2cc22a4111a6ec5be428cba33617be65739c2240248f3a02d01ddf2d6aca9e537a2296b16d082d2b868504371dd5e41898885b03ebfaca73b40e8924ece83c1c80de6ce14943e1199c6f81bf359f44c3ed5ae3c6eacb730b1039f0b6555347bd566dfff45a7a2176420ab2b40916a73b66a3ad07af6e1ac5597393d203fa1ad34d4564af956a0a3e2997e27a4e5eff67dd89cce8875d995e00c1858234f149f6ad4cac2b8056966f726df57b8c4ee8f22f23097ba1471b1f1036e3a499400fccdb75b56eb13e9eca1407d5bff4b075b06d00fcbfcafc28431eb33156232e73c6577e3eca437330c494ede57b9609e1f40634918dea767338b5542197410cdc000143ace89ca0b7bf645b3267f74767d7c7fce05d2f59c137204e56bfa711f66903c511f681cf7a1b4f9fc0f42b7c438ff8957e1059375321df5b0c5c884f46d94c21686e1300582d34928bc398653118f79bfeea2e7cfbbf31a7718f4aab50fae57db94203d43e060365c9a7455241be03d82dffc3783d0f6aa170c0866eb0dad07485831526922d8348a7a16e2e9903a2ac93c58c6dce83127fab17703ec004a519ae5675baffb31bf4b52f9ca992a84017a44d68dc693abd829947342f277fdcbc87168bcc03c32b8b1e81a1915af2517c464af07d52b79d1b0e53164c82ba049f81e92ed1dc20a88fd72e9ce7aa4b22a7cc57dc5527d14f62bc29cfc9d57ed26fd523cac39ac00ba12d3a49d694709924275fc0793d56acf9558818dc9eb210749fa5307d45886b879257d627cee0542b51c2ce6ce134100efb47c92456ece5b73cdc051f570810a8d534222649eb56cf73a377162b753de6c282bcd4a25dda21dd10901bd8dfe8fd4ba8a70811c39707beded23dd60f23e2933372e3a6bce099899b07f0a4c4956fd98e956a8649622c77717de099463c0c6c9389ab4a1ae10f8ddd086d876af2943ee0b6b402ae5f89e09922e8c510ec0caa0a83e366e916400bfec88a52ab457037a35ddc6a8e2289c33684a5915c37bf5d227cbc65a737b52bdcb4fbbb7b4e7f965db116b46044d0870846c730dce12e120b1fe6dd5798ced24cad72c59a3f44de4978b8bc05a1dbeb766be6e2abf6ef46c67a58a370e54e92d89e5f44525e82b94a388d8d0cb20c3469a258c1633c9dddb6854aee255f93f59435ff317622f6899250aa185c207644275278580c5d32401741fe264a2e03b80f442ed58fd0704ebac923ac6a5abb7f0c695252f82e3fbcf2b99d721589a8fe3fad4d5926aee3d7bfafb6739e525faae3d25b12841fa2cc61dddc44d36acb9a8b72d60ecdd9c8cf04f9bac341b5e0f9bc59042db8126324888b07afe72b18cce36d61eec975b6b4ef5dc4a16ac14440cf770599bd4db630bd110eb63a03a80cd95c16d314a4de60cc5115bf0754cb7ab84a827ecefafa96069c721a5979f227fdc2467b4cd1975dafb5b28e1d6f3c1c3a2816ad831dd98c1378a03798c128f176426eaa0e361571e758d54bf4ec2c988355f016e16d6cd5cf97bb4891ab33f5623b7e796af313cc7a9e2f9510cd2bead1ea5dd080d9de1f595b2629ebccf69a0feaed3963ae8a6c89edd66fbf6e566379898185828925f8669668d6bddff961b08aaedbbe7fc196931a887ec740da6bcdab8f826a34aa2aa1e406a258558f3baf022a64222df4d6ee8726c79ba3dd6e11a19e4b4bb49b4a8cd99c189e6392f08ad731e415b65d0ccb919dca46efe9f79e21437111ab09e926d3038182044ae047bf1cc92e2d2644c528985719667a1a8abaf65d0f211172ea789b2fa016e1a88325d1ed706239da4dbb9e2079e3598b4ae5885667587ba1e0921c9ba55d7a3be4c47bc2f2f3547ce9efe32e5a22855f761bd4cbe1cd9337eda4bd7d82a918084d7e116b656104ca87e64b1b8c62323c3c296c5b5b98051feb607b872edf9f789744aff710c4b7279711182bcac6b76c05f5cd982f52f451e7e29046550e012e01d8cdd3e305427030f4247488c9136303084c12175c5c781cdd08aede5a356ea0ccdd05a460be3c7b4bfd62c3ce9ab68e285a36c1546d0b18edad71f69f5bedb340772e1bbb035514b085067259e39f59dc292a12557350c66904b253efee29a5eb7a6920f583c899dc46a1d3e2af2db3a3d1a0e8d1f98722a16c6cc1e401058d60c8c436d8f1166ba53bdde5810f9d0288528affd486c266546a864c92af3df8abd451cc1e0d6bfea534865cea9d49b3ea5e390fa823118df8a61e31022f5fbb8ceee870bf2e60890263c4d14e24d053d0fddf665ff80a66fa00a5957f8a30fe82a4b82cf2f6b4d49def98f66bfcdaa0aef13314e950ca9f3849b1edf3b82eaf74a0dbcf45c3dba9bd2d853281a78484f1efaf4150da1207ec3cb61fbcbf759f8182b7052b28d7164b73197b0a440759fe9d5ddf827f1897a174e82fb968a9a07c61bee44bc1f7f9ee5c6de04c02d57735c5fab741b36aec7c8642e56cba932a08b8e8a9d3eb066a4ee7cbf22e5abbd4346de59eca1f24ad9f7f9ff7621e5f30dd08f4cddda8e80e496908109f5212a72bab1378d1237def07bdda4178719975346c68405de15153031fb17535894e5e3c1de6fdd507333f0226b78ba7cae509cfb48d6735ede9392650bf85ac1db919b1e9fe0a823119d8253204dbb2f7a8f524be6d419f3a45c5051a7a88ef0bd41586d90c11a894d647f03895f671a6e19f1c70e32668653aba8366a3d372522f49844081a9637db080663ab02f4a8af502955d5411461b62f85308c91852f8fb9f0bdddd500b4a133791d3a2f91a82dc4b09f5ad2196a9172ab0cd3fafe7266e9f6d159110d99ca8da8a34b17be17a04ad4509a9fffab1e45e10f10e0cf9cfbd9c761ad044064c07e473fdc626289cfb88b13a11455c069b70aa02426d9119ac878a14c9483be9c0d5bcbb5fa76c8d06531f59c7cf7c26372e750e2f332418ca769e5e7fbeb3ada7bb58b573a0635e2e3ad9a53ddb809ea01086a3fa993ad57e89da6f9c5e61bd0f8ba69212a386b2aa1ae17520d7fb989dbe14021885eb50fa3048aebd42c861a09a308b660d382c0480ead8a52a1e14927c7c77957f94bb59ccfd557f8c4a7af23360a298a603d20ebc386db041d8c306b3e32b0bff541bdec5ff75c3b40950815cf9f89d48a382f67e44c409d046c01fb1262aca0df6f5238a3c3c09977261494f7361ba326815d6e23f49e4d6d4b54665081067332265fff59cf54af9da0db9d19bc611cbcb6e6f3f1e2e1ffb6cdd6253578d78d06a2ff5f9250f1994c5749e3ce49231fbd63bba28e948f9150933e3ae31299babaa41043b181a100882e613b4b4b8f49ceeb742d22f860853a9b917f5a323a8a1fb1f3363a7be4407fba44b408f259b5db79a055b92ce3d7a0649cc59f4afa2b1f69959d5c6f5eef1fa7987a47bee4491f685c52e9db1ee1a231ab5a4bae1019c97868a409dd0d57b32525394a233023c4a7ac429808bbcb57a34b41883202744c3bdebc0a637773273f19c2be6e806bef7fc1002846db762ee4e16867773808c5477987d5851d5b1641d070feabc203cb3d7943ffb206272fcac1bccb616352d85975f5a22c0f247548535ad9fb83fb2be17689453f10691143c060cd964df63c3c70e7b1cfc7e2b468015f327f9869353477bfeeed330b03ddd9e4e0a2441182244da283d7a59d2b2b20e6de3e3a47c26aeef4944c1190bba674523a6c3c4ed6bac53b9edffcb0e9fb19d8bf36949d03ef6a7e59eb903a00d9614f642d1932c766421906f5b177963c71e881453560e3ffcec792e8dc46b1832a8fcb2ab2268a9c1fb648d1c6fa1c8cbd50d5a2d8264fbc6c063e6daac5519d362da389dcd3d12c8039f991de91e728abf5bab95c3aef66dd8cc36c60e73cb10afb02eff6df20ff12c59b142b07fc48fe94612de80b8b958f78256fd7cf3c6f79a83867f3bb5f70da392957badadecefdf7b6e4ebd39ff945397c7d302ca0a5a3918d8abb893cd9cdd680916a50fe19699ff0476ad82e6ba46523f26ccc5eb65313c1df1077c8876d2b73bf86ba311862d12b0c557a92ef827197121512e87f817167d4b17c7e225a48b3f8fbbf4187438e0e9b78e905cdbeb72e80dfb37ec0104f5186b39b4ff34f0cdf4b74dc915acd3f98874cd6a67308d0ad9697121ac477550b1affe004f433705933f9647522be65cb5a7471120ec942aeb956f195be0c1783102cf7d842f2968222ae1a7fa6513f200d3fa85d71724956ed697f0673ee3b40a4d46ba4850439ec125b708ed52b52b9f72906477d520c90a9f5dd49a7a33a328137a183f439895532b78ae451a8c3db789bc862fbc37241d523027e1a008629c969380f6eb55f9cf3f0675bca6851f00df6aaf90de9f62d5c179945ef81d1073850301f97e379ea415d830e3f3751cf83e2dba541cb6cdd89e6b674f2c53e329e5f3dd418d534ada6469a5b3bca5b7cfbdfdd6df4abaf77d4520d0311e801145c91b52586a56086e663841b702f52cef9fff8cfb7b33dfa125688ba6b4fadd1dca8defaf4259ca85323b23d3bbb45933562c25af3e8d7bc6ad4a50ae974f8d207994b3bd74a6812ab6a40fcaf96bb4e17bd20d742b14c72226caef3e0f5c56c4930071e9f9a894f18650fbb785c6f707605c86b634c9722c8690cf3a954f68d7c2db3a257339ade67a41259f6f878dd0ab7876deffa77f6f00819282a8f4c4da84c6cf4f335cd0410770a2b1a1fbb3f85f4489eeceb78bbfddb2d1866c57b41f6ed179a0bc3750a486403d23473f2feef43ebc5af1018d9c20089e277d77fb9c34f425c8f8af4c49864b57572fa8c232e61ef37194251a1ddc2f73ffecd57e638751cb72bcb2c40d22540166ca1e8588f24b010c9fbd962e3a2c23a7e93f131df61b8703ce326ed80cc87912d3c6aaa27574bbe8d65bcaecd660c31cead132a44b1d0e4a53cacc0b82a263c4e7783944af0af08ea9e68e8e25ed9111cfef841f1b2fd24164f9097f70efe09b1109e5cb91fe68a2760381fd63a7fd422dd578a60661abc9ee3a5db1c2cde2fb21f2040f1ed3fc27b99e254256949d0560e8b98fa028fca50768caa951a87bf8969af498d50a9ee773c9caa7d9f7d8e1955506013f198cda316d79b177e59f233b98f727afd2494fc18642f0015adab756ea6742690c7d00f28655b915ce4eb8b3ba2e8559ba23e1ff1ccc9f79ae2df85f924459c56715dec78ef4592352eb1a850cd65ecd36e1a9121e888586b7b2fa84da920b8cf44480433e61ab076b10171c0537524bb170a4b99b0b0c437418a665b7ef909652b6483b20362e557c1480c2a2a0efa221fc59054a48122b52d38245f9bd026001635be5b155f5c766a59306fbde231fa72b4d74449a2fe8fb969496ee26af5881adaafb4189b439877ab8f78709cfd32c10ea576a010bfc137b7a4aae137ea3d29070ce3bc8dbe6655e967115ca3461ad9d28b9cf8af07441e68a54ec5e889846f3978f07ba51f7d5af5da78c5c675dc5d0c1a4a399ff4247203573a46fb903eaf7bc886e6cbd3126fa4a3fe3bb13bbdfea7da871f6563aa750f6ad7895b34b2809563dcf5ed30f1c60cef4138aa49d4f55e396534ed10cf4d857723a2b442f47d79de162c30ec6c4daf939b4c88649494e3682d1da81b4a5928d8e18a16c46707a685305e592589acb484e28e9d5af89c44b6e563d125ec97c0155410527406d94b90bc9576a662db99da1cb82b04d610d02187ce08f22ea0e8fd31919d53fa6aaf980e31ca7f8610e695a41919c24136a8406c62d5f15fca365892a2b54ece17664b5247583ad60d863f283f3c288946139575dcaedc978762e85f534e56334ef0221c34ffae054ddf79339b8f08701e9699b11041df8f518dd33203363c8098fbefb01555bcc2542422777b38d8dff11b15aadb0c251ce2c5b32f8735b3cb784f2e5731b48feb5a0e791a1106abdea0f7d1f087737cbe7fdf523fa14c9be2a2987511004c5b7ac1814ef6961db16799698242452c469a07c30e4a1f73193c74a41bdd88aef50035e4648bc9dfa276951798420a45e4085932bdb9381af3cc4678bd962af616549e4020d2c9fd25e2117a6d8934fde2218273d7833d60ea492e251417a27e7fb32012a940a6b6487af4b64958bf05f1b1107732149d227eeda5ca5a43cf583dc297d66072a1acd75e93a7caefd36a0d581e21d5cb08654c4ecef46ebac5391546e0b7d2a6418548d8f816446bcf237f676e873e6bae9107234abe5ab24c53ea472ad10653cef068fd9f4e729fc0d526e489f8df13af5575f1e70e0ec22899728b0659d70fc2dd509d9df3ec170638f89e540f4d3f02aa9b1b1819f84da596e0d7b45a5818061728f8eeccd2bea0f460dd7e18cb95f2364c50e351f0690e184eb63ebbb14a0b4b2117e44f3b2b300", 0x2000, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x130, 0x0, 0x2, {0x0, 0x0, 0x0, '\x00', {0x7ff, 0x5, 0xadf, 0x10, r9, 0x0, 0x8000, '\x00', 0x6, 0x7, 0x1, 0x3, {0xff, 0x200}, {0x4000000000006, 0xb}, {0x1, 0xd}, {0x4fffffffff, 0xa00}, 0x203, 0x6, 0xfff, 0x7}}}})
ioctl$FE_DISEQC_RESET_OVERLOAD(r1, 0x6f3e, 0x0)
mount$9p_tcp(&(0x7f0000000640), &(0x7f0000000680)='.\x00', &(0x7f0000000040), 0x8010, &(0x7f0000000900)=ANY=[@ANYBLOB="7472616e733d7463702c706f72743d3078303030303030303030303030346532322c70726976706f72742c002a7930e00707dbd5e9f81a48e9157c0c09511c16e1d1e792c393f3de8fb3217257a01df8800b3311390c9f9d156ae5473e38139e12f24da594d9a5fadbeab2b5315d1c311ad46e89352c1e88cf54364d12f26718e6df071dde57dd5f0d6d023c8546b0eb627667dd660997f8fa1ba662f13eb025434af05bd0762bcec556a4fcada16af70f7f464e4d1233edf205cbd1ecef6d"])
epoll_pwait(0xffffffffffffffff, &(0x7f0000000540)=[{}], 0x1, 0x283, &(0x7f00000005c0), 0x8)
arch_prctl$ARCH_GET_XCOMP_GUEST_PERM(0x1024, &(0x7f0000000080))

kernel console output (not intermixed with test programs):

207.714838][ T9845]  ? hook_file_ioctl_common+0x149/0x410
[  207.714858][ T9845]  ? selinux_file_ioctl+0x13b/0x290
[  207.714873][ T9845]  ? selinux_file_ioctl+0xb6/0x290
[  207.714890][ T9845]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  207.714901][ T9845]  __x64_sys_ioctl+0x18e/0x210
[  207.714913][ T9845]  do_syscall_64+0x115/0x870
[  207.714935][ T9845]  ? clear_bhb_loop+0x40/0x90
[  207.714948][ T9845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.714958][ T9845] RIP: 0033:0x7fae48d9ce59
[  207.714968][ T9845] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  207.714978][ T9845] RSP: 002b:00007fae49cc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  207.714989][ T9845] RAX: ffffffffffffffda RBX: 00007fae49015fa0 RCX: 00007fae48d9ce59
[  207.714995][ T9845] RDX: 00002000000000c0 RSI: 00000000c040aed5 RDI: 0000000000000006
[  207.715002][ T9845] RBP: 00007fae49cc7090 R08: 0000000000000000 R09: 0000000000000000
[  207.715008][ T9845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  207.715014][ T9845] R13: 00007fae49016038 R14: 00007fae49015fa0 R15: 00007ffda8abfbe8
[  207.715027][ T9845]  </TASK>
[  207.950135][ T9859] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  208.000902][ T9861] fuse: Bad value for 'fd'
[  208.060799][   T40] audit: type=1400 audit(1780195095.454:596): avc:  denied  { getopt } for  pid=9862 comm="syz.2.1331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  208.094825][ T9865] FAULT_INJECTION: forcing a failure.
[  208.094825][ T9865] name failslab, interval 1, probability 0, space 0, times 0
[  208.099228][ T9865] CPU: 2 UID: 0 PID: 9865 Comm: syz.2.1332 Not tainted syzkaller #0 PREEMPT(full) 
[  208.099243][ T9865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  208.099249][ T9865] Call Trace:
[  208.099253][ T9865]  <TASK>
[  208.099257][ T9865]  dump_stack_lvl+0x100/0x190
[  208.099273][ T9865]  should_fail_ex.cold+0x5/0xa
[  208.099288][ T9865]  should_failslab+0xc2/0x120
[  208.099300][ T9865]  kmem_cache_alloc_node_noprof+0x81/0x6f0
[  208.099316][ T9865]  ? __alloc_skb+0x140/0x710
[  208.099331][ T9865]  ? __alloc_skb+0x5b7/0x710
[  208.099347][ T9865]  __alloc_skb+0x140/0x710
[  208.099361][ T9865]  ? __alloc_skb+0x5b7/0x710
[  208.099376][ T9865]  ? __pfx___alloc_skb+0x10/0x10
[  208.099394][ T9865]  alloc_skb_with_frags+0xdd/0x760
[  208.099405][ T9865]  ? __might_fault+0xc5/0x140
[  208.099419][ T9865]  ? __might_fault+0xc5/0x140
[  208.099439][ T9865]  sock_alloc_send_pskb+0x801/0x980
[  208.099454][ T9865]  ? _copy_from_iter+0x270/0x1690
[  208.099470][ T9865]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  208.099484][ T9865]  ? find_held_lock+0x2b/0x80
[  208.099493][ T9865]  ? dev_get_by_index+0x180/0x380
[  208.099508][ T9865]  ? dev_get_by_index+0x180/0x380
[  208.099527][ T9865]  packet_sendmsg+0x1eda/0x5100
[  208.099545][ T9865]  ? __lock_acquire+0x4a5/0x2630
[  208.099561][ T9865]  ? sock_has_perm+0x25a/0x2f0
[  208.099575][ T9865]  ? __pfx_sock_has_perm+0x10/0x10
[  208.099590][ T9865]  ? __pfx_packet_sendmsg+0x10/0x10
[  208.099620][ T9865]  __sys_sendto+0x468/0x4b0
[  208.099642][ T9865]  ? __pfx_packet_sendmsg+0x10/0x10
[  208.099664][ T9865]  ? __pfx___sys_sendto+0x10/0x10
[  208.099709][ T9865]  ? ksys_write+0x1ac/0x250
[  208.099729][ T9865]  ? __pfx_ksys_write+0x10/0x10
[  208.099752][ T9865]  __x64_sys_sendto+0xe0/0x1c0
[  208.099776][ T9865]  ? do_syscall_64+0x90/0x870
[  208.099800][ T9865]  ? lockdep_hardirqs_on+0x78/0x100
[  208.099822][ T9865]  do_syscall_64+0x115/0x870
[  208.099845][ T9865]  ? clear_bhb_loop+0x40/0x90
[  208.099868][ T9865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.099886][ T9865] RIP: 0033:0x7fae48d9ce59
[  208.099901][ T9865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  208.099918][ T9865] RSP: 002b:00007fae49cc7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  208.099940][ T9865] RAX: ffffffffffffffda RBX: 00007fae49015fa0 RCX: 00007fae48d9ce59
[  208.099952][ T9865] RDX: 000000000000e90c RSI: 00002000000000c0 RDI: 0000000000000006
[  208.099962][ T9865] RBP: 00007fae49cc7090 R08: 0000200000000540 R09: 0000000000000014
[  208.099973][ T9865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.099982][ T9865] R13: 00007fae49016038 R14: 00007fae49015fa0 R15: 00007ffda8abfbe8
[  208.100006][ T9865]  </TASK>
[  208.370217][ T9871] fuse: Unknown parameter '0x0000000000000003'
[  208.697331][   T40] audit: type=1400 audit(1780195096.094:597): avc:  denied  { setattr } for  pid=9852 comm="syz.1.1328" name="/" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  208.729899][ T9880] program syz.1.1337 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  208.729930][ T9881] program syz.1.1337 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  208.848836][ T9885] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[  208.851694][ T9885] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1338'.
[  209.228530][ T9893] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1340'.
[  209.296331][ T9897] support for cryptoloop has been removed.  Use dm-crypt instead.
[  209.307949][ T9897] xt_hashlimit: size too large, truncated to 1048576
[  209.440592][ T9906] No control pipe specified
[  209.483895][ T9902] FAULT_INJECTION: forcing a failure.
[  209.483895][ T9902] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.488849][ T9902] CPU: 1 UID: 0 PID: 9902 Comm: syz.1.1343 Not tainted syzkaller #0 PREEMPT(full) 
[  209.488867][ T9902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  209.488877][ T9902] Call Trace:
[  209.488884][ T9902]  <TASK>
[  209.488890][ T9902]  dump_stack_lvl+0x100/0x190
[  209.488912][ T9902]  should_fail_ex.cold+0x5/0xa
[  209.488936][ T9902]  _copy_from_user+0x2e/0xd0
[  209.488957][ T9902]  move_addr_to_kernel+0x65/0x170
[  209.488975][ T9902]  copy_msghdr_from_user+0x417/0x4f0
[  209.488995][ T9902]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  209.489041][ T9902]  ___sys_sendmsg+0x106/0x1e0
[  209.489061][ T9902]  ? __pfx____sys_sendmsg+0x10/0x10
[  209.489105][ T9902]  __sys_sendmsg+0x170/0x220
[  209.489130][ T9902]  ? __pfx___sys_sendmsg+0x10/0x10
[  209.489163][ T9902]  ? rcu_is_watching+0x12/0xc0
[  209.489186][ T9902]  do_syscall_64+0x115/0x870
[  209.489207][ T9902]  ? clear_bhb_loop+0x40/0x90
[  209.489227][ T9902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.489243][ T9902] RIP: 0033:0x7f6c1a39ce59
[  209.489256][ T9902] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  209.489270][ T9902] RSP: 002b:00007f6c1b2f2028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  209.489282][ T9902] RAX: ffffffffffffffda RBX: 00007f6c1a615fa0 RCX: 00007f6c1a39ce59
[  209.489293][ T9902] RDX: 0000000000000005 RSI: 0000200000000280 RDI: 0000000000000007
[  209.489303][ T9902] RBP: 00007f6c1b2f2090 R08: 0000000000000000 R09: 0000000000000000
[  209.489313][ T9902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.489322][ T9902] R13: 00007f6c1a616038 R14: 00007f6c1a615fa0 R15: 00007fff086132a8
[  209.489344][ T9902]  </TASK>
[  209.627610][   T40] audit: type=1400 audit(1780195097.024:598): avc:  denied  { connect } for  pid=9911 comm="syz.2.1346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  209.638166][ T9917] fuse: Unknown parameter '0x0000000000000003'
[  210.062748][   T34] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  210.217814][   T34] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  210.221088][   T34] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  210.227046][   T34] usb 9-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  210.230055][   T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.232676][   T34] usb 9-1: Product: syz
[  210.233988][   T34] usb 9-1: Manufacturer: syz
[  210.235431][   T34] usb 9-1: SerialNumber: syz
[  210.238427][   T34] usb 9-1: config 0 descriptor??
[  210.241432][   T34] adutux 9-1:0.0: interrupt endpoints not found
[  210.645960][   T40] audit: type=1400 audit(1780195098.044:599): avc:  denied  { map } for  pid=9936 comm="syz.2.1355" path="/dev/usbmon0" dev="devtmpfs" ino=738 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  210.713790][ T9941] fuse: Unknown parameter 'grou00000000000000000000'
[  211.062745][ T7396] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  211.242686][ T7396] usb 5-1: Using ep0 maxpacket: 8
[  211.246378][ T7396] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  211.249799][ T7396] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  211.253310][ T7396] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  211.257212][ T7396] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  211.260983][ T7396] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  211.266268][ T7396] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  211.269886][ T7396] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.477200][ T7396] usb 5-1: usb_control_msg returned -32
[  211.482057][ T7396] usbtmc 5-1:16.0: can't read capabilities
[  211.581281][ T9955] fuse: Unknown parameter '0x0000000000000003'
[  211.797086][ T9963] FAULT_INJECTION: forcing a failure.
[  211.797086][ T9963] name failslab, interval 1, probability 0, space 0, times 0
[  211.800909][ T9963] CPU: 0 UID: 0 PID: 9963 Comm: syz.1.1365 Not tainted syzkaller #0 PREEMPT(full) 
[  211.800995][ T9963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  211.801002][ T9963] Call Trace:
[  211.801006][ T9963]  <TASK>
[  211.801010][ T9963]  dump_stack_lvl+0x100/0x190
[  211.801032][ T9963]  should_fail_ex.cold+0x5/0xa
[  211.801048][ T9963]  should_failslab+0xc2/0x120
[  211.801060][ T9963]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  211.801076][ T9963]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  211.801089][ T9963]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.801102][ T9963]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  211.801118][ T9963]  mmu_topup_memory_caches+0x25/0x170
[  211.801134][ T9963]  kvm_mmu_load+0xd6/0x23e0
[  211.801148][ T9963]  ? vmx_vcpu_load_vmcs+0x21d/0x760
[  211.801166][ T9963]  ? __pfx_kvm_mmu_load+0x10/0x10
[  211.801178][ T9963]  ? __lock_acquire+0x4a5/0x2630
[  211.801196][ T9963]  kvm_arch_vcpu_pre_fault_memory+0x6ab/0x800
[  211.801211][ T9963]  ? __pfx_kvm_arch_vcpu_pre_fault_memory+0x10/0x10
[  211.801230][ T9963]  kvm_vcpu_ioctl+0x100d/0x1720
[  211.801242][ T9963]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  211.801253][ T9963]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  211.801267][ T9963]  ? do_vfs_ioctl+0x226/0x13e0
[  211.801278][ T9963]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  211.801293][ T9963]  ? __fget_files+0x215/0x3d0
[  211.801306][ T9963]  ? hook_file_ioctl_common+0x149/0x410
[  211.801325][ T9963]  ? selinux_file_ioctl+0x13b/0x290
[  211.801341][ T9963]  ? selinux_file_ioctl+0xb6/0x290
[  211.801357][ T9963]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  211.801368][ T9963]  __x64_sys_ioctl+0x18e/0x210
[  211.801380][ T9963]  do_syscall_64+0x115/0x870
[  211.801427][ T9963]  ? clear_bhb_loop+0x40/0x90
[  211.801440][ T9963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.801451][ T9963] RIP: 0033:0x7f6c1a39ce59
[  211.801460][ T9963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  211.801471][ T9963] RSP: 002b:00007f6c1b2f2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  211.801481][ T9963] RAX: ffffffffffffffda RBX: 00007f6c1a615fa0 RCX: 00007f6c1a39ce59
[  211.801488][ T9963] RDX: 00002000000000c0 RSI: 00000000c040aed5 RDI: 0000000000000006
[  211.801494][ T9963] RBP: 00007f6c1b2f2090 R08: 0000000000000000 R09: 0000000000000000
[  211.801500][ T9963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  211.801506][ T9963] R13: 00007f6c1a616038 R14: 00007f6c1a615fa0 R15: 00007fff086132a8
[  211.801520][ T9963]  </TASK>
[  211.900330][ T9964] usbtmc 5-1:16.0: usb_control_msg returned -32
[  212.063598][    T9] usb 5-1: USB disconnect, device number 27
[  212.525963][ T9983] fuse: Unknown parameter 'grou00000000000000000000'
[  212.823089][   T24] usb 9-1: USB disconnect, device number 8
[  213.069717][T10001] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1376'.
[  213.081690][T10001] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  213.092683][ T3268] usb 7-1: new high-speed USB device number 31 using dummy_hcd
[  213.252661][ T3268] usb 7-1: Using ep0 maxpacket: 32
[  213.256719][ T3268] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  213.260154][ T3268] usb 7-1: config 0 has no interface number 0
[  213.265058][ T3268] usb 7-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  213.268844][ T3268] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.272163][ T3268] usb 7-1: Product: syz
[  213.274179][ T3268] usb 7-1: Manufacturer: syz
[  213.276199][ T3268] usb 7-1: SerialNumber: syz
[  213.282826][ T3268] usb 7-1: config 0 descriptor??
[  213.324223][ T3268] usb 7-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  213.329092][ T3268] usb 7-1: selecting invalid altsetting 1
[  213.331487][ T3268] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  213.338203][ T3268] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  213.342664][ T3268] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  213.346030][ T3268] usb 7-1: media controller created
[  213.357404][ T3268] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  213.424602][T10008] kvm: user requested TSC rate below hardware speed
[  213.430999][T10008] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2149952964 (68798494848 ns) > initial count (536870912 ns). Using initial count to start timer.
[  213.557141][ T3268] usb 7-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  213.570149][ T3268] zl10353_read_register: readreg error (reg=127, ret==-71)
[  213.579932][ T3268] usb 7-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  213.607735][T10011] tipc: Failed to obtain node identity
[  213.609790][T10011] tipc: Enabling of bearer <ib:xfrm0> rejected, failed to enable media
[  213.637056][ T3268] usb 7-1: USB disconnect, device number 31
[  213.916018][T10024] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1384'.
[  213.921659][T10022] Bluetooth: MGMT ver 1.23
[  214.084813][T10028] fuse: Unknown parameter 'grou00000000000000000000'
[  214.381670][T10041] cgroup: fork rejected by pids controller in /syz4
[  214.427209][T10088] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  214.470764][   T40] audit: type=1400 audit(1780195101.864:600): avc:  denied  { create } for  pid=10090 comm="syz.4.1393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  214.479827][   T40] audit: type=1400 audit(1780195101.864:601): avc:  denied  { write } for  pid=10090 comm="syz.4.1393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  214.492869][   T40] audit: type=1400 audit(1780195101.864:602): avc:  denied  { getopt } for  pid=10090 comm="syz.4.1393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  214.512388][T10093] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1394'.
[  214.554927][T10095] mac80211_hwsim hwsim12 wlan1: entered allmulticast mode
[  214.842622][   T34] usb 9-1: new full-speed USB device number 9 using dummy_hcd
[  215.005406][   T34] usb 9-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  215.008406][   T34] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  215.011068][   T34] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  215.267108][T10109] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1401'.
[  215.869574][T10120] x_tables: ip_tables: icmp match: only valid for protocol 1
[  215.875169][T10120] binder: 10119:10120 ioctl c0306201 200000000180 returned -11
[  215.915321][T10122] /dev/sg0: Can't lookup blockdev
[  215.960694][   T40] audit: type=1326 audit(1780195103.354:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10124 comm="syz.0.1406" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5be079ce59 code=0x0
[  216.065240][   T40] audit: type=1326 audit(1780195103.464:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10124 comm="syz.0.1406" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be079ce59 code=0x7ffc0000
[  216.073757][   T40] audit: type=1326 audit(1780195103.464:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10124 comm="syz.0.1406" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be079ce59 code=0x7ffc0000
[  216.081957][   T40] audit: type=1326 audit(1780195103.464:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10124 comm="syz.0.1406" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be079ce59 code=0x7ffc0000
[  216.090716][   T40] audit: type=1326 audit(1780195103.464:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10124 comm="syz.0.1406" exe="/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f5be079ce59 code=0x7ffc0000
[  216.097923][   T40] audit: type=1326 audit(1780195103.464:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10124 comm="syz.0.1406" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be079ce59 code=0x7ffc0000
[  216.104799][   T40] audit: type=1326 audit(1780195103.484:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10124 comm="syz.0.1406" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be079ce59 code=0x7ffc0000
[  216.422851][ T7396] usb 7-1: new low-speed USB device number 32 using dummy_hcd
[  216.532766][ T5749] Bluetooth: hci4: command 0x1003 tx timeout
[  216.532891][ T5098] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  216.574459][ T7396] usb 7-1: config 1 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 64, setting to 8
[  216.579041][ T7396] usb 7-1: config 1 interface 0 altsetting 6 endpoint 0x2 has invalid maxpacket 1024, setting to 8
[  216.584016][ T7396] usb 7-1: config 1 interface 0 has no altsetting 0
[  216.590712][ T7396] usb 7-1: New USB device found, idVendor=11ff, idProduct=3331, bcdDevice= 0.40
[  216.595111][ T7396] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.597826][ T7396] usb 7-1: Product: à°„
[  216.599243][ T7396] usb 7-1: Manufacturer: ⠜
[  216.601068][ T7396] usb 7-1: SerialNumber: Ј
[  216.608636][T10129] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  216.614125][T10129] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  216.653790][T10132] Cannot find add_set index 0 as target
[  216.809947][T10136] fuse: Unknown parameter '0x0000000000000003'
[  216.905242][T10139] loop5: detected capacity change from 0 to 2640
[  216.912896][T10139] buffer_io_error: 5 callbacks suppressed
[  216.912910][T10139] Buffer I/O error on dev loop5, logical block 0, async page read
[  216.918589][T10139] Buffer I/O error on dev loop5, logical block 0, async page read
[  216.921834][T10139] Buffer I/O error on dev loop5, logical block 0, async page read
[  216.929578][T10139] Buffer I/O error on dev loop5, logical block 0, async page read
[  216.933829][T10139] Buffer I/O error on dev loop5, logical block 0, async page read
[  216.937435][T10139] Buffer I/O error on dev loop5, logical block 0, async page read
[  216.940634][T10139] Buffer I/O error on dev loop5, logical block 0, async page read
[  216.943973][T10139] Buffer I/O error on dev loop5, logical block 0, async page read
[  216.947107][T10139] ldm_validate_partition_table(): Disk read failed.
[  216.949753][T10139] Buffer I/O error on dev loop5, logical block 0, async page read
[  216.952969][T10139] Buffer I/O error on dev loop5, logical block 0, async page read
[  216.957983][T10139] Dev loop5: unable to read RDB block 8
[  216.960249][T10139]  loop5: unable to read partition table
[  216.962744][T10139] loop_reread_partitions: partition scan of loop5 (3„¾‚³˜) failed (rc=-5)
[  217.037053][T10143] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1411'.
[  217.037806][ T7396] usbhid 7-1:1.0: can't add hid device: -71
[  217.043461][ T7396] usbhid 7-1:1.0: probe with driver usbhid failed with error -71
[  217.051323][ T7396] usb 7-1: USB disconnect, device number 32
[  217.301830][    C3] vcan0: j1939_tp_rxtimer: 0xffff888057312000: rx timeout, send abort
[  217.617964][    T9] usb 9-1: USB disconnect, device number 9
[  217.770814][T10172] overlayfs: failed to resolve './bus': -2
[  217.802176][    C3] vcan0: j1939_tp_rxtimer: 0xffff888057313400: rx timeout, send abort
[  217.806977][    C3] vcan0: j1939_tp_rxtimer: 0xffff888057312000: abort rx timeout. Force session deactivation
[  217.937511][T10180] overlay: ./file1 is not a directory
[  218.192694][   T34] usb 6-1: new full-speed USB device number 21 using dummy_hcd
[  218.304764][    C3] vcan0: j1939_tp_rxtimer: 0xffff888057313400: abort rx timeout. Force session deactivation
[  218.354055][   T34] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  218.357402][   T34] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  218.360229][   T34] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.515673][T10190] fuse: Unknown parameter 'fd0x0000000000000003'
[  218.720603][T10197] binder: 10196:10197 ioctl c0306201 200000000280 returned -14
[  218.789066][T10202] fuse: Unknown parameter 'group_i00000000000000000000'
[  218.856597][T10204] binder: 10203:10204 ioctl c0306201 200000000280 returned -14
[  218.857143][T10206] FAULT_INJECTION: forcing a failure.
[  218.857143][T10206] name failslab, interval 1, probability 0, space 0, times 0
[  218.865487][T10206] CPU: 2 UID: 0 PID: 10206 Comm: syz.4.1430 Not tainted syzkaller #0 PREEMPT(full) 
[  218.865516][T10206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  218.865527][T10206] Call Trace:
[  218.865535][T10206]  <TASK>
[  218.865543][T10206]  dump_stack_lvl+0x100/0x190
[  218.865595][T10206]  should_fail_ex.cold+0x5/0xa
[  218.865623][T10206]  should_failslab+0xc2/0x120
[  218.865646][T10206]  __kvmalloc_node_noprof+0xfa/0xa00
[  218.865674][T10206]  ? seq_read_iter+0x819/0x1270
[  218.865702][T10206]  seq_read_iter+0x819/0x1270
[  218.865724][T10206]  ? register_lock_class+0x40/0x560
[  218.865757][T10206]  seq_read+0x33b/0x4c0
[  218.865779][T10206]  ? __pfx_seq_read+0x10/0x10
[  218.865806][T10206]  ? lock_acquire+0x1b1/0x370
[  218.865840][T10206]  full_proxy_read+0x135/0x1a0
[  218.865876][T10206]  ? __pfx_full_proxy_read+0x10/0x10
[  218.865904][T10206]  vfs_read+0x1e4/0xb30
[  218.865929][T10206]  ? __pfx_vfs_read+0x10/0x10
[  218.865948][T10206]  ? __fget_files+0x215/0x3d0
[  218.865977][T10206]  ? __fget_files+0x21f/0x3d0
[  218.866008][T10206]  ksys_read+0x12a/0x250
[  218.866028][T10206]  ? __pfx_ksys_read+0x10/0x10
[  218.866050][T10206]  ? rcu_is_watching+0x12/0xc0
[  218.866081][T10206]  do_syscall_64+0x115/0x870
[  218.866116][T10206]  ? clear_bhb_loop+0x40/0x90
[  218.866140][T10206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.866160][T10206] RIP: 0033:0x7f50c519ce59
[  218.866178][T10206] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  218.866195][T10206] RSP: 002b:00007f50c608e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  218.866214][T10206] RAX: ffffffffffffffda RBX: 00007f50c5416090 RCX: 00007f50c519ce59
[  218.866227][T10206] RDX: 0000000000002020 RSI: 0000200000000480 RDI: 0000000000000003
[  218.866239][T10206] RBP: 00007f50c608e090 R08: 0000000000000000 R09: 0000000000000000
[  218.866251][T10206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.866262][T10206] R13: 00007f50c5416128 R14: 00007f50c5416090 R15: 00007fff0ca72888
[  218.866288][T10206]  </TASK>
[  219.516118][T10224] binder: 10223:10224 ioctl c0306201 200000000180 returned -14
[  219.553883][   T40] kauditd_printk_skb: 591 callbacks suppressed
[  219.553900][   T40] audit: type=1400 audit(1780195106.954:1201): avc:  denied  { write } for  pid=10225 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1842 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  219.570932][   T40] audit: type=1400 audit(1780195106.954:1202): avc:  denied  { write } for  pid=10226 comm="syz.2.1436" name="ndctl0" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  219.595906][   T40] audit: type=1400 audit(1780195106.994:1203): avc:  denied  { write } for  pid=10231 comm="rm" name="hook-state" dev="tmpfs" ino=1842 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  219.648596][T10235] bridge: RTM_NEWNEIGH with invalid ether address
[  219.802666][   T34] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[  219.954349][T10244] xt_hashlimit: size too large, truncated to 1048576
[  219.973716][   T34] usb 7-1: Using ep0 maxpacket: 8
[  219.976465][   T34] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 15
[  219.979303][   T34] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  219.983012][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 247, changing to 11
[  219.986327][   T34] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  219.992276][   T34] usb 7-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8
[  219.995500][   T34] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.997910][   T34] usb 7-1: Product: syz
[  219.999228][   T34] usb 7-1: Manufacturer: syz
[  220.000688][   T34] usb 7-1: SerialNumber: syz
[  220.004179][   T34] usb 7-1: config 0 descriptor??
[  220.006845][T10227] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  220.146600][T10252] 9pnet_virtio: no channels available for device syz
[  220.234760][   T34] powermate: Expected payload of 3--6 bytes, found 1024 bytes!
[  220.240721][   T34] input: Griffin SoundKnob as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input12
[  220.293615][   T40] audit: type=1400 audit(1780195107.694:1204): avc:  denied  { map } for  pid=10255 comm="syz.4.1443" path="socket:[32258]" dev="sockfs" ino=32258 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  220.315692][   T40] audit: type=1400 audit(1780195107.704:1205): avc:  denied  { read } for  pid=10255 comm="syz.4.1443" path="socket:[32258]" dev="sockfs" ino=32258 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  220.332644][   T40] audit: type=1400 audit(1780195107.704:1206): avc:  denied  { ioctl } for  pid=10255 comm="syz.4.1443" path="socket:[32258]" dev="sockfs" ino=32258 ioctlcmd=0x6e80 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  220.431960][    C3] powermate: config urb returned -71
[  220.435428][    C3] powermate: config urb returned -71
[  220.435818][   T10] usb 7-1: USB disconnect, device number 33
[  220.437107][    C3] powermate: usb_submit_urb(config) failed
[  220.437141][    C3] powermate 7-1:0.0: powermate_irq - usb_submit_urb failed with result: -19
[  220.512188][T10266] fuse: Bad value for 'group_id'
[  220.520686][T10266] fuse: Bad value for 'group_id'
[  220.712696][   T34] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  220.874238][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  220.878590][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  220.882407][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  220.886934][   T34] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 8240, setting to 1024
[  220.892112][   T34] usb 9-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  220.895798][   T34] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.898806][   T34] usb 9-1: Product: syz
[  220.900630][   T34] usb 9-1: Manufacturer: syz
[  220.902510][   T34] usb 9-1: SerialNumber: syz
[  220.905362][   T34] usb 9-1: config 0 descriptor??
[  220.977810][   T24] usb 6-1: USB disconnect, device number 21
[  221.116276][   T34] adutux 9-1:0.0: ADU208  now attached to /dev/usb/adutux0
[  221.124713][   T34] usb 9-1: USB disconnect, device number 10
[  221.252243][T10270] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1448'.
[  221.333095][T10277] kvm: user requested TSC rate below hardware speed
[  221.339187][T10277] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2149952964 (68798494848 ns) > initial count (536870912 ns). Using initial count to start timer.
[  221.560916][T10288] trusted_key: encrypted_key: keyword 'load' not allowed when called from .update method
[  221.659412][T10292] binder: 10290:10292 ioctl c0306201 200000000280 returned -14
[  221.744317][T10300] xt_hashlimit: size too large, truncated to 1048576
[  221.782855][ T3268] usb 6-1: new full-speed USB device number 22 using dummy_hcd
[  221.795169][   T40] audit: type=1400 audit(1780195109.194:1207): avc:  denied  { write } for  pid=10298 comm="syz.2.1459" name="loop-control" dev="devtmpfs" ino=657 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  221.797443][T10301] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.810307][T10301] bridge_slave_0 (unregistering): left allmulticast mode
[  221.813531][T10301] bridge_slave_0 (unregistering): left promiscuous mode
[  221.815875][T10301] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.842683][ T5836] usb 5-1: new full-speed USB device number 28 using dummy_hcd
[  221.848225][T10300] syzkaller1: entered promiscuous mode
[  221.850556][T10300] syzkaller1: entered allmulticast mode
[  221.964252][ T3268] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  221.968642][ T3268] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  221.972648][ T3268] usb 6-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  221.977790][ T3268] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  221.981519][ T3268] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  221.989431][ T3268] usbtmc 6-1:16.0: bulk endpoints not found
[  222.004446][ T5836] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  222.008503][ T5836] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  222.013454][ T5836] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  222.016284][ T5836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.021725][ T5836] usbtmc 5-1:16.0: bulk endpoints not found
[  222.080151][T10305] binder: 10304:10305 ioctl c0306201 200000000180 returned -14
[  222.119460][   T40] audit: type=1400 audit(1780195109.514:1208): avc:  denied  { read } for  pid=10306 comm="syz.2.1461" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  222.154867][T10310] FAULT_INJECTION: forcing a failure.
[  222.154867][T10310] name failslab, interval 1, probability 0, space 0, times 0
[  222.159260][T10310] CPU: 3 UID: 0 PID: 10310 Comm: syz.2.1462 Not tainted syzkaller #0 PREEMPT(full) 
[  222.159284][T10310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  222.159295][T10310] Call Trace:
[  222.159302][T10310]  <TASK>
[  222.159309][T10310]  dump_stack_lvl+0x100/0x190
[  222.159338][T10310]  should_fail_ex.cold+0x5/0xa
[  222.159364][T10310]  ? tomoyo_realpath_from_path+0xb6/0x690
[  222.159392][T10310]  should_failslab+0xc2/0x120
[  222.159415][T10310]  __kmalloc_noprof+0xe0/0x850
[  222.159439][T10310]  ? kfree+0x1dd/0x6c0
[  222.159467][T10310]  tomoyo_realpath_from_path+0xb6/0x690
[  222.159500][T10310]  tomoyo_path_number_perm+0x23c/0x580
[  222.159525][T10310]  ? tomoyo_path_number_perm+0x22e/0x580
[  222.159551][T10310]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  222.159601][T10310]  ? find_held_lock+0x2b/0x80
[  222.159620][T10310]  ? __fget_files+0x215/0x3d0
[  222.159642][T10310]  ? hook_file_ioctl_common+0x149/0x410
[  222.159661][T10310]  ? __fget_files+0x215/0x3d0
[  222.159688][T10310]  ? __fget_files+0x21f/0x3d0
[  222.159713][T10310]  security_file_ioctl+0xd3/0x230
[  222.159740][T10310]  __x64_sys_ioctl+0xb7/0x210
[  222.159761][T10310]  do_syscall_64+0x115/0x870
[  222.159783][T10310]  ? clear_bhb_loop+0x40/0x90
[  222.159806][T10310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.159824][T10310] RIP: 0033:0x7fae48d9ce59
[  222.159839][T10310] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  222.159859][T10310] RSP: 002b:00007fae49cc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  222.159877][T10310] RAX: ffffffffffffffda RBX: 00007fae49015fa0 RCX: 00007fae48d9ce59
[  222.159889][T10310] RDX: 0000200000000180 RSI: 00000000c0306201 RDI: 0000000000000005
[  222.159899][T10310] RBP: 00007fae49cc7090 R08: 0000000000000000 R09: 0000000000000000
[  222.159910][T10310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  222.159920][T10310] R13: 00007fae49016038 R14: 00007fae49015fa0 R15: 00007ffda8abfbe8
[  222.159945][T10310]  </TASK>
[  222.159953][T10310] ERROR: Out of memory at tomoyo_realpath_from_path.
[  222.247240][T10310] binder: 10309:10310 ioctl c0306201 200000000180 returned -14
[  222.281417][T10312] binder: 10311:10312 ioctl c0306201 200000000180 returned -14
[  222.329132][T10314] ieee802154 phy0 wpan0: encryption failed: -22
[  222.602911][   T10] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[  222.754178][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  222.758543][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  222.761892][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  222.765386][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 8240, setting to 1024
[  222.770510][   T10] usb 7-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  222.773530][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.776199][   T10] usb 7-1: Product: syz
[  222.777566][   T10] usb 7-1: Manufacturer: syz
[  222.779013][   T10] usb 7-1: SerialNumber: syz
[  222.782152][   T10] usb 7-1: config 0 descriptor??
[  222.895475][T10327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  222.900571][T10327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  222.989543][   T10] adutux 7-1:0.0: ADU208  now attached to /dev/usb/adutux0
[  222.994118][   T10] usb 7-1: USB disconnect, device number 34
[  223.535603][T10336] fuse: Bad value for 'fd'
[  224.409925][   T40] audit: type=1400 audit(1780195111.804:1209): avc:  denied  { setattr } for  pid=10343 comm="syz.4.1472" name="sg0" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  224.461796][T10348] bond0: Error: CAN devices cannot be enslaved
[  224.504012][T10350] FAULT_INJECTION: forcing a failure.
[  224.504012][T10350] name failslab, interval 1, probability 0, space 0, times 0
[  224.509144][T10350] CPU: 2 UID: 0 PID: 10350 Comm: syz.4.1475 Not tainted syzkaller #0 PREEMPT(full) 
[  224.509160][T10350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  224.509166][T10350] Call Trace:
[  224.509171][T10350]  <TASK>
[  224.509175][T10350]  dump_stack_lvl+0x100/0x190
[  224.509192][T10350]  should_fail_ex.cold+0x5/0xa
[  224.509259][T10350]  should_failslab+0xc2/0x120
[  224.509275][T10350]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  224.509291][T10350]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  224.509304][T10350]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.509319][T10350]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  224.509343][T10350]  mmu_topup_memory_caches+0x25/0x170
[  224.509371][T10350]  kvm_mmu_load+0xd6/0x23e0
[  224.509395][T10350]  ? vmx_vcpu_load_vmcs+0x21d/0x760
[  224.509414][T10350]  ? __pfx_kvm_mmu_load+0x10/0x10
[  224.509426][T10350]  ? __lock_acquire+0x4a5/0x2630
[  224.509444][T10350]  kvm_arch_vcpu_pre_fault_memory+0x6ab/0x800
[  224.509460][T10350]  ? __pfx_kvm_arch_vcpu_pre_fault_memory+0x10/0x10
[  224.509478][T10350]  kvm_vcpu_ioctl+0x100d/0x1720
[  224.509491][T10350]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  224.509502][T10350]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  224.509517][T10350]  ? do_vfs_ioctl+0x226/0x13e0
[  224.509529][T10350]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  224.509545][T10350]  ? __fget_files+0x215/0x3d0
[  224.509557][T10350]  ? hook_file_ioctl_common+0x149/0x410
[  224.509573][T10350]  ? selinux_file_ioctl+0x13b/0x290
[  224.509588][T10350]  ? selinux_file_ioctl+0xb6/0x290
[  224.509605][T10350]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  224.509616][T10350]  __x64_sys_ioctl+0x18e/0x210
[  224.509629][T10350]  do_syscall_64+0x115/0x870
[  224.509643][T10350]  ? clear_bhb_loop+0x40/0x90
[  224.509656][T10350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.509667][T10350] RIP: 0033:0x7f50c519ce59
[  224.509677][T10350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  224.509688][T10350] RSP: 002b:00007f50c60af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  224.509698][T10350] RAX: ffffffffffffffda RBX: 00007f50c5415fa0 RCX: 00007f50c519ce59
[  224.509705][T10350] RDX: 00002000000000c0 RSI: 00000000c040aed5 RDI: 0000000000000006
[  224.509712][T10350] RBP: 00007f50c60af090 R08: 0000000000000000 R09: 0000000000000000
[  224.509718][T10350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  224.509724][T10350] R13: 00007f50c5416038 R14: 00007f50c5415fa0 R15: 00007fff0ca72888
[  224.509741][T10350]  </TASK>
[  224.560652][T10353] FAULT_INJECTION: forcing a failure.
[  224.560652][T10353] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  224.560672][T10353] CPU: 0 UID: 0 PID: 10353 Comm: syz.2.1476 Not tainted syzkaller #0 PREEMPT(full) 
[  224.560685][T10353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  224.560691][T10353] Call Trace:
[  224.560695][T10353]  <TASK>
[  224.560700][T10353]  dump_stack_lvl+0x100/0x190
[  224.560759][T10353]  should_fail_ex.cold+0x5/0xa
[  224.560773][T10353]  ? prepare_alloc_pages+0x16d/0x5f0
[  224.560787][T10353]  should_fail_alloc_page+0xeb/0x140
[  224.560801][T10353]  prepare_alloc_pages+0x1f0/0x5f0
[  224.560814][T10353]  ? look_up_lock_class+0x55/0x120
[  224.560830][T10353]  __alloc_frozen_pages_noprof+0x19a/0x2bc0
[  224.560849][T10353]  ? __lock_acquire+0x4a5/0x2630
[  224.560863][T10353]  ? stack_depot_save_flags+0x27/0x9d0
[  224.560878][T10353]  ? is_bpf_text_address+0x94/0x1a0
[  224.560892][T10353]  ? kernel_text_address+0x8d/0x100
[  224.560907][T10353]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  224.560927][T10353]  ? rcu_is_watching+0x12/0xc0
[  224.560945][T10353]  ? __mutex_lock+0x26d/0x1b10
[  224.560959][T10353]  ? find_held_lock+0x2b/0x80
[  224.560968][T10353]  ? binder_alloc_new_buf+0x16e2/0x30b0
[  224.560981][T10353]  ? binder_alloc_new_buf+0x16e2/0x30b0
[  224.560994][T10353]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  224.561008][T10353]  ? policy_nodemask+0xed/0x4f0
[  224.561021][T10353]  alloc_pages_mpol+0x1fb/0x540
[  224.561033][T10353]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  224.561046][T10353]  ? binder_alloc_new_buf+0x15b7/0x30b0
[  224.561059][T10353]  ? binder_alloc_new_buf+0x15b7/0x30b0
[  224.561072][T10353]  alloc_pages_noprof+0x1a/0x160
[  224.561087][T10353]  binder_alloc_new_buf+0x192e/0x30b0
[  224.561105][T10353]  ? __pfx_binder_alloc_new_buf+0x10/0x10
[  224.561122][T10353]  binder_transaction+0x1eb0/0x9c10
[  224.561139][T10353]  ? __lock_acquire+0x4a5/0x2630
[  224.561158][T10353]  ? __pfx_binder_transaction+0x10/0x10
[  224.561172][T10353]  ? __lock_acquire+0x4a5/0x2630
[  224.561191][T10353]  ? find_held_lock+0x2b/0x80
[  224.561200][T10353]  ? is_bpf_text_address+0x8a/0x1a0
[  224.561241][T10353]  ? is_bpf_text_address+0x8a/0x1a0
[  224.561260][T10353]  ? bpf_ksym_find+0x128/0x1c0
[  224.561286][T10353]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  224.561307][T10353]  ? is_bpf_text_address+0x94/0x1a0
[  224.561330][T10353]  ? kernel_text_address+0x8d/0x100
[  224.561351][T10353]  ? __lock_acquire+0x4a5/0x2630
[  224.561364][T10353]  ? __lock_acquire+0x4a5/0x2630
[  224.561381][T10353]  ? find_held_lock+0x2b/0x80
[  224.561390][T10353]  ? __might_fault+0xc5/0x140
[  224.561405][T10353]  ? __might_fault+0xc5/0x140
[  224.561425][T10353]  binder_thread_write+0x9d6/0x4db0
[  224.561442][T10353]  ? __lock_acquire+0x4a5/0x2630
[  224.561454][T10353]  ? __pfx_binder_thread_write+0x10/0x10
[  224.561467][T10353]  ? binder_debug+0xe0/0x190
[  224.561502][T10353]  ? __pfx_binder_debug+0x10/0x10
[  224.561522][T10353]  ? __might_fault+0xc5/0x140
[  224.561542][T10353]  binder_ioctl+0x28f8/0x7550
[  224.561559][T10353]  ? tomoyo_path_number_perm+0x188/0x580
[  224.561578][T10353]  ? __pfx_binder_ioctl+0x10/0x10
[  224.561591][T10353]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  224.561604][T10353]  ? do_vfs_ioctl+0x226/0x13e0
[  224.561616][T10353]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  224.561627][T10353]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  224.561649][T10353]  ? hook_file_ioctl_common+0x149/0x410
[  224.561664][T10353]  ? selinux_file_ioctl+0x13b/0x290
[  224.561679][T10353]  ? selinux_file_ioctl+0xb6/0x290
[  224.561695][T10353]  ? __pfx_binder_ioctl+0x10/0x10
[  224.561707][T10353]  __x64_sys_ioctl+0x18e/0x210
[  224.561719][T10353]  do_syscall_64+0x115/0x870
[  224.561733][T10353]  ? clear_bhb_loop+0x40/0x90
[  224.561753][T10353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  224.561764][T10353] RIP: 0033:0x7fae48d9ce59
[  224.561774][T10353] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  224.561785][T10353] RSP: 002b:00007fae49ca6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  224.561796][T10353] RAX: ffffffffffffffda RBX: 00007fae49016090 RCX: 00007fae48d9ce59
[  224.561803][T10353] RDX: 0000200000000480 RSI: 00000000c0306201 RDI: 0000000000000003
[  224.561810][T10353] RBP: 00007fae49ca6090 R08: 0000000000000000 R09: 0000000000000000
[  224.561816][T10353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  224.561823][T10353] R13: 00007fae49016128 R14: 00007fae49016090 R15: 00007ffda8abfbe8
[  224.561837][T10353]  </TASK>
[  224.751818][    T9] usb 5-1: USB disconnect, device number 28
[  224.823083][  T845] usb 6-1: USB disconnect, device number 22
[  224.852175][T10361] netlink: 276 bytes leftover after parsing attributes in process `syz.1.1479'.
[  224.911361][T10365] binder: 10363:10365 ioctl c0306201 200000000180 returned -14
[  225.162667][    T9] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  225.314455][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  225.318421][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  225.321473][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  225.325527][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 8240, setting to 1024
[  225.331440][    T9] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  225.334411][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.336963][    T9] usb 5-1: Product: syz
[  225.338292][    T9] usb 5-1: Manufacturer: syz
[  225.340022][    T9] usb 5-1: SerialNumber: syz
[  225.345018][    T9] usb 5-1: config 0 descriptor??
[  225.394854][  T845] usb 6-1: new full-speed USB device number 23 using dummy_hcd
[  225.431465][T10386] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1486'.
[  225.434270][T10386] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1486'.
[  225.467807][T10391] netlink: 'syz.2.1487': attribute type 28 has an invalid length.
[  225.470380][T10391] netlink: 'syz.2.1487': attribute type 3 has an invalid length.
[  225.473269][T10391] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1487'.
[  225.544242][  T845] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  225.548281][  T845] usb 6-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  225.553710][  T845] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  225.556628][    T9] adutux 5-1:0.0: ADU208  now attached to /dev/usb/adutux0
[  225.558899][  T845] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.561259][  T845] usbtmc 6-1:16.0: bulk endpoints not found
[  225.570087][    T9] usb 5-1: USB disconnect, device number 29
[  226.396882][T10401] bridge1: entered promiscuous mode
[  226.398646][T10401] bridge1: entered allmulticast mode
[  226.406603][T10401] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1490'.
[  226.409827][T10401] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1490'.
[  226.470687][T10403] ucma_write: process 904 (syz.2.1491) changed security contexts after opening file descriptor, this is not allowed.
[  226.514229][   T40] audit: type=1400 audit(1780195113.914:1210): avc:  denied  { getopt } for  pid=10402 comm="syz.2.1491" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  226.514856][T10403] syzkaller1: entered promiscuous mode
[  226.522943][T10403] syzkaller1: entered allmulticast mode
[  228.154687][ T5837] usb 6-1: USB disconnect, device number 23
[  229.056360][T10422] netlink: 'syz.1.1495': attribute type 2 has an invalid length.
[  229.147606][T10432] Mount JFS Failure: -5
[  229.150503][T10432] jfs_mount failed w/return code = -5
[  229.225449][   T40] audit: type=1400 audit(1780195116.624:1211): avc:  denied  { bind } for  pid=10436 comm="syz.1.1501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  229.236394][   T40] audit: type=1400 audit(1780195116.624:1212): avc:  denied  { connect } for  pid=10436 comm="syz.1.1501" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  229.243154][T10440] iommufd_mock iommufd_mock0: Adding to iommu group 9
[  229.329719][   T40] audit: type=1400 audit(1780195116.724:1213): avc:  denied  { load_policy } for  pid=10436 comm="syz.1.1501" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  229.330856][T10446] SELinux: ebitmap: start bit 0 comes after start bit 0
[  229.341922][T10446] SELinux: failed to load policy
[  229.352746][ T5846] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  229.504777][ T5846] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  229.509314][ T5846] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  229.513700][ T5846] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  229.518203][ T5846] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 8240, setting to 1024
[  229.524989][ T5846] usb 7-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  229.528921][ T5846] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.532282][ T5846] usb 7-1: Product: syz
[  229.534606][ T5846] usb 7-1: Manufacturer: syz
[  229.536669][ T5846] usb 7-1: SerialNumber: syz
[  229.540992][ T5846] usb 7-1: config 0 descriptor??
[  229.562625][ T5836] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  229.713175][ T5836] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  229.716522][ T5836] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  229.719413][ T5836] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  229.723227][ T5836] usb 5-1: config 0 interface 0 has no altsetting 0
[  229.726476][ T5836] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  229.729371][ T5836] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  229.732977][ T5836] usb 5-1: config 0 interface 0 has no altsetting 0
[  229.736112][ T5836] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  229.738988][ T5836] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  229.742349][ T5836] usb 5-1: config 0 interface 0 has no altsetting 0
[  229.745287][ T5836] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  229.746405][    C2] raw-gadget.0 gadget.2: ignoring, device is not running
[  229.748212][ T5836] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  229.753711][ T5836] usb 5-1: config 0 interface 0 has no altsetting 0
[  229.755479][ T5846] adutux 7-1:0.0: ADU208  now attached to /dev/usb/adutux0
[  229.756662][ T5836] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  229.760893][ T5836] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  229.761383][ T5846] usb 7-1: USB disconnect, device number 35
[  229.764335][ T5836] usb 5-1: config 0 interface 0 has no altsetting 0
[  229.769271][ T5836] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  229.771999][ T5836] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  229.775610][ T5836] usb 5-1: config 0 interface 0 has no altsetting 0
[  229.778472][ T5836] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  229.782130][ T5836] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  229.785847][ T5836] usb 5-1: config 0 interface 0 has no altsetting 0
[  229.788661][ T5836] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  229.791418][ T5836] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  229.794985][ T5836] usb 5-1: config 0 interface 0 has no altsetting 0
[  229.799025][ T5836] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  229.801857][ T5836] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  229.804482][ T5836] usb 5-1: Product: syz
[  229.805818][ T5836] usb 5-1: Manufacturer: syz
[  229.807232][ T5836] usb 5-1: SerialNumber: syz
[  229.810802][ T5836] usb 5-1: config 0 descriptor??
[  229.815893][ T5836] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  230.018410][T10445] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  230.021281][T10445] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  230.033814][T10448] kvm: user requested TSC rate below hardware speed
[  230.039472][T10448] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2149952964 (68798494848 ns) > initial count (536870912 ns). Using initial count to start timer.
[  230.120323][T10455] dlm: non-version read from control device 0
[  230.219293][T10457] binder: 10456:10457 ioctl c0306201 200000000280 returned -14
[  230.272263][   T40] audit: type=1400 audit(1780195117.664:1214): avc:  denied  { bind } for  pid=10461 comm="syz.4.1510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  230.282390][   T40] audit: type=1400 audit(1780195117.664:1215): avc:  denied  { name_bind } for  pid=10461 comm="syz.4.1510" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  230.294268][   T40] audit: type=1400 audit(1780195117.664:1216): avc:  denied  { node_bind } for  pid=10461 comm="syz.4.1510" saddr=224.0.0.1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  230.307173][ T5749] Bluetooth: hci4: sending frame failed (-49)
[  230.308930][   T40] audit: type=1400 audit(1780195117.684:1217): avc:  denied  { accept } for  pid=10461 comm="syz.4.1510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  230.315644][ T5098] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  230.316898][   T40] audit: type=1400 audit(1780195117.694:1218): avc:  denied  { write } for  pid=10461 comm="syz.4.1510" path="socket:[34900]" dev="sockfs" ino=34900 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  230.381953][   T40] audit: type=1400 audit(1780195117.774:1219): avc:  denied  { write } for  pid=10468 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1842 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  230.390095][T10473] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1513'.
[  230.411023][T10476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1514'.
[  230.416249][T10476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1514'.
[  230.419133][T10476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1514'.
[  230.421901][T10476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1514'.
[  230.424802][T10476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1514'.
[  230.448000][T10479] IPVS: set_ctl: invalid protocol: 51 0.0.0.0:20000
[  230.450379][T10479] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.1516'.
[  230.453188][T10479] openvswitch: netlink: Missing key (keys=40, expected=100)
[  230.457181][T10479] binder: 10478:10479 ioctl c0306201 200000000180 returned -14
[  230.465070][T10481] xt_hashlimit: size too large, truncated to 1048576
[  230.526803][T10489] : entered promiscuous mode
[  231.339452][T10505] netlink: 6060 bytes leftover after parsing attributes in process `syz.1.1522'.
[  231.529697][ T5749] Bluetooth: hci4: sending frame failed (-49)
[  231.534004][ T5098] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  231.583055][   T10] usb 6-1: new full-speed USB device number 24 using dummy_hcd
[  231.649712][T10514] netlink: 116 bytes leftover after parsing attributes in process `syz.2.1526'.
[  231.687386][T10518] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1527'.
[  231.719930][   T10] usb 6-1: device descriptor read/64, error -71
[  231.847228][T10520] FAULT_INJECTION: forcing a failure.
[  231.847228][T10520] name failslab, interval 1, probability 0, space 0, times 0
[  231.851915][T10520] CPU: 0 UID: 0 PID: 10520 Comm: syz.2.1528 Not tainted syzkaller #0 PREEMPT(full) 
[  231.851938][T10520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  231.851947][T10520] Call Trace:
[  231.851954][T10520]  <TASK>
[  231.851961][T10520]  dump_stack_lvl+0x100/0x190
[  231.851993][T10520]  should_fail_ex.cold+0x5/0xa
[  231.852017][T10520]  should_failslab+0xc2/0x120
[  231.852037][T10520]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  231.852060][T10520]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  231.852079][T10520]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.852101][T10520]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  231.852126][T10520]  mmu_topup_memory_caches+0x25/0x170
[  231.852148][T10520]  kvm_mmu_load+0xd6/0x23e0
[  231.852171][T10520]  ? vmx_vcpu_load_vmcs+0x21d/0x760
[  231.852197][T10520]  ? __pfx_kvm_mmu_load+0x10/0x10
[  231.852215][T10520]  ? __lock_acquire+0x4a5/0x2630
[  231.852244][T10520]  kvm_arch_vcpu_pre_fault_memory+0x6ab/0x800
[  231.852267][T10520]  ? __pfx_kvm_arch_vcpu_pre_fault_memory+0x10/0x10
[  231.852296][T10520]  kvm_vcpu_ioctl+0x100d/0x1720
[  231.852316][T10520]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  231.852334][T10520]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  231.852356][T10520]  ? do_vfs_ioctl+0x226/0x13e0
[  231.852373][T10520]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  231.852399][T10520]  ? __fget_files+0x215/0x3d0
[  231.852417][T10520]  ? hook_file_ioctl_common+0x149/0x410
[  231.852450][T10520]  ? selinux_file_ioctl+0x13b/0x290
[  231.852472][T10520]  ? selinux_file_ioctl+0xb6/0x290
[  231.852496][T10520]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  231.852514][T10520]  __x64_sys_ioctl+0x18e/0x210
[  231.852533][T10520]  do_syscall_64+0x115/0x870
[  231.852587][T10520]  ? clear_bhb_loop+0x40/0x90
[  231.852607][T10520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.852623][T10520] RIP: 0033:0x7fae48d9ce59
[  231.852638][T10520] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  231.852653][T10520] RSP: 002b:00007fae49cc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  231.852670][T10520] RAX: ffffffffffffffda RBX: 00007fae49015fa0 RCX: 00007fae48d9ce59
[  231.852680][T10520] RDX: 00002000000000c0 RSI: 00000000c040aed5 RDI: 0000000000000006
[  231.852696][T10520] RBP: 00007fae49cc7090 R08: 0000000000000000 R09: 0000000000000000
[  231.852706][T10520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  231.852715][T10520] R13: 00007fae49016038 R14: 00007fae49015fa0 R15: 00007ffda8abfbe8
[  231.852740][T10520]  </TASK>
[  232.002855][   T10] usb 6-1: new full-speed USB device number 25 using dummy_hcd
[  232.053177][    C1] usb 5-1: yurex_control_callback - control failed: -2
[  232.056381][ T7396] usb 5-1: USB disconnect, device number 30
[  232.069677][ T7396] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  232.092323][T10522] pim6reg: entered allmulticast mode
[  232.132982][   T10] usb 6-1: device descriptor read/64, error -71
[  232.243249][   T10] usb usb6-port1: attempt power cycle
[  232.349390][T10529] bad cache= option: none34
[  232.349390][T10529] nr_mlock 0
[  232.349390][T10529] nr_zspages 0
[  232.349390][T10529] nr_free_cma 0
[  232.349390][T10529] numa_hit 1044065
[  232.349390][T10529] numa_miss 97951
[  232.349390][T10529] numa_foreign 97951
[  232.349390][T10529] numa_interleave 7946
[  232.349390][T10529] numa_local 1039624
[  232.349390][T10529] numa_other 102392
[  232.349390][T10529] nr_inactive_anon 578
[  232.349390][T10529] nr_active_anon 28063
[  232.349390][T10529] nr_inactive_file 45700
[  232.349390][T10529] nr_active_file 7963
[  232.349390][T10529] nr_unevictable 1768
[  232.349390][T10529] nr_slab_reclaimable 9130
[  232.349390][T10529] nr_slab_unreclaimable 71210
[  232.349390][T10529] nr_isolated_anon 0
[  232.349390][T10529] nr_isolated_file 0
[  232.349390][T10529] workingset_nodes 184
[  232.349390][T10529] workingset_refault_anon 8
[  232.349390][T10529] workingset_refault_file 1453
[  232.349390][T10529] workingset_activate_anon 8
[  232.349390][T10529] workingset_activate_file 1453
[  232.349390][T10529] workingset_restore_anon 0
[  232.349390][T10529] workingset_restore_file 1344
[  232.349390][T10529] workingset_nodereclaim 0
[  232.349390][T10529] nr_anon_pages 11658
[  232.349390][T10529] nr_mapped 25720
[  232.349390][T10529] nr_file_pages 72434
[  232.349390][T10529] nr_dirty 334
[  232.349390][T10529] nr_writeback 0
[  232.349390][T10529] nr_shmem 18782
[  232.349390][T10529] nr_shmem_hugepages 0
[  232.349390][T10529] nr_shmem_pmdmapped 0
[  232.349390][T10529] nr_file_hugepages 0
[  232.349390][T10529] nr_file_pmdmapped 0
[  232.349390][T10529] nr_anon_transparent_hugepages 0
[  232.349390][T10529] nr_vmscan_write 6549
[  232.349390][T10529] nr_vmscan_immediate_reclaim 1
[  232.349390][T10529] nr_dirtied 11994
[  232.349390][T10529] nr_written 11660
[  232.349390][T10529] nr_throttled_written 0
[  232.349390][T10529] nr_kernel_misc_reclaimable 0
[  232.349390][T10529] nr_foll_pin_acquired 9191
[  232.349390][T10529] nr_foll_pin_released 9191
[  232.349777][T10529] CIFS: VFS: bad cache= option: none34
[  232.349777][T10529] nr_mlock 0
[  232.349777][T10529] nr_zspages 0
[  232.349777][T10529] nr_free_cma 0
[  232.349777][T10529] numa_hit 1044065
[  232.349777][T10529] numa_miss 97951
[  232.349777][T10529] numa_foreign 97951
[  232.349777][T10529] numa_interleave 7946
[  232.349777][T10529] numa_local 1039624
[  232.349777][T10529] numa_other 102392
[  232.349777][T10529] nr_inactive_anon 578
[  232.349777][T10529] nr_active_anon 28063
[  232.349777][T10529] nr_inactive_file 45700
[  232.349777][T10529] nr_active_file 7963
[  232.349777][T10529] nr_unevictable 1768
[  232.349777][T10529] nr_slab_reclaimable 9130
[  232.349777][T10529] nr_slab_unreclaimable 71210
[  232.349777][T10529] nr_isolated_anon 0
[  232.349777][T10529] nr_isolated_file 0
[  232.349777][T10529] workingset_nodes 184
[  232.349777][T10529] workingset_refault_anon 8
[  232.349777][T10529] workingset_refault_file 1453
[  232.349777][T10529] workingset_activate_anon 8
[  232.349777][T10529] workingset_activate_file 1453
[  232.349777][T10529] workingset_restore_anon 0
[  232.349777][T10529] workingset_restore_file 1344
[  232.349777][T10529] workingset_nodereclaim 0
[  232.349777][T10529] nr_anon_pages 11658
[  232.349777][T10529] nr_mapped 25720
[  232.349777][T10529] nr_file_pages 72434
[  232.349777][T10529] nr_dirty 334
[  232.349777][T10529] nr_writeback 0
[  232.349777][T10529] nr_shmem 18782
[  232.349777][T10529] nr_shmem_hugepages 0
[  232.349777][T10529] nr_shmem_pmdmapped 0
[  232.349777][T10529] nr_file_hugepages 0
[  232.349777][T10529] nr_file_pmdmapped 0
[  232.349777][T10529] nr_anon_transparent_hugepages 0
[  232.349777][T10529] nr_vmscan_write 6549
[  232.349777][T10529] nr_vmscan_immediate_reclaim 1
[  232.349777][T10529] nr_dirtied 11994
[  232.349777][T10529] nr_written 11660
[  232.349777][T10529] nr_throttled_written 0
[  232.349777][T10529] nr_kernel_misc_reclaimable 0
[  232.349777][T10529] nr_foll_pin_acquired 9191
[  232.401410][T10530] ieee802154 phy0 wpan0: encryption failed: -22
[  232.582659][   T10] usb 6-1: new full-speed USB device number 26 using dummy_hcd
[  232.603481][   T10] usb 6-1: device descriptor read/8, error -71
[  232.842874][   T10] usb 6-1: new full-speed USB device number 27 using dummy_hcd
[  232.863495][   T10] usb 6-1: device descriptor read/8, error -71
[  232.973407][   T10] usb usb6-port1: unable to enumerate USB device
[  233.139906][T10542] overlayfs: failed lookup in lower (newroot/363, name='file0', err=-40): overlapping layers
[  233.151700][   T40] kauditd_printk_skb: 12 callbacks suppressed
[  233.151713][   T40] audit: type=1400 audit(1780195120.544:1232): avc:  denied  { link } for  pid=10541 comm="syz.2.1536" name="#21" dev="tmpfs" ino=1935 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  233.162322][   T40] audit: type=1400 audit(1780195120.554:1233): avc:  denied  { rename } for  pid=10541 comm="syz.2.1536" name="#22" dev="tmpfs" ino=1935 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  233.511841][T10558] syzkaller1: entered promiscuous mode
[  233.518867][T10558] syzkaller1: entered allmulticast mode
[  233.523817][T10558] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  233.653710][T10562] FAULT_INJECTION: forcing a failure.
[  233.653710][T10562] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  233.658510][T10562] CPU: 1 UID: 0 PID: 10562 Comm: syz.4.1542 Not tainted syzkaller #0 PREEMPT(full) 
[  233.658535][T10562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  233.658546][T10562] Call Trace:
[  233.658552][T10562]  <TASK>
[  233.658559][T10562]  dump_stack_lvl+0x100/0x190
[  233.658586][T10562]  should_fail_ex.cold+0x5/0xa
[  233.658610][T10562]  _copy_to_user+0x32/0xd0
[  233.658636][T10562]  simple_read_from_buffer+0xcb/0x170
[  233.658662][T10562]  proc_fail_nth_read+0x1af/0x230
[  233.658685][T10562]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  233.658707][T10562]  ? rw_verify_area+0xce/0x6d0
[  233.658725][T10562]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  233.658745][T10562]  vfs_read+0x1e4/0xb30
[  233.658766][T10562]  ? __pfx_vfs_read+0x10/0x10
[  233.658784][T10562]  ? __fget_files+0x215/0x3d0
[  233.658810][T10562]  ? __fget_files+0x21f/0x3d0
[  233.658839][T10562]  ksys_read+0x12a/0x250
[  233.658857][T10562]  ? __pfx_ksys_read+0x10/0x10
[  233.658876][T10562]  ? rcu_is_watching+0x12/0xc0
[  233.658907][T10562]  do_syscall_64+0x115/0x870
[  233.658931][T10562]  ? clear_bhb_loop+0x40/0x90
[  233.658954][T10562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.658974][T10562] RIP: 0033:0x7f50c515d68e
[  233.658990][T10562] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  233.659006][T10562] RSP: 002b:00007f50c60aefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  233.659024][T10562] RAX: ffffffffffffffda RBX: 00007f50c60af6c0 RCX: 00007f50c515d68e
[  233.659035][T10562] RDX: 000000000000000f RSI: 00007f50c60af0a0 RDI: 0000000000000006
[  233.659047][T10562] RBP: 00007f50c60af090 R08: 0000000000000000 R09: 0000000000000000
[  233.659057][T10562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  233.659069][T10562] R13: 00007f50c5416038 R14: 00007f50c5415fa0 R15: 00007fff0ca72888
[  233.659095][T10562]  </TASK>
[  233.752699][   T10] usb 5-1: new low-speed USB device number 31 using dummy_hcd
[  233.914439][   T10] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  233.917978][   T10] usb 5-1: config 0 has no interface number 0
[  233.920627][   T10] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  233.927962][   T10] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  233.938500][   T10] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  233.940329][   T40] audit: type=1400 audit(1780195121.334:1234): avc:  denied  { read } for  pid=10567 comm="syz.4.1544" path="socket:[33622]" dev="sockfs" ino=33622 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  233.943569][   T10] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  233.955655][   T10] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  233.959466][   T10] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  233.964705][   T10] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  233.968276][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.973865][   T10] usb 5-1: config 0 descriptor??
[  233.976824][T10560] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  233.986586][   T10] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  234.119656][T10578] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1549'.
[  234.122709][T10580] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1549'.
[  234.182869][T10560] ldusb 5-1:0.55: Couldn't submit interrupt_in_urb -90
[  234.282628][T10578] nbd1: detected capacity change from 0 to 63
[  234.305649][ T5098] block nbd1: Receive control failed (result -104)
[  234.307253][ T5846] usb 5-1: USB disconnect, device number 31
[  234.314457][ T5846] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  234.534511][T10608] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51028 sclass=netlink_route_socket pid=10608 comm=syz.4.1555
[  234.722770][   T10] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  234.852463][T10611] netlink: 'syz.0.1557': attribute type 39 has an invalid length.
[  234.877097][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  234.881161][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  234.885280][   T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  234.891921][   T10] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  234.895341][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.898249][   T10] usb 6-1: Product: syz
[  234.899867][   T10] usb 6-1: Manufacturer: syz
[  234.901708][   T10] usb 6-1: SerialNumber: syz
[  234.906592][   T10] usb 6-1: config 0 descriptor??
[  234.911398][   T10] adutux 6-1:0.0: interrupt endpoints not found
[  235.093574][   T40] audit: type=1400 audit(1780195122.494:1235): avc:  denied  { write } for  pid=10615 comm="syz.0.1558" name="ptp0" dev="devtmpfs" ino=730 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  235.096676][T10616] netlink: 'syz.0.1558': attribute type 1 has an invalid length.
[  235.203992][   T40] audit: type=1400 audit(1780195122.604:1236): avc:  denied  { read } for  pid=10620 comm="syz.0.1560" name="file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  235.213115][   T40] audit: type=1400 audit(1780195122.604:1237): avc:  denied  { open } for  pid=10620 comm="syz.0.1560" path="/376/file0/file0" dev="fuse" ino=64 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  235.227779][T10622] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  235.233865][T10622] block device autoloading is deprecated and will be removed.
[  235.239946][   T40] audit: type=1400 audit(1780195122.634:1238): avc:  denied  { ioctl } for  pid=10620 comm="syz.0.1560" path="/376/file0/file0" dev="fuse" ino=64 ioctlcmd=0x929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  235.343747][T10633] SELinux: syz.0.1564 (10633) wrote to checkreqprot. This is no longer supported.
[  235.353468][   T40] audit: type=1326 audit(1780195122.754:1239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10632 comm="syz.0.1564" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be079ce59 code=0x7ffc0000
[  235.365286][   T40] audit: type=1326 audit(1780195122.754:1240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10632 comm="syz.0.1564" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be079ce59 code=0x7ffc0000
[  235.367184][T10633] vcan1: entered allmulticast mode
[  235.376015][   T40] audit: type=1326 audit(1780195122.764:1241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10632 comm="syz.0.1564" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5be079ce59 code=0x7ffc0000
[  235.534126][ T5749] Bluetooth: hci4: sending frame failed (-49)
[  235.536753][ T5098] Bluetooth: hci4: Opcode 0x1003 failed: -49
[  235.552643][ T5836] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[  235.713365][ T5836] usb 9-1: too many configurations: 9, using maximum allowed: 8
[  235.717879][ T5836] usb 9-1: config 0 has an invalid interface number: 141 but max is 8
[  235.721220][ T5836] usb 9-1: config 0 has 2 interfaces, different from the descriptor's value: 9
[  235.724864][ T5836] usb 9-1: config 0 has no interface number 1
[  235.727843][ T5836] usb 9-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  235.732925][ T5836] usb 9-1: too many endpoints for config 0 interface 141 altsetting 255: 134, using maximum allowed: 30
[  235.737321][ T5836] usb 9-1: config 0 interface 141 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 134
[  235.742710][ T5836] usb 9-1: config 0 interface 0 has no altsetting 0
[  235.745353][ T5836] usb 9-1: config 0 interface 141 has no altsetting 0
[  235.748956][ T5836] usb 9-1: config 0 has an invalid interface number: 141 but max is 8
[  235.752332][ T5836] usb 9-1: config 0 has 2 interfaces, different from the descriptor's value: 9
[  235.756178][ T5836] usb 9-1: config 0 has no interface number 1
[  235.758636][ T5836] usb 9-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  235.763599][ T5836] usb 9-1: too many endpoints for config 0 interface 141 altsetting 255: 134, using maximum allowed: 30
[  235.768050][ T5836] usb 9-1: config 0 interface 141 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 134
[  235.772941][ T5836] usb 9-1: config 0 interface 0 has no altsetting 0
[  235.775300][ T5836] usb 9-1: config 0 interface 141 has no altsetting 0
[  235.779050][ T5836] usb 9-1: config 0 has an invalid interface number: 141 but max is 8
[  235.782482][ T5836] usb 9-1: config 0 has 2 interfaces, different from the descriptor's value: 9
[  235.786184][ T5836] usb 9-1: config 0 has no interface number 1
[  235.788765][ T5836] usb 9-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  235.793856][ T5836] usb 9-1: too many endpoints for config 0 interface 141 altsetting 255: 134, using maximum allowed: 30
[  235.798254][ T5836] usb 9-1: config 0 interface 141 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 134
[  235.803352][ T5836] usb 9-1: config 0 interface 0 has no altsetting 0
[  235.805990][ T5836] usb 9-1: config 0 interface 141 has no altsetting 0
[  235.809552][ T5836] usb 9-1: config 0 has an invalid interface number: 141 but max is 8
[  235.812296][ T5836] usb 9-1: config 0 has 2 interfaces, different from the descriptor's value: 9
[  235.815825][ T5836] usb 9-1: config 0 has no interface number 1
[  235.817772][ T5836] usb 9-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  235.822815][ T5836] usb 9-1: too many endpoints for config 0 interface 141 altsetting 255: 134, using maximum allowed: 30
[  235.827271][ T5836] usb 9-1: config 0 interface 141 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 134
[  235.832367][ T5836] usb 9-1: config 0 interface 0 has no altsetting 0
[  235.835182][ T5836] usb 9-1: config 0 interface 141 has no altsetting 0
[  235.838110][ T5836] usb 9-1: config 0 has an invalid interface number: 141 but max is 8
[  235.841433][ T5836] usb 9-1: config 0 has 2 interfaces, different from the descriptor's value: 9
[  235.845290][ T5836] usb 9-1: config 0 has no interface number 1
[  235.847785][ T5836] usb 9-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  235.852984][ T5836] usb 9-1: too many endpoints for config 0 interface 141 altsetting 255: 134, using maximum allowed: 30
[  235.853673][T10662] fuse: Unknown parameter 'grou00000000000000000000'
[  235.858491][ T5836] usb 9-1: config 0 interface 141 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 134
[  235.865778][ T5836] usb 9-1: config 0 interface 0 has no altsetting 0
[  235.867910][ T5836] usb 9-1: config 0 interface 141 has no altsetting 0
[  235.871630][ T5836] usb 9-1: config 0 has an invalid interface number: 141 but max is 8
[  235.875134][ T5836] usb 9-1: config 0 has 2 interfaces, different from the descriptor's value: 9
[  235.878750][ T5836] usb 9-1: config 0 has no interface number 1
[  235.880772][ T5836] usb 9-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  235.885615][ T5836] usb 9-1: too many endpoints for config 0 interface 141 altsetting 255: 134, using maximum allowed: 30
[  235.889398][ T5836] usb 9-1: config 0 interface 141 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 134
[  235.894804][ T5836] usb 9-1: config 0 interface 0 has no altsetting 0
[  235.897131][ T5836] usb 9-1: config 0 interface 141 has no altsetting 0
[  235.900887][ T5836] usb 9-1: config 0 has an invalid interface number: 141 but max is 8
[  235.904295][ T5836] usb 9-1: config 0 has 2 interfaces, different from the descriptor's value: 9
[  235.907245][ T5836] usb 9-1: config 0 has no interface number 1
[  235.909196][ T5836] usb 9-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  235.914198][ T5836] usb 9-1: too many endpoints for config 0 interface 141 altsetting 255: 134, using maximum allowed: 30
[  235.917823][ T5836] usb 9-1: config 0 interface 141 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 134
[  235.922463][ T5836] usb 9-1: config 0 interface 0 has no altsetting 0
[  235.925172][ T5836] usb 9-1: config 0 interface 141 has no altsetting 0
[  235.928284][ T5836] usb 9-1: config 0 has an invalid interface number: 141 but max is 8
[  235.931676][ T5836] usb 9-1: config 0 has 2 interfaces, different from the descriptor's value: 9
[  235.935463][ T5836] usb 9-1: config 0 has no interface number 1
[  235.937982][ T5836] usb 9-1: config 0 interface 0 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  235.943119][ T5836] usb 9-1: too many endpoints for config 0 interface 141 altsetting 255: 134, using maximum allowed: 30
[  235.946999][ T5836] usb 9-1: config 0 interface 141 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 134
[  235.951905][ T5836] usb 9-1: config 0 interface 0 has no altsetting 0
[  235.954185][ T5836] usb 9-1: config 0 interface 141 has no altsetting 0
[  235.958977][ T5836] usb 9-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  235.962424][ T5836] usb 9-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  235.965363][ T5836] usb 9-1: Product: syz
[  235.967075][ T5836] usb 9-1: Manufacturer: syz
[  235.968955][ T5836] usb 9-1: SerialNumber: syz
[  235.973339][ T5836] usb 9-1: config 0 descriptor??
[  236.246603][ T5836] yurex 9-1:0.0: Could not find endpoints
[  236.251527][ T5836] yurex 9-1:0.141: Could not find endpoints
[  236.254965][ T5836] usb 9-1: USB disconnect, device number 11
[  236.593369][T10668] binder: 10667:10668 ioctl c0306201 200000000040 returned -22
[  236.649494][T10668] binder: 10667:10668 ioctl c0306201 200000000280 returned -14
[  236.693545][T10671] macvlan0: entered promiscuous mode
[  236.821176][T10680] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1577'.
[  236.924024][T10687] block nbd0: Cannot use ioctl interface on a netlink controlled device.
[  236.952154][T10690] ufs: You didn't specify the type of your ufs filesystem
[  236.952154][T10690] 
[  236.952154][T10690] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  236.952154][T10690] 
[  236.952154][T10690] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  237.089573][T10692] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1581'.
[  237.094962][T10692] binder: 10691:10692 ioctl c0306201 200000000180 returned -14
[  237.482499][   T10] usb 6-1: USB disconnect, device number 28
[  238.737405][T10742] FAULT_INJECTION: forcing a failure.
[  238.737405][T10742] name failslab, interval 1, probability 0, space 0, times 0
[  238.742063][T10742] CPU: 1 UID: 0 PID: 10742 Comm: syz.1.1597 Not tainted syzkaller #0 PREEMPT(full) 
[  238.742084][T10742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  238.742095][T10742] Call Trace:
[  238.742101][T10742]  <TASK>
[  238.742108][T10742]  dump_stack_lvl+0x100/0x190
[  238.742141][T10742]  should_fail_ex.cold+0x5/0xa
[  238.742166][T10742]  should_failslab+0xc2/0x120
[  238.742185][T10742]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  238.742210][T10742]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  238.742236][T10742]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  238.742262][T10742]  mmu_topup_memory_caches+0x25/0x170
[  238.742286][T10742]  kvm_mmu_load+0xd6/0x23e0
[  238.742308][T10742]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  238.742333][T10742]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  238.742362][T10742]  ? __pfx_kvm_mmu_load+0x10/0x10
[  238.742382][T10742]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  238.742402][T10742]  ? kvm_check_and_inject_events+0x961/0x1070
[  238.742424][T10742]  ? record_steal_time+0x420/0xbc0
[  238.742449][T10742]  vcpu_run+0x39f4/0x5ca0
[  238.742482][T10742]  ? __pfx_vcpu_run+0x10/0x10
[  238.742512][T10742]  ? rcu_is_watching+0x12/0xc0
[  238.742556][T10742]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  238.742581][T10742]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  238.742611][T10742]  kvm_vcpu_ioctl+0x730/0x1720
[  238.742631][T10742]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  238.742649][T10742]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  238.742672][T10742]  ? do_vfs_ioctl+0x226/0x13e0
[  238.742690][T10742]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  238.742709][T10742]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  238.742749][T10742]  ? __fget_files+0x215/0x3d0
[  238.742769][T10742]  ? hook_file_ioctl_common+0x149/0x410
[  238.742794][T10742]  ? selinux_file_ioctl+0x13b/0x290
[  238.742818][T10742]  ? selinux_file_ioctl+0xb6/0x290
[  238.742844][T10742]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  238.742863][T10742]  __x64_sys_ioctl+0x18e/0x210
[  238.742883][T10742]  do_syscall_64+0x115/0x870
[  238.742915][T10742]  ? clear_bhb_loop+0x40/0x90
[  238.742935][T10742]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.742952][T10742] RIP: 0033:0x7f6c1a39ce59
[  238.742967][T10742] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  238.742984][T10742] RSP: 002b:00007f6c1b2f2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  238.743001][T10742] RAX: ffffffffffffffda RBX: 00007f6c1a615fa0 RCX: 00007f6c1a39ce59
[  238.743013][T10742] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  238.743024][T10742] RBP: 00007f6c1b2f2090 R08: 0000000000000000 R09: 0000000000000000
[  238.743034][T10742] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  238.743044][T10742] R13: 00007f6c1a616038 R14: 00007f6c1a615fa0 R15: 00007fff086132a8
[  238.743067][T10742]  </TASK>
[  238.842669][ T5837] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[  238.857761][ T5749] Bluetooth: hci4: command 0x1003 tx timeout
[  238.860647][ T5098] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  239.007800][T10749] netlink: 184 bytes leftover after parsing attributes in process `syz.0.1599'.
[  239.011288][T10749] xt_socket: unknown flags 0xd0
[  239.013687][   T40] kauditd_printk_skb: 34 callbacks suppressed
[  239.013729][   T40] audit: type=1400 audit(1780195126.414:1276): avc:  denied  { transfer } for  pid=10750 comm="syz.1.1600" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[  239.036113][ T5837] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  239.039448][ T5837] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  239.042300][ T5837] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  239.048704][ T5837] usb 9-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  239.052708][ T5837] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.057972][ T5837] usb 9-1: Product: syz
[  239.059236][ T5837] usb 9-1: Manufacturer: syz
[  239.061998][ T5837] usb 9-1: SerialNumber: syz
[  239.065188][ T5837] usb 9-1: config 0 descriptor??
[  239.068174][ T5837] adutux 9-1:0.0: interrupt endpoints not found
[  239.069262][T10749] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10749 comm=syz.0.1599
[  239.105495][T10760] xt_hl: Unknown Hop Limit match mode: 206
[  239.105547][T10759] xt_hl: Unknown Hop Limit match mode: 206
[  239.195184][T10771] gretap1: entered promiscuous mode
[  239.197354][T10771] batman_adv: batadv0: Adding interface: gretap1
[  239.199289][T10771] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[  239.205285][T10771] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  239.213675][T10771] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1604'.
[  239.219212][   T40] audit: type=1400 audit(1780195126.614:1277): avc:  denied  { lock } for  pid=10772 comm="syz.0.1605" path="socket:[37040]" dev="sockfs" ino=37040 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  239.252677][ T5836] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  239.278831][   T40] audit: type=1400 audit(1780195126.674:1278): avc:  denied  { create } for  pid=10772 comm="syz.0.1605" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  239.422668][ T5836] usb 6-1: Using ep0 maxpacket: 16
[  239.426521][ T5836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 52, changing to 7
[  239.430936][ T5836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 9272, setting to 1024
[  239.437291][ T5836] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  239.441053][ T5836] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.444309][ T5836] usb 6-1: Product: syz
[  239.446093][ T5836] usb 6-1: Manufacturer: syz
[  239.448023][ T5836] usb 6-1: SerialNumber: syz
[  239.452153][ T5836] usb 6-1: config 0 descriptor??
[  239.457106][ T5836] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  239.460801][ T5836] em28xx 6-1:0.0: DVB interface 0 found: isoc
[  240.308280][T10751] syz.1.1600 (10751): drop_caches: 2
[  240.315015][ T5836] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[  240.378400][ T5836] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  240.381780][ T5836] em28xx 6-1:0.0: board has no eeprom
[  240.442628][ T5836] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  240.445125][ T5836] em28xx 6-1:0.0: dvb set to isoc mode.
[  240.447497][ T7396] em28xx 6-1:0.0: Binding DVB extension
[  240.455292][ T5836] usb 6-1: USB disconnect, device number 29
[  240.468581][ T5836] em28xx 6-1:0.0: Disconnecting em28xx
[  240.495779][ T7396] em28xx 6-1:0.0: Registering input extension
[  240.498640][ T5836] em28xx 6-1:0.0: Closing input extension
[  240.529635][ T5836] em28xx 6-1:0.0: Freeing device
[  240.855773][T10787] FAULT_INJECTION: forcing a failure.
[  240.855773][T10787] name failslab, interval 1, probability 0, space 0, times 0
[  240.859836][T10787] CPU: 2 UID: 0 PID: 10787 Comm: syz.1.1609 Not tainted syzkaller #0 PREEMPT(full) 
[  240.859856][T10787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  240.859865][T10787] Call Trace:
[  240.859872][T10787]  <TASK>
[  240.859877][T10787]  dump_stack_lvl+0x100/0x190
[  240.859900][T10787]  should_fail_ex.cold+0x5/0xa
[  240.859925][T10787]  should_failslab+0xc2/0x120
[  240.859943][T10787]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  240.859965][T10787]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  240.859990][T10787]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.860010][T10787]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  240.860034][T10787]  mmu_topup_memory_caches+0x25/0x170
[  240.860058][T10787]  kvm_mmu_load+0xd6/0x23e0
[  240.860081][T10787]  ? vmx_vcpu_load_vmcs+0x21d/0x760
[  240.860106][T10787]  ? __pfx_kvm_mmu_load+0x10/0x10
[  240.860122][T10787]  ? __lock_acquire+0x4a5/0x2630
[  240.860151][T10787]  kvm_arch_vcpu_pre_fault_memory+0x6ab/0x800
[  240.860175][T10787]  ? __pfx_kvm_arch_vcpu_pre_fault_memory+0x10/0x10
[  240.860205][T10787]  kvm_vcpu_ioctl+0x100d/0x1720
[  240.860224][T10787]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  240.860239][T10787]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  240.860260][T10787]  ? do_vfs_ioctl+0x226/0x13e0
[  240.860276][T10787]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  240.860302][T10787]  ? __fget_files+0x215/0x3d0
[  240.860322][T10787]  ? hook_file_ioctl_common+0x149/0x410
[  240.860345][T10787]  ? selinux_file_ioctl+0x13b/0x290
[  240.860361][T10787]  ? selinux_file_ioctl+0xb6/0x290
[  240.860377][T10787]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  240.860389][T10787]  __x64_sys_ioctl+0x18e/0x210
[  240.860404][T10787]  do_syscall_64+0x115/0x870
[  240.860424][T10787]  ? clear_bhb_loop+0x40/0x90
[  240.860444][T10787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.860463][T10787] RIP: 0033:0x7f6c1a39ce59
[  240.860478][T10787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  240.860495][T10787] RSP: 002b:00007f6c1b2f2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  240.860514][T10787] RAX: ffffffffffffffda RBX: 00007f6c1a615fa0 RCX: 00007f6c1a39ce59
[  240.860526][T10787] RDX: 00002000000000c0 RSI: 00000000c040aed5 RDI: 0000000000000006
[  240.860538][T10787] RBP: 00007f6c1b2f2090 R08: 0000000000000000 R09: 0000000000000000
[  240.860549][T10787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  240.860559][T10787] R13: 00007f6c1a616038 R14: 00007f6c1a615fa0 R15: 00007fff086132a8
[  240.860585][T10787]  </TASK>
[  240.944133][ T2248] block nbd1: Connection timed out, retrying (0/1 alive)
[  240.947438][ T2248] block nbd1: Connection timed out, retrying (0/1 alive)
[  240.949647][ T2248] block nbd1: Connection timed out, retrying (0/1 alive)
[  240.951843][ T2248] block nbd1: Connection timed out, retrying (0/1 alive)
[  240.954780][ T2248] block nbd1: Dead connection, failed to find a fallback
[  240.957881][ T2248] block nbd1: shutting down sockets
[  240.959782][ T2248] blk_print_req_error: 10 callbacks suppressed
[  240.959791][ T2248] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  240.965039][ T2248] buffer_io_error: 331 callbacks suppressed
[  240.965049][ T2248] Buffer I/O error on dev nbd1, logical block 3, async page read
[  240.969371][ T2248] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  240.971980][ T2248] Buffer I/O error on dev nbd1, logical block 2, async page read
[  240.974429][ T2248] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  240.977033][ T2248] Buffer I/O error on dev nbd1, logical block 1, async page read
[  240.979282][ T2248] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  240.982334][ T2248] Buffer I/O error on dev nbd1, logical block 0, async page read
[  240.988317][ T9634] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  240.993385][ T9634] Buffer I/O error on dev nbd1, logical block 0, async page read
[  240.996740][ T9634] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  240.999955][ T9634] Buffer I/O error on dev nbd1, logical block 1, async page read
[  241.002853][ T9634] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  241.006084][ T9634] Buffer I/O error on dev nbd1, logical block 2, async page read
[  241.010031][ T9634] I/O error, dev nbd1, sector 6 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  241.013716][ T9634] Buffer I/O error on dev nbd1, logical block 3, async page read
[  241.017010][ T9634] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  241.035839][ T9634] Buffer I/O error on dev nbd1, logical block 0, async page read
[  241.038761][ T9634] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  241.041844][ T9634] Buffer I/O error on dev nbd1, logical block 1, async page read
[  241.047067][ T9634] ldm_validate_partition_table(): Disk read failed.
[  241.052761][ T9634] Dev nbd1: unable to read RDB block 0
[  241.056780][ T9634]  nbd1: unable to read partition table
[  241.070116][ T9634] ldm_validate_partition_table(): Disk read failed.
[  241.073033][ T9634] Dev nbd1: unable to read RDB block 0
[  241.075571][ T9634]  nbd1: unable to read partition table
[  241.332795][ T5098] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  241.586424][ T5837] usb 9-1: USB disconnect, device number 12
[  241.932642][ T5837] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[  242.094092][ T5837] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  242.098559][ T5837] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  242.104420][ T5837] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  242.108839][ T5837] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 8240, setting to 1024
[  242.125019][ T5837] usb 9-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  242.128640][ T5837] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.131860][ T5837] usb 9-1: Product: syz
[  242.134100][ T5837] usb 9-1: Manufacturer: syz
[  242.136084][ T5837] usb 9-1: SerialNumber: syz
[  242.141677][ T5837] usb 9-1: config 0 descriptor??
[  242.179012][T10808] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1616'.
[  242.349143][ T5837] adutux 9-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  242.444480][T10818] binder: 10817:10818 ioctl c0306201 200000000180 returned -14
[  242.551358][   T34] usb 9-1: USB disconnect, device number 13
[  242.643613][ T5837] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  242.813111][ T5837] usb 5-1: too many configurations: 41, using maximum allowed: 8
[  242.822865][ T5837] usb 5-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  242.825689][ T5837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.828145][ T5837] usb 5-1: Product: syz
[  242.829473][ T5837] usb 5-1: Manufacturer: syz
[  242.830911][ T5837] usb 5-1: SerialNumber: syz
[  242.892971][ T2111] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  243.044447][ T2111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  243.049154][ T2111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  243.053238][ T2111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  243.059503][ T2111] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  243.063312][ T2111] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.066551][ T2111] usb 6-1: Product: syz
[  243.068278][ T2111] usb 6-1: Manufacturer: syz
[  243.070360][ T2111] usb 6-1: SerialNumber: syz
[  243.075139][ T2111] usb 6-1: config 0 descriptor??
[  243.081245][ T2111] adutux 6-1:0.0: interrupt endpoints not found
[  243.087441][ T5837] rtl8150 5-1:1.0: couldn't reset the device
[  243.090274][ T5837] rtl8150 5-1:1.0: probe with driver rtl8150 failed with error -5
[  243.102305][ T5837] usb 5-1: USB disconnect, device number 32
[  243.304592][T10835] binder: 10834:10835 ioctl c0306201 200000000280 returned -14
[  243.403635][T10842] binder: BC_ACQUIRE_RESULT not supported
[  243.405958][T10842] binder: 10841:10842 ioctl c0306201 200000000840 returned -22
[  243.446206][T10842] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  243.450900][T10842] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1627'.
[  243.828688][T10853] MINIX-fs: blocksize too small for device
[  243.933301][ T5846] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  244.403951][ T5846] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  244.802709][ T5846] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  244.812630][ T5846] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  244.821220][ T5846] usb 5-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  244.824471][ T5846] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.827139][ T5846] usb 5-1: Product: syz
[  244.828572][ T5846] usb 5-1: Manufacturer: syz
[  244.830242][ T5846] usb 5-1: SerialNumber: syz
[  244.834643][ T5846] usb 5-1: config 0 descriptor??
[  244.838592][ T5846] adutux 5-1:0.0: interrupt endpoints not found
[  244.940273][   T40] audit: type=1400 audit(1780195132.334:1279): avc:  denied  { remount } for  pid=10864 comm="syz.2.1635" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  244.943923][T10866] futex_wake_op: syz.2.1635 tries to shift op by -1; fix this program
[  244.953217][T10865] futex_wake_op: syz.2.1635 tries to shift op by -1; fix this program
[  245.655876][   T34] usb 6-1: USB disconnect, device number 30
[  245.807820][T10873] binder: 10872:10873 ioctl c0306201 200000000180 returned -14
[  246.092623][ T7396] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  246.252665][ T7396] usb 7-1: Using ep0 maxpacket: 32
[  246.257280][ T7396] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[  246.261834][ T7396] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  246.266645][ T7396] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  246.271012][ T7396] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  246.276861][ T7396] usb 7-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  246.280687][ T7396] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.284088][ T7396] usb 7-1: Product: syz
[  246.285833][ T7396] usb 7-1: Manufacturer: syz
[  246.287791][ T7396] usb 7-1: SerialNumber: syz
[  246.291826][ T7396] usb 7-1: config 0 descriptor??
[  246.300513][ T7396] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input14
[  246.498031][   T10] usb 7-1: USB disconnect, device number 36
[  246.565899][T10877] binder: 10876:10877 ioctl c0306201 200000000180 returned -14
[  246.602347][   T40] audit: type=1400 audit(1780195133.994:1280): avc:  denied  { map } for  pid=10878 comm="syz.1.1640" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  246.607557][T10879] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1640'.
[  246.609885][T10880] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.1640'.
[  246.709030][ T7396] usb 5-1: USB disconnect, device number 33
[  246.932645][ T5749] Bluetooth: hci4: command 0x1003 tx timeout
[  246.935022][ T5098] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  247.152520][T10896] fuse: Bad value for 'fd'
[  247.503999][T10907] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  247.511917][T10907] block device autoloading is deprecated and will be removed.
[  247.520983][T10905] md: md2 stopped.
[  247.751703][T10918] fuse: Unknown parameter 'group_id00000000000000000000'
[  247.862743][ T7396] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[  248.002975][ T5837] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  248.033947][ T7396] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  248.037065][ T7396] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  248.039664][ T7396] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  248.045044][ T7396] usb 9-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  248.048049][ T7396] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.051008][ T7396] usb 9-1: Product: syz
[  248.052696][ T7396] usb 9-1: Manufacturer: syz
[  248.054486][ T7396] usb 9-1: SerialNumber: syz
[  248.061215][ T7396] usb 9-1: config 0 descriptor??
[  248.066137][ T7396] adutux 9-1:0.0: interrupt endpoints not found
[  248.154396][ T5837] usb 6-1: Using ep0 maxpacket: 32
[  248.158106][ T5837] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[  248.162489][ T5837] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  248.166449][ T5837] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  248.169761][ T5837] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  248.174592][ T5837] usb 6-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  248.177397][ T5837] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.179851][ T5837] usb 6-1: Product: syz
[  248.181146][ T5837] usb 6-1: Manufacturer: syz
[  248.183154][ T5837] usb 6-1: SerialNumber: syz
[  248.186500][ T5837] usb 6-1: config 0 descriptor??
[  248.191578][ T5837] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input15
[  248.223059][T10925] kvm: user requested TSC rate below hardware speed
[  248.230052][T10925] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2149952964 (68798494848 ns) > initial count (536870912 ns). Using initial count to start timer.
[  248.391818][ T7396] usb 6-1: USB disconnect, device number 31
[  249.434083][T10941] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  249.437742][T10941] block device autoloading is deprecated and will be removed.
[  249.566695][T10943] ICMPv6: NA: 00:00:00:00:00:00 advertised our address fe80::aa on syz_tun!
[  249.774857][T10950] binder: 10949:10950 ioctl c0306201 200000000180 returned -14
[  249.805427][T10952] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1665'.
[  249.838868][T10952] bridge2: port 1(veth3) entered blocking state
[  249.840983][T10952] bridge2: port 1(veth3) entered disabled state
[  249.843892][T10952] veth3: entered allmulticast mode
[  249.846408][T10952] veth3: entered promiscuous mode
[  249.871542][T10952] bridge2: port 2(veth5) entered blocking state
[  249.873795][T10952] bridge2: port 2(veth5) entered disabled state
[  249.875881][T10952] veth5: entered allmulticast mode
[  249.878430][T10952] veth5: entered promiscuous mode
[  249.912889][ T5837] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  249.995417][T10957] fuse: Invalid rootmode
[  250.064372][ T5837] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  250.068176][ T5837] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  250.071292][ T5837] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  250.075589][ T5837] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 8240, setting to 1024
[  250.080339][ T5837] usb 7-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  250.083285][ T5837] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  250.085820][ T5837] usb 7-1: Product: syz
[  250.087214][ T5837] usb 7-1: Manufacturer: syz
[  250.088700][ T5837] usb 7-1: SerialNumber: syz
[  250.092949][ T5837] usb 7-1: config 0 descriptor??
[  250.299411][ T5837] adutux 7-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  250.500708][ T5837] usb 7-1: USB disconnect, device number 37
[  250.627039][   T29] usb 9-1: USB disconnect, device number 14
[  250.888665][T10970] md: could not open device unknown-block(0,0).
[  250.892061][T10970] md: md_import_device returned -6
[  251.051347][T10981] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1673'.
[  251.055404][T10981] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1673'.
[  251.061305][T10981] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1673'.
[  251.065158][T10981] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1673'.
[  251.351063][T10992] fuse: Bad value for 'user_id'
[  251.354420][T10992] fuse: Bad value for 'user_id'
[  251.853268][T11003] fuse: Invalid rootmode
[  252.032750][ T2111] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  252.066562][T11007] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1680'.
[  252.173342][T11011] binder: 11010:11011 ioctl 4008ae89 200000000240 returned -22
[  252.176655][T11011] binder: 11010:11011 ioctl c0306201 200000000180 returned -14
[  252.194491][ T2111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  252.199438][ T2111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  252.203770][ T2111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 48, changing to 9
[  252.208229][ T2111] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 8240, setting to 1024
[  252.215721][ T2111] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  252.219431][ T2111] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  252.223005][ T2111] usb 6-1: Product: syz
[  252.224769][ T2111] usb 6-1: Manufacturer: syz
[  252.226797][ T2111] usb 6-1: SerialNumber: syz
[  252.231520][ T2111] usb 6-1: config 0 descriptor??
[  252.565056][ T2111] adutux 6-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  252.765937][ T2111] usb 6-1: USB disconnect, device number 32
[  252.769389][T11024] binder: 11023:11024 ioctl c0306201 200000000280 returned -14
[  253.250044][T11037] random: crng reseeded on system resumption
[  253.250216][T11038] xt_hashlimit: overflow, rate too high: 0
[  253.273835][T11037] syzkaller1: entered promiscuous mode
[  253.276376][T11037] syzkaller1: entered allmulticast mode
[  253.301610][T11040] fuse: Bad value for 'user_id'
[  253.303768][T11040] fuse: Bad value for 'user_id'
[  253.542569][ T7396] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  253.691296][ T7396] usb 7-1: device descriptor read/64, error -71
[  253.701348][T11044] fuse: Invalid rootmode
[  253.958410][ T7396] usb 7-1: new high-speed USB device number 39 using dummy_hcd
[  253.971864][T11048] ptrace attach of "/syz-executor exec"[9050] was attempted by "/syz-executor exec"[11048]
[  254.108058][ T7396] usb 7-1: device descriptor read/64, error -71
[  254.225876][ T7396] usb usb7-port1: attempt power cycle
[  254.391445][T11066] fuse: Unknown parameter '0x0000000000000003'
[  254.610242][ T7396] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[  254.642701][ T7396] usb 7-1: device descriptor read/8, error -71
[  254.692673][T11071] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  254.695967][T11071] block device autoloading is deprecated and will be removed.
[  254.749263][T11070] md: superblock version 12389 not known
[  254.751569][T11070] md: couldn't set array info. -22
[  254.878002][T11080] fuse: Unknown parameter 'fd0x0000000000000003'
[  254.898946][ T7396] usb 7-1: new high-speed USB device number 41 using dummy_hcd
[  254.920678][ T7396] usb 7-1: device descriptor read/8, error -71
[  254.985953][T11083] fuse: Bad value for 'user_id'
[  254.987734][T11083] fuse: Bad value for 'user_id'
[  255.038314][ T7396] usb usb7-port1: unable to enumerate USB device
[  255.700276][ T7396] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  255.860492][ T7396] usb 6-1: Using ep0 maxpacket: 32
[  255.863547][ T7396] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[  255.867348][ T7396] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  255.871166][ T7396] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 110, changing to 10
[  255.874824][ T7396] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 58582, setting to 1024
[  255.879808][ T7396] usb 6-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  255.882708][ T7396] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.885510][ T7396] usb 6-1: Product: syz
[  255.886809][ T7396] usb 6-1: Manufacturer: syz
[  255.888245][ T7396] usb 6-1: SerialNumber: syz
[  255.891141][ T7396] usb 6-1: config 0 descriptor??
[  255.894410][T11091] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  255.898611][ T7396] input: Generic X-Box pad as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input16
[  255.952609][    C2] xpad 6-1:0.0: xpad_irq_in - usb_submit_urb failed with result -1
[  255.967304][    C2] xpad 6-1:0.0: xpad_irq_in - usb_submit_urb failed with result -1
[  256.042231][ T5836] usb 5-1: new full-speed USB device number 34 using dummy_hcd
[  256.082733][T11098] binder: 11097:11098 ioctl c0306201 200000000280 returned -14
[  256.115177][   T10] usb 6-1: USB disconnect, device number 33
[  256.115320][    C2] xpad 6-1:0.0: xpad_irq_out - usb_submit_urb failed with result -19
[  256.204274][ T5836] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  256.208568][ T5836] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  256.212713][ T5836] usb 5-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  256.218609][ T5836] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  256.222378][ T5836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.230497][ T5836] usbtmc 5-1:16.0: bulk endpoints not found
[  256.694242][T11119] fuse: Bad value for 'fd'
[  256.976739][   T40] audit: type=1400 audit(1780195144.126:1281): avc:  denied  { ioctl } for  pid=11120 comm="syz.1.1720" path="socket:[38423]" dev="sockfs" ino=38423 ioctlcmd=0x89a2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  257.357407][T11130] FAULT_INJECTION: forcing a failure.
[  257.357407][T11130] name failslab, interval 1, probability 0, space 0, times 0
[  257.367855][T11130] CPU: 3 UID: 0 PID: 11130 Comm: syz.4.1721 Not tainted syzkaller #0 PREEMPT(full) 
[  257.367881][T11130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  257.367893][T11130] Call Trace:
[  257.367901][T11130]  <TASK>
[  257.367909][T11130]  dump_stack_lvl+0x100/0x190
[  257.367944][T11130]  should_fail_ex.cold+0x5/0xa
[  257.367970][T11130]  ? tomoyo_realpath_from_path+0xb6/0x690
[  257.368004][T11130]  should_failslab+0xc2/0x120
[  257.368025][T11130]  __kmalloc_noprof+0xe0/0x850
[  257.368051][T11130]  ? kfree+0x1dd/0x6c0
[  257.368078][T11130]  tomoyo_realpath_from_path+0xb6/0x690
[  257.368111][T11130]  tomoyo_path_number_perm+0x23c/0x580
[  257.368135][T11130]  ? tomoyo_path_number_perm+0x22e/0x580
[  257.368160][T11130]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  257.368182][T11130]  ? selinux_inode_permission+0x14a/0x1130
[  257.368212][T11130]  ? look_up_lock_class+0x55/0x120
[  257.368266][T11130]  ? from_kuid+0x8d/0xd0
[  257.368287][T11130]  ? __pfx_from_kuid+0x10/0x10
[  257.368312][T11130]  tomoyo_path_chown+0x173/0x1b0
[  257.368333][T11130]  ? __pfx_tomoyo_path_chown+0x10/0x10
[  257.368353][T11130]  ? from_vfsuid+0xea/0x140
[  257.368373][T11130]  ? __pfx_from_vfsuid+0x10/0x10
[  257.368395][T11130]  security_path_chown+0x12a/0x2d0
[  257.368422][T11130]  chown_common+0x3da/0x6e0
[  257.368451][T11130]  ? __pfx_chown_common+0x10/0x10
[  257.368475][T11130]  ? mnt_get_write_access+0x52/0x2f0
[  257.368500][T11130]  ? mnt_get_write_access+0x1e9/0x2f0
[  257.368523][T11130]  do_fchownat+0x18e/0x1f0
[  257.368546][T11130]  ? __pfx_do_fchownat+0x10/0x10
[  257.368567][T11130]  ? ksys_write+0x1ac/0x250
[  257.368586][T11130]  ? __pfx_ksys_write+0x10/0x10
[  257.368611][T11130]  __x64_sys_chown+0x7b/0xc0
[  257.368635][T11130]  ? lockdep_hardirqs_on+0x78/0x100
[  257.368658][T11130]  do_syscall_64+0x115/0x870
[  257.368678][T11130]  ? clear_bhb_loop+0x40/0x90
[  257.368699][T11130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.368717][T11130] RIP: 0033:0x7f50c519ce59
[  257.368735][T11130] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  257.368775][T11130] RSP: 002b:00007f50c606d028 EFLAGS: 00000246 ORIG_RAX: 000000000000005c
[  257.368792][T11130] RAX: ffffffffffffffda RBX: 00007f50c5416180 RCX: 00007f50c519ce59
[  257.368802][T11130] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 00002000000003c0
[  257.368812][T11130] RBP: 00007f50c606d090 R08: 0000000000000000 R09: 0000000000000000
[  257.368824][T11130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.368838][T11130] R13: 00007f50c5416218 R14: 00007f50c5416180 R15: 00007fff0ca72888
[  257.368861][T11130]  </TASK>
[  257.368869][T11130] ERROR: Out of memory at tomoyo_realpath_from_path.
[  257.524697][T11132] IPVS: set_ctl: invalid protocol: 29 10.129.1.1:20001
[  257.537886][   T40] audit: type=1400 audit(1780195144.650:1282): avc:  denied  { getopt } for  pid=11131 comm="syz.4.1722" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_fib_lookup_socket permissive=1
[  258.104562][  T845] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[  258.275515][  T845] usb 7-1: Using ep0 maxpacket: 32
[  258.280031][  T845] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[  258.284644][  T845] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  258.289627][  T845] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  258.294140][  T845] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  258.300343][  T845] usb 7-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  258.304036][  T845] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.307235][  T845] usb 7-1: Product: syz
[  258.309159][  T845] usb 7-1: Manufacturer: syz
[  258.311014][  T845] usb 7-1: SerialNumber: syz
[  258.315282][  T845] usb 7-1: config 0 descriptor??
[  258.323629][  T845] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input18
[  258.498262][T11150] kvm: pic: non byte write
[  258.539484][ T5837] usb 7-1: USB disconnect, device number 42
[  258.540431][T11150] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1727'.
[  258.849749][   T40] audit: type=1400 audit(1780195145.876:1283): avc:  denied  { mount } for  pid=11163 comm="syz.4.1731" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  258.894182][T11168] FAULT_INJECTION: forcing a failure.
[  258.894182][T11168] name failslab, interval 1, probability 0, space 0, times 0
[  258.899555][T11168] CPU: 2 UID: 0 PID: 11168 Comm: syz.1.1732 Not tainted syzkaller #0 PREEMPT(full) 
[  258.899578][T11168] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  258.899587][T11168] Call Trace:
[  258.899594][T11168]  <TASK>
[  258.899601][T11168]  dump_stack_lvl+0x100/0x190
[  258.899633][T11168]  should_fail_ex.cold+0x5/0xa
[  258.899659][T11168]  should_failslab+0xc2/0x120
[  258.899677][T11168]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  258.899700][T11168]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  258.899724][T11168]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  258.899748][T11168]  mmu_topup_memory_caches+0x25/0x170
[  258.899771][T11168]  kvm_mmu_load+0xd6/0x23e0
[  258.899791][T11168]  ? kvm_apic_has_interrupt+0xfe/0x1f0
[  258.899816][T11168]  ? __pfx_kvm_apic_has_interrupt+0x10/0x10
[  258.899844][T11168]  ? __pfx_kvm_mmu_load+0x10/0x10
[  258.899863][T11168]  ? kvm_cpu_has_injectable_intr+0x9c/0x1a0
[  258.899882][T11168]  ? kvm_check_and_inject_events+0x961/0x1070
[  258.899903][T11168]  ? record_steal_time+0x420/0xbc0
[  258.899923][T11168]  vcpu_run+0x39f4/0x5ca0
[  258.899955][T11168]  ? __pfx_vcpu_run+0x10/0x10
[  258.899984][T11168]  ? rcu_is_watching+0x12/0xc0
[  258.900012][T11168]  ? kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  258.900034][T11168]  kvm_arch_vcpu_ioctl_run+0x5b6/0x1890
[  258.900063][T11168]  kvm_vcpu_ioctl+0x730/0x1720
[  258.900082][T11168]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  258.900099][T11168]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  258.900120][T11168]  ? do_vfs_ioctl+0x226/0x13e0
[  258.900138][T11168]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  258.900155][T11168]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  258.900194][T11168]  ? __fget_files+0x215/0x3d0
[  258.900218][T11168]  ? hook_file_ioctl_common+0x149/0x410
[  258.900242][T11168]  ? selinux_file_ioctl+0x13b/0x290
[  258.900267][T11168]  ? selinux_file_ioctl+0xb6/0x290
[  258.900291][T11168]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  258.900311][T11168]  __x64_sys_ioctl+0x18e/0x210
[  258.900330][T11168]  do_syscall_64+0x115/0x870
[  258.900361][T11168]  ? clear_bhb_loop+0x40/0x90
[  258.900382][T11168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.900399][T11168] RIP: 0033:0x7f6c1a39ce59
[  258.900413][T11168] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  258.900429][T11168] RSP: 002b:00007f6c1b2f2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  258.900446][T11168] RAX: ffffffffffffffda RBX: 00007f6c1a615fa0 RCX: 00007f6c1a39ce59
[  258.900457][T11168] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  258.900467][T11168] RBP: 00007f6c1b2f2090 R08: 0000000000000000 R09: 0000000000000000
[  258.900477][T11168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  258.900487][T11168] R13: 00007f6c1a616038 R14: 00007f6c1a615fa0 R15: 00007fff086132a8
[  258.900510][T11168]  </TASK>
[  259.016574][   T34] usb 5-1: USB disconnect, device number 34
[  259.054116][T11181] netlink: 'syz.0.1736': attribute type 1 has an invalid length.
[  259.071056][T11181] 8021q: adding VLAN 0 to HW filter on device bond1
[  259.079826][T11181] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1736'.
[  259.088180][T11181] bond1: (slave geneve3): making interface the new active one
[  259.091736][T11181] bond1: (slave geneve3): Enslaving as an active interface with an up link
[  259.216143][T11193] kvm: user requested TSC rate below hardware speed
[  259.222629][T11193] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2149952964 (68798494848 ns) > initial count (536870912 ns). Using initial count to start timer.
[  259.454832][T11221] FAULT_INJECTION: forcing a failure.
[  259.454832][T11221] name failslab, interval 1, probability 0, space 0, times 0
[  259.459407][T11221] CPU: 3 UID: 0 PID: 11221 Comm: syz.1.1748 Not tainted syzkaller #0 PREEMPT(full) 
[  259.459422][T11221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  259.459429][T11221] Call Trace:
[  259.459433][T11221]  <TASK>
[  259.459438][T11221]  dump_stack_lvl+0x100/0x190
[  259.459454][T11221]  should_fail_ex.cold+0x5/0xa
[  259.459470][T11221]  should_failslab+0xc2/0x120
[  259.459483][T11221]  kmem_cache_alloc_noprof+0x7b/0x6e0
[  259.459499][T11221]  ? __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  259.459515][T11221]  __kvm_mmu_topup_memory_cache+0x18f/0x5f0
[  259.459531][T11221]  mmu_topup_memory_caches+0x25/0x170
[  259.459546][T11221]  kvm_mmu_load+0xd6/0x23e0
[  259.459561][T11221]  ? mark_held_locks+0x40/0x70
[  259.459576][T11221]  ? __pfx_kvm_mmu_load+0x10/0x10
[  259.459588][T11221]  ? __lock_acquire+0x4a5/0x2630
[  259.459602][T11221]  ? __pfx____ratelimit+0x10/0x10
[  259.459618][T11221]  kvm_arch_vcpu_pre_fault_memory+0x6ab/0x800
[  259.459636][T11221]  ? __pfx_kvm_arch_vcpu_pre_fault_memory+0x10/0x10
[  259.459655][T11221]  kvm_vcpu_ioctl+0x100d/0x1720
[  259.459668][T11221]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  259.459679][T11221]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  259.459693][T11221]  ? do_vfs_ioctl+0x226/0x13e0
[  259.459705][T11221]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  259.459721][T11221]  ? __fget_files+0x215/0x3d0
[  259.459734][T11221]  ? hook_file_ioctl_common+0x149/0x410
[  259.459749][T11221]  ? selinux_file_ioctl+0x13b/0x290
[  259.459766][T11221]  ? selinux_file_ioctl+0xb6/0x290
[  259.459782][T11221]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  259.459794][T11221]  __x64_sys_ioctl+0x18e/0x210
[  259.459807][T11221]  do_syscall_64+0x115/0x870
[  259.459820][T11221]  ? clear_bhb_loop+0x40/0x90
[  259.459834][T11221]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.459845][T11221] RIP: 0033:0x7f6c1a39ce59
[  259.459855][T11221] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  259.459866][T11221] RSP: 002b:00007f6c1b2f2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  259.459876][T11221] RAX: ffffffffffffffda RBX: 00007f6c1a615fa0 RCX: 00007f6c1a39ce59
[  259.459883][T11221] RDX: 00002000000000c0 RSI: 00000000c040aed5 RDI: 0000000000000006
[  259.459890][T11221] RBP: 00007f6c1b2f2090 R08: 0000000000000000 R09: 0000000000000000
[  259.459896][T11221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  259.459903][T11221] R13: 00007f6c1a616038 R14: 00007f6c1a615fa0 R15: 00007fff086132a8
[  259.459917][T11221]  </TASK>
[  259.611599][ T5936] usb 7-1: new high-speed USB device number 43 using dummy_hcd
[  259.621983][  T845] usb 5-1: new full-speed USB device number 35 using dummy_hcd
[  259.771558][ T5936] usb 7-1: Using ep0 maxpacket: 32
[  259.775650][ T5936] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[  259.780167][ T5936] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  259.785376][ T5936] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  259.789779][ T5936] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[  259.796053][ T5936] usb 7-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  259.799894][ T5936] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.803131][ T5936] usb 7-1: Product: syz
[  259.804980][ T5936] usb 7-1: Manufacturer: syz
[  259.805149][  T845] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  259.806865][ T5936] usb 7-1: SerialNumber: syz
[  259.810632][  T845] usb 5-1: config 16 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  259.815131][ T5936] usb 7-1: config 0 descriptor??
[  259.816121][  T845] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  259.822284][  T845] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  259.823062][ T5936] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/input/input19
[  259.825094][  T845] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.827847][  T845] usbtmc 5-1:16.0: bulk endpoints not found
[  259.922727][ T5836] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  259.983944][T11225] overlayfs: failed to resolve './file1/file0': -2
[  260.040447][ T5936] usb 7-1: USB disconnect, device number 43
[  260.096048][ T5836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  260.099097][ T5836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  260.101819][ T5836] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  260.106327][ T5836] usb 6-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  260.108807][ T5836] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.110998][ T5836] usb 6-1: Product: syz
[  260.112159][ T5836] usb 6-1: Manufacturer: syz
[  260.113514][ T5836] usb 6-1: SerialNumber: syz
[  260.119421][ T5836] usb 6-1: config 0 descriptor??
[  260.123126][ T5836] adutux 6-1:0.0: interrupt endpoints not found
[  260.218863][T11228] binder: 11227:11228 ioctl c0306201 200000000080 returned -14
[  260.222861][T11228] binder: 11227:11228 ioctl c0306201 2000000001c0 returned -14
[  260.289334][T11231] input: syz0 as /devices/virtual/input/input20
[  260.620352][   T40] audit: type=1400 audit(1780195147.542:1284): avc:  denied  { getopt } for  pid=11235 comm="syz.2.1754" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  260.716623][   T40] audit: type=1400 audit(1780195147.635:1285): avc:  denied  { mount } for  pid=11237 comm="syz.2.1755" name="/" dev="hugetlbfs" ino=39082 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  260.727330][   T40] audit: type=1400 audit(1780195147.645:1286): avc:  denied  { mounton } for  pid=11237 comm="syz.2.1755" path="/420/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  260.803007][T11242] 
[  260.803946][T11242] ======================================================
[  260.806773][T11242] WARNING: possible circular locking dependency detected
[  260.809554][T11242] syzkaller #0 Not tainted
[  260.811208][T11242] ------------------------------------------------------
[  260.813749][T11242] syz.2.1755/11242 is trying to acquire lock:
[  260.816267][T11242] ffffffff8e9b1e60 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc_node_noprof+0x53/0x6f0
[  260.819484][T11242] 
[  260.819484][T11242] but task is already holding lock:
[  260.822002][T11242] ffff8880294ea960 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: inet_stream_connect+0x43/0xa0
[  260.825537][T11242] 
[  260.825537][T11242] which lock already depends on the new lock.
[  260.825537][T11242] 
[  260.829435][T11242] 
[  260.829435][T11242] the existing dependency chain (in reverse order) is:
[  260.832669][T11242] 
[  260.832669][T11242] -> #7 (k-sk_lock-AF_INET){+.+.}-{0:0}:
[  260.835625][T11242]        lock_sock_nested+0x41/0xf0
[  260.837530][T11242]        __inet_bind+0x8a5/0xc60
[  260.839510][T11242]        inet_bind_sk+0xb8/0xf0
[  260.841356][T11242]        mptcp_bind+0x18e/0x1e0
[  260.843115][T11242]        __sys_bind+0x1a9/0x260
[  260.845069][T11242]        __x64_sys_bind+0x72/0xb0
[  260.847089][T11242]        do_syscall_64+0x115/0x870
[  260.848937][T11242]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.851247][T11242] 
[  260.851247][T11242] -> #6 (sk_lock-AF_INET){+.+.}-{0:0}:
[  260.854403][T11242]        lock_sock_nested+0x41/0xf0
[  260.856548][T11242]        inet_shutdown+0x67/0x410
[  260.858647][T11242]        nbd_mark_nsock_dead+0xae/0x5c0
[  260.860951][T11242]        recv_work+0x5fb/0x8c0
[  260.862925][T11242]        process_one_work+0xa0e/0x1980
[  260.865128][T11242]        worker_thread+0x5ef/0xe50
[  260.866901][T11242]        kthread+0x370/0x450
[  260.868361][T11242]        ret_from_fork+0x72b/0xd50
[  260.869943][T11242]        ret_from_fork_asm+0x1a/0x30
[  260.871826][T11242] 
[  260.871826][T11242] -> #5 (&nsock->tx_lock){+.+.}-{4:4}:
[  260.874949][T11242]        __mutex_lock+0x1a4/0x1b10
[  260.876710][T11242]        nbd_queue_rq+0x428/0x1080
[  260.878355][T11242]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  260.880189][T11242]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  260.882744][T11242]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  260.885433][T11242]        blk_mq_run_hw_queue+0x23c/0x670
[  260.887672][T11242]        blk_mq_dispatch_list+0x51d/0x1360
[  260.890016][T11242]        blk_mq_flush_plug_list+0x130/0x600
[  260.892402][T11242]        __blk_flush_plug+0x2c4/0x4b0
[  260.894594][T11242]        __submit_bio+0x584/0x6c0
[  260.896566][T11242]        submit_bio_noacct_nocheck+0x543/0xbf0
[  260.899073][T11242]        submit_bio_noacct+0xd18/0x2000
[  260.901327][T11242]        submit_bh_wbc+0x681/0x890
[  260.903409][T11242]        block_read_full_folio+0x264/0x8e0
[  260.905783][T11242]        filemap_read_folio+0xfc/0x3b0
[  260.908021][T11242]        do_read_cache_folio+0x2d7/0x6b0
[  260.910222][T11242]        read_part_sector+0xd1/0x370
[  260.912416][T11242]        adfspart_check_ICS+0x91/0x7d0
[  260.914648][T11242]        bdev_disk_changed+0x7a3/0x1250
[  260.916519][T11242]        blkdev_get_whole+0x187/0x290
[  260.918192][T11242]        bdev_open+0x2c7/0xe40
[  260.919984][T11242]        blkdev_open+0x34e/0x4f0
[  260.921737][T11242]        do_dentry_open+0x6ab/0x14d0
[  260.923380][T11242]        vfs_open+0x82/0x3f0
[  260.924877][T11242]        path_openat+0x208c/0x31a0
[  260.926784][T11242]        do_file_open+0x20e/0x430
[  260.928338][T11242]        do_sys_openat2+0x10d/0x1e0
[  260.930477][T11242]        __x64_sys_openat+0x12d/0x210
[  260.932724][T11242]        do_syscall_64+0x115/0x870
[  260.934682][T11242]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.936999][T11242] 
[  260.936999][T11242] -> #4 (&cmd->lock){+.+.}-{4:4}:
[  260.939939][T11242]        __mutex_lock+0x1a4/0x1b10
[  260.941991][T11242]        nbd_queue_rq+0xba/0x1080
[  260.944003][T11242]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  260.946414][T11242]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  260.949129][T11242]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  260.951700][T11242]        blk_mq_run_hw_queue+0x23c/0x670
[  260.953798][T11242]        blk_mq_dispatch_list+0x51d/0x1360
[  260.955951][T11242]        blk_mq_flush_plug_list+0x130/0x600
[  260.958281][T11242]        __blk_flush_plug+0x2c4/0x4b0
[  260.960372][T11242]        __submit_bio+0x584/0x6c0
[  260.961892][T11242]        submit_bio_noacct_nocheck+0x543/0xbf0
[  260.963710][T11242]        submit_bio_noacct+0xd18/0x2000
[  260.965834][T11242]        submit_bh_wbc+0x681/0x890
[  260.967941][T11242]        block_read_full_folio+0x264/0x8e0
[  260.970253][T11242]        filemap_read_folio+0xfc/0x3b0
[  260.972492][T11242]        do_read_cache_folio+0x2d7/0x6b0
[  260.974843][T11242]        read_part_sector+0xd1/0x370
[  260.976899][T11242]        adfspart_check_ICS+0x91/0x7d0
[  260.979085][T11242]        bdev_disk_changed+0x7a3/0x1250
[  260.981318][T11242]        blkdev_get_whole+0x187/0x290
[  260.983444][T11242]        bdev_open+0x2c7/0xe40
[  260.985152][T11242]        blkdev_open+0x34e/0x4f0
[  260.986652][T11242]        do_dentry_open+0x6ab/0x14d0
[  260.988708][T11242]        vfs_open+0x82/0x3f0
[  260.990630][T11242]        path_openat+0x208c/0x31a0
[  260.992793][T11242]        do_file_open+0x20e/0x430
[  260.994901][T11242]        do_sys_openat2+0x10d/0x1e0
[  260.996605][T11242]        __x64_sys_openat+0x12d/0x210
[  260.998210][T11242]        do_syscall_64+0x115/0x870
[  261.000010][T11242]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.002660][T11242] 
[  261.002660][T11242] -> #3 (set->srcu){.+.+}-{0:0}:
[  261.005481][T11242]        __synchronize_srcu+0xa2/0x300
[  261.007343][T11242]        blk_mq_quiesce_queue+0x149/0x1c0
[  261.009599][T11242]        elevator_switch+0x17b/0x7e0
[  261.011738][T11242]        elevator_change+0x352/0x530
[  261.013937][T11242]        elevator_set_default+0x29e/0x360
[  261.016253][T11242]        blk_register_queue+0x48e/0x630
[  261.018261][T11242]        __add_disk+0x73f/0xe40
[  261.019891][T11242]        add_disk_fwnode+0x118/0x5c0
[  261.022032][T11242]        nbd_dev_add+0x77a/0xb10
[  261.024051][T11242]        nbd_init+0x291/0x2b0
[  261.025921][T11242]        do_one_initcall+0x121/0x750
[  261.028089][T11242]        kernel_init_freeable+0x6ea/0x7b0
[  261.030414][T11242]        kernel_init+0x1f/0x1e0
[  261.032390][T11242]        ret_from_fork+0x72b/0xd50
[  261.034498][T11242]        ret_from_fork_asm+0x1a/0x30
[  261.036532][T11242] 
[  261.036532][T11242] -> #2 (&q->elevator_lock){+.+.}-{4:4}:
[  261.039658][T11242]        __mutex_lock+0x1a4/0x1b10
[  261.041809][T11242]        elevator_change+0x1bc/0x530
[  261.044025][T11242]        elevator_set_none+0x92/0xf0
[  261.046138][T11242]        blk_mq_update_nr_hw_queues+0x4c1/0x15f0
[  261.048616][T11242]        nbd_start_device+0x1a6/0xbd0
[  261.050765][T11242]        nbd_genl_connect+0xff2/0x1a40
[  261.052948][T11242]        genl_family_rcv_msg_doit+0x214/0x300
[  261.055407][T11242]        genl_rcv_msg+0x560/0x800
[  261.057444][T11242]        netlink_rcv_skb+0x159/0x420
[  261.059557][T11242]        genl_rcv+0x28/0x40
[  261.061412][T11242]        netlink_unicast+0x585/0x850
[  261.063465][T11242]        netlink_sendmsg+0x8b0/0xda0
[  261.065596][T11242]        ____sys_sendmsg+0x9e1/0xb70
[  261.067711][T11242]        ___sys_sendmsg+0x190/0x1e0
[  261.069681][T11242]        __sys_sendmsg+0x170/0x220
[  261.071678][T11242]        do_syscall_64+0x115/0x870
[  261.073768][T11242]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.076275][T11242] 
[  261.076275][T11242] -> #1 (&q->q_usage_counter(io)#49){++++}-{0:0}:
[  261.079697][T11242]        blk_alloc_queue+0x610/0x790
[  261.081799][T11242]        blk_mq_alloc_queue+0x174/0x290
[  261.083986][T11242]        __blk_mq_alloc_disk+0x29/0x120
[  261.085751][T11242]        nbd_dev_add+0x492/0xb10
[  261.087240][T11242]        nbd_init+0x291/0x2b0
[  261.088629][T11242]        do_one_initcall+0x121/0x750
[  261.090244][T11242]        kernel_init_freeable+0x6ea/0x7b0
[  261.092379][T11242]        kernel_init+0x1f/0x1e0
[  261.093946][T11242]        ret_from_fork+0x72b/0xd50
[  261.095962][T11242]        ret_from_fork_asm+0x1a/0x30
[  261.098045][T11242] 
[  261.098045][T11242] -> #0 (fs_reclaim){+.+.}-{0:0}:
[  261.100309][T11242]        __lock_acquire+0x14b8/0x2630
[  261.102279][T11242]        lock_acquire+0x1b1/0x370
[  261.103957][T11242]        fs_reclaim_acquire+0xc4/0x100
[  261.105843][T11242]        kmem_cache_alloc_node_noprof+0x53/0x6f0
[  261.107833][T11242]        __alloc_skb+0x140/0x710
[  261.109375][T11242]        tcp_stream_alloc_skb+0x34/0x660
[  261.111312][T11242]        tcp_connect+0xf06/0x5530
[  261.113299][T11242]        tcp_v4_connect+0x15fe/0x1b40
[  261.114907][T11242]        __inet_stream_connect+0x208/0xfa0
[  261.116841][T11242]        inet_stream_connect+0x57/0xa0
[  261.119007][T11242]        p9_fd_create_tcp+0x379/0x4d0
[  261.120863][T11242]        p9_client_create+0x563/0xd40
[  261.122943][T11242]        v9fs_session_init+0x3c/0xd20
[  261.124590][T11242]        v9fs_get_tree+0xb8/0xb50
[  261.126301][T11242]        vfs_get_tree+0x92/0x320
[  261.127855][T11242]        path_mount+0x7d0/0x23d0
[  261.129543][T11242]        __x64_sys_mount+0x293/0x310
[  261.131290][T11242]        do_syscall_64+0x115/0x870
[  261.133287][T11242]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.135591][T11242] 
[  261.135591][T11242] other info that might help us debug this:
[  261.135591][T11242] 
[  261.139110][T11242] Chain exists of:
[  261.139110][T11242]   fs_reclaim --> sk_lock-AF_INET --> k-sk_lock-AF_INET
[  261.139110][T11242] 
[  261.143463][T11242]  Possible unsafe locking scenario:
[  261.143463][T11242] 
[  261.145994][T11242]        CPU0                    CPU1
[  261.147922][T11242]        ----                    ----
[  261.150017][T11242]   lock(k-sk_lock-AF_INET);
[  261.151890][T11242]                                lock(sk_lock-AF_INET);
[  261.154680][T11242]                                lock(k-sk_lock-AF_INET);
[  261.157039][T11242]   lock(fs_reclaim);
[  261.158248][T11242] 
[  261.158248][T11242]  *** DEADLOCK ***
[  261.158248][T11242] 
[  261.161316][T11242] 1 lock held by syz.2.1755/11242:
[  261.163399][T11242]  #0: ffff8880294ea960 (k-sk_lock-AF_INET){+.+.}-{0:0}, at: inet_stream_connect+0x43/0xa0
[  261.167481][T11242] 
[  261.167481][T11242] stack backtrace:
[  261.169932][T11242] CPU: 1 UID: 0 PID: 11242 Comm: syz.2.1755 Not tainted syzkaller #0 PREEMPT(full) 
[  261.169955][T11242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  261.169966][T11242] Call Trace:
[  261.169974][T11242]  <TASK>
[  261.169982][T11242]  dump_stack_lvl+0x100/0x190
[  261.170005][T11242]  print_circular_bug.cold+0x178/0x1c7
[  261.170035][T11242]  check_noncircular+0x146/0x160
[  261.170060][T11242]  __lock_acquire+0x14b8/0x2630
[  261.170084][T11242]  ? ipv4_dst_check+0x1a8/0x3b0
[  261.170112][T11242]  lock_acquire+0x1b1/0x370
[  261.170131][T11242]  ? kmem_cache_alloc_node_noprof+0x53/0x6f0
[  261.170159][T11242]  ? __lock_acquire+0x4a5/0x2630
[  261.170183][T11242]  fs_reclaim_acquire+0xc4/0x100
[  261.170205][T11242]  ? kmem_cache_alloc_node_noprof+0x53/0x6f0
[  261.170232][T11242]  kmem_cache_alloc_node_noprof+0x53/0x6f0
[  261.170258][T11242]  ? __alloc_skb+0x140/0x710
[  261.170284][T11242]  __alloc_skb+0x140/0x710
[  261.170308][T11242]  ? __pfx___alloc_skb+0x10/0x10
[  261.170336][T11242]  tcp_stream_alloc_skb+0x34/0x660
[  261.170365][T11242]  tcp_connect+0xf06/0x5530
[  261.170390][T11242]  ? __pfx_tcp_connect+0x10/0x10
[  261.170407][T11242]  ? get_random_u16+0x583/0x7d0
[  261.170433][T11242]  ? tcp_fastopen_cookie_check+0x419/0x450
[  261.170460][T11242]  tcp_v4_connect+0x15fe/0x1b40
[  261.170490][T11242]  ? __pfx_tcp_v4_connect+0x10/0x10
[  261.170517][T11242]  ? __lock_acquire+0x4a5/0x2630
[  261.170539][T11242]  ? __lock_acquire+0x4a5/0x2630
[  261.170561][T11242]  __inet_stream_connect+0x208/0xfa0
[  261.170590][T11242]  ? __pfx___inet_stream_connect+0x10/0x10
[  261.170616][T11242]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  261.170650][T11242]  ? __local_bh_enable_ip+0x9e/0x120
[  261.170675][T11242]  inet_stream_connect+0x57/0xa0
[  261.170699][T11242]  p9_fd_create_tcp+0x379/0x4d0
[  261.170719][T11242]  ? __pfx_p9_fd_create_tcp+0x10/0x10
[  261.170744][T11242]  ? lockdep_init_map_type+0x5c/0x250
[  261.170766][T11242]  p9_client_create+0x563/0xd40
[  261.170792][T11242]  ? __pfx_p9_client_create+0x10/0x10
[  261.170820][T11242]  ? lockdep_init_map_type+0x5c/0x250
[  261.170842][T11242]  ? __raw_spin_lock_init+0x3a/0x110
[  261.170869][T11242]  v9fs_session_init+0x3c/0xd20
[  261.170895][T11242]  ? kasan_save_track+0x14/0x30
[  261.170913][T11242]  v9fs_get_tree+0xb8/0xb50
[  261.170929][T11242]  ? rcu_is_watching+0x12/0xc0
[  261.170955][T11242]  ? __pfx_v9fs_get_tree+0x10/0x10
[  261.170974][T11242]  ? bpf_lsm_capable+0x9/0x10
[  261.170991][T11242]  ? security_capable+0x80/0x260
[  261.171014][T11242]  vfs_get_tree+0x92/0x320
[  261.171032][T11242]  path_mount+0x7d0/0x23d0
[  261.171061][T11242]  ? __pfx_path_mount+0x10/0x10
[  261.171086][T11242]  ? lockdep_hardirqs_on+0x78/0x100
[  261.171110][T11242]  ? putname+0xb1/0x110
[  261.171132][T11242]  ? kmem_cache_free+0x127/0x6c0
[  261.171160][T11242]  ? __x64_sys_mount+0x293/0x310
[  261.171185][T11242]  __x64_sys_mount+0x293/0x310
[  261.171213][T11242]  ? __pfx___x64_sys_mount+0x10/0x10
[  261.171240][T11242]  ? rcu_is_watching+0x12/0xc0
[  261.171265][T11242]  do_syscall_64+0x115/0x870
[  261.171285][T11242]  ? clear_bhb_loop+0x40/0x90
[  261.171302][T11242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.171320][T11242] RIP: 0033:0x7fae48d9ce59
[  261.171335][T11242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  261.171351][T11242] RSP: 002b:00007fae49c85028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  261.171368][T11242] RAX: ffffffffffffffda RBX: 00007fae49016180 RCX: 00007fae48d9ce59
[  261.171380][T11242] RDX: 0000200000000040 RSI: 0000200000000680 RDI: 0000200000000640
[  261.171391][T11242] RBP: 00007fae48e32d6f R08: 0000200000000900 R09: 0000000000000000
[  261.171404][T11242] R10: 0000000000008010 R11: 0000000000000246 R12: 0000000000000000
[  261.171414][T11242] R13: 00007fae49016218 R14: 00007fae49016180 R15: 00007ffda8abfbe8
[  261.171432][T11242]  </TASK>
[  261.311053][ T1436] ieee802154 phy0 wpan0: encryption failed: -22
[  261.317145][ T1436] ieee802154 phy1 wpan1: encryption failed: -22
[  261.331986][T11242] 9pnet_fd: p9_fd_create_tcp (11242): problem connecting socket to 127.0.0.1
[  261.612904][   T40] audit: type=1400 audit(1780195148.468:1287): avc:  denied  { unmount } for  pid=5747 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  262.565971][  T845] usb 5-1: USB disconnect, device number 35
[  262.862503][ T2111] usb 6-1: USB disconnect, device number 34