last executing test programs:

10.85517503s ago: executing program 2 (id=369):
r0 = syz_io_uring_setup(0x24f9, &(0x7f0000000180)={0x0, 0x0, 0x10100, 0x0, 0x1000000}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x3, 0x0, 0x0, 0x69, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

10.778728951s ago: executing program 2 (id=372):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_io_uring_setup(0x10d, &(0x7f0000000680)={0x0, 0x0, 0x100, 0x3}, &(0x7f0000000340)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x42, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x126, 0x517082, 0x12345})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
keyctl$reject(0x14, 0x0, 0x1ffffffe, 0x6, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r6=>0x0})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = syz_open_dev$cec(&(0x7f0000000300), 0x0, 0xdc400)
ioctl$CEC_ADAP_S_LOG_ADDRS(r8, 0xc05c6104, &(0x7f0000000380)={"0dde7cd4", 0x38a8, 0xa, 0x40, 0x7, 0xfffffff2, "34df1a9edbc62fe092e15904710aa1", "90aa9ad4", "c5632066", "a1c99eff", ["2aaf245a769da22b7f6f6ff1", "b8d4602aa4432eb3ae44f01e", "419e7bc49e7e5c9dd5e8a114", "9366d14ca177a8e05d25fbce"]})
r9 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x8142, 0x0)
r10 = ioctl$KVM_CREATE_VM(r9, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r10, 0xae41, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r10, 0x4068aea3, &(0x7f0000000000)={0x74, 0x0, 0x12})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r11, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x2d, &(0x7f0000000100)=[@cr4={0x1, 0x40000}], 0x1)
ioctl$int_in(r7, 0x5452, &(0x7f00000000c0)=0x9)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000b40)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000000000072100000008000300", @ANYRES32=r6, @ANYBLOB="10007d8005", @ANYRES32=r1], 0x2c}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_START_P2P_DEVICE(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="00042abd7000ffdbdf255900ff0008000300", @ANYRES32=r12, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x4000080)
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x44000)
syz_usb_connect$cdc_ncm(0x2, 0x76, &(0x7f00000001c0)=ANY=[@ANYBLOB="12015001020000402505a1a440e8000203010902640002010170000904000001020d00000524060001052400000025240f"], 0x0)
sendmsg$nl_route(r13, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="246d1150b90b1fd4bb830129daf96d7fcf7ad6a5ccebadcf2d3a3a76b4b5983e4d9341a5b3e6e3dc5b88bea0030288036c9e261c78f10aecf352102e7dc9d9784c1c82faf5f4decf2a73592c3826e7ac796cb4c6b2a5b538bd220a04b61d87d884fdc97b29306338aaf7590e9e32f07de8a31537b00e35b54fdc53612329444b92872c1f3bc56cc132ba57c06d0ceaf58881bfe05f2c1ebb203de231a712bf688df3e173a2e82bdc22e1fe3fb8af0c3bf38232de7d941cb1a43b9b56164f2df7e755f35d4608320c5adc1ccdb802a4d4b2e2f0aaadef07"], 0x40}, 0x1, 0x0, 0x0, 0x20045}, 0x40)

10.618798163s ago: executing program 0 (id=373):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000240), &(0x7f0000000280)=0x5)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x39b8, &(0x7f0000000080)={0x0, 0x33f8, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000180), &(0x7f00000001c0))
write$P9_RSTATFS(r2, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.net/syz1\x00', 0x200002, 0x0)
msgget(0x0, 0x6)
r3 = openat$cgroup_ro(r2, &(0x7f0000000000)='io.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r3, &(0x7f00000001c0), 0xed)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f00000000c0))

9.14299813s ago: executing program 4 (id=377):
socket$packet(0x11, 0x3, 0x300)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4)
listen(r5, 0x0)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c253bc9bd289700000010008506000000000000159fe05a25d4e3b93c4ec6dcd82209d5243b55cf9d6ba5d1c5883b95c2e33dc87f07b413f7188ae66b7ceef41ffdf184b38260464588314ac424df18b55719745c820b052300991819da7e6b62c3b9e444b671022b4207b5731d066ee0d6a0db28541febbc8cab17b3c50bd71f80bd1f36b06289c3adbc2cca435251f9111e0518d67f3f350623a217cf3f9056da38db26fab829ce4e9e62fbef8e53b04aec41ad3982e82a1021333c9b0ba65b670600d8fc47a7aea9533584a6b3caee6785bcdb86cb4f1a496b3ee388e7509dff1f60c6233e516fe2e8cc6daf7b908b3f5058e8326389ebc495724a000000000000", @ANYRES32=r7, @ANYBLOB="01000012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)

9.106079665s ago: executing program 0 (id=379):
syz_open_dev$sndctrl(&(0x7f00000000c0), 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan1\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
sendmsg$NLBL_UNLABEL_C_LIST(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000240)={&(0x7f0000000500)={0xa4, 0x0, 0x100, 0x70bd2d, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_SECCTX={0x2c, 0x7, 'system_u:object_r:smartcard_device_t:s0\x00'}, @NLBL_UNLABEL_A_SECCTX={0x27, 0x7, 'system_u:object_r:etc_runtime_t:s0\x00'}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @remote}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @broadcast}, @NLBL_UNLABEL_A_ACPTFLG={0x5, 0x1, 0x1}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NLBL_UNLABEL_A_IFACE={0x14, 0x6, 'dummy0\x00'}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @local}]}, 0xa4}, 0x1, 0x0, 0x0, 0x40}, 0x10)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000021c0)=ANY=[@ANYBLOB="57cad9a2c67b4a0eb2a1d36ff1926f4df37b666dff5a12d09b858a6580642fa6cddfe759e6e6f1d7899de366345cdf5cb51ab3d0493a826ad37d2d85727b6166a00394edf6b77bab1a5aac28aefa51dbd0b881022f132af58d864550d477960953b94c5bb64c5fae71ef8648feb6a7d53e6b4e1193a2eca36b2df4442994f614192fc53396220f202fd88182d801db32f5b2d92697166181c4a121a5c181f4afc0e978f08dd64dc43a17ed0c77d7b83736b967f6633c04d90e90a40d37120a64ed76fe0e9cc0ec1ea3fb694966243a23789da7e36401c2a9e79312a4a0c37e8d643e1b24468739f1a8a0b24d9b7c402dca241efcfd63e539cad34dd01d758db67ebd3b866e960ceec0e8bfc66059c1994d6e9d43548858c6f654083131eb070cf14b4a0c4bc9bcb0b33f13617e60d2a9ec8c2ce10884dd7022d4001deae8518bb08a4b565905569105a5ae9cbd9488d1941565612efa83646638c1100ecbe6fd43b8b7c17ef2b4dc8269de61d4e9970b4b6e228474c720720670762fe767d40a4fee4c0c46caa069eb29acfc02768f66dc2b7ecfa246e65da5b9c3e7cc0250bb1c0d1219d0889a75278c79a2048aa9fbe92f177b2d82c45d3f61fb4aee66c79962185f3029de05f8eee88cb8a0ea69f2d2987ef94f25dadc099995693e806f6cdd8687ac0e64cdfd2aab61a763cd80df1e86482c8a841faa2a214dff485d3aa07d451f7df7c1c7e5ee4a09cb6fe9d699a0943c2ba3988740fbf7329979a5e6c61dc01b5b69725ae6ab62c3bc1b07a9407bab2cf8be4852205c459c49c1f90b60738eab229cc8a8394549e3004bd1eaeace100e3a9da94d024355c6cfa5cf88df9c6db82cdc7808350639a8b2a37e18d979aa25b61c91c350610dce5fc5039065ea33c8096b669fa90fe9d7ab8bc6c3892503bf9647c93574e719ae1f7864dc2f6a701874861df100b852e271e21ddd21749e10412dfb7e28fb6cdd4e1a9a93fcb4368bcec78d31354cc5a9fa00963c0505b12af2d316827125e32db64d96fe832197cb151b5f4509b48a1b6e6a19b3641eb6ac1fc26fe5919f4b512329587c41c99676d503d8485ac1182dc5d601957159e53b83b9fc9bd575935741de794dc40f9ea2d8eb8fb72b3b654198beb4c95e64c5a4805d2b1c427abd0763809a940d7e97d07280f83afbc10e9337c60126d684918ba9868202720c931a0175d98868a80a967dd0a9970eeb031c26296669d54e3ab10db5353ffe890e6ad99daa8a0a24c3b67180d9417690746e4dbf98ad7cf21614d18e48d6c27e1006c194dc5274147059189b9d5a3a1995b56cb300357044d0d2476e098258397963f13cc81a21d92b608e34e2d70192dacdb138b2a6df6bd7ba0096e7ff37a6c3f49061d5a08bf451be70bd74806d9ad2e0302cdcfddbae9f676e5b02bdebc37771e771bbd4d07231d07da75de50d1e19ee56add2536670e112a457c73587bbbd621c2b9e9af789b8166561bff489be024bf72b476c1f5c8e97f2fec66cc0c4d1ce7f182e20a6e4eb72b3e42a2946eddc656b31017ab394c6c45bf7a0a2651c0f0edb9501a2a41ca40f826b4d67f0bd155e89ea4c7228fce4353a1558e993051d9d96cc0f2c879669951a80101cea614dcb86e147ea06b651bc75b9d2f99dbc2cbe3046caf8200b9d39b19a36811c0c621052927ec7218523abf7c1e99f9e90e0655a3b3ce0d2defdfcafc0763f8891e22c066f55a193cbfee17c1ff833390e613993b5c817901234e1256636910f217e6e8057255ec58fb3e80539f2e8678649f15894090c674cc714ed8b4d03753da5e953054edc496f8273fe782686e079fb6708f140cf089cfbb0da3188fd814d65b863b267a39fa8b3abe97be4311a6debb9998e2aca8eb728a4b35243cf204ae03f3999cb923f5d900b3422cabcc8923fff8ec3ad42444a0a9cc7333ffa647d4ad4e5dc2a72fc8a5827c97e0622dd8314573c03381082c69fbd21cacc8325f946b55b4b966e904d3be9f3469c5296a868b14b217555699e86c33c6df4cdbbac4f6484316da17db29747bf339ca98eaf2663852b1ae6702b1ba07ba059f78ba1ad078fc0a5112e0c8f0ab2e4ff75c997fcbbcab1fa5fc65782706255606ec3ae7daff82b624509a627066f6e3df80f1f283f035da99a7336e8cc84a2942d02fd3cb5a559ca7951381e0e82f70ea63defa196261c1f70b574cf10a7e0502718ba46ac9fba971f3be057fb46c131c0a44541f6193853f398f16623685efb52cbec4d1be5768c06792e1e9600b5102f9298bcc8b0f46e9c05702d0eb29208d7dae28095ac611614b3255daff48f68c7b621df6700837622fcb5a0bd89897390e1e0cf0c838470586d115d92bbe7368d48f6c7c5ce8a6b3c527cbfeece1e70e340730ed3e24c9b29e93062e2badc0f59eacaba2bf985d411bd22c219b30c9b8d66a40eb04ed29e43e3546155b6d48aedfda83e44d39fed2ca898a2aa8ac200ead61662839c119c00151713f72a344ffe2af06cadf5c3238351a7e0d8a0a5f05904712f7ad28124cb1f96e1df8e6d4232bee26296f0e2399c584e35cdcef93797381f1ba7067cbeb33cb4564b309f14893679f3da6168d227326fc17c617c5240e122b3c14d3f9719824cd96c5d5a4663d914dea5b0ef82f45240420c224db8856d388210cdffd1b70b88e32b86d918e850d6498986ed311eb0aed537e07d8dea141cd9421a672716cbaf608a396eba8dfdcd99689bae4ffe0f95b511e5ffb757d72935005f9a1cab99e387f31198db39757f729d96908fdf74f4cd2a15fad773d6349ea00724f8d09c154a8b98b92f79117afb4bb486e321098212821f8358afe6435e9a8f690d7e7ae38296f1261497933ec7aea41267059f9cdb50641e020aab7a54f1df6364a035e8ef9f0c3d4f7e092bd5b5a6ed6894f73a375d80e865ced46be9f25796f368a9e858e7b1ce6e002e34dbe55800db840abe25b8a1910ed838b328ec05c4addbce597531eb9f75625f0961b61ef7d90a4f6b185d0ff187486015ca84fe7a68d32c704fc40430f3f5740ecfa92ced70872cda988b0cd70130a39782e9441e0d6cfe07aa1cf9123d312f5512f37a6d5bc00732d3c8e834c0867a4be87fde27b4c82c2e2cb5c6f52e4af094f1e6f5cd36221cc7f13a861970b61bf6151fffada44205d1a3c1b97dc18e95b59b9e237e46f4853cd3d4150b4a115ae0877fd024de50326715ce6a5610a0a5ae092c24fba660fb39d250b4610a540ba111aafb403c5036017e962d7478edd566a54e77b37522c2f701a2aca7cbb52217dc238845304be95890ed310ad5627613afbc9145c39c014c92e2a9b2b8441791b878f7f501f19c1eb64fedf08f39c8a4611eaf2947fe83ae3116d7dbf87ad38f84343843c3f9a1314ba7cb5224452bc2abbb663817c021613e1dbe3bc82b1590b5d525eba0ac3c8226c92b206137aa9771e45116453fdcc0840c994c521e54e31760331287dd0ce09e31232f97999b59f0996e611b07086e3a4e037f7b9b8373a4bfe6c78441aa00f278149e02c08c64809c0c30cc55f1da08843e4767d6aa6ff8b5064a9411a4e6c70c42cf9948def349222d1f22eee6e778face22aee8cadbaf68c641a64044832de3e98f9a7fd47d3ea83a8a20b044032b939104e74e217406ad726f8311380d839a5cdc21dc301e6390aa6b673acefcdbb0708ab9bca5d4ae3f269fc33d7f83e28309be4a4b82df3f5d8a5efba08d786f1a6ef0fb3bb31c96408213ca7de7724d3d54265901a6a8452b21a0d8ba34d88ecb8f3020f8b114b503515aa0c0a87948f0ec2c3cf660f0760ed6016fab6a613bc75a3af999ebd28376a9fff2139852f16fab0eaeb128b59a36580c1cd749253ead22ab78f8ae65ddef13d734477758333e7ff775f0aa521cd1ac564eb01b438bff5015cea6580f4ec4ba1a9dca5d9bf601967b78972cbc627323620a9b4477aeb04102551393c7732849e2e84f1c129d3ff0fd6c9e7cbbc2a435fc64c30736beb3fd5945b576e99d3d55dfcc2682e8c5e51152937c04bd13292bb964094e0be199a5a6ed7bbdb79d33b589bb99a1e4cb4606802a5f6baf00d23acdffbf7652d497e5131355ed948a3a9ec7ae31a20c0e9c8ee6ddd0a1596b0df4f7368c75e915fae51fdb7c1982cccd7052ecc112c4c5c0d66592960c61d1464814f6a10d3b5cf2a3a470548718686d03d8f20cca21b129b8ea73c13e4cf132a0f0fe75c2ca69c84ba4898241adead2791b06be0894cc090047f1a3bb5a2043282a9855a8b675f17a47238a805f2842bc4c028a33410cb720b24c783dc9f3a0da0059798be2a8904de89acc7a431c9585ab40177ce2a8d2dfd99cf16c8460e28964e9f1bd5761a0be6b99ef11217aa86cba3d0ec3faafd251ff1ad21af685aa6e2134bd008b6c032c78293debfd731974c0cb08f0151823683feecc6f06dacb53d877a1811ade9968b569f43b1a18c614e10d4442a335be267f93e7d32b3dc4c4be78f335cd9f9fa17635fe44a806de7d78096f99f98371d706fc0c9b7d137638d78cbbbeee74364a9022386bbaa1f8e50c517625efbf65b0edf0f334c776f2ccfe787f84393b2019b32527ded48d73466a6de5e81007bdeea5a62f2a86d80b7352d53a9697605c392040a2b7705d719dc9eb41cff1a6621eb73e837af66efe432cf86dec6f0967f2194b384bc1409c9fcc13f2cb7c51539efc9ac382147a75a2a282893cba90cb7d57d14b564a7473b9bdab6149f196e097335b43422ef326feba6a58514ffaffe71fa572e168bb40c40bec9259f78c037fa50f55f94e70977c7f5c0f809ec65926be528293e32f23ad3b2793b41e5acf96d553e5b0fdbf4dc378a4157a015632176c350ad1716993a491e5fadbfab3b1f234f33abc57d23197e281577a7b922817c482b9c439b0c8fff3712ea089347bb775ef8de86b8ddbc5e5cbc8c8fa86a478c343de88be0114ba7b301b8c93d5ca06f684c78049e2816b7df6e2cffd0aedddca21c0b2f753495d6014e8fe5c5736c2ccb64c0488b6a586946bf87c2be349068e0bc69ce26472d63539c28e9e98c15165db8a843cf4e08d9e42d5bc34459df7287edc706ce6f490a8608a1e09c490126efb8ca5768d9c9e52135417bee21028babedba36a70b07301459e9a5e061ab13498e33cd40896401e8577740187daec1a728a9916e4f542bc97d8f12970a632c2afbf06f4c5b888962ce5eb15bf193a2fc565062ba52b080087680f29d3a832323e4f00571bd7b5d84fe58548fee0291b71df37307146f262eb716d929efb670691f1bf9e0403a07795f3497f229d30206a2ba70032a1bdd2290e6bfdb8ad240cab1709c683c6d3326e65e82c3276413cf5c96f86275ff974ec90db526ee1f3d9d7bc3dc56d8b21e91cd2d77392a2c6e4052206a5809cb1d70a90e83c909437f782408d12d530704fb5bdfbcabeb175778db95e12b03b4afb842ae6c3f234429e58a96248785a4666e2f6227e66feb05310b2fc02e82b658993e246bd2101c8673e38d21168b3dc6c6e320da4c5f934fd6ce3a47d71a863541051f4c65526d686ddf59e138c8697c445d49382f5eefe030d060a7a687f7634f775d681f6564c95720794fa51a4e67259d9b70a29bac8d7a51fb8bc97e0e3a16aa8dd124b7e8539716b2ea7c7edc64e726b1033ecc4b9ba8824d4eec2b23fc70b4912a34eb97284061a28664ef61a62e8a40fc230d01a59167c8873592758b82c4a609cdd25ab3476b12041b8bf417bcb670b", @ANYRESHEX=r1, @ANYRESHEX=r1])
r4 = socket(0x22, 0x2, 0x3)
getsockopt$packet_buf(r4, 0x107, 0x6, &(0x7f0000000140)=""/1, &(0x7f0000002180)=0x1)
truncate(&(0x7f0000000080)='./file0\x00', 0x30000000)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
open(0x0, 0x0, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000040)={'syztnl0\x00', &(0x7f0000000400)={'tunl0\x00', 0x0, 0x0, 0x700, 0x8, 0x0, {{0x5, 0x4, 0x0, 0x2, 0x14, 0x0, 0x0, 0xfd, 0x0, 0x0, @dev={0xac, 0x14, 0x14, 0x5}, @empty}}}})
r8 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/keys\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x20000023892)

8.149272608s ago: executing program 4 (id=384):
socket$packet(0x11, 0x3, 0x300)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4)
listen(r5, 0x0)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c253bc9bd289700000010008506000000000000159fe05a25d4e3b93c4ec6dcd82209d5243b55cf9d6ba5d1c5883b95c2e33dc87f07b413f7188ae66b7ceef41ffdf184b38260464588314ac424df18b55719745c820b052300991819da7e6b62c3b9e444b671022b4207b5731d066ee0d6a0db28541febbc8cab17b3c50bd71f80bd1f36b06289c3adbc2cca435251f9111e0518d67f3f350623a217cf3f9056da38db26fab829ce4e9e62fbef8e53b04aec41ad3982e82a1021333c9b0ba65b670600d8fc47a7aea9533584a6b3caee6785bcdb86cb4f1a496b3ee388e7509dff1f60c6233e516fe2e8cc6daf7b908b3f5058e8326389ebc495724a000000000000", @ANYRES32=r7, @ANYBLOB="01000012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)

7.50254351s ago: executing program 2 (id=386):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
r4 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wpan4\x00', <r5=>0x0})
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="979892b562b2dd9e7105502163f1498c5d1a9adbcfb9f275a1c9f8a7d63267a66d9a0288fd027481734408c7b090", @ANYRES16=0x0, @ANYBLOB="100c27bd7000fddbdf250700000008000500ffffffff0a0004007770616e3100000008000300", @ANYRES32=0x0, @ANYBLOB="0800010003000000080005000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x48}}, 0x4000)
r6 = syz_open_dev$radio(0x0, 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r6, 0xc0205647, &(0x7f0000000200)={0xf000000, 0x1, 0xfffffffe, 0xffffffffffffffff, 0x0, &(0x7f00000001c0)={0x98f909, 0x8002, '\x00', @p_u32=&(0x7f00000000c0)=0xa1}})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2a, 0x0, {}, [@FRA_FLOW={0x8, 0xb, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
ioctl$TCXONC(r0, 0x4b3a, 0x0)

6.733031126s ago: executing program 4 (id=387):
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="1201000000000040ef1747600000000000010902240001000000000904000001030002000921e6ffff00220500090581"], 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001d40)={&(0x7f00000009c0)='sched_switch\x00', r0}, 0x18)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0x2e, &(0x7f0000000180)=0x7b, 0x4)
recvmmsg(r2, &(0x7f0000000300)=[{{0x0, 0x0, 0x0}, 0x101}], 0x1, 0x0, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x3, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f00000004c0)=0x27)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f0000000400)=@assoc_value={r5, 0x5}, 0x8)
syz_io_uring_setup(0xec5, &(0x7f00000008c0)={0x0, 0x0, 0x400, 0x0, 0x4}, &(0x7f0000000080)=<r7=>0x0, &(0x7f0000000040)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x3938700}, 0x1, 0x40})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x490, 0x320, 0x6affffff, 0x3403000b, 0x320, 0x7, 0x3f8, 0x230, 0x230, 0x3f8, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00', {}, {}, 0x6c}, 0x0, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x1, [{0x6}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x40000}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xffff}, {}, {}, {}, {}, {}, {}, {}, {0x3}, {}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x5}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {0x1000}]}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x2, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x558ac59, 'syz0\x00', 'syz1\x00', {0x5}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4f0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r2, 0x0, 0x48c, &(0x7f0000000100)={0x1, 'wg0\x00', 0x4}, 0x18)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r11=>0x0})
ioctl$SCSI_IOCTL_GET_IDLUN(r0, 0x5382, &(0x7f00000000c0))
sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000540)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r10, @ANYRESHEX=r10, @ANYRES32=r11, @ANYBLOB="0800a0002609000008009f0006000000080026006c090000"], 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
sendmsg$kcm(r3, &(0x7f00000002c0)={0x0, 0x20, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

5.961382472s ago: executing program 3 (id=390):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000000))
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r2, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r1, &(0x7f00000012c0)="a52876830a602220f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = socket(0x200000100000011, 0x3, 0x4)
r6 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r7, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r8 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r8, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
sendmsg$tipc(r8, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10, 0x0}, 0x10)
setsockopt$TIPC_GROUP_LEAVE(r8, 0x10f, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x28, r4, 0x200, 0x70bd2b, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_PHYADDR={0x5, 0x3, 0x5}, @ETHTOOL_A_LINKINFO_HEADER={0x4}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x7}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000800}, 0x40)
write(r0, &(0x7f0000000340)="230000000100", 0x6)

5.850187253s ago: executing program 2 (id=391):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
timer_create(0x9, &(0x7f0000000180)={0x0, 0x21, 0x1}, &(0x7f0000000300)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000200), &(0x7f0000000180))
ioctl$int_in(r0, 0x40000000af01, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$UHID_INPUT(r4, &(0x7f0000001980)={0x8, {"85f080884e142b266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa108c3528fe9b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad5c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb69e6f4048f2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778681ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af8c2034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659e506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b560300020000000000005131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa812a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe65701000000000000000742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d158607883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca89db0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7f6ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a00", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x11, r0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000840))
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x2})
r5 = fsopen(&(0x7f0000000280)='esdfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000040)='source', &(0x7f0000000880)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\x1a\xf2\xd9\xf0V\nq\xab\xaa\rE\x88\x10\xe4DA\x05\xbe\xd2#@H\xbfb<\x93\xf5:\xb2\xb36\x8c\n\xdfU\'\f\"<A\x91\xac~\x17\xa8\xd2*v&/y\xf2\x9b}\"\xf98%\x8b', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000080)='rce\x00\x00\x00', &(0x7f0000000a40)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x9c\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\xf9\xea9\xeevL5cP\x86\xb8\x95\xb3\x99\xf95\x88\n\xbc\xdc\x1c\xd2v]\xb9\x8c7M\xd5h\xa2\x18x\x84\x19\xf6\xdc\xea1\x01\xd0%\x98\x1f\xe9\xb9[\xee\xde(\xbcB\x84\xd8\xfb\xe6\xa3\xe9\xee_\xdf\xfa\x82\x0e=\xec\xe9\x91\xc4\\^\xee\xd0%\xb2\x1c\x1f\xf8\xb0/\xce\xfe9;\x01\xf2g\x92\xd6\xa8\x8c\xc1:\xcbd\x96mI\xa1\xc2\x96\xbb`\xbc\xaa\xfeBl\x1b\xe4\xbfm\xa8\xbd{\x12\x18\x95\xc2q\x9f\t\x15z\xab\x8d7\x12j\xd8\\\xdb\xfa\xe3IuB\x8b\x8e-\xcdO\x95g\x92\x1f(\xcdoG\xca|\xd0\xe1\xa4+rG\x9e@\b\xd7\x00\xc8dA\x17\xbbr\r\x03E\x97\t\xd8DkE\xe9\xf3mK\xc2[G\xe1\'\xb8\x8d \xfa\x9cs\xf0\xbf\xf3t\xbfx', 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r6, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @private0}]}, &(0x7f0000000180)=0x10)
socket$inet6(0xa, 0x5, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
read$msr(r7, &(0x7f0000019680)=""/102384, 0x18ff0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r6}, 0x8)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="390000000e002aaab1918e2c000095000000000000000000000000000000000000d07b864948532942f748b475ef4927695d3e432e46b0ba0d5f08e68f6d0129e2deb564a6bd616b3bb4ad39ce23e21bd6709eeac172d8b49aa1a16562c8fa85009c8cfa7951272f850637e909b42da1f40e13ee411ea1ce104d41a2469dfa612a20188bcab9a4c41fa79b54c43e161745e5bae0d6ddb50e"], &(0x7f00000000c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x40f00, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r8}, 0x10)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x50, r7, 0x0)
madvise(&(0x7f0000848000/0x4000)=nil, 0x4000, 0x17)
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)

5.766823095s ago: executing program 1 (id=392):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x0, 0x80}]}, 0x10)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, &(0x7f0000000580)=@raw=[@tail_call, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x6d, &(0x7f0000000600)=""/109, 0x41000, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000680)={0x3, 0x6, 0x9, 0x2}, 0x10, 0x0, 0x0, 0x5, &(0x7f00000006c0)=[0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000000780)=[{0x0, 0x2, 0x9, 0x3}, {0x0, 0x1, 0x5, 0x7}, {0x2, 0x3, 0x10, 0xb}, {0x4, 0x5, 0x3, 0x8}, {0x4, 0x2, 0x8, 0xc}], 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_route(0x10, 0x3, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="500000001000010000000000ecffffff00000000", @ANYRES32=r3, @ANYBLOB="0000000000000000300012800e0001006970366772657461700000001c00028006000f000000"], 0x50}}, 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000340), 0x42, 0x0)
read$FUSE(r4, &(0x7f00000077c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000004200)={0x50, 0x0, r5, {0x7, 0x1f, 0x0, 0xfe05a, 0x5000, 0x0, 0x0, 0xc}}, 0x50)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$sock_inet6_udp_SIOCINQ(r6, 0x541b, 0x0)
fanotify_init(0x79, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)

5.341254358s ago: executing program 1 (id=393):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000080))
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0xc, 0x10, &(0x7f0000000e40)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000008000000850000001c00000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r5, 0xfffff000, 0xe, 0x0, &(0x7f0000000300)="61df712bc884fed5722780b605a7", 0x0, 0x2f00, 0x7000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x20008850)
sendmsg$nl_route_sched(r6, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r8, {0xf000, 0xffff}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x6)
r9 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

4.854275104s ago: executing program 3 (id=394):
socket$packet(0x11, 0x3, 0x300)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4)
listen(r5, 0x0)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c253bc9bd289700000010008506000000000000159fe05a25d4e3b93c4ec6dcd82209d5243b55cf9d6ba5d1c5883b95c2e33dc87f07b413f7188ae66b7ceef41ffdf184b38260464588314ac424df18b55719745c820b052300991819da7e6b62c3b9e444b671022b4207b5731d066ee0d6a0db28541febbc8cab17b3c50bd71f80bd1f36b06289c3adbc2cca435251f9111e0518d67f3f350623a217cf3f9056da38db26fab829ce4e9e62fbef8e53b04aec41ad3982e82a1021333c9b0ba65b670600d8fc47a7aea9533584a6b3caee6785bcdb86cb4f1a496b3ee388e7509dff1f60c6233e516fe2e8cc6daf7b908b3f5058e8326389ebc495724a000000000000", @ANYRES32=r7, @ANYBLOB="01000012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)

4.776611136s ago: executing program 1 (id=395):
prlimit64(0x0, 0xe, &(0x7f0000002500)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x22802, 0x0)
writev(r1, &(0x7f0000000c00)=[{&(0x7f00000006c0)="0fc11e988c50ebd12b5c2de0068685208b3d3849788eef03741371345d3e53a54cde13b7b35269b006674f1e0f19fe719afcc4bbac28d5ed568809363c42988050855de1198bd07eae8880ad283df8c3abd18e2febbe65236d69909ccbe27ec51f49d29fab84ec846eb880a7658303eea1c2c1a4c08b1dd58d4f3fc41f81dcf74d77b7c47599fc6951196b5e0467a9345a82b1728a0714b1f5b6177897dea81763067e74cfdb68cf61e58dcce973b1c7", 0xb0}, {&(0x7f00000007c0)="84c573d3e5a0b09e09b485ae73472dca032b15a1eae5ff814de22be0af7bdad1fbd4876453bb000f8d0b188151bd30f327f3886359d808b94bd33db665fe89961f6cdf7eb8b32bb4db251f7fd1e0c4deb2dda26ebd5f62b9ae461c", 0x5b}, {&(0x7f0000000840)="03ca23d2e1620cc70cb2bd5b65ce9d2462c033543e623970c671c528436d315c578054fb8a835faf2016a7bba5f0207bd77c083f4aba6094fa55c5e1f95389f7a8eee5e03dd35647ae1f0d8a4d", 0x4d}, {&(0x7f00000008c0)="a49b81f1bbbd1091aec991ad3bd88f938a29ff682769f10ee45f4a20e30f09a82bde99de1d1617a980b3d976c7a5b0f5b2573911c97277cc5f98f832266738755c29d8e0d4329bbcec1e33d4e4000e9049fc5b8cf1615819b37a76fa0f41c31f0625ca27cb2c30ce6c13c397af1f41d30b76be57fefb136f04aef7beb42860d837f3f22635289bdf292abafef1b745ddf77abc00dc7bd6a7b38247907471fb22e6fb8bd18d2700fbae9aa3795064efc945", 0xb1}, {&(0x7f0000000980)="4677892f1e6a05990853fabd972b9c123d2d664251b62dd443fc15fbddf0940d5a90006139d532e3c1cfbd1d2e83dd82dc900ae4cfac54e0051d7f0f7e4b8f7973a7f9b3394734d999ada5f3a7af5634ff4ded55b9481cd246fa42f79ffa238a28f700a812ff4eef8f5564601139b180164fa6e9d18f31d94fcfcd6fcc99482a7a", 0x81}, {&(0x7f0000000a40)="6f9ffcab1673299d79200fbab92ff57bba005bbad6e6f2554bea7917a5f3b478b33a95ea985a9a0bf99a15c7ebf6c8024d0efd276c9948d7d1fbdbe1a0630bd9e5cf1a410c7ffaa9a26c5c4c23e76fc53622d461e7b8afefc0307a0eec4bf27290425493e7b625d8ad3a1e1409145408ce9dd0688a2628097d6ac1fea573c8b099b74f2928c4ac1d94493dbd22305c88b16c4c3079b8", 0x96}, {&(0x7f0000000b40)="92ff237790e86651dec2465694b946ee04e41c71b368081b84a8709926ce47b34df0bd0094443599abd27360d6fe43ed302932e831075b6ce88d51a141fba8beca8137960c14fa0876a381a0e31ea5b7d24e62ed6167c61ad728915cc1b1bce166343b0475ffc7ff794ad6c9704aa5ecd4d892e4db7df3ec3581f6fea06ad28b5e014c8d0f76a39ac88ba8d4f89896", 0x8f}], 0x7)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup(r4)
getsockname$packet(r5, &(0x7f00000000c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000001540)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000fc0)=@newtaction={0x290, 0x30, 0x301, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x27c, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{}, 0x1, r6}}]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x7, 0x1, 0xc, 0x100, 0x2}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_police={0x7c, 0x0, 0x0, 0x0, {{0xb}, {0x4}, {0x4e, 0x6, "8cfcfe53b9dedf5f447a5e8631bff395d53f57d5e05aba6a93cdec0ef58cc2825709cc3be22a9ccd1d1a5e983f655007a6588c34b8437fb7acb3958a9cc80600659c77190cd7f80881ca"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}, @m_mirred={0x164, 0x11, 0x0, 0x0, {{0xb}, {0xc4, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x8, 0xfffffff7, 0x0, 0x4}, 0x3, r6}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x9, 0x6, 0x20000000, 0x7, 0x1}, 0x3, r6}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x4, 0x20000000, 0x9, 0xe}, 0x2, r6}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xb, 0x21e4, 0x5, 0x7, 0x8}, 0x2}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xf977, 0x40, 0x8, 0x2, 0x837}, 0x1}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0xfd, 0x7, 0xffffffffffffffff, 0x6}, 0x4}}]}, {0x76, 0x6, "d78153373a0c27018f0bebc6124461a27bbc66db81040221ebfec13be54abf8518f3f01316a1185d5fd7f65a05d905d232e815e3ea4890d12e881d15c56a1f34bcb0914928b1ef357103f4d46e523b75ed8a38cd0fb191689a32e17486fa1daeb57e3b02882cce0c0b3f672fbbbd14fcd6df"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x290}}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000002540)=@raw={'raw\x00', 0x4001, 0x3, 0xa38, 0x0, 0xb, 0x148, 0x8e8, 0x148, 0x9a0, 0x240, 0x240, 0x9a0, 0x215, 0x3, 0x0, {[{{@ip={@local, @local, 0x0, 0x0, 'ip6gretap0\x00', 'veth0\x00', {}, {}, 0x11}, 0x2e8, 0x880, 0x8e8, 0x0, {0xff0f000000000000}, [@common=@inet=@udp={{0x30}}, @common=@unspec=@u32={{0x7e0}, {[{}, {}, {}, {}, {}, {[{0x3}]}, {}, {}, {}, {[], [{}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x6a1}]}], 0x1}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}, {{@ip={@broadcast, @broadcast, 0x0, 0x0, 'team0\x00', 'netpci0\x00'}, 0xec010000, 0x98, 0xb8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0xa98)
r7 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000580), 0x84c40, 0x0)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r7, 0x84, 0x4, &(0x7f00000005c0)=0x8001, 0x4)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
close(0xffffffffffffffff)
ioctl$VHOST_SET_VRING_ADDR(r8, 0x4028af11, &(0x7f0000000540)={0x1, 0x0, &(0x7f00000003c0)=""/75, &(0x7f0000000480)=""/140, &(0x7f0000000600)=""/11, 0xeeef0000})
r9 = syz_open_dev$video(&(0x7f0000000000), 0x8000000000008, 0x0)
dup3(r9, r1, 0x80000)
write$P9_RVERSION(r7, &(0x7f0000000640)=ANY=[@ANYBLOB="29ebc8c39cb40e13000000651aff0004000206a1da15816781226aae01b7ebb9f596c8e5ea89221723d60b2c965c00009de417fc55262f6f31fb71fdf64302bad7aeb121bc229ca0ef55f08e82d1bc9e9481a825b0bee3d97e9de8148a8acb12c1734f291e4319d86eae1c4ff67bef22"], 0x13)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
r10 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r10, 0x4010640d, &(0x7f0000000440)={0x7, 0x2})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)

4.639056383s ago: executing program 0 (id=396):
openat$null(0xffffffffffffff9c, &(0x7f0000000740), 0x20902, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000840))
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000))
r1 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000040)='source', &(0x7f0000000880)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\x1a\xf2\xd9\xf0V\nq\xab\xaa\rE\x88\x10\xe4DA\x05\xbe\xd2#@H\xbfb<\x93\xf5:\xb2\xb36\x8c\n\xdfU\'\f\"<A\x91\xac~\x17\xa8\xd2*v&/y\xf2\x9b}\"\xf98%\x8b', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @private0}]}, &(0x7f0000000180)=0x10)
socket$inet6(0xa, 0x5, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
read$msr(r3, &(0x7f0000019680)=""/102384, 0x18ff0)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r4, &(0x7f0000000140)={0x24, @short={0x2, 0x2}}, 0x14)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x149802, 0x0)
r5 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'vlan0\x00'})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r7 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_TRY_FMT(r7, 0xc0d05640, &(0x7f0000000540)={0x1, @sdr={0x43353039, 0x7}})

3.937105977s ago: executing program 3 (id=397):
r0 = syz_open_dev$video(&(0x7f0000000000), 0x3, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000040)={0x3, 0x980914, 0x3})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000047c0)=[{{0x0, 0x0, 0x0}, 0x96cf}, {{0x0, 0x0, &(0x7f0000003040)=[{&(0x7f0000002bc0)=""/185, 0xb9}, {0x0}, {0x0}, {0x0}, {&(0x7f0000002f80)=""/147, 0x93}], 0x5}, 0xb}], 0x2, 0x22, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$inet(r4, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
close(r5)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6ea1893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1"], &(0x7f0000000080)='GPL\x00', 0x10000, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="480000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="8b040400000000002800128008000100736974001c000280060008003f000000080002007fbe30d20c62c6bfe0000001"], 0x48}}, 0x0)
r8 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r8, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r8, 0x7a0, &(0x7f0000000040)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r8, 0x7b1, &(0x7f0000000300)={{@local, 0x5}, 0x7fffffff, 0x3})
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x19, 0x4, &(0x7f00000003c0)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x18}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r9, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x1f000801}, 0x0)
lremovexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=@known='system.posix_acl_access\x00')
close(0x3)

3.713716s ago: executing program 1 (id=398):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
r1 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='user\x00N\xac]\x86\x8a\xa3\x7f\x00', &(0x7f00000000c0)='\x02', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000040)='user\x00N\xac]\x86\x8a\xa3\x7f\x00', &(0x7f0000000080)='\x00', 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$kvm(0x0, 0x0, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
listen(r5, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r6, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
syz_emit_ethernet(0x0, 0x0, 0x0)
r7 = accept(r4, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x16}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x78}}, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xfde1, 0x300, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x4d, 0x0, @wg=@data={0x4, 0x1200}}}}}}, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}}, 0x1)

3.079873494s ago: executing program 4 (id=399):
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000040)={0x1, 0x6}, 0x2)
write$USERIO_CMD_REGISTER(r0, &(0x7f0000000100), 0x2)
r1 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/clear_refs\x00', 0x1, 0x0)
write$sysctl(r2, &(0x7f0000000040)='4\x00', 0x2)
ioctl$MON_IOCG_STATS(r1, 0x80089203, &(0x7f00000000c0))
write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f00000000c0)={0x2, 0xfa}, 0x2)
write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f0000000480)={0x2, 0x2}, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x401, 0xfffffffc, 0x2, {0x0, 0x0, 0x0, 0x0, 0x20000}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_NUM_PEER_NOTIF={0x5, 0x10, 0x7}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40080}, 0x800)

2.31629276s ago: executing program 3 (id=400):
r0 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x0)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f00000000c0)=0x32)
ioctl$CEC_S_MODE(r0, 0xc05c6104, &(0x7f00000000c0))

2.254959922s ago: executing program 1 (id=401):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
ioctl$KDSETMODE(r0, 0x4b3a, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
r4 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wpan4\x00', <r5=>0x0})
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000340)={&(0x7f0000000440)=ANY=[@ANYBLOB="979892b562b2dd9e7105502163f1498c5d1a9adbcfb9f275a1c9f8a7d63267a66d9a0288fd027481734408c7b090", @ANYRES16=0x0, @ANYBLOB="100c27bd7000fddbdf250700000008000500ffffffff0a0004007770616e3100000008000300", @ANYRES32=0x0, @ANYBLOB="0800010003000000080005000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x48}}, 0x4000)
r6 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r6, 0xc0205647, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x70bd2a, 0x0, {}, [@FRA_FLOW={0x8, 0xb, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="2800000021000100"], 0x28}}, 0x0)
ioctl$TCXONC(r0, 0x4b3a, 0x0)

2.228030127s ago: executing program 3 (id=402):
syz_open_dev$video4linux(&(0x7f0000000000), 0x101, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
gettid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$adsp1(0xffffffffffffff9c, 0x0, 0xa0201, 0x0)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000940), 0xc02, 0x0)
ioctl$FBIOGETCMAP(r2, 0x4604, &(0x7f0000000a80)={0x101, 0xa, &(0x7f0000000980)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000009c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a40)=[0x0, 0x0]})
ioctl$FBIO_WAITFORVSYNC(r2, 0x40044620, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000000))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001340)={{0x14}, [@NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_CHAIN_USERDATA={0x13, 0xc, "2b7c81f1817979f0d6881d6b479dd9"}, @NFTA_CHAIN_TYPE={0xb, 0x7, 'filter\x00'}]}, @NFT_MSG_DELCHAIN={0xbc, 0x5, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NFTA_CHAIN_TYPE={0x8, 0x7, 'nat\x00'}, @NFTA_CHAIN_COUNTERS={0x10, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc}]}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x6}, @NFTA_CHAIN_USERDATA={0x3e, 0xc, "292852f94b324fff1007f738c5e7a6531b23b9467ea57ad52186bb27f94e116d6a62e8658efc207a50905b368a05364709ba395a3dde7209ebea"}, @NFTA_CHAIN_USERDATA={0x2e, 0xc, "ff4df18abf2a2f8b7d5850de55e122b9a42ae2db0319cc3bf9f3a5a800f00e589ef4892f12a11d328324"}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x3}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x50, 0x16, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x6}, [@NFTA_FLOWTABLE_HOOK={0x3c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'syz_tun\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_to_bridge\x00'}]}]}]}], {0x14}}, 0x168}, 0x1, 0x0, 0x0, 0x8010}, 0x4000800)
read$dsp(0xffffffffffffffff, &(0x7f00000002c0)=""/4096, 0x1000)
socket$inet_udp(0x2, 0x2, 0x0)
keyctl$read(0xb, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0x40045010, &(0x7f0000000080)=0x58)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000840)={0x84, &(0x7f0000000480)=ANY=[@ANYBLOB="402b10"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

2.146741104s ago: executing program 0 (id=403):
socket$packet(0x11, 0x3, 0x300)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r5, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r5, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4)
listen(r5, 0x0)
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r1, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
r6 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c253bc9bd289700000010008506000000000000159fe05a25d4e3b93c4ec6dcd82209d5243b55cf9d6ba5d1c5883b95c2e33dc87f07b413f7188ae66b7ceef41ffdf184b38260464588314ac424df18b55719745c820b052300991819da7e6b62c3b9e444b671022b4207b5731d066ee0d6a0db28541febbc8cab17b3c50bd71f80bd1f36b06289c3adbc2cca435251f9111e0518d67f3f350623a217cf3f9056da38db26fab829ce4e9e62fbef8e53b04aec41ad3982e82a1021333c9b0ba65b670600d8fc47a7aea9533584a6b3caee6785bcdb86cb4f1a496b3ee388e7509dff1f60c6233e516fe2e8cc6daf7b908b3f5058e8326389ebc495724a000000000000", @ANYRES32, @ANYBLOB="01000012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)

1.503515221s ago: executing program 4 (id=404):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2d, 0x1, 0x0, 0x6000, "", [@nested={0x103, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x100000000000000}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c"]}]}, 0x114}], 0x1}, 0x0)

626.879085ms ago: executing program 0 (id=405):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$NL802154_CMD_SET_CCA_ED_LEVEL(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)={0x28, r1, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x40010) (fail_nth: 1)

540.196628ms ago: executing program 2 (id=406):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x20, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000600)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8)
write$FUSE_OPEN(r2, &(0x7f0000000000)={0x20, 0x0, 0x0, {0x0, 0x8}}, 0x20)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',posi'])

536.932104ms ago: executing program 1 (id=407):
socket$packet(0x11, 0x3, 0x300)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x18)
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x74, 0x101301)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000d00)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r4, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r4, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4)
listen(r4, 0x0)
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r0, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
r5 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3c253bc9bd289700000010008506000000000000159fe05a25d4e3b93c4ec6dcd82209d5243b55cf9d6ba5d1c5883b95c2e33dc87f07b413f7188ae66b7ceef41ffdf184b38260464588314ac424df18b55719745c820b052300991819da7e6b62c3b9e444b671022b4207b5731d066ee0d6a0db28541febbc8cab17b3c50bd71f80bd1f36b06289c3adbc2cca435251f9111e0518d67f3f350623a217cf3f9056da38db26fab829ce4e9e62fbef8e53b04aec41ad3982e82a1021333c9b0ba65b670600d8fc47a7aea9533584a6b3caee6785bcdb86cb4f1a496b3ee388e7509dff1f60c6233e516fe2e8cc6daf7b908b3f5058e8326389ebc495724a000000000000", @ANYRES32=r6, @ANYBLOB="01000012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)

535.037453ms ago: executing program 4 (id=408):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000080)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r4 = syz_pidfd_open(0x0, 0x0)
r5 = pidfd_getfd(r4, 0xffffffffffffffff, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
read$qrtrtun(r6, &(0x7f00000004c0)=""/57, 0x39)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
sendmsg$NFNL_MSG_CTHELPER_GET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000010901040000000000000000050000070900010073797a3100000002", @ANYRESDEC=r1, @ANYRESHEX=0x0, @ANYRES8=r5], 0x20}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)
mknod$loop(0x0, 0x200, 0x0)
r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r7, 0xc004500a, &(0x7f0000000100))
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000040000000900000000a3b905", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@bloom_filter={0x1e, 0x8000, 0x400, 0x8, 0x0, r8, 0x80c, '\x00', 0x0, r6, 0x1, 0x1, 0x2, 0xc, @void, @value, @void, @value}, 0x50)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r9, <r10=>0xffffffffffffffff}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000002000000000000000000000018110000afa95eebcf7fbbd086e70929185988abe2df98a9d3edfc60a308030f68c0d9ffda8c7bedd0689e4208d0c9a90ccf69e449c3a9337a2d904b890a42d6c663170839069455491e01e2dc6fbb7e68e2bb6dc54da9b5e3d45968618fd68befa5180b403f0ddcf8a0af10d2bc64e62d4c44635314c66d8a6227c15144bdc0742107", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000030000009500000000000000"], &(0x7f0000000180)='syzkaller\x00', 0x4, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
msgctl$IPC_RMID(0x0, 0x0)

295.765977ms ago: executing program 3 (id=409):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r1=>0x0})
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, &(0x7f0000000080)={r1, 0x1, 0x6, @random="39ac19e44ffe"}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0x6, &(0x7f0000000140)={0x8, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
r2 = inotify_init()
inotify_add_watch(r2, &(0x7f00000000c0)='./file0\x00', 0x4000001)
inotify_add_watch(r2, &(0x7f0000000240)='./file0/bus\x00', 0x10000882)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
unlink(&(0x7f0000000280)='.\x00')
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010", @ANYRES8=0x0, @ANYRES32], 0x48}}, 0x0)
sendmmsg$alg(r4, &(0x7f00000000c0), 0x492492492492627, 0x0)
syz_emit_vhci(&(0x7f0000000140)=@HCI_EVENT_PKT={0x4, @hci_ev_sync_conn_complete={{0x2c, 0x11}}}, 0x14)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

246.846221ms ago: executing program 0 (id=410):
r0 = syz_io_uring_setup(0x24f9, &(0x7f0000000180)={0x0, 0x0, 0x10100, 0x0, 0x1000000}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x3, 0x0, 0x0, 0x69, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x239, 0x0, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x34, 0x10, 0x401, 0x70bd2c, 0xfffffffc, {0x0, 0x0, 0x0, 0x0, 0x4288}, [@IFLA_IFNAME={0x14, 0x3, 'geneve1\x00'}]}, 0x34}}, 0x2000000)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="38000000490001002abd7000fcdbdf250a001f00", @ANYRES32=0x0, @ANYBLOB="ff01000014000100000000000000000000001c0000000001080002000c000000"], 0x38}, 0x1, 0x0, 0x0, 0x60c8000}, 0x0)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0xb, 0x380000, 0x3ff, 0xfffffffffffffff9, 0xfffffffffffffff7, 0x9, 0x4, 0x7fff, 0x6, 0x7, 0x4, 0xca3, 0x7, 0x80000000, 0xfffffffffffffffd, 0xffffffffffffffff, 0x9, 0x0, 0x100, 0x4, 0x2, 0x7, 0x3, 0x8, 0x5})
r5 = memfd_secret(0xfffffffe)
clock_adjtime(0x0, &(0x7f0000000900)={0x6, 0xe, 0xe, 0x6, 0xf, 0xa, 0x0, 0x2, 0x9, 0x2, 0x4, 0x8000000000000000, 0xc, 0x9, 0x7, 0x9, 0x7, 0x3, 0x8, 0xfffffffffffffffa, 0x0, 0x5, 0x8, 0x7, 0x3, 0x7ff})
socket$inet6_dccp(0xa, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$EVIOCGBITSND(r5, 0x80404532, &(0x7f0000000040)=""/55)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

0s ago: executing program 2 (id=411):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x319c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000400)={0x2c, &(0x7f0000000000)=ANY=[@ANYBLOB="00010700000007005a7da31d17"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newlink={0x28, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40004}, [@IFLA_NET_NS_PID={0x8, 0x13, r2}]}, 0x28}, 0x1, 0x0, 0x0, 0x48041}, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="03c900768d412704cdcc37b41803950c35a8af373ad56dbd932cc145568c5ce261f068913ccab4637dac2d607a4506cc00a462eaa6aff782521e64e842f5866b0662a6f861b9bcccb2c0ad08e6c1dbdd5434b1b59dc661879bb7c4891f6961ee57460c59d5b57bafc98fd29247894c55e70d5a5ed8590d73cd137359fa20bd4245d5e2d62db8ef1ff7c9467191779037082835511f113a7770f6ede601591b0a80a2a9bbf103020ef33059a532649c568961d9140daa2c2bad"], 0x7a)
syz_usb_control_io(r0, 0x0, &(0x7f0000000b40)={0x84, &(0x7f0000000140)={0x20, 0xe, 0x17, "93c6ded76bfea26f8d0499813f12d95970fd93fe69ffac"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x40000008)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000580)={@cgroup=r7, 0x1, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c00000011000100900051230000400007000000", @ANYRES32, @ANYBLOB="00000000000000001c001a801800058014000680080001"], 0x3c}}, 0x0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r9=>0x0})
r10 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="141e0000130d00000000000100007f0007040000febbb10b2387e0ceef68a5c5a45609499f9773a07336bb47f409cd21368c60f7a372d3e607724bbdab24c39486e384760e02e3ff0841ed34ef8f21d6e2f70b775c6a06efb63b7b0b629f5e459249c7500ecaed481f069d419955db631f04774d6da49675bce42579bcb7768a59730d6af2b34f174f4cc47f7a20eca1e09641c2cf93e97ed8a9fb8a7b248586a59321824be07834a5c953d9692d599009655a0500d1301ee3572bfd3ce66ebf2ca52a22", @ANYRES32=r9, @ANYBLOB="00000132ae57f60014001a80100004800c0005"], 0x34}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)

kernel console output (not intermixed with test programs):

yo_path_number_perm+0x248/0x590
[   83.734068][ T6177]  ? tomoyo_path_number_perm+0x235/0x590
[   83.734090][ T6177]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[   83.734132][ T6177]  ? __pfx_lock_release+0x10/0x10
[   83.734153][ T6177]  ? trace_lock_acquire+0x14e/0x1f0
[   83.734175][ T6177]  ? lock_acquire+0x2f/0xb0
[   83.734195][ T6177]  ? __fget_files+0x40/0x3a0
[   83.734213][ T6177]  ? __fget_files+0x206/0x3a0
[   83.734232][ T6177]  security_file_ioctl+0x9b/0x240
[   83.734256][ T6177]  __x64_sys_ioctl+0xb7/0x200
[   83.734280][ T6177]  do_syscall_64+0xcd/0x250
[   83.734299][ T6177]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   83.734322][ T6177] RIP: 0033:0x7fa5ab58cde9
[   83.734336][ T6177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.734350][ T6177] RSP: 002b:00007fa5ac32e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   83.734367][ T6177] RAX: ffffffffffffffda RBX: 00007fa5ab7a6160 RCX: 00007fa5ab58cde9
[   83.734377][ T6177] RDX: 00004000000002c0 RSI: 0000000000005423 RDI: 0000000000000003
[   83.734387][ T6177] RBP: 00007fa5ac32e090 R08: 0000000000000000 R09: 0000000000000000
[   83.734396][ T6177] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.734406][ T6177] R13: 0000000000000000 R14: 00007fa5ab7a6160 R15: 00007ffe9cc4de98
[   83.734428][ T6177]  </TASK>
[   83.734434][ T6177] ERROR: Out of memory at tomoyo_realpath_from_path.
[   83.961602][  T971] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[   84.082859][   T29] audit: type=1400 audit(1739696283.137:219): avc:  denied  { write } for  pid=6162 comm="syz.4.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   84.119879][    T8] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[   84.233386][  T971] usb 3-1: USB disconnect, device number 7
[   84.300230][    T8] usb 4-1: device descriptor read/8, error -71
[   84.341971][   T29] audit: type=1400 audit(1739696283.137:220): avc:  denied  { nlmsg_write } for  pid=6162 comm="syz.4.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   84.485509][ T6180] RDS: rds_bind could not find a transport for ::ffff:172.30.0.1, load rds_tcp or rds_rdma?
[   84.512134][    T8] usb usb4-port1: unable to enumerate USB device
[   84.967066][ T6191] No such timeout policy "syz1"
[   85.254339][ T6190] mkiss: ax0: crc mode is auto.
[   85.901864][ T6200] RDS: rds_bind could not find a transport for ::ffff:172.30.0.5, load rds_tcp or rds_rdma?
[   85.968419][ T6181] mmap: syz.1.80 (6181): VmData 25841664 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[   86.007385][ T6200] ptrace attach of ""[6204] was attempted by "./syz-executor exec"[6200]
[   86.449905][ T6206] netlink: 4 bytes leftover after parsing attributes in process `syz.2.87'.
[   87.031627][ T6207] netlink: 4 bytes leftover after parsing attributes in process `syz.3.88'.
[   87.750400][ T6221] netlink: 'syz.1.93': attribute type 1 has an invalid length.
[   87.770320][ T6221] netlink: 12 bytes leftover after parsing attributes in process `syz.1.93'.
[   87.982269][   T25] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[   88.041921][ T5909] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[   88.181947][  T971] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   88.192021][   T25] usb 4-1: device descriptor read/64, error -71
[   88.292025][ T5909] usb 5-1: Using ep0 maxpacket: 8
[   88.361904][  T971] usb 3-1: Using ep0 maxpacket: 8
[   88.371941][ T5909] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=99.03
[   88.398709][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.418777][ T5909] usb 5-1: Product: syz
[   88.425488][ T5909] usb 5-1: Manufacturer: syz
[   88.435468][ T5909] usb 5-1: SerialNumber: syz
[   88.441982][   T25] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[   88.468236][ T5909] usb 5-1: config 0 descriptor??
[   88.470434][  T971] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   88.488340][ T5909] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state.
[   88.499794][ T5909] dvb-usb: bulk message failed: -22 (2/0)
[   88.502024][  T971] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   88.515668][ T5909] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[   88.527155][ T5909] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver)
[   88.558840][ T5909] usb 5-1: media controller created
[   88.582007][   T25] usb 4-1: device descriptor read/64, error -71
[   88.589644][ T5909] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   88.593534][  T971] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[   88.628529][  T971] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   88.651350][  T971] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[   88.658962][ T5909] dvb-usb: bulk message failed: -22 (1/0)
[   88.660733][  T971] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.688619][   T29] kauditd_printk_skb: 9 callbacks suppressed
[   88.688635][   T29] audit: type=1400 audit(1739696288.707:230): avc:  denied  { create } for  pid=6228 comm="syz.1.95" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   88.722126][   T25] usb usb4-port1: attempt power cycle
[   88.734109][ T5909] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver'
[   88.809123][ T6234] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.827015][ T6234] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.837178][ T5909] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input5
[   88.941759][   T29] audit: type=1400 audit(1739696288.737:231): avc:  denied  { write } for  pid=6228 comm="syz.1.95" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   88.966406][ T6234] netlink: 'syz.4.92': attribute type 1 has an invalid length.
[   88.974487][ T6234] netlink: 240 bytes leftover after parsing attributes in process `syz.4.92'.
[   88.993386][  T971] usb 3-1: GET_CAPABILITIES returned 0
[   89.017757][  T971] usbtmc 3-1:16.0: can't read capabilities
[   89.018642][ T5909] dvb-usb: schedule remote query interval to 50 msecs.
[   89.110380][ T5909] dvb-usb: bulk message failed: -22 (2/0)
[   89.116651][   T25] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[   89.132001][ T5865] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   89.140650][   T29] audit: type=1400 audit(1739696288.737:232): avc:  denied  { nlmsg_write } for  pid=6228 comm="syz.1.95" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   89.204889][   T45] dvb-usb: bulk message failed: -22 (1/0)
[   89.218511][ T5909] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected.
[   89.229919][   T25] usb 4-1: device descriptor read/8, error -71
[   89.279223][   T45] dvb-usb: error while querying for an remote control event.
[   89.282951][   T29] audit: type=1400 audit(1739696289.097:233): avc:  denied  { read } for  pid=5178 comm="acpid" name="event4" dev="devtmpfs" ino=2760 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   89.349391][   T29] audit: type=1400 audit(1739696289.127:234): avc:  denied  { open } for  pid=5178 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2760 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   89.358882][ T5909] usb 5-1: USB disconnect, device number 6
[   89.379358][  T117] dvb-usb: bulk message failed: -22 (1/0)
[   89.392558][  T117] dvb-usb: error while querying for an remote control event.
[   89.397472][ T5852] usb 3-1: USB disconnect, device number 8
[   89.426529][   T29] audit: type=1400 audit(1739696289.137:235): avc:  denied  { ioctl } for  pid=5178 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2760 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   89.451445][    C0] vkms_vblank_simulate: vblank timer overrun
[   89.451479][ T5865] usb 1-1: Using ep0 maxpacket: 32
[   89.458263][ T5865] usb 1-1: config 0 interface 0 has no altsetting 0
[   89.489493][ T5909] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected.
[   89.501648][ T5865] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[   89.513148][ T5865] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   89.521160][ T5865] usb 1-1: Product: syz
[   89.528086][ T5865] usb 1-1: Manufacturer: syz
[   89.532820][   T25] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[   89.540480][ T5865] usb 1-1: SerialNumber: syz
[   89.551159][ T5865] usb 1-1: config 0 descriptor??
[   89.569057][   T25] usb 4-1: device descriptor read/8, error -71
[   89.683049][   T25] usb usb4-port1: unable to enumerate USB device
[   89.960804][ T5865] gs_usb 1-1:0.0: Configuring for 1 interfaces
[   90.106433][ T6245] No such timeout policy "syz1"
[   90.489334][ T6248] FAULT_INJECTION: forcing a failure.
[   90.489334][ T6248] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.516589][ T6248] CPU: 0 UID: 0 PID: 6248 Comm: syz.1.101 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[   90.516611][ T6248] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   90.516620][ T6248] Call Trace:
[   90.516625][ T6248]  <TASK>
[   90.516631][ T6248]  dump_stack_lvl+0x16c/0x1f0
[   90.516654][ T6248]  should_fail_ex+0x50a/0x650
[   90.516681][ T6248]  _copy_from_user+0x2e/0xd0
[   90.516697][ T6248]  iommufd_fops_ioctl+0x302/0x4f0
[   90.516719][ T6248]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[   90.516737][ T6248]  ? __pfx_lock_release+0x10/0x10
[   90.516767][ T6248]  ? selinux_file_ioctl+0x180/0x270
[   90.516789][ T6248]  ? selinux_file_ioctl+0xb4/0x270
[   90.516811][ T6248]  ? __pfx_iommufd_fops_ioctl+0x10/0x10
[   90.516833][ T6248]  __x64_sys_ioctl+0x190/0x200
[   90.516855][ T6248]  do_syscall_64+0xcd/0x250
[   90.516875][ T6248]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.516896][ T6248] RIP: 0033:0x7fb56078cde9
[   90.516909][ T6248] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.516923][ T6248] RSP: 002b:00007fb56156c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   90.516940][ T6248] RAX: ffffffffffffffda RBX: 00007fb5609a5fa0 RCX: 00007fb56078cde9
[   90.516950][ T6248] RDX: 0000400000000880 RSI: 0000000000003ba0 RDI: 0000000000000003
[   90.516959][ T6248] RBP: 00007fb56156c090 R08: 0000000000000000 R09: 0000000000000000
[   90.516969][ T6248] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.516978][ T6248] R13: 0000000000000000 R14: 00007fb5609a5fa0 R15: 00007ffc3fda4958
[   90.516997][ T6248]  </TASK>
[   90.683968][    C0] vkms_vblank_simulate: vblank timer overrun
[   90.720687][ T6231] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.804659][ T6240] netlink: 20 bytes leftover after parsing attributes in process `syz.4.98'.
[   90.891867][ T6253] RDS: rds_bind could not find a transport for ::ffff:172.30.0.4, load rds_tcp or rds_rdma?
[   90.925327][ T6253] ptrace attach of ""[6254] was attempted by "./syz-executor exec"[6253]
[   91.194350][ T6231] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   91.231937][   T29] audit: type=1326 audit(1739696291.227:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6256 comm="syz.1.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56078cde9 code=0x7ffc0000
[   91.257224][  T971] usb 1-1: USB disconnect, device number 2
[   91.552064][   T29] audit: type=1326 audit(1739696291.237:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6256 comm="syz.1.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56078cde9 code=0x7ffc0000
[   91.611787][ T6265] loop9: detected capacity change from 0 to 6
[   91.707253][   T29] audit: type=1326 audit(1739696291.237:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6256 comm="syz.1.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=104 compat=0 ip=0x7fb56078cde9 code=0x7ffc0000
[   91.730482][    C0] vkms_vblank_simulate: vblank timer overrun
[   91.737387][   T29] audit: type=1326 audit(1739696291.237:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6256 comm="syz.1.103" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb56078cde9 code=0x7ffc0000
[   94.298958][   T29] kauditd_printk_skb: 66 callbacks suppressed
[   94.298973][   T29] audit: type=1400 audit(1739696294.317:304): avc:  denied  { block_suspend } for  pid=6331 comm="syz.2.113" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   94.571360][ T6340] netlink: 4 bytes leftover after parsing attributes in process `syz.1.114'.
[   94.731952][   T29] audit: type=1400 audit(1739696294.747:305): avc:  denied  { write } for  pid=6291 comm="syz.3.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   94.772024][   T29] audit: type=1400 audit(1739696294.747:306): avc:  denied  { connect } for  pid=6291 comm="syz.3.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   94.964974][   T29] audit: type=1400 audit(1739696294.747:307): avc:  denied  { name_connect } for  pid=6291 comm="syz.3.109" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   95.320133][   T29] audit: type=1400 audit(1739696294.937:308): avc:  denied  { shutdown } for  pid=6291 comm="syz.3.109" lport=37016 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[   95.341162][   T29] audit: type=1400 audit(1739696295.217:309): avc:  denied  { name_connect } for  pid=6291 comm="syz.3.109" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[   95.491603][   T29] audit: type=1400 audit(1739696295.507:310): avc:  denied  { setopt } for  pid=6349 comm="syz.2.116" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   96.342695][   T29] audit: type=1400 audit(1739696296.357:311): avc:  denied  { mounton } for  pid=6360 comm="syz.2.119" path="/25/bus" dev="tmpfs" ino=153 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   96.599656][   T29] audit: type=1400 audit(1739696296.487:312): avc:  denied  { setopt } for  pid=6360 comm="syz.2.119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[   96.707211][ T6372] veth1_macvtap: left promiscuous mode
[   96.713230][ T6372] macsec0: entered promiscuous mode
[   97.510473][ T6381] FAULT_INJECTION: forcing a failure.
[   97.510473][ T6381] name failslab, interval 1, probability 0, space 0, times 0
[   97.569382][ T6381] CPU: 1 UID: 0 PID: 6381 Comm: syz.1.126 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[   97.569407][ T6381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   97.569416][ T6381] Call Trace:
[   97.569421][ T6381]  <TASK>
[   97.569429][ T6381]  dump_stack_lvl+0x16c/0x1f0
[   97.569451][ T6381]  should_fail_ex+0x50a/0x650
[   97.569474][ T6381]  ? fs_reclaim_acquire+0xae/0x150
[   97.569498][ T6381]  ? kvm_arch_vcpu_ioctl+0x5d8/0x5050
[   97.569513][ T6381]  should_failslab+0xc2/0x120
[   97.569528][ T6381]  __kmalloc_cache_noprof+0x68/0x410
[   97.569549][ T6381]  ? arch_stack_walk+0xa7/0x100
[   97.569569][ T6381]  kvm_arch_vcpu_ioctl+0x5d8/0x5050
[   97.569587][ T6381]  ? hlock_class+0x4e/0x130
[   97.569602][ T6381]  ? __lock_acquire+0x15a9/0x3c40
[   97.569621][ T6381]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[   97.569641][ T6381]  ? kasan_save_track+0x14/0x30
[   97.569655][ T6381]  ? __kasan_slab_free+0x51/0x70
[   97.569670][ T6381]  ? __pfx___lock_acquire+0x10/0x10
[   97.569689][ T6381]  ? __x64_sys_ioctl+0xb7/0x200
[   97.569707][ T6381]  ? do_syscall_64+0xcd/0x250
[   97.569723][ T6381]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.569744][ T6381]  ? hlock_class+0x4e/0x130
[   97.569760][ T6381]  ? lock_acquire.part.0+0x11b/0x380
[   97.569786][ T6381]  ? __mutex_trylock_common+0xea/0x250
[   97.569809][ T6381]  ? __pfx___mutex_trylock_common+0x10/0x10
[   97.569830][ T6381]  ? kvm_vcpu_ioctl+0x27f/0x16b0
[   97.569848][ T6381]  ? rcu_is_watching+0x12/0xc0
[   97.569863][ T6381]  ? trace_contention_end+0xee/0x140
[   97.569884][ T6381]  ? __mutex_lock+0x1cc/0xb10
[   97.569900][ T6381]  ? kvm_vcpu_ioctl+0x27f/0x16b0
[   97.569916][ T6381]  ? tomoyo_path_number_perm+0x298/0x590
[   97.569935][ T6381]  ? __pfx___mutex_lock+0x10/0x10
[   97.569966][ T6381]  ? tomoyo_path_number_perm+0x190/0x590
[   97.569987][ T6381]  ? kvm_vcpu_ioctl+0x1258/0x16b0
[   97.570004][ T6381]  kvm_vcpu_ioctl+0x1258/0x16b0
[   97.570023][ T6381]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   97.570046][ T6381]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[   97.570072][ T6381]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[   97.570096][ T6381]  ? __pfx_lock_release+0x10/0x10
[   97.570125][ T6381]  ? selinux_file_ioctl+0x180/0x270
[   97.570144][ T6381]  ? selinux_file_ioctl+0xb4/0x270
[   97.570165][ T6381]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[   97.570183][ T6381]  __x64_sys_ioctl+0x190/0x200
[   97.570206][ T6381]  do_syscall_64+0xcd/0x250
[   97.570225][ T6381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.570247][ T6381] RIP: 0033:0x7fb56078cde9
[   97.570259][ T6381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.570273][ T6381] RSP: 002b:00007fb56156c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   97.570289][ T6381] RAX: ffffffffffffffda RBX: 00007fb5609a5fa0 RCX: 00007fb56078cde9
[   97.570299][ T6381] RDX: 0000400000000000 RSI: 000000008188aea6 RDI: 0000000000000005
[   97.570308][ T6381] RBP: 00007fb56156c090 R08: 0000000000000000 R09: 0000000000000000
[   97.570317][ T6381] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.570325][ T6381] R13: 0000000000000000 R14: 00007fb5609a5fa0 R15: 00007ffc3fda4958
[   97.570345][ T6381]  </TASK>
[   97.997856][   T29] audit: type=1400 audit(1739696298.017:313): avc:  denied  { bind } for  pid=6382 comm="syz.0.127" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   98.046457][ T6390] mmap: syz.3.128 (6390) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   98.438236][  T971] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[   98.581976][  T971] usb 3-1: device descriptor read/64, error -71
[   98.931895][  T971] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[   99.102991][  T971] usb 3-1: device descriptor read/64, error -71
[   99.212494][ T6410] FAULT_INJECTION: forcing a failure.
[   99.212494][ T6410] name failslab, interval 1, probability 0, space 0, times 0
[   99.225497][  T971] usb usb3-port1: attempt power cycle
[   99.239742][ T6410] CPU: 0 UID: 0 PID: 6410 Comm: syz.4.129 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[   99.239764][ T6410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[   99.239772][ T6410] Call Trace:
[   99.239777][ T6410]  <TASK>
[   99.239784][ T6410]  dump_stack_lvl+0x16c/0x1f0
[   99.239806][ T6410]  should_fail_ex+0x50a/0x650
[   99.239828][ T6410]  ? fs_reclaim_acquire+0xae/0x150
[   99.239853][ T6410]  should_failslab+0xc2/0x120
[   99.239870][ T6410]  __kmalloc_node_noprof+0xd1/0x510
[   99.239886][ T6410]  ? lock_acquire+0x2f/0xb0
[   99.239906][ T6410]  ? __might_fault+0xe3/0x190
[   99.239924][ T6410]  ? __kvmalloc_node_noprof+0xad/0x1a0
[   99.239950][ T6410]  __kvmalloc_node_noprof+0xad/0x1a0
[   99.239973][ T6410]  xt_alloc_table_info+0x3e/0xa0
[   99.239992][ T6410]  do_ip6t_set_ctl+0x5b3/0xbf0
[   99.240011][ T6410]  ? __mutex_lock+0x1cc/0xb10
[   99.240030][ T6410]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[   99.240048][ T6410]  ? __mutex_unlock_slowpath+0x164/0x6a0
[   99.240067][ T6410]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[   99.240098][ T6410]  ? nf_sockopt_find.constprop.0+0x221/0x290
[   99.240121][ T6410]  nf_setsockopt+0x8a/0xf0
[   99.240140][ T6410]  ipv6_setsockopt+0x135/0x170
[   99.240159][ T6410]  udpv6_setsockopt+0x7d/0xd0
[   99.240180][ T6410]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   99.240205][ T6410]  do_sock_setsockopt+0x222/0x480
[   99.240229][ T6410]  ? __pfx_do_sock_setsockopt+0x10/0x10
[   99.240260][ T6410]  ? lock_acquire+0x2f/0xb0
[   99.240293][ T6410]  __sys_setsockopt+0x1a0/0x230
[   99.240316][ T6410]  __x64_sys_setsockopt+0xbd/0x160
[   99.240334][ T6410]  ? do_syscall_64+0x91/0x250
[   99.240350][ T6410]  ? lockdep_hardirqs_on+0x7c/0x110
[   99.240366][ T6410]  do_syscall_64+0xcd/0x250
[   99.240383][ T6410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.240403][ T6410] RIP: 0033:0x7f0b1a58cde9
[   99.240416][ T6410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.240430][ T6410] RSP: 002b:00007f0b1b3ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   99.240446][ T6410] RAX: ffffffffffffffda RBX: 00007f0b1a7a6080 RCX: 00007f0b1a58cde9
[   99.240456][ T6410] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000007
[   99.240465][ T6410] RBP: 00007f0b1b3ee090 R08: 00000000000004a8 R09: 0000000000000000
[   99.240473][ T6410] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.240482][ T6410] R13: 0000000000000000 R14: 00007f0b1a7a6080 R15: 00007ffc3eb642c8
[   99.240503][ T6410]  </TASK>
[   99.489509][    C0] vkms_vblank_simulate: vblank timer overrun
[   99.493064][   T29] kauditd_printk_skb: 5 callbacks suppressed
[   99.493078][   T29] audit: type=1400 audit(1739696299.507:319): avc:  denied  { rename } for  pid=5175 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   99.557076][   T29] audit: type=1400 audit(1739696299.507:320): avc:  denied  { unlink } for  pid=5175 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   99.582946][   T29] audit: type=1400 audit(1739696299.517:321): avc:  denied  { create } for  pid=5175 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   99.622729][   T29] audit: type=1400 audit(1739696299.647:322): avc:  denied  { unmount } for  pid=5816 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   99.642928][ T5852] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   99.761960][  T971] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[   99.797009][  T971] usb 3-1: device descriptor read/8, error -71
[   99.804593][ T5852] usb 2-1: Using ep0 maxpacket: 32
[   99.811639][ T5852] usb 2-1: config 4 has an invalid interface number: 128 but max is 0
[   99.821530][ T5852] usb 2-1: config 4 has no interface number 0
[   99.827806][ T5852] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.839152][ T5852] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.849338][ T5852] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   99.858863][ T5852] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.878747][ T5852] hub 2-1:4.128: USB hub found
[  100.052658][   T29] audit: type=1400 audit(1739696300.077:323): avc:  denied  { create } for  pid=6428 comm="syz.4.141" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  100.074555][ T5864] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  100.742288][  T971] usb 3-1: new full-speed USB device number 12 using dummy_hcd
[  100.834427][  T971] usb 3-1: device descriptor read/8, error -71
[  100.866052][ T5864] usb 1-1: config 8 has an invalid interface number: 122 but max is 0
[  100.888401][ T5864] usb 1-1: config 8 has no interface number 0
[  100.905194][   T29] audit: type=1400 audit(1739696300.927:324): avc:  denied  { create } for  pid=6438 comm="syz.3.143" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  100.905656][ T5864] usb 1-1: config 8 interface 122 has no altsetting 0
[  100.935263][ T6439] bond_slave_1: entered promiscuous mode
[  100.945633][ T6439] bond0: (slave bond_slave_1): Releasing backup interface
[  101.052115][  T971] usb usb3-port1: unable to enumerate USB device
[  101.079770][ T5864] usb 1-1: New USB device found, idVendor=0c45, idProduct=6288, bcdDevice=8f.22
[  101.090819][ T6441] FAULT_INJECTION: forcing a failure.
[  101.090819][ T6441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.105401][ T5864] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.116674][ T5864] usb 1-1: Product: syz
[  101.118149][ T6439] netlink: 'syz.3.143': attribute type 2 has an invalid length.
[  101.121035][ T5864] usb 1-1: Manufacturer: syz
[  101.242229][ T6441] CPU: 1 UID: 0 PID: 6441 Comm: syz.2.144 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  101.242253][ T6441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  101.242261][ T6441] Call Trace:
[  101.242266][ T6441]  <TASK>
[  101.242272][ T6441]  dump_stack_lvl+0x16c/0x1f0
[  101.242295][ T6441]  should_fail_ex+0x50a/0x650
[  101.242321][ T6441]  __kvm_read_guest_page+0x16b/0x210
[  101.242343][ T6441]  kvm_fetch_guest_virt+0x128/0x1a0
[  101.242371][ T6441]  __do_insn_fetch_bytes+0x420/0x6d0
[  101.242396][ T6441]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  101.242420][ T6441]  ? kvm_tdp_mmu_map+0x90c/0x1f80
[  101.242436][ T6441]  ? kvm_handle_noslot_fault+0x442/0x800
[  101.242465][ T6441]  x86_decode_insn+0xb91/0x5530
[  101.242488][ T6441]  ? kvm_tdp_page_fault+0x295/0x3d0
[  101.242507][ T6441]  ? vmx_segment_cache_test_set+0x14b/0x400
[  101.242532][ T6441]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  101.242558][ T6441]  ? __pfx_x86_decode_insn+0x10/0x10
[  101.242577][ T6441]  ? vmx_cache_reg+0x333/0x5e0
[  101.242598][ T6441]  ? kvm_register_read_raw+0xe9/0x240
[  101.242622][ T6441]  ? init_decode_cache+0xd/0x210
[  101.242641][ T6441]  ? init_emulate_ctxt+0x338/0x510
[  101.242657][ T6441]  ? kvm_tdp_page_fault+0x45/0x3d0
[  101.242674][ T6441]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  101.242696][ T6441]  ? __pfx_kvm_mmu_do_page_fault+0x10/0x10
[  101.242713][ T6441]  ? mark_lock+0xb5/0xc60
[  101.242739][ T6441]  x86_emulate_instruction+0x9c1/0x1a90
[  101.242761][ T6441]  ? hlock_class+0x4e/0x130
[  101.242781][ T6441]  kvm_mmu_page_fault+0xb5f/0x1bd0
[  101.242807][ T6441]  ? __pfx___lock_acquire+0x10/0x10
[  101.242830][ T6441]  ? __pfx_kvm_mmu_page_fault+0x10/0x10
[  101.242847][ T6441]  ? __pfx_mark_lock+0x10/0x10
[  101.242867][ T6441]  ? clear_bhb_loop+0x35/0x90
[  101.242896][ T6441]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  101.242922][ T6441]  handle_ept_violation+0x25a/0x640
[  101.242938][ T6441]  ? __pfx_handle_ept_violation+0x10/0x10
[  101.242955][ T6441]  vmx_handle_exit+0x6a4/0x1a30
[  101.242985][ T6441]  vcpu_run+0x3047/0x4f50
[  101.243003][ T6441]  ? __pfx___mutex_trylock_common+0x10/0x10
[  101.243036][ T6441]  ? __pfx_vcpu_run+0x10/0x10
[  101.243053][ T6441]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  101.243081][ T6441]  ? rcu_is_watching+0x12/0xc0
[  101.243098][ T6441]  ? trace_lock_acquire+0x14e/0x1f0
[  101.243115][ T6441]  ? __local_bh_enable_ip+0xa4/0x120
[  101.243139][ T6441]  ? lockdep_hardirqs_on+0x7c/0x110
[  101.243155][ T6441]  ? kvm_arch_vcpu_ioctl_run+0x1a8/0x17f0
[  101.243183][ T6441]  ? kvm_arch_vcpu_ioctl_run+0x865/0x17f0
[  101.243203][ T6441]  kvm_arch_vcpu_ioctl_run+0x865/0x17f0
[  101.243229][ T6441]  kvm_vcpu_ioctl+0x5ea/0x16b0
[  101.243251][ T6441]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  101.243278][ T6441]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  101.243304][ T6441]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  101.243332][ T6441]  ? __pfx_lock_release+0x10/0x10
[  101.243365][ T6441]  ? selinux_file_ioctl+0x180/0x270
[  101.243388][ T6441]  ? selinux_file_ioctl+0xb4/0x270
[  101.243413][ T6441]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  101.243434][ T6441]  __x64_sys_ioctl+0x190/0x200
[  101.243456][ T6441]  do_syscall_64+0xcd/0x250
[  101.243477][ T6441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.243498][ T6441] RIP: 0033:0x7fceb9f8cde9
[  101.243513][ T6441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.243528][ T6441] RSP: 002b:00007fcebadd3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  101.243544][ T6441] RAX: ffffffffffffffda RBX: 00007fceba1a5fa0 RCX: 00007fceb9f8cde9
[  101.243555][ T6441] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  101.243564][ T6441] RBP: 00007fcebadd3090 R08: 0000000000000000 R09: 0000000000000000
[  101.243573][ T6441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.243582][ T6441] R13: 0000000000000000 R14: 00007fceba1a5fa0 R15: 00007ffe9c876d18
[  101.243604][ T6441]  </TASK>
[  101.456999][ T5864] usb 1-1: SerialNumber: syz
[  101.597406][ T6439] A link change request failed with some changes committed already. Interface bond_slave_1 may have been left with an inconsistent configuration, please check.
[  102.212577][ T5864] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:6288
[  102.220514][ T5864] gspca_sn9c20x: Write register 1000 failed -71
[  102.257312][ T5864] gspca_sn9c20x: Device initialization failed
[  102.293111][ T5864] gspca_sn9c20x 1-1:8.122: probe with driver gspca_sn9c20x failed with error -71
[  102.318257][ T5864] usb 1-1: USB disconnect, device number 3
[  102.336506][ T5809] udevd[5809]: setting mode of /dev/bus/usb/001/003 to 020664 failed: No such file or directory
[  102.350347][   T29] audit: type=1400 audit(1739696302.372:325): avc:  denied  { append } for  pid=6456 comm="syz.3.146" name="renderD128" dev="devtmpfs" ino=626 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  102.374960][ T6457] netlink: 'syz.3.146': attribute type 10 has an invalid length.
[  102.381923][ T5867] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  102.396926][ T5809] udevd[5809]: setting owner of /dev/bus/usb/001/003 to uid=0, gid=0 failed: No such file or directory
[  102.583832][ T5867] usb 3-1: device descriptor read/64, error -71
[  103.102903][ T5867] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  103.398671][ T5867] usb 3-1: device descriptor read/64, error -71
[  103.542375][ T5867] usb usb3-port1: attempt power cycle
[  104.066970][   T29] audit: type=1400 audit(1739696304.042:326): avc:  denied  { watch } for  pid=6467 comm="syz.0.151" path="/34/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=206 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  104.449786][ T5867] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  104.457775][    T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  104.471956][   T29] audit: type=1400 audit(1739696304.042:327): avc:  denied  { watch_sb watch_reads } for  pid=6467 comm="syz.0.151" path="/34/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="tmpfs" ino=206 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  104.519392][   T29] audit: type=1400 audit(1739696304.042:328): avc:  denied  { setopt } for  pid=6467 comm="syz.0.151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  104.598703][ T5867] usb 3-1: device descriptor read/8, error -71
[  104.636648][   T29] audit: type=1400 audit(1739696304.052:329): avc:  denied  { read } for  pid=6467 comm="syz.0.151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  104.679766][ T6482] mkiss: ax0: crc mode is auto.
[  104.685745][    T8] usb 5-1: Using ep0 maxpacket: 16
[  104.696845][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  104.712651][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.756603][    T8] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.790412][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  104.827746][    T8] usb 5-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[  104.848842][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.860755][ T5867] usb 3-1: new full-speed USB device number 16 using dummy_hcd
[  105.087537][ T6485] No such timeout policy "syz1"
[  105.164599][ T5867] usb 3-1: device descriptor read/8, error -71
[  105.222963][   T29] audit: type=1400 audit(1739696305.242:330): avc:  denied  { create } for  pid=6486 comm="syz.0.154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  105.223126][    T8] usb 5-1: config 0 descriptor??
[  105.265347][   T29] audit: type=1400 audit(1739696305.282:331): avc:  denied  { write } for  pid=6486 comm="syz.0.154" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  105.288220][ T5867] usb usb3-port1: unable to enumerate USB device
[  105.456678][   T29] audit: type=1400 audit(1739696305.472:332): avc:  denied  { bind } for  pid=6486 comm="syz.0.154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  105.537752][   T29] audit: type=1400 audit(1739696305.492:333): avc:  denied  { listen } for  pid=6486 comm="syz.0.154" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  105.624749][ T5867] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  105.903380][ T5867] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  105.917675][ T5867] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  105.948577][ T5867] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  105.961454][    T8] usbhid 5-1:0.0: can't add hid device: -71
[  105.972005][    T8] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  106.000974][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.025332][    T8] usb 5-1: USB disconnect, device number 7
[  106.040968][ T5852] hub 2-1:4.128: config failed, can't read hub descriptor (err -22)
[  106.078486][ T5867] usb 3-1: config 0 descriptor??
[  106.121531][ T5852] usb 2-1: USB disconnect, device number 2
[  106.221530][ T6499] netlink: 4 bytes leftover after parsing attributes in process `syz.1.159'.
[  106.470506][   T29] audit: type=1400 audit(1739696306.472:334): avc:  denied  { create } for  pid=6495 comm="syz.0.158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  106.623979][ T6503] sctp: [Deprecated]: syz.2.156 (pid 6503) Use of struct sctp_assoc_value in delayed_ack socket option.
[  106.623979][ T6503] Use struct sctp_sack_info instead
[  106.698051][ T6496] syz.0.158 uses obsolete (PF_INET,SOCK_PACKET)
[  106.708778][   T25] usb 3-1: USB disconnect, device number 17
[  106.730228][   T29] audit: type=1400 audit(1739696306.742:335): avc:  denied  { connect } for  pid=6500 comm="syz.3.160" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  106.751533][ T6504] fuse: Unknown parameter 'rootÿÿÿÿÿÿÿ0000000F040000'
[  107.011368][ T6514] No such timeout policy "syz1"
[  107.221703][   T29] audit: type=1400 audit(1739696307.232:336): avc:  denied  { read append } for  pid=6512 comm="syz.4.162" name="nvme-fabrics" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  107.301485][   T29] audit: type=1400 audit(1739696307.232:337): avc:  denied  { open } for  pid=6512 comm="syz.4.162" path="/dev/nvme-fabrics" dev="devtmpfs" ino=702 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  107.369961][ T6520] mkiss: ax0: crc mode is auto.
[  107.480075][ T6522] program syz.0.163 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  107.490110][ T6522] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  108.199982][ T6527] FAULT_INJECTION: forcing a failure.
[  108.199982][ T6527] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.246942][ T6527] CPU: 0 UID: 0 PID: 6527 Comm: syz.3.165 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  108.246966][ T6527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  108.246976][ T6527] Call Trace:
[  108.246981][ T6527]  <TASK>
[  108.246987][ T6527]  dump_stack_lvl+0x16c/0x1f0
[  108.247011][ T6527]  should_fail_ex+0x50a/0x650
[  108.247039][ T6527]  _copy_to_user+0x32/0xd0
[  108.247057][ T6527]  simple_read_from_buffer+0xd0/0x160
[  108.247082][ T6527]  proc_fail_nth_read+0x198/0x270
[  108.247104][ T6527]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  108.247128][ T6527]  ? rw_verify_area+0xcf/0x680
[  108.247149][ T6527]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  108.247172][ T6527]  vfs_read+0x1df/0xbf0
[  108.247196][ T6527]  ? __fget_files+0x1fc/0x3a0
[  108.247212][ T6527]  ? __pfx___mutex_lock+0x10/0x10
[  108.247231][ T6527]  ? __pfx_vfs_read+0x10/0x10
[  108.247262][ T6527]  ? __fget_files+0x206/0x3a0
[  108.247284][ T6527]  ksys_read+0x12b/0x250
[  108.247308][ T6527]  ? __pfx_ksys_read+0x10/0x10
[  108.247340][ T6527]  do_syscall_64+0xcd/0x250
[  108.247359][ T6527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.247382][ T6527] RIP: 0033:0x7fd4d7b8b7fc
[  108.247395][ T6527] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  108.247410][ T6527] RSP: 002b:00007fd4d8a94030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  108.247425][ T6527] RAX: ffffffffffffffda RBX: 00007fd4d7da5fa0 RCX: 00007fd4d7b8b7fc
[  108.247436][ T6527] RDX: 000000000000000f RSI: 00007fd4d8a940a0 RDI: 0000000000000005
[  108.247445][ T6527] RBP: 00007fd4d8a94090 R08: 0000000000000000 R09: 0000000000000000
[  108.247454][ T6527] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000001
[  108.247463][ T6527] R13: 0000000000000000 R14: 00007fd4d7da5fa0 R15: 00007ffe1ef6fb48
[  108.247485][ T6527]  </TASK>
[  108.940751][ T6541] netlink: 16 bytes leftover after parsing attributes in process `syz.4.170'.
[  109.973196][ T6550] netlink: 'syz.4.171': attribute type 11 has an invalid length.
[  110.226368][   T29] kauditd_printk_skb: 6 callbacks suppressed
[  110.226383][   T29] audit: type=1400 audit(1739696310.242:344): avc:  denied  { listen } for  pid=6553 comm="syz.2.173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  110.251762][    C1] vkms_vblank_simulate: vblank timer overrun
[  110.282769][   T25] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  110.300532][   T29] audit: type=1400 audit(1739696310.272:345): avc:  denied  { accept } for  pid=6553 comm="syz.2.173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  110.319761][    C1] vkms_vblank_simulate: vblank timer overrun
[  110.354589][ T6551] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  110.402774][   T29] audit: type=1400 audit(1739696310.312:346): avc:  denied  { create } for  pid=6553 comm="syz.2.173" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  110.433752][   T29] audit: type=1400 audit(1739696310.312:347): avc:  denied  { write } for  pid=6553 comm="syz.2.173" path="socket:[10858]" dev="sockfs" ino=10858 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  110.456979][    C1] vkms_vblank_simulate: vblank timer overrun
[  110.483426][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.496644][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.508066][ T6560] block device autoloading is deprecated and will be removed.
[  110.521077][   T25] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  110.530397][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.571674][ T6560] syz.3.175: attempt to access beyond end of device
[  110.571674][ T6560] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  110.598032][   T25] usb 5-1: config 0 descriptor??
[  111.057227][   T25] usbhid 5-1:0.0: can't add hid device: -71
[  111.063951][   T25] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  111.084706][   T25] usb 5-1: USB disconnect, device number 8
[  111.288048][ T6572] FAULT_INJECTION: forcing a failure.
[  111.288048][ T6572] name failslab, interval 1, probability 0, space 0, times 0
[  111.405546][ T6572] CPU: 0 UID: 0 PID: 6572 Comm: syz.1.179 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  111.405573][ T6572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  111.405583][ T6572] Call Trace:
[  111.405589][ T6572]  <TASK>
[  111.405597][ T6572]  dump_stack_lvl+0x16c/0x1f0
[  111.405621][ T6572]  should_fail_ex+0x50a/0x650
[  111.405646][ T6572]  ? fs_reclaim_acquire+0xae/0x150
[  111.405671][ T6572]  should_failslab+0xc2/0x120
[  111.405691][ T6572]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  111.405709][ T6572]  ? alloc_empty_file+0x73/0x1e0
[  111.405733][ T6572]  alloc_empty_file+0x73/0x1e0
[  111.405753][ T6572]  path_openat+0xe1/0x2d80
[  111.405767][ T6572]  ? hlock_class+0x4e/0x130
[  111.405785][ T6572]  ? __lock_acquire+0x15a9/0x3c40
[  111.405817][ T6572]  ? __pfx_path_openat+0x10/0x10
[  111.405833][ T6572]  ? __pfx___lock_acquire+0x10/0x10
[  111.405853][ T6572]  ? lock_acquire.part.0+0x11b/0x380
[  111.405875][ T6572]  ? find_held_lock+0x2d/0x110
[  111.405895][ T6572]  do_filp_open+0x20c/0x470
[  111.405911][ T6572]  ? __pfx_do_filp_open+0x10/0x10
[  111.405925][ T6572]  ? find_held_lock+0x2d/0x110
[  111.405959][ T6572]  ? alloc_fd+0x41f/0x760
[  111.405981][ T6572]  do_sys_openat2+0x17a/0x1e0
[  111.406002][ T6572]  ? __pfx_do_sys_openat2+0x10/0x10
[  111.406023][ T6572]  ? find_held_lock+0x2d/0x110
[  111.406046][ T6572]  __x64_sys_openat+0x175/0x210
[  111.406067][ T6572]  ? __pfx___x64_sys_openat+0x10/0x10
[  111.406092][ T6572]  ? rcu_is_watching+0x12/0xc0
[  111.406118][ T6572]  do_syscall_64+0xcd/0x250
[  111.406139][ T6572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.406162][ T6572] RIP: 0033:0x7fb56078b750
[  111.406176][ T6572] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  111.406191][ T6572] RSP: 002b:00007fb56156bf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  111.406207][ T6572] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fb56078b750
[  111.406217][ T6572] RDX: 0000000000000002 RSI: 00007fb56156bfa0 RDI: 00000000ffffff9c
[  111.406226][ T6572] RBP: 00007fb56156bfa0 R08: 0000000000000000 R09: 0000000000000000
[  111.406235][ T6572] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  111.406244][ T6572] R13: 0000000000000000 R14: 00007fb5609a5fa0 R15: 00007ffc3fda4958
[  111.406264][ T6572]  </TASK>
[  112.564159][   T29] audit: type=1400 audit(1739696312.582:348): avc:  denied  { read write } for  pid=6585 comm="syz.0.182" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  112.607810][   T29] audit: type=1400 audit(1739696312.582:349): avc:  denied  { open } for  pid=6585 comm="syz.0.182" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  112.770297][ T5852] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  112.880805][ T6593] netlink: 16 bytes leftover after parsing attributes in process `syz.2.184'.
[  113.102149][ T5852] usb 5-1: Using ep0 maxpacket: 8
[  113.160468][ T5852] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  113.170419][ T5852] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  113.184750][ T5852] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  113.195271][ T5852] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  113.231800][ T5852] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  113.266201][ T5852] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.278135][   T29] audit: type=1400 audit(1739696313.292:350): avc:  denied  { watch_sb } for  pid=6596 comm="syz.0.185" path="/43" dev="tmpfs" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  113.278793][ T6598] overlayfs: overlapping lowerdir path
[  113.384810][   T29] audit: type=1400 audit(1739696313.342:351): avc:  denied  { read write } for  pid=6597 comm="syz.3.186" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  113.409922][ T6599] Driver unsupported XDP return value 0 on prog  (id 102) dev N/A, expect packet loss!
[  113.484007][   T29] audit: type=1400 audit(1739696313.342:352): avc:  denied  { open } for  pid=6597 comm="syz.3.186" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  113.542248][   T29] audit: type=1400 audit(1739696313.342:353): avc:  denied  { ioctl } for  pid=6597 comm="syz.3.186" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x301 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  113.566757][ T5852] usb 5-1: GET_CAPABILITIES returned 0
[  113.586405][ T5852] usbtmc 5-1:16.0: can't read capabilities
[  113.667391][ T6604] No such timeout policy "syz1"
[  113.706158][ T5909] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  113.933716][ T5909] usb 1-1: Using ep0 maxpacket: 8
[  113.941709][ T5909] usb 1-1: config 1 interface 0 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1023
[  113.941891][ T5909] usb 1-1: config 1 interface 0 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  113.941957][ T5909] usb 1-1: config 1 interface 0 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  113.942025][ T5909] usb 1-1: config 1 interface 0 has no altsetting 0
[  113.946632][ T5909] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  113.946657][ T5909] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.946674][ T5909] usb 1-1: Product: syz
[  113.946686][ T5909] usb 1-1: Manufacturer: syz
[  113.946698][ T5909] usb 1-1: SerialNumber: syz
[  113.948767][ T6598] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  113.959738][ T5852] usb 5-1: USB disconnect, device number 9
[  114.038233][ T6598] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  114.145709][ T6606] syz.2.189: attempt to access beyond end of device
[  114.145709][ T6606] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  114.998928][ T5909] usb 1-1: bad CDC descriptors
[  115.018673][ T5909] usb 1-1: USB disconnect, device number 4
[  115.238887][   T29] audit: type=1400 audit(1739696315.252:354): avc:  denied  { connect } for  pid=6618 comm="syz.2.193" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  115.285305][   T29] audit: type=1400 audit(1739696315.252:355): avc:  denied  { read } for  pid=6618 comm="syz.2.193" path="socket:[11555]" dev="sockfs" ino=11555 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  115.344684][   T29] audit: type=1400 audit(1739696315.252:356): avc:  denied  { write } for  pid=6618 comm="syz.2.193" path="socket:[11555]" dev="sockfs" ino=11555 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  115.551535][   T29] audit: type=1400 audit(1739696315.542:357): avc:  denied  { setopt } for  pid=6623 comm="syz.2.194" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  115.570796][    C1] vkms_vblank_simulate: vblank timer overrun
[  115.705851][   T29] audit: type=1400 audit(1739696315.722:358): avc:  denied  { connect } for  pid=6628 comm="syz.2.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  115.771872][   T29] audit: type=1400 audit(1739696315.722:359): avc:  denied  { write } for  pid=6628 comm="syz.2.195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  115.855977][   T29] audit: type=1400 audit(1739696315.822:360): avc:  denied  { execute } for  pid=6629 comm="syz.4.196" name="file1" dev="tmpfs" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  115.931950][   T25] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  115.944790][   T29] audit: type=1400 audit(1739696315.822:361): avc:  denied  { execute_no_trans } for  pid=6629 comm="syz.4.196" path="/39/bus/file1" dev="overlay" ino=236 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  116.131972][   T25] usb 1-1: Using ep0 maxpacket: 8
[  116.140022][   T25] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=99.03
[  116.153994][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.167267][   T25] usb 1-1: Product: syz
[  116.171540][   T25] usb 1-1: Manufacturer: syz
[  116.178165][   T25] usb 1-1: SerialNumber: syz
[  116.193538][   T25] usb 1-1: config 0 descriptor??
[  116.210533][   T25] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state.
[  116.222782][   T25] dvb-usb: bulk message failed: -22 (2/0)
[  116.228645][   T25] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  116.238564][   T25] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver)
[  116.252828][   T25] usb 1-1: media controller created
[  116.271716][   T25] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  116.289485][   T25] dvb-usb: bulk message failed: -22 (1/0)
[  116.298889][   T25] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver'
[  116.311450][   T25] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input6
[  116.329505][   T25] dvb-usb: schedule remote query interval to 50 msecs.
[  116.344052][   T25] dvb-usb: bulk message failed: -22 (2/0)
[  116.350066][   T25] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected.
[  116.403161][   T25] dvb-usb: bulk message failed: -22 (1/0)
[  116.440385][   T25] dvb-usb: error while querying for an remote control event.
[  116.562589][   T25] dvb-usb: bulk message failed: -22 (1/0)
[  117.134891][   T25] dvb-usb: error while querying for an remote control event.
[  117.211920][ T5909] dvb-usb: bulk message failed: -22 (1/0)
[  117.264182][ T5909] dvb-usb: error while querying for an remote control event.
[  117.347009][ T6646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  117.362233][ T6646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  117.422106][ T5909] dvb-usb: bulk message failed: -22 (1/0)
[  117.494541][ T5909] dvb-usb: error while querying for an remote control event.
[  117.671965][ T5909] dvb-usb: bulk message failed: -22 (1/0)
[  117.677744][ T5909] dvb-usb: error while querying for an remote control event.
[  117.696469][ T6627] netlink: 'syz.0.197': attribute type 1 has an invalid length.
[  117.704252][ T6627] netlink: 240 bytes leftover after parsing attributes in process `syz.0.197'.
[  117.820435][ T5909] dvb-usb: bulk message failed: -22 (1/0)
[  117.830142][ T5909] dvb-usb: error while querying for an remote control event.
[  117.840869][  T971] usb 1-1: USB disconnect, device number 5
[  118.474887][   T29] audit: type=1400 audit(1739696318.482:362): avc:  denied  { mount } for  pid=6650 comm="syz.3.203" name="/" dev="autofs" ino=11109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[  118.476505][ T6655] netlink: 24 bytes leftover after parsing attributes in process `syz.3.203'.
[  118.758389][  T971] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected.
[  118.798561][ T6660] netlink: 'syz.1.205': attribute type 1 has an invalid length.
[  118.943458][ T6662] netlink: 12 bytes leftover after parsing attributes in process `syz.1.205'.
[  119.124429][ T6669] netlink: 4 bytes leftover after parsing attributes in process `syz.2.206'.
[  119.381910][  T971] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  119.571940][  T971] usb 1-1: Using ep0 maxpacket: 8
[  119.608530][  T971] usb 1-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=99.03
[  119.651973][  T971] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.660064][  T971] usb 1-1: Product: syz
[  119.681895][  T971] usb 1-1: Manufacturer: syz
[  119.686623][  T971] usb 1-1: SerialNumber: syz
[  119.690705][ T6677] netlink: 'syz.4.210': attribute type 1 has an invalid length.
[  119.718891][  T971] usb 1-1: config 0 descriptor??
[  119.875199][  T971] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state.
[  120.207477][ T5909] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  120.464205][ T6685] veth1_macvtap: left promiscuous mode
[  120.470339][ T6685] macsec0: entered promiscuous mode
[  120.562031][ T5909] usb 2-1: Using ep0 maxpacket: 16
[  120.591623][ T6677] netlink: 12 bytes leftover after parsing attributes in process `syz.4.210'.
[  120.600643][  T971] dvb-usb: bulk message failed: -22 (2/0)
[  120.602798][ T6684] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  120.616702][  T971] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  120.636680][  T971] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver)
[  120.652087][ T5909] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  120.674036][  T971] usb 1-1: media controller created
[  120.682548][ T6684] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  120.711644][ T5909] usb 2-1: config 0 has no interfaces?
[  120.716401][  T971] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  120.725640][ T5909] usb 2-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  120.781337][ T5909] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.805854][  T971] dvb-usb: bulk message failed: -22 (1/0)
[  120.821314][  T971] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver'
[  120.848657][ T6666] netlink: 'syz.0.207': attribute type 1 has an invalid length.
[  120.856530][ T6666] netlink: 240 bytes leftover after parsing attributes in process `syz.0.207'.
[  120.872410][ T5909] usb 2-1: config 0 descriptor??
[  120.889599][  T971] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input7
[  120.901940][   T29] audit: type=1400 audit(1739696320.892:363): avc:  denied  { ioctl } for  pid=6665 comm="syz.0.207" path="socket:[11151]" dev="sockfs" ino=11151 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  120.927117][    C0] vkms_vblank_simulate: vblank timer overrun
[  120.934284][ T6688] FAULT_INJECTION: forcing a failure.
[  120.934284][ T6688] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  120.965507][ T6688] CPU: 0 UID: 0 PID: 6688 Comm: syz.4.212 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  120.965532][ T6688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  120.965541][ T6688] Call Trace:
[  120.965546][ T6688]  <TASK>
[  120.965552][ T6688]  dump_stack_lvl+0x16c/0x1f0
[  120.965577][ T6688]  should_fail_ex+0x50a/0x650
[  120.965605][ T6688]  _copy_to_user+0x32/0xd0
[  120.965623][ T6688]  snd_pcm_oss_read2+0x292/0x3e0
[  120.965642][ T6688]  ? __pfx_snd_pcm_oss_read2+0x10/0x10
[  120.965658][ T6688]  ? snd_pcm_kernel_ioctl+0x267/0x2e0
[  120.965683][ T6688]  snd_pcm_oss_read+0x5a3/0x750
[  120.965701][ T6688]  ? rw_verify_area+0xcf/0x680
[  120.965723][ T6688]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  120.965740][ T6688]  vfs_read+0x1df/0xbf0
[  120.965765][ T6688]  ? __fget_files+0x1fc/0x3a0
[  120.965780][ T6688]  ? __pfx_lock_release+0x10/0x10
[  120.965802][ T6688]  ? __pfx_vfs_read+0x10/0x10
[  120.965827][ T6688]  ? lock_acquire+0x2f/0xb0
[  120.965847][ T6688]  ? __fget_files+0x40/0x3a0
[  120.965863][ T6688]  ? __fget_files+0x206/0x3a0
[  120.965885][ T6688]  ksys_read+0x12b/0x250
[  120.965908][ T6688]  ? __pfx_ksys_read+0x10/0x10
[  120.965938][ T6688]  do_syscall_64+0xcd/0x250
[  120.965959][ T6688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.965982][ T6688] RIP: 0033:0x7f0b1a58cde9
[  120.965994][ T6688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.966009][ T6688] RSP: 002b:00007f0b1b40f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  120.966026][ T6688] RAX: ffffffffffffffda RBX: 00007f0b1a7a5fa0 RCX: 00007f0b1a58cde9
[  120.966036][ T6688] RDX: 0000000000002020 RSI: 0000400000000a00 RDI: 0000000000000005
[  120.966045][ T6688] RBP: 00007f0b1b40f090 R08: 0000000000000000 R09: 0000000000000000
[  120.966055][ T6688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  120.966064][ T6688] R13: 0000000000000000 R14: 00007f0b1a7a5fa0 R15: 00007ffc3eb642c8
[  120.966086][ T6688]  </TASK>
[  121.169187][    C0] vkms_vblank_simulate: vblank timer overrun
[  121.189297][ T6674] FAULT_INJECTION: forcing a failure.
[  121.189297][ T6674] name failslab, interval 1, probability 0, space 0, times 0
[  121.218437][  T971] dvb-usb: schedule remote query interval to 50 msecs.
[  121.225607][  T971] dvb-usb: bulk message failed: -22 (2/0)
[  121.231872][  T971] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected.
[  121.244468][ T6674] CPU: 0 UID: 0 PID: 6674 Comm: syz.1.209 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  121.244492][ T6674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  121.244500][ T6674] Call Trace:
[  121.244505][ T6674]  <TASK>
[  121.244511][ T6674]  dump_stack_lvl+0x16c/0x1f0
[  121.244533][ T6674]  should_fail_ex+0x50a/0x650
[  121.244555][ T6674]  ? fs_reclaim_acquire+0xae/0x150
[  121.244577][ T6674]  should_failslab+0xc2/0x120
[  121.244593][ T6674]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  121.244608][ T6674]  ? alloc_empty_file+0x73/0x1e0
[  121.244629][ T6674]  alloc_empty_file+0x73/0x1e0
[  121.244648][ T6674]  path_openat+0xe1/0x2d80
[  121.244660][ T6674]  ? hlock_class+0x4e/0x130
[  121.244677][ T6674]  ? __lock_acquire+0x15a9/0x3c40
[  121.244707][ T6674]  ? __pfx_path_openat+0x10/0x10
[  121.244721][ T6674]  ? __pfx___lock_acquire+0x10/0x10
[  121.244741][ T6674]  ? lock_acquire.part.0+0x11b/0x380
[  121.244762][ T6674]  ? find_held_lock+0x2d/0x110
[  121.244782][ T6674]  do_filp_open+0x20c/0x470
[  121.244796][ T6674]  ? __pfx_do_filp_open+0x10/0x10
[  121.244808][ T6674]  ? find_held_lock+0x2d/0x110
[  121.244837][ T6674]  ? alloc_fd+0x41f/0x760
[  121.244855][ T6674]  do_sys_openat2+0x17a/0x1e0
[  121.244874][ T6674]  ? __pfx_do_sys_openat2+0x10/0x10
[  121.244893][ T6674]  ? __fget_files+0x206/0x3a0
[  121.244909][ T6674]  __x64_sys_openat+0x175/0x210
[  121.244928][ T6674]  ? __pfx___x64_sys_openat+0x10/0x10
[  121.244946][ T6674]  ? ksys_write+0x1ba/0x250
[  121.244975][ T6674]  do_syscall_64+0xcd/0x250
[  121.244992][ T6674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.245012][ T6674] RIP: 0033:0x7fb56078cde9
[  121.245024][ T6674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.245037][ T6674] RSP: 002b:00007fb56154b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  121.245051][ T6674] RAX: ffffffffffffffda RBX: 00007fb5609a6080 RCX: 00007fb56078cde9
[  121.245067][ T6674] RDX: 0000000000149882 RSI: 0000400000000600 RDI: ffffffffffffff9c
[  121.245076][ T6674] RBP: 00007fb56154b090 R08: 0000000000000000 R09: 0000000000000000
[  121.245085][ T6674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.245093][ T6674] R13: 0000000000000000 R14: 00007fb5609a6080 R15: 00007ffc3fda4958
[  121.245115][ T6674]  </TASK>
[  121.254190][   T29] audit: type=1400 audit(1739696321.272:364): avc:  denied  { ioctl } for  pid=6672 comm="syz.1.209" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  121.268816][  T971] usb 1-1: USB disconnect, device number 6
[  121.513001][    C0] vkms_vblank_simulate: vblank timer overrun
[  121.572922][ T5867] dvb-usb: bulk message failed: -22 (1/0)
[  121.774043][ T5867] dvb-usb: error while querying for an remote control event.
[  121.943238][ T5852] dvb-usb: bulk message failed: -22 (1/0)
[  121.950682][ T5852] dvb-usb: error while querying for an remote control event.
[  121.983753][  T971] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected.
[  122.000639][ T6699] FAULT_INJECTION: forcing a failure.
[  122.000639][ T6699] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  122.003187][   T29] audit: type=1400 audit(1739696321.962:365): avc:  denied  { bind } for  pid=6695 comm="syz.4.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  122.037231][   T29] audit: type=1400 audit(1739696321.962:366): avc:  denied  { listen } for  pid=6695 comm="syz.4.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  122.047008][ T6699] CPU: 0 UID: 0 PID: 6699 Comm: syz.4.215 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  122.047030][ T6699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  122.047038][ T6699] Call Trace:
[  122.047042][ T6699]  <TASK>
[  122.047048][ T6699]  dump_stack_lvl+0x16c/0x1f0
[  122.047069][ T6699]  should_fail_ex+0x50a/0x650
[  122.047102][ T6699]  _copy_from_user+0x2e/0xd0
[  122.047116][ T6699]  copy_msghdr_from_user+0x99/0x160
[  122.047134][ T6699]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  122.047150][ T6699]  ? __lock_acquire+0xcc5/0x3c40
[  122.047178][ T6699]  ___sys_sendmsg+0xff/0x1e0
[  122.047197][ T6699]  ? __pfx____sys_sendmsg+0x10/0x10
[  122.047222][ T6699]  ? trace_lock_acquire+0x14e/0x1f0
[  122.047252][ T6699]  __sys_sendmmsg+0x201/0x420
[  122.047271][ T6699]  ? __pfx___sys_sendmmsg+0x10/0x10
[  122.047295][ T6699]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  122.047319][ T6699]  ? fput+0x67/0x440
[  122.047336][ T6699]  ? ksys_write+0x1ba/0x250
[  122.047356][ T6699]  ? __pfx_ksys_write+0x10/0x10
[  122.047380][ T6699]  __x64_sys_sendmmsg+0x9c/0x100
[  122.047397][ T6699]  ? lockdep_hardirqs_on+0x7c/0x110
[  122.047412][ T6699]  do_syscall_64+0xcd/0x250
[  122.047429][ T6699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.047448][ T6699] RIP: 0033:0x7f0b1a58cde9
[  122.047460][ T6699] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  122.047473][ T6699] RSP: 002b:00007f0b1b40f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  122.047487][ T6699] RAX: ffffffffffffffda RBX: 00007f0b1a7a5fa0 RCX: 00007f0b1a58cde9
[  122.047496][ T6699] RDX: 0000000000000001 RSI: 0000400000000100 RDI: 0000000000000004
[  122.047504][ T6699] RBP: 00007f0b1b40f090 R08: 0000000000000000 R09: 0000000000000000
[  122.047513][ T6699] R10: 0000000024008094 R11: 0000000000000246 R12: 0000000000000001
[  122.047521][ T6699] R13: 0000000000000000 R14: 00007f0b1a7a5fa0 R15: 00007ffc3eb642c8
[  122.047539][ T6699]  </TASK>
[  122.257169][   T29] audit: type=1400 audit(1739696321.962:367): avc:  denied  { connect } for  pid=6695 comm="syz.4.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  122.289135][   T29] audit: type=1400 audit(1739696322.012:368): avc:  denied  { write } for  pid=6695 comm="syz.4.215" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  122.417947][   T29] audit: type=1400 audit(1739696322.422:369): avc:  denied  { getopt } for  pid=6702 comm="syz.2.217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  122.418034][   T29] audit: type=1400 audit(1739696322.422:370): avc:  denied  { setopt } for  pid=6702 comm="syz.2.217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  122.418065][   T29] audit: type=1400 audit(1739696322.422:371): avc:  denied  { write } for  pid=6702 comm="syz.2.217" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  122.611295][  T117] usb 2-1: USB disconnect, device number 3
[  123.683293][ T6711] FAULT_INJECTION: forcing a failure.
[  123.683293][ T6711] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.701961][ T6711] CPU: 1 UID: 0 PID: 6711 Comm: syz.3.218 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  123.701988][ T6711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  123.701999][ T6711] Call Trace:
[  123.702004][ T6711]  <TASK>
[  123.702011][ T6711]  dump_stack_lvl+0x16c/0x1f0
[  123.702037][ T6711]  should_fail_ex+0x50a/0x650
[  123.702071][ T6711]  _copy_from_user+0x2e/0xd0
[  123.702087][ T6711]  __tun_chr_ioctl+0x2d2/0x4760
[  123.702109][ T6711]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  123.702140][ T6711]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  123.702172][ T6711]  ? selinux_file_ioctl+0x180/0x270
[  123.702194][ T6711]  ? selinux_file_ioctl+0xb4/0x270
[  123.702219][ T6711]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  123.702242][ T6711]  __x64_sys_ioctl+0x190/0x200
[  123.702267][ T6711]  do_syscall_64+0xcd/0x250
[  123.702287][ T6711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.702311][ T6711] RIP: 0033:0x7fd4d7b8cde9
[  123.702325][ T6711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.702341][ T6711] RSP: 002b:00007fd4d8a94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  123.702358][ T6711] RAX: ffffffffffffffda RBX: 00007fd4d7da5fa0 RCX: 00007fd4d7b8cde9
[  123.702369][ T6711] RDX: 0000400000000100 RSI: 00000000400454d9 RDI: 0000000000000005
[  123.702379][ T6711] RBP: 00007fd4d8a94090 R08: 0000000000000000 R09: 0000000000000000
[  123.702389][ T6711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.702399][ T6711] R13: 0000000000000000 R14: 00007fd4d7da5fa0 R15: 00007ffe1ef6fb48
[  123.702421][ T6711]  </TASK>
[  123.983267][ T6719] trusted_key: encrypted_key: insufficient parameters specified
[  124.018716][   T29] audit: type=1400 audit(1739696323.948:372): avc:  denied  { setopt } for  pid=6718 comm="syz.4.222" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  124.089536][ T6721] bond0: entered promiscuous mode
[  124.102152][ T6721] bond_slave_0: entered promiscuous mode
[  124.111628][ T6723] Bluetooth: MGMT ver 1.23
[  124.496463][ T6733] FAULT_INJECTION: forcing a failure.
[  124.496463][ T6733] name failslab, interval 1, probability 0, space 0, times 0
[  124.509144][ T6733] CPU: 1 UID: 0 PID: 6733 Comm: syz.3.228 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  124.509164][ T6733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  124.509174][ T6733] Call Trace:
[  124.509179][ T6733]  <TASK>
[  124.509184][ T6733]  dump_stack_lvl+0x16c/0x1f0
[  124.509206][ T6733]  should_fail_ex+0x50a/0x650
[  124.509228][ T6733]  ? fs_reclaim_acquire+0xae/0x150
[  124.509251][ T6733]  ? __do_sys_fanotify_init+0x4b3/0xb50
[  124.509269][ T6733]  should_failslab+0xc2/0x120
[  124.509286][ T6733]  __kmalloc_cache_noprof+0x68/0x410
[  124.509311][ T6733]  ? kasan_save_track+0x14/0x30
[  124.509327][ T6733]  __do_sys_fanotify_init+0x4b3/0xb50
[  124.509349][ T6733]  do_syscall_64+0xcd/0x250
[  124.509366][ T6733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.509388][ T6733] RIP: 0033:0x7fd4d7b8cde9
[  124.509399][ T6733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.509414][ T6733] RSP: 002b:00007fd4d8a94038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c
[  124.509429][ T6733] RAX: ffffffffffffffda RBX: 00007fd4d7da5fa0 RCX: 00007fd4d7b8cde9
[  124.509439][ T6733] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000f00
[  124.509448][ T6733] RBP: 00007fd4d8a94090 R08: 0000000000000000 R09: 0000000000000000
[  124.509457][ T6733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.509465][ T6733] R13: 0000000000000000 R14: 00007fd4d7da5fa0 R15: 00007ffe1ef6fb48
[  124.509485][ T6733]  </TASK>
[  125.039443][  T117] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  125.110968][ T6733] netlink: 16 bytes leftover after parsing attributes in process `syz.3.228'.
[  125.370226][  T117] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  125.380527][  T117] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  125.391636][  T117] usb 3-1: config 1 has no interface number 0
[  125.397787][  T117] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  125.413039][  T117] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  125.422683][  T117] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.624132][  T117] usb 3-1: Product: syz
[  125.628438][  T117] usb 3-1: Manufacturer: syz
[  125.633997][  T117] usb 3-1: SerialNumber: syz
[  126.135618][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  126.135634][   T29] audit: type=1400 audit(1739696326.147:375): avc:  denied  { search } for  pid=5175 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  126.144126][  T117] cdc_ncm 3-1:1.1: NCM or ECM functional descriptors missing
[  126.262239][ T6758] veth0_vlan: entered allmulticast mode
[  126.277266][ T6758] veth0_vlan: left promiscuous mode
[  126.283774][ T6758] veth0_vlan: entered promiscuous mode
[  126.337199][  T117] cdc_ncm 3-1:1.1: bind() failure
[  126.383544][  T117] usb 3-1: USB disconnect, device number 18
[  126.462787][   T29] audit: type=1400 audit(1739696326.367:376): avc:  denied  { create } for  pid=6715 comm="syz.2.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  127.140086][   T29] audit: type=1400 audit(1739696327.157:377): avc:  denied  { getopt } for  pid=6774 comm="syz.0.240" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  127.159494][    C1] vkms_vblank_simulate: vblank timer overrun
[  127.293209][   T29] audit: type=1326 audit(1739696327.317:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6778 comm="syz.2.242" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fceb9f8cde9 code=0x0
[  127.322025][ T5852] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  127.441892][  T117] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  127.493397][ T5852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.504741][ T5852] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.517709][ T5852] usb 4-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  127.541659][ T5852] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.552728][ T5852] usb 4-1: config 0 descriptor??
[  127.598853][  T117] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  127.609344][  T117] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  127.622445][  T117] usb 1-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  127.631555][  T117] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.649909][  T117] usb 1-1: config 0 descriptor??
[  127.684321][  T117] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  128.450088][ T6785] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.467461][ T6785] batman_adv: batadv0: Removing interface: batadv_slave_0
[  128.481616][ T6785] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.507884][ T6785] batman_adv: batadv0: Removing interface: batadv_slave_1
[  128.663921][ T6792] SELinux: syz.1.246 (6792) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  128.723711][   T25] usb 1-1: USB disconnect, device number 7
[  128.762054][ T5909] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  128.961648][ T5909] usb 3-1: Using ep0 maxpacket: 32
[  129.050046][ T6796] SELinux: syz.1.247 (6796) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  129.064808][ T5909] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.115827][ T5909] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.166086][ T5909] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  129.189862][ T5909] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.216842][ T5909] usb 3-1: config 0 descriptor??
[  129.230547][ T5909] hub 3-1:0.0: USB hub found
[  129.262273][ T6798] FAULT_INJECTION: forcing a failure.
[  129.262273][ T6798] name failslab, interval 1, probability 0, space 0, times 0
[  129.286602][ T6798] CPU: 0 UID: 0 PID: 6798 Comm: syz.1.248 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  129.286629][ T6798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  129.286637][ T6798] Call Trace:
[  129.286642][ T6798]  <TASK>
[  129.286648][ T6798]  dump_stack_lvl+0x16c/0x1f0
[  129.286671][ T6798]  should_fail_ex+0x50a/0x650
[  129.286699][ T6798]  ? fs_reclaim_acquire+0xae/0x150
[  129.286724][ T6798]  should_failslab+0xc2/0x120
[  129.286743][ T6798]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  129.286781][ T6798]  ? __alloc_skb+0x2b1/0x380
[  129.286801][ T6798]  ? __pfx_mark_lock+0x10/0x10
[  129.286826][ T6798]  __alloc_skb+0x2b1/0x380
[  129.286845][ T6798]  ? __pfx___alloc_skb+0x10/0x10
[  129.286864][ T6798]  ? find_held_lock+0x2d/0x110
[  129.286884][ T6798]  ? __might_fault+0x13b/0x190
[  129.286905][ T6798]  alloc_skb_with_frags+0xe4/0x850
[  129.286929][ T6798]  ? __might_fault+0xe3/0x190
[  129.286949][ T6798]  sock_alloc_send_pskb+0x7f1/0x980
[  129.286969][ T6798]  ? _copy_from_iter+0x15e/0x1560
[  129.287000][ T6798]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  129.287017][ T6798]  ? __lock_acquire+0xcc5/0x3c40
[  129.287039][ T6798]  ? hlock_class+0x4e/0x130
[  129.287055][ T6798]  ? __lock_acquire+0xcc5/0x3c40
[  129.287075][ T6798]  ? iov_iter_advance+0x7d/0x6c0
[  129.287103][ T6798]  tun_get_user+0xd3b/0x3e50
[  129.287135][ T6798]  ? __pfx_tun_get_user+0x10/0x10
[  129.287158][ T6798]  ? find_held_lock+0x2d/0x110
[  129.287179][ T6798]  ? __pfx_lock_release+0x10/0x10
[  129.287211][ T6798]  tun_chr_write_iter+0xdc/0x210
[  129.287236][ T6798]  vfs_write+0x5ae/0x1150
[  129.287260][ T6798]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  129.287286][ T6798]  ? __pfx_vfs_write+0x10/0x10
[  129.287311][ T6798]  ? __fget_files+0x40/0x3a0
[  129.287337][ T6798]  ksys_write+0x12b/0x250
[  129.287360][ T6798]  ? __pfx_ksys_write+0x10/0x10
[  129.287385][ T6798]  do_syscall_64+0xcd/0x250
[  129.287400][ T6798]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.287417][ T6798] RIP: 0033:0x7fb56078cde9
[  129.287428][ T6798] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.287440][ T6798] RSP: 002b:00007fb56156c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  129.287453][ T6798] RAX: ffffffffffffffda RBX: 00007fb5609a5fa0 RCX: 00007fb56078cde9
[  129.287462][ T6798] RDX: 000000000000fdef RSI: 0000400000000240 RDI: 0000000000000003
[  129.287471][ T6798] RBP: 00007fb56156c090 R08: 0000000000000000 R09: 0000000000000000
[  129.287479][ T6798] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.287486][ T6798] R13: 0000000000000000 R14: 00007fb5609a5fa0 R15: 00007ffc3fda4958
[  129.287502][ T6798]  </TASK>
[  129.666942][ T6802] No such timeout policy "syz1"
[  130.005364][ T5852] usbhid 4-1:0.0: can't add hid device: -71
[  130.012193][ T5852] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  130.022488][ T5852] usb 4-1: USB disconnect, device number 14
[  130.058749][ T5909] hub 3-1:0.0: 1 port detected
[  130.500505][ T5909] hub 3-1:0.0: hub_hub_status failed (err = -71)
[  130.532908][ T5909] hub 3-1:0.0: config failed, can't get hub status (err -71)
[  130.568121][ T5909] usbhid 3-1:0.0: can't add hid device: -71
[  130.587304][   T29] audit: type=1400 audit(1739696330.587:379): avc:  denied  { mount } for  pid=6809 comm="syz.1.251" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  130.640506][ T5909] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  130.731023][   T29] audit: type=1400 audit(1739696330.597:380): avc:  denied  { write } for  pid=6809 comm="syz.1.251" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  130.755623][   T29] audit: type=1400 audit(1739696330.607:381): avc:  denied  { open } for  pid=6809 comm="syz.1.251" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  130.824737][ T5909] usb 3-1: USB disconnect, device number 19
[  131.324863][   T29] audit: type=1400 audit(1739696330.637:382): avc:  denied  { read } for  pid=6809 comm="syz.1.251" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  131.399460][   T29] audit: type=1800 audit(1739696330.817:383): pid=6808 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.252" name="/" dev="9p" ino=2 res=0 errno=0
[  131.443066][   T29] audit: type=1400 audit(1739696331.407:384): avc:  denied  { unmount } for  pid=5816 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  131.476291][ T6810] syz.1.251 (6810) used greatest stack depth: 20256 bytes left
[  131.580302][   T29] audit: type=1800 audit(1739696331.447:385): pid=6810 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.251" name="/" dev="9p" ino=2 res=0 errno=0
[  132.502341][ T5909] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  132.558230][ T6834] No such timeout policy "syz1"
[  132.702101][ T5909] usb 3-1: device descriptor read/64, error -71
[  132.729405][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  132.764561][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  132.866600][ T6837] FAULT_INJECTION: forcing a failure.
[  132.866600][ T6837] name failslab, interval 1, probability 0, space 0, times 0
[  132.884333][ T6837] CPU: 0 UID: 0 PID: 6837 Comm: syz.4.260 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  132.884359][ T6837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  132.884368][ T6837] Call Trace:
[  132.884373][ T6837]  <TASK>
[  132.884378][ T6837]  dump_stack_lvl+0x16c/0x1f0
[  132.884395][ T6837]  should_fail_ex+0x50a/0x650
[  132.884410][ T6837]  ? fs_reclaim_acquire+0xae/0x150
[  132.884426][ T6837]  should_failslab+0xc2/0x120
[  132.884437][ T6837]  __kmalloc_node_noprof+0xd1/0x510
[  132.884448][ T6837]  ? __kvmalloc_node_noprof+0xad/0x1a0
[  132.884466][ T6837]  __kvmalloc_node_noprof+0xad/0x1a0
[  132.884481][ T6837]  __nf_hook_entries_try_shrink+0x15f/0x400
[  132.884502][ T6837]  __nf_unregister_net_hook+0x2e5/0x680
[  132.884520][ T6837]  nf_unregister_net_hooks+0x11b/0x160
[  132.884537][ T6837]  ip_vs_unregister_hooks+0xd8/0x140
[  132.884548][ T6837]  ip_vs_unlink_service+0x954/0xba0
[  132.884561][ T6837]  ? __might_fault+0xe3/0x190
[  132.884575][ T6837]  ip_vs_flush+0xad/0x230
[  132.884587][ T6837]  do_ip_vs_set_ctl+0xe8e/0x11c0
[  132.884602][ T6837]  ? __print_lock_name+0x1a0/0x260
[  132.884614][ T6837]  ? __pfx_do_ip_vs_set_ctl+0x10/0x10
[  132.884628][ T6837]  ? nf_sockopt_find.constprop.0+0x221/0x290
[  132.884640][ T6837]  ? rcu_is_watching+0x12/0xc0
[  132.884653][ T6837]  ? __mutex_lock+0x1cc/0xb10
[  132.884666][ T6837]  ? __mutex_unlock_slowpath+0x164/0x6a0
[  132.884688][ T6837]  ? nf_setsockopt+0x8a/0xf0
[  132.884697][ T6837]  nf_setsockopt+0x8a/0xf0
[  132.884709][ T6837]  ip_setsockopt+0xcb/0xf0
[  132.884727][ T6837]  ipv6_setsockopt+0x155/0x170
[  132.884741][ T6837]  tcp_setsockopt+0xa4/0x100
[  132.884757][ T6837]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  132.884774][ T6837]  do_sock_setsockopt+0x222/0x480
[  132.884789][ T6837]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  132.884805][ T6837]  ? lock_acquire+0x2f/0xb0
[  132.884825][ T6837]  __sys_setsockopt+0x1a0/0x230
[  132.884840][ T6837]  __x64_sys_setsockopt+0xbd/0x160
[  132.884851][ T6837]  ? do_syscall_64+0x9a/0x250
[  132.884863][ T6837]  do_syscall_64+0xcd/0x250
[  132.884875][ T6837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.884889][ T6837] RIP: 0033:0x7f0b1a58cde9
[  132.884899][ T6837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  132.884909][ T6837] RSP: 002b:00007f0b1b3ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  132.884919][ T6837] RAX: ffffffffffffffda RBX: 00007f0b1a7a6080 RCX: 00007f0b1a58cde9
[  132.884925][ T6837] RDX: 0000000000000485 RSI: 0000000000000000 RDI: 0000000000000003
[  132.884930][ T6837] RBP: 00007f0b1b3ee090 R08: 0000000000000000 R09: 0000000000000000
[  132.884936][ T6837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.884942][ T6837] R13: 0000000000000000 R14: 00007f0b1a7a6080 R15: 00007ffc3eb642c8
[  132.884954][ T6837]  </TASK>
[  133.389841][ T5867] IPVS: starting estimator thread 0...
[  133.506260][ T6838] IPVS: using max 55 ests per chain, 132000 per kthread
[  133.662846][ T5909] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  134.155000][ T5909] usb 3-1: device descriptor read/64, error -71
[  134.270127][ T6853] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[  134.278391][ T6853] audit: out of memory in audit_log_start
[  134.282133][ T5909] usb usb3-port1: attempt power cycle
[  134.642062][ T5909] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  134.715261][ T5909] usb 3-1: device descriptor read/8, error -71
[  134.819628][ T6859] netlink: 16 bytes leftover after parsing attributes in process `syz.0.266'.
[  134.822109][ T6858] warning: `syz.1.267' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  135.111935][ T5909] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  135.169992][ T5909] usb 3-1: device descriptor read/8, error -71
[  135.250178][ T6871] netlink: 'syz.1.271': attribute type 10 has an invalid length.
[  135.359005][ T5909] usb usb3-port1: unable to enumerate USB device
[  135.400200][ T6871] syz_tun: entered promiscuous mode
[  136.259101][ T6871] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  136.412625][ T6885] overlayfs: missing 'lowerdir'
[  136.500813][ T6886] random: crng reseeded on system resumption
[  136.752065][   T29] audit: type=1400 audit(1739696336.512:386): avc:  denied  { write } for  pid=6883 comm="syz.2.273" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  136.904224][   T29] audit: type=1400 audit(1739696336.512:387): avc:  denied  { open } for  pid=6883 comm="syz.2.273" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  137.203168][ T6898] No such timeout policy "syz1"
[  137.511956][   T29] audit: type=1400 audit(1739696337.522:388): avc:  denied  { read } for  pid=5178 comm="acpid" name="mouse6" dev="devtmpfs" ino=2824 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  137.599537][   T29] audit: type=1400 audit(1739696337.522:389): avc:  denied  { open } for  pid=5178 comm="acpid" path="/dev/input/mouse6" dev="devtmpfs" ino=2824 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  137.662781][   T29] audit: type=1400 audit(1739696337.522:390): avc:  denied  { ioctl } for  pid=5178 comm="acpid" path="/dev/input/mouse6" dev="devtmpfs" ino=2824 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  138.275873][   T29] audit: type=1400 audit(1739696338.281:391): avc:  denied  { getopt } for  pid=6914 comm="syz.1.283" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  139.702432][ T5852] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  139.902196][ T5852] usb 1-1: Using ep0 maxpacket: 8
[  139.908801][ T5852] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  139.918868][ T5852] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  139.935451][ T5852] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  139.951906][ T5852] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  139.982454][ T5852] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  139.999170][ T5852] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.007489][ T5867] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  140.182035][ T5867] usb 2-1: Using ep0 maxpacket: 8
[  140.193570][ T5867] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  140.211901][ T5867] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  140.237841][ T5867] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  140.250994][ T5852] usb 1-1: GET_CAPABILITIES returned 0
[  140.261875][ T5867] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  140.275360][ T5852] usbtmc 1-1:16.0: can't read capabilities
[  140.281693][ T5867] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  140.324391][ T5867] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.461136][    C0] usbtmc 1-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  140.496192][  T971] usb 1-1: USB disconnect, device number 8
[  140.559108][ T5867] usb 2-1: GET_CAPABILITIES returned 0
[  140.568495][ T5867] usbtmc 2-1:16.0: can't read capabilities
[  140.798778][ T6956] hub 6-0:1.0: USB hub found
[  140.804807][ T6956] hub 6-0:1.0: 1 port detected
[  141.246209][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  141.276307][  T971] usb 2-1: USB disconnect, device number 4
[  142.648343][ T6963] netlink: 4 bytes leftover after parsing attributes in process `syz.0.293'.
[  144.265337][ T6981] netlink: 'syz.3.298': attribute type 1 has an invalid length.
[  144.429698][   T29] audit: type=1400 audit(1739696344.445:392): avc:  denied  { read append } for  pid=6984 comm="syz.3.300" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  144.471960][ T5867] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  144.627886][   T29] audit: type=1400 audit(1739696344.445:393): avc:  denied  { open } for  pid=6984 comm="syz.3.300" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  144.765867][   T29] audit: type=1400 audit(1739696344.445:394): avc:  denied  { ioctl } for  pid=6984 comm="syz.3.300" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4604 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  144.833588][ T5867] usb 2-1: Using ep0 maxpacket: 8
[  144.881260][ T5867] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  144.897985][ T5867] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  144.918723][ T5867] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  144.930401][ T5867] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  144.948433][ T5867] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  144.958055][ T5867] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.171928][ T5909] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  145.175272][ T5867] usb 2-1: GET_CAPABILITIES returned 0
[  145.196666][ T5867] usbtmc 2-1:16.0: can't read capabilities
[  145.363319][ T5909] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  145.412569][ T6996] ceph: No mds server is up or the cluster is laggy
[  145.448758][ T5909] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  145.449070][ T5867] libceph: connect (1)[c::]:6789 error -101
[  145.465778][ T5867] libceph: mon0 (1)[c::]:6789 connect error
[  145.587721][ T5909] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  145.684751][ T5909] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  145.712769][ T5909] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  146.047207][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  146.057798][ T5909] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  146.066923][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  146.099863][ T5909] usb 5-1: Product: syz
[  146.105723][ T5909] usb 5-1: Manufacturer: syz
[  146.121628][ T5867] usb 2-1: USB disconnect, device number 5
[  146.139294][ T5909] cdc_wdm 5-1:1.0: skipping garbage
[  146.182029][   T29] audit: type=1400 audit(1739696346.185:395): avc:  denied  { connect } for  pid=6993 comm="syz.3.303" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  146.220761][ T5909] cdc_wdm 5-1:1.0: skipping garbage
[  146.257925][ T5909] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  146.265793][ T5909] cdc_wdm 5-1:1.0: Unknown control protocol
[  146.933686][ T7017] netlink: 16 bytes leftover after parsing attributes in process `syz.1.308'.
[  147.017408][ T7008] ptrace attach of "./syz-executor exec"[7013] was attempted by "./syz-executor exec"[7008]
[  147.117730][ T7020] hub 6-0:1.0: USB hub found
[  147.132015][ T7020] hub 6-0:1.0: 1 port detected
[  147.838574][ T7025] veth1_macvtap: left promiscuous mode
[  147.844404][ T7025] macsec0: entered promiscuous mode
[  148.197596][   T45] usb 5-1: USB disconnect, device number 10
[  149.083528][   T29] audit: type=1400 audit(1739696349.105:396): avc:  denied  { execute } for  pid=7034 comm="syz.1.313" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  149.111406][ T7036] FAULT_INJECTION: forcing a failure.
[  149.111406][ T7036] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  149.165141][ T7036] CPU: 0 UID: 0 PID: 7036 Comm: syz.4.312 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  149.165166][ T7036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  149.165175][ T7036] Call Trace:
[  149.165181][ T7036]  <TASK>
[  149.165187][ T7036]  dump_stack_lvl+0x16c/0x1f0
[  149.165211][ T7036]  should_fail_ex+0x50a/0x650
[  149.165239][ T7036]  _copy_from_user+0x2e/0xd0
[  149.165255][ T7036]  copy_msghdr_from_user+0x99/0x160
[  149.165278][ T7036]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  149.165309][ T7036]  ___sys_sendmsg+0xff/0x1e0
[  149.165332][ T7036]  ? __pfx____sys_sendmsg+0x10/0x10
[  149.165361][ T7036]  ? __pfx_lock_release+0x10/0x10
[  149.165384][ T7036]  ? trace_lock_acquire+0x14e/0x1f0
[  149.165410][ T7036]  ? __fget_files+0x206/0x3a0
[  149.165432][ T7036]  __sys_sendmsg+0x16e/0x220
[  149.165454][ T7036]  ? __pfx___sys_sendmsg+0x10/0x10
[  149.165490][ T7036]  do_syscall_64+0xcd/0x250
[  149.165510][ T7036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  149.165533][ T7036] RIP: 0033:0x7f0b1a58cde9
[  149.165547][ T7036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  149.165562][ T7036] RSP: 002b:00007f0b1b40f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  149.165578][ T7036] RAX: ffffffffffffffda RBX: 00007f0b1a7a5fa0 RCX: 00007f0b1a58cde9
[  149.165588][ T7036] RDX: 0000000000000000 RSI: 0000400000000640 RDI: 0000000000000003
[  149.165597][ T7036] RBP: 00007f0b1b40f090 R08: 0000000000000000 R09: 0000000000000000
[  149.165607][ T7036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  149.165615][ T7036] R13: 0000000000000000 R14: 00007f0b1a7a5fa0 R15: 00007ffc3eb642c8
[  149.165636][ T7036]  </TASK>
[  149.343119][    C0] vkms_vblank_simulate: vblank timer overrun
[  150.612187][ T7047] netlink: 20 bytes leftover after parsing attributes in process `syz.4.317'.
[  151.644201][ T7069] hub 6-0:1.0: USB hub found
[  151.649478][ T7069] hub 6-0:1.0: 1 port detected
[  152.089328][ T5867] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  152.208888][ T7073] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  152.255605][ T5867] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  152.277001][ T5867] usb 3-1: config 27 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  152.294913][ T5867] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  152.362657][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.363240][ T7075] FAULT_INJECTION: forcing a failure.
[  152.363240][ T7075] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.389411][ T7075] CPU: 0 UID: 0 PID: 7075 Comm: syz.3.327 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  152.389435][ T7075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  152.389443][ T7075] Call Trace:
[  152.389448][ T7075]  <TASK>
[  152.389453][ T7075]  dump_stack_lvl+0x16c/0x1f0
[  152.389475][ T7075]  should_fail_ex+0x50a/0x650
[  152.389501][ T7075]  _copy_from_user+0x2e/0xd0
[  152.389516][ T7075]  move_addr_to_kernel+0x68/0x160
[  152.389533][ T7075]  __sys_bind+0x11c/0x260
[  152.389548][ T7075]  ? __pfx___sys_bind+0x10/0x10
[  152.389562][ T7075]  ? __fget_files+0x206/0x3a0
[  152.389583][ T7075]  ? __pfx_ksys_write+0x10/0x10
[  152.389611][ T7075]  __x64_sys_bind+0x72/0xb0
[  152.389626][ T7075]  ? lockdep_hardirqs_on+0x7c/0x110
[  152.389651][ T7075]  do_syscall_64+0xcd/0x250
[  152.389668][ T7075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.389689][ T7075] RIP: 0033:0x7fd4d7b8cde9
[  152.389702][ T7075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.389716][ T7075] RSP: 002b:00007fd4d8a94038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  152.389732][ T7075] RAX: ffffffffffffffda RBX: 00007fd4d7da5fa0 RCX: 00007fd4d7b8cde9
[  152.389742][ T7075] RDX: 0000000000000014 RSI: 0000400000000080 RDI: 0000000000000003
[  152.389752][ T7075] RBP: 00007fd4d8a94090 R08: 0000000000000000 R09: 0000000000000000
[  152.389761][ T7075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  152.389771][ T7075] R13: 0000000000000000 R14: 00007fd4d7da5fa0 R15: 00007ffe1ef6fb48
[  152.389791][ T7075]  </TASK>
[  152.746399][ T5867] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  152.761209][ T7082] No such timeout policy "syz1"
[  152.791527][ T5867] usb 3-1: invalid MIDI out EP 0
[  153.009960][ T7065] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  153.058832][ T7065] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  153.084889][ T7065] capability: warning: `syz.2.323' uses deprecated v2 capabilities in a way that may be insecure
[  153.304570][ T5867] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -22
[  153.356415][ T7089] hub 6-0:1.0: USB hub found
[  153.361639][ T7089] hub 6-0:1.0: 1 port detected
[  153.817492][ T5867] usb 3-1: USB disconnect, device number 24
[  153.882022][  T117] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  154.022661][ T5926] udevd[5926]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  154.053132][  T117] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  154.074354][ T7094] FAULT_INJECTION: forcing a failure.
[  154.074354][ T7094] name failslab, interval 1, probability 0, space 0, times 0
[  154.089131][  T117] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  154.101826][ T7094] CPU: 0 UID: 0 PID: 7094 Comm: syz.4.333 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  154.101851][ T7094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  154.101859][ T7094] Call Trace:
[  154.101864][ T7094]  <TASK>
[  154.101869][ T7094]  dump_stack_lvl+0x16c/0x1f0
[  154.101895][ T7094]  should_fail_ex+0x50a/0x650
[  154.101917][ T7094]  ? fs_reclaim_acquire+0xae/0x150
[  154.101942][ T7094]  ? vb2_core_allocated_buffers_storage+0xc4/0x220
[  154.101963][ T7094]  should_failslab+0xc2/0x120
[  154.101980][ T7094]  __kmalloc_noprof+0xcb/0x510
[  154.102001][ T7094]  vb2_core_allocated_buffers_storage+0xc4/0x220
[  154.102022][ T7094]  vb2_core_reqbufs+0x381/0xfb0
[  154.102046][ T7094]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  154.102077][ T7094]  __vb2_init_fileio+0x3f3/0x1110
[  154.102096][ T7094]  ? __mutex_lock+0x1cc/0xb10
[  154.102114][ T7094]  ? vb2_fop_write+0xe3/0x3e0
[  154.102133][ T7094]  __vb2_perform_fileio+0x9de/0x1620
[  154.102158][ T7094]  ? __pfx___vb2_perform_fileio+0x10/0x10
[  154.102183][ T7094]  vb2_fop_write+0x202/0x3e0
[  154.102205][ T7094]  v4l2_write+0x226/0x360
[  154.102230][ T7094]  ? __pfx_v4l2_write+0x10/0x10
[  154.102253][ T7094]  vfs_write+0x24c/0x1150
[  154.102280][ T7094]  ? __fget_files+0x1fc/0x3a0
[  154.102296][ T7094]  ? __pfx_lock_release+0x10/0x10
[  154.102320][ T7094]  ? __pfx_vfs_write+0x10/0x10
[  154.102345][ T7094]  ? lock_acquire+0x2f/0xb0
[  154.102366][ T7094]  ? __fget_files+0x40/0x3a0
[  154.102383][ T7094]  ? __fget_files+0x206/0x3a0
[  154.102406][ T7094]  ksys_write+0x12b/0x250
[  154.102431][ T7094]  ? __pfx_ksys_write+0x10/0x10
[  154.102463][ T7094]  do_syscall_64+0xcd/0x250
[  154.102483][ T7094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  154.102507][ T7094] RIP: 0033:0x7f0b1a58cde9
[  154.102523][ T7094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  154.102539][ T7094] RSP: 002b:00007f0b1b40f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  154.102556][ T7094] RAX: ffffffffffffffda RBX: 00007f0b1a7a5fa0 RCX: 00007f0b1a58cde9
[  154.102567][ T7094] RDX: 00000000fffffd9d RSI: 0000400000000100 RDI: 0000000000000004
[  154.102577][ T7094] RBP: 00007f0b1b40f090 R08: 0000000000000000 R09: 0000000000000000
[  154.102586][ T7094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  154.102596][ T7094] R13: 0000000000000000 R14: 00007f0b1a7a5fa0 R15: 00007ffc3eb642c8
[  154.102619][ T7094]  </TASK>
[  154.351338][  T117] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  154.360395][  T117] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  154.371790][  T117] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  154.469110][  T117] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  154.518039][  T117] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  154.577075][  T117] usb 2-1: Product: syz
[  154.581285][  T117] usb 2-1: Manufacturer: syz
[  155.122416][  T117] cdc_wdm 2-1:1.0: skipping garbage
[  155.136173][  T117] cdc_wdm 2-1:1.0: skipping garbage
[  155.209663][ T7107] FAULT_INJECTION: forcing a failure.
[  155.209663][ T7107] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  155.209674][  T117] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  155.209700][  T117] cdc_wdm 2-1:1.0: Unknown control protocol
[  155.232266][ T7107] CPU: 0 UID: 0 PID: 7107 Comm: syz.4.337 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  155.232290][ T7107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  155.232298][ T7107] Call Trace:
[  155.232303][ T7107]  <TASK>
[  155.232309][ T7107]  dump_stack_lvl+0x16c/0x1f0
[  155.232330][ T7107]  should_fail_ex+0x50a/0x650
[  155.232353][ T7107]  _copy_from_user+0x2e/0xd0
[  155.232367][ T7107]  ? __pfx_do_get_feature_msr+0x10/0x10
[  155.232386][ T7107]  msr_io+0x94/0x290
[  155.232402][ T7107]  ? __pfx_msr_io+0x10/0x10
[  155.232417][ T7107]  ? tomoyo_path_number_perm+0x190/0x590
[  155.232437][ T7107]  kvm_arch_dev_ioctl+0x3b1/0x730
[  155.232451][ T7107]  ? __pfx_kvm_arch_dev_ioctl+0x10/0x10
[  155.232464][ T7107]  ? do_vfs_ioctl+0x513/0x1990
[  155.232485][ T7107]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  155.232508][ T7107]  ? ioctl_has_perm.constprop.0.isra.0+0x2f2/0x450
[  155.232529][ T7107]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  155.232552][ T7107]  kvm_dev_ioctl+0x781/0x1a90
[  155.232567][ T7107]  ? __pfx_lock_release+0x10/0x10
[  155.232589][ T7107]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  155.232605][ T7107]  ? selinux_file_ioctl+0x180/0x270
[  155.232624][ T7107]  ? selinux_file_ioctl+0xb4/0x270
[  155.232644][ T7107]  ? __pfx_kvm_dev_ioctl+0x10/0x10
[  155.232658][ T7107]  __x64_sys_ioctl+0x190/0x200
[  155.232677][ T7107]  do_syscall_64+0xcd/0x250
[  155.232695][ T7107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.232713][ T7107] RIP: 0033:0x7f0b1a58cde9
[  155.232725][ T7107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.232738][ T7107] RSP: 002b:00007f0b1b40f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  155.232752][ T7107] RAX: ffffffffffffffda RBX: 00007f0b1a7a5fa0 RCX: 00007f0b1a58cde9
[  155.232762][ T7107] RDX: 0000000000000000 RSI: 00000000c008ae88 RDI: 0000000000000004
[  155.232770][ T7107] RBP: 00007f0b1b40f090 R08: 0000000000000000 R09: 0000000000000000
[  155.232779][ T7107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.232787][ T7107] R13: 0000000000000000 R14: 00007f0b1a7a5fa0 R15: 00007ffc3eb642c8
[  155.232805][ T7107]  </TASK>
[  155.400248][    C1] vkms_vblank_simulate: vblank timer overrun
[  155.513176][ T7087] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.522056][ T7087] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.544693][  T117] usb 2-1: USB disconnect, device number 6
[  156.695890][   T29] audit: type=1400 audit(1739696356.711:397): avc:  denied  { create } for  pid=7119 comm="syz.4.341" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  157.337802][ T7128] __vm_enough_memory: pid: 7128, comm: syz.2.343, bytes: 4503599627366400 not enough memory for the allocation
[  157.384375][   T29] audit: type=1400 audit(1739696357.291:398): avc:  denied  { mount } for  pid=7124 comm="syz.1.342" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  157.711938][   T29] audit: type=1400 audit(1739696357.541:399): avc:  denied  { create } for  pid=7127 comm="syz.2.343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  157.878224][   T29] audit: type=1400 audit(1739696357.881:400): avc:  denied  { unmount } for  pid=5815 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  158.021837][   T45] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  158.117781][ T7146] netlink: 24 bytes leftover after parsing attributes in process `syz.1.350'.
[  158.132338][   T29] audit: type=1400 audit(1739696358.131:401): avc:  denied  { create } for  pid=7143 comm="syz.1.350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  158.162924][ T7148] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  158.358674][ T7146] FAULT_INJECTION: forcing a failure.
[  158.358674][ T7146] name failslab, interval 1, probability 0, space 0, times 0
[  158.371912][ T7146] CPU: 0 UID: 0 PID: 7146 Comm: syz.1.350 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  158.371934][ T7146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  158.371944][ T7146] Call Trace:
[  158.371949][ T7146]  <TASK>
[  158.371955][ T7146]  dump_stack_lvl+0x16c/0x1f0
[  158.371980][ T7146]  should_fail_ex+0x50a/0x650
[  158.372002][ T7146]  ? xa_load+0x154/0x2c0
[  158.372024][ T7146]  ? memcg_list_lru_alloc+0x29f/0x730
[  158.372044][ T7146]  should_failslab+0xc2/0x120
[  158.372063][ T7146]  __kmalloc_noprof+0xcb/0x510
[  158.372080][ T7146]  ? find_held_lock+0x2d/0x110
[  158.372101][ T7146]  memcg_list_lru_alloc+0x29f/0x730
[  158.372127][ T7146]  ? __pfx_memcg_list_lru_alloc+0x10/0x10
[  158.372154][ T7146]  ? get_mem_cgroup_from_objcg+0x14c/0x620
[  158.372180][ T7146]  ? zswap_store+0x61a/0x26c0
[  158.372204][ T7146]  zswap_store+0x6a6/0x26c0
[  158.372228][ T7146]  ? find_held_lock+0x2d/0x110
[  158.372248][ T7146]  ? folio_free_swap+0x169/0x570
[  158.372266][ T7146]  ? __pfx_zswap_store+0x10/0x10
[  158.372289][ T7146]  ? do_raw_spin_lock+0x12d/0x2c0
[  158.372305][ T7146]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  158.372321][ T7146]  ? lock_acquire+0x2f/0xb0
[  158.372342][ T7146]  ? folio_free_swap+0x112/0x570
[  158.372361][ T7146]  ? do_raw_spin_unlock+0x172/0x230
[  158.372375][ T7146]  ? swp_swap_info+0xcf/0x130
[  158.372394][ T7146]  ? __pfx_swp_swap_info+0x10/0x10
[  158.372420][ T7146]  swap_writepage+0x3b6/0x1120
[  158.372448][ T7146]  shmem_writepage+0xf7b/0x1490
[  158.372472][ T7146]  ? __pfx_shmem_writepage+0x10/0x10
[  158.372497][ T7146]  ? inode_to_bdi+0x9e/0x160
[  158.372520][ T7146]  ? folio_clear_dirty_for_io+0x112/0x800
[  158.372543][ T7146]  pageout+0x3b2/0xaa0
[  158.372562][ T7146]  ? __pfx_pageout+0x10/0x10
[  158.372608][ T7146]  ? __pfx_try_to_unmap_one+0x10/0x10
[  158.372623][ T7146]  ? __pfx_folio_not_mapped+0x10/0x10
[  158.372647][ T7146]  ? __pfx_folio_lock_anon_vma_read+0x10/0x10
[  158.372671][ T7146]  shrink_folio_list+0x2f7f/0x40c0
[  158.372700][ T7146]  ? __pfx_shrink_folio_list+0x10/0x10
[  158.372718][ T7146]  ? hlock_class+0x4e/0x130
[  158.372735][ T7146]  ? __lock_acquire+0xc20/0x3c40
[  158.372759][ T7146]  ? hlock_class+0x4e/0x130
[  158.372775][ T7146]  ? __lock_acquire+0xcc5/0x3c40
[  158.372799][ T7146]  ? hlock_class+0x4e/0x130
[  158.372818][ T7146]  ? hlock_class+0x4e/0x130
[  158.372842][ T7146]  ? mark_lock+0xb5/0xc60
[  158.372864][ T7146]  ? hlock_class+0x4e/0x130
[  158.372881][ T7146]  ? mark_lock+0xb5/0xc60
[  158.372923][ T7146]  ? hlock_class+0x4e/0x130
[  158.372939][ T7146]  ? __lock_acquire+0x15a9/0x3c40
[  158.372964][ T7146]  reclaim_folio_list+0xd8/0x5e0
[  158.372988][ T7146]  ? __pfx_reclaim_folio_list+0x10/0x10
[  158.373007][ T7146]  ? hlock_class+0x4e/0x130
[  158.373023][ T7146]  ? mark_lock+0xb5/0xc60
[  158.373054][ T7146]  ? find_held_lock+0x2d/0x110
[  158.373074][ T7146]  ? folio_isolate_lru+0x577/0x8e0
[  158.373094][ T7146]  ? find_held_lock+0x2d/0x110
[  158.373110][ T7146]  ? find_held_lock+0x2d/0x110
[  158.373129][ T7146]  reclaim_pages+0x481/0x650
[  158.373152][ T7146]  ? __pfx_reclaim_pages+0x10/0x10
[  158.373174][ T7146]  ? folio_isolate_lru+0xa2/0x8e0
[  158.373199][ T7146]  madvise_cold_or_pageout_pte_range+0x13ae/0x20d0
[  158.373230][ T7146]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  158.373255][ T7146]  ? find_held_lock+0x2d/0x110
[  158.373278][ T7146]  ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10
[  158.373301][ T7146]  walk_pgd_range+0xc7b/0x1a70
[  158.373327][ T7146]  ? mt_find+0x4c8/0xa20
[  158.373351][ T7146]  ? __pfx_walk_pgd_range+0x10/0x10
[  158.373378][ T7146]  __walk_page_range+0x161/0x820
[  158.373400][ T7146]  ? find_vma+0xc0/0x140
[  158.373422][ T7146]  ? __pfx_find_vma+0x10/0x10
[  158.373446][ T7146]  ? walk_page_test+0x9b/0x180
[  158.373467][ T7146]  walk_page_range_mm+0x55a/0x940
[  158.373491][ T7146]  ? __pfx_walk_page_range_mm+0x10/0x10
[  158.373510][ T7146]  ? mlock_drain_local+0x22d/0x4f0
[  158.373535][ T7146]  ? lock_acquire+0x2f/0xb0
[  158.373556][ T7146]  ? mlock_drain_local+0x6f/0x4f0
[  158.373577][ T7146]  walk_page_range+0x63/0x90
[  158.373598][ T7146]  madvise_pageout+0x326/0x820
[  158.373621][ T7146]  ? __pfx_madvise_pageout+0x10/0x10
[  158.373653][ T7146]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  158.373683][ T7146]  madvise_vma_behavior+0x452/0x1dd0
[  158.373707][ T7146]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  158.373729][ T7146]  ? find_vma_prev+0xdb/0x160
[  158.373753][ T7146]  ? __pfx_find_vma_prev+0x10/0x10
[  158.373783][ T7146]  ? __pfx_rwsem_read_trylock+0x10/0x10
[  158.373809][ T7146]  ? do_madvise+0x2b3/0x7c0
[  158.373832][ T7146]  ? __pfx_madvise_vma_behavior+0x10/0x10
[  158.373856][ T7146]  madvise_walk_vmas+0x1cf/0x2c0
[  158.373877][ T7146]  ? __pfx_madvise_walk_vmas+0x10/0x10
[  158.373904][ T7146]  do_madvise+0x366/0x7c0
[  158.373926][ T7146]  ? __pfx_do_madvise+0x10/0x10
[  158.373953][ T7146]  ? ksys_write+0x1ba/0x250
[  158.373980][ T7146]  ? __pfx_ksys_write+0x10/0x10
[  158.374009][ T7146]  __x64_sys_madvise+0xa9/0x110
[  158.374028][ T7146]  ? lockdep_hardirqs_on+0x7c/0x110
[  158.374045][ T7146]  do_syscall_64+0xcd/0x250
[  158.374065][ T7146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.374087][ T7146] RIP: 0033:0x7fb56078cde9
[  158.374101][ T7146] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  158.374117][ T7146] RSP: 002b:00007fb56154b038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[  158.374133][ T7146] RAX: ffffffffffffffda RBX: 00007fb5609a6080 RCX: 00007fb56078cde9
[  158.374144][ T7146] RDX: 0000000000000015 RSI: 0000000000600003 RDI: 0000400000000000
[  158.374154][ T7146] RBP: 00007fb56154b090 R08: 0000000000000000 R09: 0000000000000000
[  158.374163][ T7146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  158.374172][ T7146] R13: 0000000000000000 R14: 00007fb5609a6080 R15: 00007ffc3fda4958
[  158.374195][ T7146]  </TASK>
[  159.029829][ T5867] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  159.037575][   T29] audit: type=1400 audit(1739696358.131:402): avc:  denied  { bind } for  pid=7143 comm="syz.1.350" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  159.073395][   T45] usb 1-1: Using ep0 maxpacket: 16
[  159.095708][   T45] usb 1-1: config 0 has an invalid interface number: 214 but max is 0
[  159.111237][ T7143] delete_channel: no stack
[  159.136793][   T45] usb 1-1: config 0 has no interface number 0
[  159.162980][   T45] usb 1-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  159.201765][ T5867] usb 3-1: Using ep0 maxpacket: 32
[  159.207682][   T45] usb 1-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice=fe.f5
[  159.217271][ T5867] usb 3-1: config 0 has an invalid interface number: 61 but max is 1
[  159.225718][ T5867] usb 3-1: config 0 has an invalid interface number: 98 but max is 1
[  159.233869][ T5867] usb 3-1: config 0 has no interface number 0
[  159.239955][ T5867] usb 3-1: config 0 has no interface number 1
[  159.242644][   T45] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  159.264377][ T5867] usb 3-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[  159.273535][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.281534][ T5867] usb 3-1: Product: syz
[  159.285856][ T5867] usb 3-1: Manufacturer: syz
[  159.290482][ T5867] usb 3-1: SerialNumber: syz
[  159.302771][ T5867] usb 3-1: config 0 descriptor??
[  159.343536][   T45] usb 1-1: Product: syz
[  159.356886][   T45] usb 1-1: SerialNumber: syz
[  159.379089][   T45] usb 1-1: config 0 descriptor??
[  159.413698][ T5867] viperboard 3-1:0.61: version 0.00 found at bus 003 address 025
[  159.429772][ T5867] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100
[  159.439716][ T5867] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[  159.457493][ T5867] viperboard 3-1:0.98: version 0.00 found at bus 003 address 025
[  159.469913][ T5867] viperboard-i2c viperboard-i2c.5.auto: failure setting i2c_bus_freq to 100
[  159.478795][ T5867] viperboard-i2c viperboard-i2c.5.auto: probe with driver viperboard-i2c failed with error -5
[  159.550179][ T7163] netlink: 'syz.1.352': attribute type 1 has an invalid length.
[  159.568222][  T117] usb 3-1: USB disconnect, device number 25
[  159.579476][   T29] audit: type=1800 audit(1739696359.602:403): pid=7156 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.352" name="/" dev="9p" ino=2 res=0 errno=0
[  159.756674][ T7163] netlink: 224 bytes leftover after parsing attributes in process `syz.1.352'.
[  159.823934][   T45] usbtouchscreen 1-1:0.214: Failed to read FW rev: -71
[  159.975843][   T45] usbtouchscreen 1-1:0.214: probe with driver usbtouchscreen failed with error -71
[  160.147867][ T7156] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  160.194068][   T45] usb 1-1: USB disconnect, device number 9
[  160.556312][ T7175] Process accounting resumed
[  160.590209][   T29] audit: type=1400 audit(1739696360.572:404): avc:  denied  { watch } for  pid=7170 comm="syz.4.355" path=2F37342FE91F7189591E9233614B dev="tmpfs" ino=419 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  161.183289][ T7189] netlink: 16 bytes leftover after parsing attributes in process `syz.2.361'.
[  161.796851][ T7202] hub 6-0:1.0: USB hub found
[  161.802302][ T7202] hub 6-0:1.0: 1 port detected
[  162.233541][ T7203] netlink: 24 bytes leftover after parsing attributes in process `syz.1.365'.
[  162.264237][   T29] audit: type=1400 audit(1739696361.672:405): avc:  denied  { read } for  pid=7193 comm="syz.2.363" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  162.492026][ T7197] delete_channel: no stack
[  162.526676][ T7200] netlink: 4 bytes leftover after parsing attributes in process `syz.0.364'.
[  163.211802][  T117] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  163.491783][  T971] usb 3-1: new full-speed USB device number 26 using dummy_hcd
[  164.612714][ T7243] netlink: 8 bytes leftover after parsing attributes in process `syz.3.378'.
[  164.629572][   T29] audit: type=1400 audit(1739696364.642:406): avc:  denied  { getopt } for  pid=7238 comm="syz.0.379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  164.693979][  T971] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  164.704973][  T971] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  164.714258][  T971] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  164.731613][  T971] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=e8.40
[  164.745216][  T971] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  164.754895][  T971] usb 3-1: Product: syz
[  164.759391][  T971] usb 3-1: SerialNumber: syz
[  164.805731][ T7247] hub 6-0:1.0: USB hub found
[  164.810961][ T7247] hub 6-0:1.0: 1 port detected
[  165.115840][  T971] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  165.221861][  T971] cdc_ncm 3-1:1.0: bind() failure
[  165.253522][  T971] usb 3-1: USB disconnect, device number 26
[  165.341131][ T7255] nbd: must specify a size in bytes for the device
[  165.552054][ T7259] netlink: 4 bytes leftover after parsing attributes in process `syz.3.383'.
[  165.584389][ T7255] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  165.771988][   T29] audit: type=1400 audit(1739696365.642:407): avc:  denied  { write } for  pid=7254 comm="syz.1.382" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  166.067307][   T29] audit: type=1400 audit(1739696366.082:408): avc:  denied  { name_bind } for  pid=7264 comm="syz.3.385" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  166.301254][ T7267] hub 6-0:1.0: USB hub found
[  166.306168][ T7267] hub 6-0:1.0: 1 port detected
[  166.440312][   T29] audit: type=1400 audit(1739696366.412:409): avc:  denied  { view } for  pid=7238 comm="syz.0.379" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  167.057711][ T7274] netlink: 4 bytes leftover after parsing attributes in process `syz.2.386'.
[  167.291963][ T7277] netlink: 48 bytes leftover after parsing attributes in process `syz.3.388'.
[  167.485271][ T5852] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  167.659401][   T29] audit: type=1400 audit(1739696367.672:410): avc:  denied  { mount } for  pid=7278 comm="syz.1.389" name="/" dev="mqueue" ino=5145 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  167.681531][    C0] vkms_vblank_simulate: vblank timer overrun
[  167.745439][   T29] audit: type=1400 audit(1739696367.702:411): avc:  denied  { sqpoll } for  pid=7278 comm="syz.1.389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  167.784218][ T5852] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.795843][ T5852] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  167.853100][ T5852] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.856374][   T29] audit: type=1400 audit(1739696367.872:412): avc:  denied  { setopt } for  pid=7283 comm="syz.3.390" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  167.878890][ T5852] usb 5-1: config 0 descriptor??
[  167.902015][ T7291] netlink: 16 bytes leftover after parsing attributes in process `syz.1.392'.
[  167.920893][ T5852] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[  167.951106][   T29] audit: type=1400 audit(1739696367.952:413): avc:  denied  { wake_alarm } for  pid=7288 comm="syz.2.391" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  168.267437][   T29] audit: type=1400 audit(1739696368.282:414): avc:  denied  { map } for  pid=7288 comm="syz.2.391" path="/dev/vhost-net" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  168.305333][ T7296] sctp: [Deprecated]: syz.4.387 (pid 7296) Use of struct sctp_assoc_value in delayed_ack socket option.
[  168.305333][ T7296] Use struct sctp_sack_info instead
[  168.337858][ T7297] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  168.387253][ T7296] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  168.420193][ T7296] batman_adv: batadv0: Removing interface: batadv_slave_0
[  168.461083][ T7296] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  168.483040][   T29] audit: type=1400 audit(1739696368.492:415): avc:  denied  { map } for  pid=7288 comm="syz.2.391" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  168.484228][ T7296] batman_adv: batadv0: Removing interface: batadv_slave_1
[  168.540390][   T29] audit: type=1400 audit(1739696368.502:416): avc:  denied  { execute } for  pid=7288 comm="syz.2.391" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  168.564090][    C0] vkms_vblank_simulate: vblank timer overrun
[  168.627632][   T29] audit: type=1400 audit(1739696368.542:417): avc:  denied  { create } for  pid=7288 comm="syz.2.391" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  168.647438][    C0] vkms_vblank_simulate: vblank timer overrun
[  168.709167][   T45] usb 5-1: USB disconnect, device number 11
[  169.097268][ T7308] hub 6-0:1.0: USB hub found
[  169.111888][ T7308] hub 6-0:1.0: 1 port detected
[  169.577745][ T7309] No such timeout policy "syz1"
[  169.963313][   T29] audit: type=1400 audit(1739696369.972:418): avc:  denied  { bind } for  pid=7304 comm="syz.0.396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  170.671449][ T7320] netlink: 8 bytes leftover after parsing attributes in process `syz.3.397'.
[  170.692455][ T7320] IPv6: sit1: Disabled Multicast RS
[  171.168401][   T29] audit: type=1400 audit(1739696371.182:419): avc:  denied  { read } for  pid=7318 comm="syz.4.399" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  172.062065][ T7329] netlink: 4 bytes leftover after parsing attributes in process `syz.1.401'.
[  172.327901][ T7337] hub 6-0:1.0: USB hub found
[  172.328615][ T7337] hub 6-0:1.0: 1 port detected
[  172.849781][ T7336] netlink: 'syz.4.404': attribute type 1 has an invalid length.
[  172.849817][ T7336] netlink: 224 bytes leftover after parsing attributes in process `syz.4.404'.
[  173.030453][ T7341] FAULT_INJECTION: forcing a failure.
[  173.030453][ T7341] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  173.087458][ T7341] CPU: 1 UID: 0 PID: 7341 Comm: syz.0.405 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  173.087483][ T7341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  173.087493][ T7341] Call Trace:
[  173.087498][ T7341]  <TASK>
[  173.087504][ T7341]  dump_stack_lvl+0x16c/0x1f0
[  173.087528][ T7341]  should_fail_ex+0x50a/0x650
[  173.087563][ T7341]  _copy_from_user+0x2e/0xd0
[  173.087580][ T7341]  copy_msghdr_from_user+0x99/0x160
[  173.087601][ T7341]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  173.087633][ T7341]  ___sys_sendmsg+0xff/0x1e0
[  173.087656][ T7341]  ? __pfx____sys_sendmsg+0x10/0x10
[  173.087686][ T7341]  ? __pfx_lock_release+0x10/0x10
[  173.087708][ T7341]  ? trace_lock_acquire+0x14e/0x1f0
[  173.087736][ T7341]  ? __fget_files+0x206/0x3a0
[  173.087758][ T7341]  __sys_sendmsg+0x16e/0x220
[  173.087780][ T7341]  ? __pfx___sys_sendmsg+0x10/0x10
[  173.087815][ T7341]  do_syscall_64+0xcd/0x250
[  173.087835][ T7341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  173.087854][ T7341] RIP: 0033:0x7fa5ab58cde9
[  173.087866][ T7341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  173.087880][ T7341] RSP: 002b:00007fa5ac370038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  173.087895][ T7341] RAX: ffffffffffffffda RBX: 00007fa5ab7a5fa0 RCX: 00007fa5ab58cde9
[  173.087906][ T7341] RDX: 0000000000040010 RSI: 0000400000000280 RDI: 0000000000000004
[  173.087916][ T7341] RBP: 00007fa5ac370090 R08: 0000000000000000 R09: 0000000000000000
[  173.087927][ T7341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  173.087936][ T7341] R13: 0000000000000000 R14: 00007fa5ab7a5fa0 R15: 00007ffe9cc4de98
[  173.087958][ T7341]  </TASK>
[  173.471204][ T7348] geneve1: entered allmulticast mode
[  278.541634][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  278.548609][    C0] rcu: 	1-...!: (1 GPs behind) idle=eb84/1/0x4000000000000000 softirq=18628/18630 fqs=2
[  278.559132][    C0] rcu: 	(detected by 0, t=10506 jiffies, g=14553, q=202 ncpus=2)
[  278.566869][    C0] Sending NMI from CPU 0 to CPUs 1:
[  278.566894][    C1] NMI backtrace for cpu 1
[  278.566904][    C1] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  278.566919][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  278.566929][    C1] Workqueue: bat_events batadv_nc_worker
[  278.566951][    C1] RIP: 0010:__lock_acquire+0xc73/0x3c40
[  278.566970][    C1] Code: 45 3b ac 24 e8 0a 00 00 0f 8d a1 04 00 00 49 63 c5 48 89 ee 48 8d 04 80 48 8d 3c c3 e8 86 8a c0 09 85 c0 74 c7 4c 8b 6c 24 78 <48> c7 c2 30 78 62 90 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 0f
[  278.566983][    C1] RSP: 0018:ffffc90000a18af0 EFLAGS: 00000046
[  278.566993][    C1] RAX: 0000000000000000 RBX: 35a08aec8a9222e9 RCX: ffffffff81966d12
[  278.567002][    C1] RDX: 1ffff110287d25fe RSI: 0000000000000008 RDI: 000000005a08aec3
[  278.567011][    C1] RBP: 0000000000000000 R08: 0000000000000000 R09: fffffbfff2dd7f98
[  278.567020][    C1] R10: ffffffff96ebfcc7 R11: 0000000000000004 R12: ffffed10287d25e5
[  278.567028][    C1] R13: ffff888143e92440 R14: 0000000000000002 R15: ffff888143e92fd0
[  278.567037][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  278.567051][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  278.567060][    C1] CR2: 0000000000000000 CR3: 00000000349a8000 CR4: 00000000003526f0
[  278.567069][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  278.567077][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  278.567085][    C1] Call Trace:
[  278.567090][    C1]  <NMI>
[  278.567097][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[  278.567116][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  278.567133][    C1]  ? nmi_handle+0x1ac/0x5d0
[  278.567151][    C1]  ? __lock_acquire+0xc73/0x3c40
[  278.567168][    C1]  ? default_do_nmi+0x6a/0x160
[  278.567185][    C1]  ? exc_nmi+0x170/0x1e0
[  278.567201][    C1]  ? end_repeat_nmi+0xf/0x53
[  278.567221][    C1]  ? __lock_acquire+0xf32/0x3c40
[  278.567238][    C1]  ? __lock_acquire+0xc73/0x3c40
[  278.567255][    C1]  ? __lock_acquire+0xc73/0x3c40
[  278.567272][    C1]  ? __lock_acquire+0xc73/0x3c40
[  278.567288][    C1]  </NMI>
[  278.567292][    C1]  <IRQ>
[  278.567299][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  278.567317][    C1]  ? lock_acquire.part.0+0x11b/0x380
[  278.567335][    C1]  lock_acquire.part.0+0x11b/0x380
[  278.567352][    C1]  ? debug_object_deactivate+0x13b/0x370
[  278.567368][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  278.567385][    C1]  ? rcu_is_watching+0x12/0xc0
[  278.567398][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[  278.567412][    C1]  ? debug_object_activate+0x149/0x4a0
[  278.567426][    C1]  ? debug_object_deactivate+0x13b/0x370
[  278.567440][    C1]  ? lock_acquire+0x2f/0xb0
[  278.567456][    C1]  ? debug_object_deactivate+0x13b/0x370
[  278.567471][    C1]  _raw_spin_lock_irqsave+0x3a/0x60
[  278.567490][    C1]  ? debug_object_deactivate+0x13b/0x370
[  278.567504][    C1]  debug_object_deactivate+0x13b/0x370
[  278.567518][    C1]  ? __pfx_debug_object_deactivate+0x10/0x10
[  278.567534][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  278.567547][    C1]  ? __pfx_advance_sched+0x10/0x10
[  278.567565][    C1]  __hrtimer_run_queues+0x47c/0xae0
[  278.567581][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  278.567593][    C1]  ? read_tsc+0x9/0x20
[  278.567609][    C1]  hrtimer_interrupt+0x392/0x8e0
[  278.567625][    C1]  __sysvec_apic_timer_interrupt+0x10f/0x400
[  278.567645][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  278.567664][    C1]  </IRQ>
[  278.567668][    C1]  <TASK>
[  278.567673][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  278.567691][    C1] RIP: 0010:lock_acquire.part.0+0x155/0x380
[  278.567709][    C1] Code: b8 ff ff ff ff 65 0f c1 05 10 dc 6b 7e 83 f8 01 0f 85 d0 01 00 00 9c 58 f6 c4 02 0f 85 e5 01 00 00 48 85 ed 0f 85 b6 01 00 00 <48> b8 00 00 00 00 00 fc ff df 48 01 c3 48 c7 03 00 00 00 00 48 c7
[  278.567720][    C1] RSP: 0018:ffffc90000ab7a40 EFLAGS: 00000206
[  278.567731][    C1] RAX: 0000000000000046 RBX: 1ffff92000156f49 RCX: 00000000f05df378
[  278.567739][    C1] RDX: 0000000000000001 RSI: ffffffff8b6cf020 RDI: ffffffff8bd353c0
[  278.567748][    C1] RBP: 0000000000000200 R08: 0000000000000000 R09: fffffbfff2dd7f98
[  278.567756][    C1] R10: ffffffff96ebfcc7 R11: 0000000000000002 R12: 0000000000000000
[  278.567764][    C1] R13: ffffffff8e1bcc80 R14: 0000000000000000 R15: 0000000000000000
[  278.567778][    C1]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  278.567795][    C1]  ? rcu_is_watching+0x12/0xc0
[  278.567808][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[  278.567823][    C1]  ? batadv_nc_worker+0x164/0x1060
[  278.567838][    C1]  ? lock_acquire+0x2f/0xb0
[  278.567853][    C1]  ? batadv_nc_worker+0x164/0x1060
[  278.567874][    C1]  batadv_nc_worker+0x16a/0x1060
[  278.567889][    C1]  ? batadv_nc_worker+0x164/0x1060
[  278.567906][    C1]  ? __pfx_batadv_nc_worker+0x10/0x10
[  278.567920][    C1]  ? rcu_is_watching+0x12/0xc0
[  278.567933][    C1]  ? trace_lock_acquire+0x14e/0x1f0
[  278.567948][    C1]  ? process_one_work+0x921/0x1ba0
[  278.567965][    C1]  ? lock_acquire+0x2f/0xb0
[  278.567981][    C1]  ? process_one_work+0x921/0x1ba0
[  278.567998][    C1]  process_one_work+0x9c5/0x1ba0
[  278.568016][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  278.568031][    C1]  ? __pfx_process_one_work+0x10/0x10
[  278.568049][    C1]  ? assign_work+0x1a0/0x250
[  278.568065][    C1]  worker_thread+0x6c8/0xf00
[  278.568083][    C1]  ? __pfx_worker_thread+0x10/0x10
[  278.568099][    C1]  kthread+0x3af/0x750
[  278.568114][    C1]  ? __pfx_kthread+0x10/0x10
[  278.568129][    C1]  ? lock_acquire+0x2f/0xb0
[  278.568146][    C1]  ? __pfx_kthread+0x10/0x10
[  278.568160][    C1]  ret_from_fork+0x45/0x80
[  278.568176][    C1]  ? __pfx_kthread+0x10/0x10
[  278.568191][    C1]  ret_from_fork_asm+0x1a/0x30
[  278.568210][    C1]  </TASK>
[  278.568890][    C0] rcu: rcu_preempt kthread starved for 10495 jiffies! g14553 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  279.130779][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  279.140743][    C0] rcu: RCU grace-period kthread stack dump:
[  279.146618][    C0] task:rcu_preempt     state:R  running task     stack:27552 pid:17    tgid:17    ppid:2      task_flags:0x208040 flags:0x00004000
[  279.160106][    C0] Call Trace:
[  279.163382][    C0]  <TASK>
[  279.166311][    C0]  __schedule+0xf43/0x5890
[  279.170735][    C0]  ? __pfx___lock_acquire+0x10/0x10
[  279.175942][    C0]  ? __pfx___schedule+0x10/0x10
[  279.180792][    C0]  ? schedule+0x298/0x350
[  279.185133][    C0]  ? __pfx_lock_release+0x10/0x10
[  279.190165][    C0]  ? lock_acquire+0x2f/0xb0
[  279.194665][    C0]  ? schedule+0x1fd/0x350
[  279.199014][    C0]  schedule+0xe7/0x350
[  279.203083][    C0]  schedule_timeout+0x124/0x280
[  279.207937][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  279.213312][    C0]  ? __pfx_process_timeout+0x10/0x10
[  279.218596][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  279.224404][    C0]  ? prepare_to_swait_event+0xf3/0x470
[  279.229867][    C0]  rcu_gp_fqs_loop+0x1eb/0xb00
[  279.234633][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  279.239917][    C0]  ? rcu_gp_init+0xc82/0x1630
[  279.244595][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  279.249797][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  279.255607][    C0]  rcu_gp_kthread+0x271/0x380
[  279.260284][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  279.265482][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  279.270678][    C0]  ? __kthread_parkme+0x148/0x220
[  279.275695][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  279.280895][    C0]  kthread+0x3af/0x750
[  279.284963][    C0]  ? __pfx_kthread+0x10/0x10
[  279.289641][    C0]  ? __pfx_kthread+0x10/0x10
[  279.294240][    C0]  ret_from_fork+0x45/0x80
[  279.298668][    C0]  ? __pfx_kthread+0x10/0x10
[  279.303255][    C0]  ret_from_fork_asm+0x1a/0x30
[  279.308027][    C0]  </TASK>
[  279.311041][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  279.317352][    C0] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.14.0-rc2-syzkaller-00281-g496659003dac #0
[  279.328016][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  279.338064][    C0] Workqueue: events_unbound toggle_allocation_gate
[  279.344562][    C0] RIP: 0010:smp_call_function_many_cond+0x4ea/0x12c0
[  279.351232][    C0] Code: dc 06 0c 00 f3 90 41 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 e8 0b 00 00 8b 43 08 31 ff 83 e0 01 41 89 c5 89 c6 e8 b6 01 0c 00 <45> 85 ed 75 d0 e8 ac 06 0c 00 e8 a7 06 0c 00 44 8b 6c 24 04 bf 07
[  279.370832][    C0] RSP: 0018:ffffc90000117928 EFLAGS: 00000293
[  279.376894][    C0] RAX: 0000000000000000 RBX: ffff8880b8744a80 RCX: ffffffff81add06a
[  279.384856][    C0] RDX: ffff88801d2c4880 RSI: 0000000000000000 RDI: 0000000000000005
[  279.392818][    C0] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[  279.400780][    C0] R10: 0000000000000001 R11: 0000000000000006 R12: ffffed10170e8951
[  279.408759][    C0] R13: 0000000000000001 R14: ffff8880b863fe80 R15: ffff8880b8744a88
[  279.416737][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  279.425660][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  279.432237][    C0] CR2: 00007ff5e29f6000 CR3: 000000000df80000 CR4: 00000000003526f0
[  279.440202][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  279.448163][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  279.456131][    C0] Call Trace:
[  279.459401][    C0]  <IRQ>
[  279.462240][    C0]  ? rcu_check_gp_kthread_starvation+0x31b/0x450
[  279.468586][    C0]  ? do_raw_spin_unlock+0x172/0x230
[  279.473795][    C0]  ? rcu_sched_clock_irq+0x247a/0x3310
[  279.479260][    C0]  ? timekeeping_advance+0x72e/0xa90
[  279.484541][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[  279.490171][    C0]  ? __asan_memcpy+0x3c/0x60
[  279.494774][    C0]  ? rcu_is_watching+0x12/0xc0
[  279.499538][    C0]  ? update_process_times+0x178/0x2d0
[  279.504912][    C0]  ? __pfx_update_process_times+0x10/0x10
[  279.510657][    C0]  ? update_wall_time+0x1c/0x40
[  279.515522][    C0]  ? tick_nohz_handler+0x376/0x530
[  279.520630][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  279.526084][    C0]  ? __hrtimer_run_queues+0x5fb/0xae0
[  279.531462][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  279.537185][    C0]  ? read_tsc+0x9/0x20
[  279.541274][    C0]  ? hrtimer_interrupt+0x392/0x8e0
[  279.546397][    C0]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[  279.552554][    C0]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[  279.558363][    C0]  </IRQ>
[  279.561291][    C0]  <TASK>
[  279.564216][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  279.570380][    C0]  ? smp_call_function_many_cond+0x4ea/0x12c0
[  279.576459][    C0]  ? smp_call_function_many_cond+0x4ea/0x12c0
[  279.582521][    C0]  ? smp_call_function_many_cond+0x4ea/0x12c0
[  279.588589][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  279.593625][    C0]  on_each_cpu_cond_mask+0x40/0x90
[  279.598736][    C0]  text_poke_bp_batch+0x22b/0x760
[  279.603757][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  279.608775][    C0]  ? __pfx_text_poke_bp_batch+0x10/0x10
[  279.614315][    C0]  ? text_poke_queue+0xef/0x180
[  279.619167][    C0]  ? arch_jump_label_transform_queue+0xc0/0x120
[  279.625499][    C0]  text_poke_finish+0x30/0x40
[  279.630193][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[  279.636171][    C0]  jump_label_update+0x1d7/0x400
[  279.641127][    C0]  static_key_enable_cpuslocked+0x1b7/0x270
[  279.647019][    C0]  static_key_enable+0x1a/0x20
[  279.651782][    C0]  toggle_allocation_gate+0xfc/0x260
[  279.657101][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  279.663015][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[  279.668221][    C0]  ? process_one_work+0x921/0x1ba0
[  279.673335][    C0]  ? lock_acquire+0x2f/0xb0
[  279.677837][    C0]  ? process_one_work+0x921/0x1ba0
[  279.682952][    C0]  process_one_work+0x9c5/0x1ba0
[  279.687913][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  279.693549][    C0]  ? __pfx_process_one_work+0x10/0x10
[  279.698925][    C0]  ? assign_work+0x1a0/0x250
[  279.703518][    C0]  worker_thread+0x6c8/0xf00
[  279.708118][    C0]  ? __pfx_worker_thread+0x10/0x10
[  279.713231][    C0]  kthread+0x3af/0x750
[  279.717297][    C0]  ? __pfx_kthread+0x10/0x10
[  279.721882][    C0]  ? lock_acquire+0x2f/0xb0
[  279.726387][    C0]  ? __pfx_kthread+0x10/0x10
[  279.730974][    C0]  ret_from_fork+0x45/0x80
[  279.735391][    C0]  ? __pfx_kthread+0x10/0x10
[  279.739981][    C0]  ret_from_fork_asm+0x1a/0x30
[  279.744756][    C0]  </TASK>