last executing test programs:

24.7723551s ago: executing program 0 (id=1149):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={<r0=>0x0}, &(0x7f0000000240)=0xc)
prlimit64(r0, 0xb, &(0x7f0000000140)={0xfffffffffffffff3, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x1, 0x7}, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000380)='rcu_stall_warning\x00', r3, 0x0, 0x3}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7809786e)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsopen(&(0x7f0000000400)='ceph\x00', 0x0)
read(r6, 0x0, 0x0)
fsmount(r5, 0x0, 0x0)
ptrace$getsig(0x4202, 0x0, 0x2, &(0x7f0000000300))
tkill(0x0, 0xb)

23.183836491s ago: executing program 2 (id=1158):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={<r0=>0x0}, &(0x7f0000000240)=0xc)
prlimit64(r0, 0xb, &(0x7f0000000140)={0xfffffffffffffff3, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, 0x1, 0x7}, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000380)='rcu_stall_warning\x00', r4, 0x0, 0x3}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7809786e)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r7 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r8 = fsopen(&(0x7f0000000400)='ceph\x00', 0x0)
read(r8, 0x0, 0x0)
fsmount(r6, 0x0, 0x0)
ptrace$getsig(0x4202, 0x0, 0x2, &(0x7f0000000300))
tkill(r7, 0xb)

21.44870542s ago: executing program 3 (id=1162):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000940)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x38, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0x54583}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty}}}], 0x20}}], 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r6, 0xc058534b, &(0x7f0000000440)={0x80})
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', "006e34e400"}, 0x28)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

20.839055767s ago: executing program 4 (id=1164):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = syz_open_dev$radio(&(0x7f0000000140), 0x3, 0x2)
io_setup(0x3, &(0x7f0000000180)=<r1=>0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="88f3e01af117fb0e4aebd1c4a44bd77a41f2d9d1714687054d34cf860cca13f964d38235bb551525964a4639f0a74f143faa93caa7c1e04089119e571cf9d3ed697587259fd10f3337a7cbcc3a939f155dd15268dbbd65f6a7a70b99"], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = dup3(r5, r4, 0x0)
connect$unix(r6, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x7, 0xb, &(0x7f0000000300)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x9, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000071122000000000009500000700"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, 0x0)
r10 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
dup(r10)
io_submit(r1, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r0, 0x0}])
syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)

20.634387368s ago: executing program 0 (id=1165):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fdinfo/4\x00')
preadv(r1, &(0x7f0000001240)=[{&(0x7f0000000040)=""/18, 0x12}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000480)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x11, 0x4, 0x0, 0x0, 0x44, 0x64, 0x0, 0x0, 0x29, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x4, 0x0, 0x0, 0x9}, @timestamp_prespec={0x44, 0x24, 0x2e, 0x3, 0x1, [{@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3}, {@rand_addr=0x64010102}]}, @noop, @noop, @lsrr={0x83, 0x3, 0xdc}, @noop]}}}}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2204c3b, &(0x7f0000000380)={[{@gid}]})
r7 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = dup(r8)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000001040))
write$UHID_INPUT(r9, &(0x7f0000001040)={0xa, {"a2e3ad08ed6b52f99cfbf4c087f71e9b3d0963ff7fc6e5539b9b3b0a8b9b441b4552101b080d29558f0e1ac6e7049b3468959b189a242a9b4bf3988f7ef319520700ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
write$binfmt_script(r7, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x80010, 0xffffffffffffffff, 0x0)
dup(r3)

18.792113736s ago: executing program 2 (id=1168):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
write(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r4 = dup(r3)
ioctl$BLKROSET(r4, 0x125d, 0x0)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x19, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800005, 0x11, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0xb81a, @any, 0x7ff}, 0xe)
socket$kcm(0x10, 0x2, 0x0)
bind$pptp(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
connect$pptp(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x2, {0x1, @rand_addr=0x64010102}}, 0x1e)

18.790755128s ago: executing program 3 (id=1169):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = syz_open_dev$radio(&(0x7f0000000140), 0x3, 0x2)
io_setup(0x3, &(0x7f0000000180)=<r1=>0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="88f3e01af117fb0e4aebd1c4a44bd77a41f2d9d1714687054d34cf860cca13f964d38235bb551525964a4639f0a74f143faa93caa7c1e04089119e571cf9d3ed697587259fd10f3337a7cbcc3a939f155dd15268dbbd65f6a7a70b99"], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = dup3(r5, r4, 0x0)
connect$unix(r6, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x7, 0xb, &(0x7f0000000300)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x9, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000071122000000000009500000700"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r10 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
dup(r10)
io_submit(r1, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r0, 0x0}])
syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)

18.78988635s ago: executing program 4 (id=1170):
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000b80)={0x0, 0x52f1, 0x10100, 0x3}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000001c0), 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000300)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @remote}, 0x14)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
preadv(r6, &(0x7f0000000000)=[{&(0x7f0000000480)=""/187, 0xbb}], 0x1, 0x4c, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
socket(0x23, 0x5, 0x0)
syz_open_dev$dri(0x0, 0xf8d, 0x200000)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000000c00)={0x2020}, 0x2020)
sched_setscheduler(0x0, 0x1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04131d07c900ff7fc9000300c90000fd04192d02c900bb480100363a00000100"], 0x20)
r7 = socket$igmp6(0xa, 0x3, 0x2)
socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'wg2\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_RSC={0x10, 0x1, {0x92, 0x1, 0x8}}}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4008840}, 0x0)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
r10 = gettid()
fcntl$lock(r9, 0x25, &(0x7f0000004fc0)={0x2, 0x1, 0x8, 0x0, r10})
connect$inet6(r9, &(0x7f0000000040)={0xa, 0x4e22, 0x6, @mcast2}, 0x1c)
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

17.205411301s ago: executing program 3 (id=1172):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
write(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r4 = dup(r3)
ioctl$BLKROSET(r4, 0x125d, 0x0)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x19, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800005, 0x11, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0xb81a, @any, 0x7ff}, 0xe)
socket$kcm(0x10, 0x2, 0x0)
r5 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r5, &(0x7f0000000080)={0x18, 0x2, {0x1, @rand_addr=0x64010102}}, 0x1e)

17.160722006s ago: executing program 4 (id=1173):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7040000080000008500000095000000950006000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00'}, 0x10)
getpid()
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c}, {{0x18, 0x1, 0x1, 0x0, r2}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x30000000}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x50, 0x6000000}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfff0}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2}, {0x3, 0x3, 0x6, 0xa, 0xa}, {0x7, 0x1, 0x2, 0x9, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r1}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x3, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

16.405041212s ago: executing program 2 (id=1174):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00'}, 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = syz_open_dev$loop(0x0, 0xc, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x120801, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0x8, &(0x7f0000001c40)=ANY=[], &(0x7f0000000580)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x8}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1200000004000000040000000c00000000000000", @ANYRES32, @ANYBLOB="000000f500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r1, 0x58, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
r5 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000340), 0x4)
r6 = dup3(r2, r0, 0x80000)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x6, 0x17, &(0x7f00000007c0)=@raw=[@map_fd={0x18, 0x9, 0x1, 0x0, r6}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @map_val={0x18, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x5}, @map_val={0x18, 0x9, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x240}, @printk={@llu, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x10001}}], &(0x7f0000000180)='GPL\x00', 0xe54, 0x0, &(0x7f00000001c0), 0x41100, 0x10, '\x00', r4, 0x25, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000500)={0x0, 0x6, 0x7fff, 0x13}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000000540)=[r6, r3, 0xffffffffffffffff, r3, r3, r3, r3, r3], &(0x7f00000005c0)=[{0x4, 0x1, 0xd, 0xa}], 0x10, 0xb94, @void, @value}, 0x94)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100001e61e410b1134200557b0102030109021b0001000000000904000001cf28fc000905e20040"], 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x0, 0x20000000)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x1d, 0x2, 0x0)
r10 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r10)
socket(0x22, 0x2, 0x3)
getpeername$packet(r10, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r2, 0x4c00, 0xffffffffffffffff)
close_range(r1, 0xffffffffffffffff, 0x0)

16.404310331s ago: executing program 0 (id=1175):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
r2 = socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000940)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newlink={0x38, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r5, 0x54583}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmmsg$inet(r2, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @empty}}}], 0x20}}], 0x1, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r6, 0xc058534b, &(0x7f0000000440)={0x80})
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "00000100ebffffff", "2607080d7f4fcf00fd4ef2dece6c7c58", '\x00', "006e34e400"}, 0x28)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

15.847586713s ago: executing program 4 (id=1176):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0x47f)
bind$inet(r0, &(0x7f00000002c0)={0x2, 0x4e21}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000440)={0x0, 0x8001, 0xfffe}, 0x14)
shutdown(r0, 0x2)

15.683714659s ago: executing program 1 (id=1177):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
getsockopt$IP_VS_SO_GET_VERSION(r0, 0x0, 0x480, &(0x7f0000000000), &(0x7f00000000c0)=0x40) (fail_nth: 1)

15.656570855s ago: executing program 0 (id=1178):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xc, &(0x7f0000000500)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x87}, @printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 3)

15.655507564s ago: executing program 3 (id=1179):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x2a, 0x2, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0xffffff1f, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, 0x290, 0x46212}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r2}]}}}, @IFLA_MTU={0x8, 0x4, 0x40000500}]}, 0x44}}, 0x0)

15.618691272s ago: executing program 4 (id=1180):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = syz_open_dev$radio(&(0x7f0000000140), 0x3, 0x2)
io_setup(0x3, &(0x7f0000000180)=<r1=>0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="88f3e01af117fb0e4aebd1c4a44bd77a41f2d9d1714687054d34cf860cca13f964d38235bb551525964a4639f0a74f143faa93caa7c1e04089119e571cf9d3ed697587259fd10f3337a7cbcc3a939f155dd15268dbbd65f6a7a70b99"], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = dup3(r5, r4, 0x0)
connect$unix(r6, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x7, 0xb, &(0x7f0000000300)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r7 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x9, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000071122000000000009500000700"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, 0x0)
r10 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
dup(r10)
io_submit(r1, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x300, 0x0, 0x5, 0x0, r0, 0x0}])
syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)

15.011785008s ago: executing program 1 (id=1181):
socket$netlink(0x10, 0x3, 0x0)
io_setup(0x3, &(0x7f0000000140))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x1}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000300)='jbd2_shrink_scan_exit\x00', 0xffffffffffffffff, 0x0, 0x7c}, 0x18)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x2b8, 0xb0000010, 0x2, 0x5c8f0200, 0x388, 0x3a8, 0x3a8, 0x388, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0x248, 0x290, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0xf1, 0x0, 0x33, 0x0, 0x0, 0x1, 0x7fffffff}}}, @common=@unspec=@limit={{0x48}, {0x0, 0x3}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00'}, 0x10)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="02c83020001c0001000b0204004c00000002080400030003080303080000000200d3"], 0x25)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r5 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
close(r5)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000005580)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0ebe097fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822a0269a660e717a04becff0f7191070000000000002ea37e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7ae22e16c6c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85ecb29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bba3d005585bf07d70e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56bd86acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbf"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)=ANY=[@ANYRES32=r5, @ANYRES32=r6, @ANYBLOB="2f000000f0fbb25f69"], 0x20)

15.011240688s ago: executing program 3 (id=1182):
syz_init_net_socket$ax25(0x3, 0x2, 0xcf) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x2) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
sched_setscheduler(r0, 0x6, &(0x7f0000000000)=0xffff7fff)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r4 = dup(r3)
ioctl$KVM_CAP_HYPERV_VP_INDEX(r4, 0x4068aea3, 0x0)
syz_emit_ethernet(0x3b6, &(0x7f00000003c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbffffffffffff86dd6043009303803afffe800000000000000000000000000000ff02000000000000000000000000000186009078000000000000000000000000000aa78ce5400659808000ffffc0fe4023493b87aafaffffffffffffff2373247202fa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0502000100000000000000000800ee000018fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978001d06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5c6186c0d3baa75af390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5acaa556b9f30dcab2b90aa235a670670ffc5dc49dfb58d89310000000000000bd47ae6e8805d4809c20547406b18901b0aeff04c0300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c6393a9f3becd1a9f51a948b5b303f4f0192107fcf98a102ec1876d4e6fa3b20519bbaa8a029cee00b8d3485e4163ed09bdb581c9fe68a356f542b0430509da61bfb02b3235e1d16212fb00145e14f0e74d2d52cfb3f27fafb60845f90b6dfc87c6905bbc94d33e45"], 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sched_setscheduler(0x0, 0x2, 0x0) (async)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) (async)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000a80)={{0x2, 0x0, @remote}, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0xe, {0x2, 0x4e20, @multicast2}, 'ip6tnl0\x00'}) (async)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/arp\x00')
preadv(r6, &(0x7f0000000080)=[{&(0x7f0000000b40)=""/119, 0x77}, {0x0}], 0x2, 0x4000ffe, 0x0) (async)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x400, 0x0)
ioctl$SNDCTL_SYNTH_INFO(r7, 0xc08c5102, &(0x7f0000000080)={"500111940cbe927c256e2726cf78bdac279de5c00935968beac00022b139", 0xfffffff4, 0x1, 0x1, 0x101, 0xffffffff, 0x2, 0x6, 0x5, [0x10004, 0x800, 0x3, 0x7, 0x6, 0x7, 0xfffffff9, 0x3, 0xfffffffd, 0x4, 0x3, 0x8, 0x3, 0x20, 0x0, 0xdd83, 0x7, 0x2, 0x7f]}) (async)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r1, &(0x7f0000000c80)=[{{&(0x7f00000000c0)={0xa, 0x4e22, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c, &(0x7f0000001900)=[{&(0x7f0000000240)="ad30b68484b2c5f0967bc045f364223f332e0017021cd36885c5b27bf4f23c98d57c26ba1bd89adedae55ba15daa277b571a57962ce9c75c3d726f5528035c54efffe7e8a29b2e8c9c35b19e7c7a54883f023efb20b1549a6bc8255567da4e0167e36cf7aa39dfb5356330f0353455bcdd2f53d1d931db6a95cb2b3262bbe78eb9e64d1bc6e01e8dc956cb1a6e90b709d4e0cb82", 0x94}], 0x1}}, {{&(0x7f0000000100)={0xa, 0x4e24, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c, &(0x7f0000000180)=[{&(0x7f0000000800)="2c0095deae2ef8cac1b43a5a076066e66475dcce825567809b2932bebc9ddc43ca9591939fcf99301c3fce694b8fc2436d7eeee41b23ad913dc068c35282af8247d346368d7b7d338beb610a8c70b3ab7c46bd7012d62d53b55f8cb50cdecc3bb7e71c26e5fe13ae154785bc58175f7dee3a63059d3cf061b6c77d5b5cfca42196011c7b38603fe62386d18b4c9ec55beec8fc8876b38d446051bd2c161aeb", 0x9f}, {0x0}, {&(0x7f0000000300)}, {&(0x7f0000000980)="a0ec6ca0069aa3563485f724dd51748370389882e9c85ca8f0630bb2fb609ddcfa6aece36ddeadaa0ccabe26f65ba279800d5993c6718c666856b18ea1eb37779369c60bb27aa9fbd228b7ab", 0x4c}], 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000290000000080000000000000000000001400000000000000290000000b0000000000000200000000280000000000000029000000390000007302020000000000ff011800"/86], 0x58}}, {{&(0x7f0000000a80)={0xa, 0x4e24, 0xa, @ipv4={'\x00', '\xff\xff', @remote}, 0x9}, 0x1c, &(0x7f0000000ac0), 0x0, &(0x7f0000000c40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}], 0x18}}], 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x4)

15.010853023s ago: executing program 3 (id=1183):
syz_usb_connect(0x1, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f000200000009050502"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r3=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x0, &(0x7f0000000300)=0x103)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = dup(r7)
ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000480)=ANY=[@ANYBLOB="73000000000000008b"])
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffff", @ANYRES16=r2, @ANYRES8=r1, @ANYRES32=r3, @ANYBLOB], 0x1c}}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r9 = getpid()
sched_setaffinity(r4, 0x8, &(0x7f0000000340)=0x101)
sched_setscheduler(r9, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
connect$unix(r10, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r11, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r10, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

13.916318043s ago: executing program 0 (id=1184):
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000040), 0x604840, 0x0)
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r1, 0x5452, &(0x7f0000002300)={{}, 0x0, 0xc, @inherit={0x0, 0x0}, @subvolid=0x1})
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000280)={@broadcast, @empty, 0x0, "614af285791a63abd0f993af8077b5cd01e03d64a831683fdc3fd440829c82ae"}, 0x3c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x6, 0xc, &(0x7f00000007c0)=ANY=[], 0x0, 0x1004000, 0x0, 0x0, 0x41100, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x89, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$MRT_FLUSH(r5, 0x0, 0xd4, &(0x7f0000000200)=0x41c16f48c89e823e, 0x4)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes256\x00'}, 0x58)
accept(r6, &(0x7f00000001c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev}}}, &(0x7f0000000240)=0x80)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
clock_adjtime(0x0, &(0x7f0000000340)={0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffc99a3b})
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
openat$cgroup(0xffffffffffffffff, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0)

13.465392545s ago: executing program 1 (id=1185):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$nl_netfilter(0x10, 0x3, 0xc)
write(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r4 = dup(r3)
ioctl$BLKROSET(r4, 0x125d, 0x0)
ioctl$BLKRRPART(r4, 0x125f, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x19, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800005, 0x11, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0xb81a, @any, 0x7ff}, 0xe)
socket$kcm(0x10, 0x2, 0x0)
bind$pptp(0xffffffffffffffff, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
connect$pptp(0xffffffffffffffff, &(0x7f0000000080)={0x18, 0x2, {0x1, @rand_addr=0x64010102}}, 0x1e)

13.462284803s ago: executing program 4 (id=1186):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000000000b40d504010000000000000109022400010000000009"], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000300)={0x160001, 0x0, [0x0, 0x0, 0xfffffffffffffffe, 0xffffffffffffffff, 0x0, 0x0, 0x29]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000011000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, &(0x7f0000000140)="f20f1c0166b864912c870f23c80f21f866350c0080000f23f80f01fc0f20e06635000010000f22e066f30fa7c00f1c9700000f01c566b9a001000066b80400000066ba000000000f30c0dbb6660f3adf932700de", 0x54}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

13.365900359s ago: executing program 2 (id=1187):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020100000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011001f"], 0x7c}}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000008c0)={0x20, 0x0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x24004000}, 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
process_vm_readv(0x0, &(0x7f0000001140)=[{&(0x7f0000000200)=""/92, 0x57}, {&(0x7f0000004240)=""/4100, 0x1004}], 0x70, &(0x7f00000011c0)=[{0xffffffffffffffff}], 0x1, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_MSRS(r4, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="0100000000080000e006"])

12.799743021s ago: executing program 1 (id=1188):
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0xffffffffffffff18, &(0x7f0000000100)=[{&(0x7f0000000000)="2f0000001c0005c5ffffff000d000000020000000b000000ec0091c913000180f0ffffeb", 0x1dd}], 0x1}, 0x0)
r0 = socket(0x10, 0x80002, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="fc0000001c00071bab0925000900070007ab08000c000000f0007e93210001c000000000000000000000000000039915fa2c1ec28670e9889bb94b46fe0000000a0002", 0xff82)
sendmmsg$alg(r0, &(0x7f0000000140)=[{0x3, 0x0, &(0x7f0000000100), 0x6, &(0x7f0000000100)}], 0x492492492492856, 0x0)

12.742880863s ago: executing program 1 (id=1189):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$sock_x25_SIOCADDRT(r0, 0x890b, &(0x7f0000000780)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x0}, 0xfffffffc, 'bridge_slave_1\x00'})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
capset(&(0x7f0000000480)={0x19980330}, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x8})
r3 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, 0x0, 0x2a8)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000440)={'macvlan0\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYBLOB="580000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000300012800c0001006d6163766c616e0020000280080001001000000008000300000000000a000400aaaaaaaaaaaa000008000500", @ANYRES32=r4, @ANYBLOB], 0x58}}, 0x0)

12.733805128s ago: executing program 2 (id=1190):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0x47f)
bind$inet(r0, &(0x7f00000002c0)={0x2, 0x4e21}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0xffffffffffffffff, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000440)={0x0, 0x8001, 0xfffe}, 0x14)
shutdown(r0, 0x2)

12.71276718s ago: executing program 0 (id=1191):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000006c0)={0xb, {'syz0\x00', 'syz1\x00', 'syz0\x00', 0x85, 0x9, 0x7, 0x9, 0x8, 0x8, "9611badc6b619a26c6d82aacf662157c1a55fe4b594c8fec199a0a4337d2d4cd6098318d6f6ccb239395fb7b39d8c3eae3b449ae8ef96ae927b4bc9fdc9524d00d8976e227920e81e229f86e5c97f5568ede56db963166511941ca0bfb620d3248fb811fe26f6779b3e3ea1a80845e4145f8500416824dbd16a183575e469352fbd6da9a88"}}, 0x19d)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r3}, 0x18)
r4 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r4)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r5, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
recvmmsg(r5, &(0x7f0000000dc0)=[{{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000004ac0)=""/102389, 0x18ff5}], 0x1}}], 0x1, 0x0, 0x0)
write$binfmt_elf64(r5, &(0x7f00000000c0)=ANY=[], 0xc63b9e35)

12.560628355s ago: executing program 1 (id=1192):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000180), 0x802, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000006c0)={0xb, {'syz0\x00', 'syz1\x00', 'syz0\x00', 0x85, 0x9, 0x7, 0x9, 0x8, 0x8, "9611badc6b619a26c6d82aacf662157c1a55fe4b594c8fec199a0a4337d2d4cd6098318d6f6ccb239395fb7b39d8c3eae3b449ae8ef96ae927b4bc9fdc9524d00d8976e227920e81e229f86e5c97f5568ede56db963166511941ca0bfb620d3248fb811fe26f6779b3e3ea1a80845e4145f8500416824dbd16a183575e469352fbd6da9a88"}}, 0x19d)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r3}, 0x18)
r4 = eventfd(0x0)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r4)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r4})
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r5, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
recvmmsg(r5, &(0x7f0000000dc0)=[{{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000004ac0)=""/102389, 0x18ff5}], 0x1}}], 0x1, 0x0, 0x0)
write$binfmt_elf64(r5, &(0x7f00000000c0)=ANY=[], 0xc63b9e35)

12.56013854s ago: executing program 2 (id=1193):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000340)=@raw={'raw\x00', 0x4001, 0x3, 0x2b0, 0x138, 0x0, 0x148, 0x0, 0x148, 0x218, 0x240, 0x240, 0x218, 0x240, 0x7fffffe, 0x0, {[{{@ip={@loopback, @local, 0x0, 0x0, 'ip6gretap0\x00', 'netdevsim0\x00'}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'lo\x00', {0x0, 0x0, 0x1ff, 0x0, 0x0, 0xed, 0x7}}}, @common=@unspec=@connlabel={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private1, 'ip6erspan0\x00'}}}, {{@ip={@local, @loopback, 0x0, 0x0, 'veth0_vlan\x00', 'macvtap0\x00'}, 0x0, 0xc0, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28, 'rpfilter\x00', 0x2}}]}, @unspec=@TRACE={0x20}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x310)
syz_emit_ethernet(0x86, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a00000000000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e000000000000000000140000001100010000000000000000000000000ae5e1e8ddfea2b2165f45cbc04696bd27ccaf9db16e6883bfddfe1f660e9a0616854984e5a4de56b236a859a2c24db6797b4087c86759d81af64746cdd0"], 0x80}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000180)={@dev, @multicast, @val={@void, {0x8864}}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @dest_unreach={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @multicast1, @empty}}}}}}, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
lseek(r2, 0x0, 0x0)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), r2)
syz_emit_ethernet(0x11a, &(0x7f0000000040)={@local, @broadcast, @void, {@ipv4={0x800, @tipc={{0xf, 0x4, 0x3, 0x3, 0x10c, 0x66, 0x0, 0x7, 0x6, 0x0, @local, @local, {[@timestamp_addr={0x44, 0x4, 0x80, 0x1, 0x3}, @timestamp={0x44, 0x24, 0x14, 0x0, 0x0, [0xb8a, 0x7ff, 0x80000001, 0xfffffffe, 0x97, 0x80, 0x3, 0xcb]}]}}, @name_distributor={{0xd0, 0x0, 0x0, 0x0, 0x0, 0xa, 0xb, 0x2, 0x9, 0x0, 0x0, 0x3, 0x4, 0x1, 0x4e24, 0x4e22, 0x2, 0x3}, [{0x80000000, 0x8e, 0x9, 0x80000001, 0x401, 0x4, 0x7, 0x1}, {0x9, 0x5, 0x1, 0x2, 0x9, 0xffffffff, 0x3, 0xffffffb}, {0xffffffc6, 0xe, 0x1, 0x6, 0x7, 0xffffffff, 0x1, 0x7}, {0x8, 0x8, 0x9, 0xf, 0xfffff22f, 0x0, 0x5, 0x3}, {0x5, 0x80000000, 0x97, 0x1000, 0x7a, 0x9, 0xb, 0xffffff2}, {0xfffffff7, 0x80000001, 0x7, 0xffffffff, 0xda4c, 0x4, 0xd, 0xbd60}]}}}}}, 0x0)

0s ago: executing program 32 (id=1183):
syz_usb_connect(0x1, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f000200000009050502"], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r3=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x0, &(0x7f0000000300)=0x103)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r8 = dup(r7)
ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000480)=ANY=[@ANYBLOB="73000000000000008b"])
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffff", @ANYRES16=r2, @ANYRES8=r1, @ANYRES32=r3, @ANYBLOB], 0x1c}}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r9 = getpid()
sched_setaffinity(r4, 0x8, &(0x7f0000000340)=0x101)
sched_setscheduler(r9, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
connect$unix(r10, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r11, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r10, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

kernel console output (not intermixed with test programs):

es leftover after parsing attributes in process `syz.4.704'.
[  287.655413][ T5874] usb 1-1: USB disconnect, device number 34
[  288.412920][ T8651] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  289.283905][ T5874] libceph: connect (1)[c::]:6789 error -101
[  289.289941][ T5874] libceph: mon0 (1)[c::]:6789 connect error
[  289.380913][ T8639] ceph: No mds server is up or the cluster is laggy
[  290.467442][ T8682] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  291.712593][ T5874] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  291.883240][ T5874] usb 3-1: Using ep0 maxpacket: 8
[  291.925945][ T5874] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  292.269713][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.297726][ T5874] usb 3-1: Product: syz
[  292.304043][ T5874] usb 3-1: Manufacturer: syz
[  292.311823][ T5874] usb 3-1: SerialNumber: syz
[  292.339346][ T5874] usb 3-1: config 0 descriptor??
[  292.664070][ T8702] netlink: 24 bytes leftover after parsing attributes in process `syz.4.724'.
[  292.705744][ T5874] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  292.722801][ T5834] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  292.837612][ T8705] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  293.302542][    T9] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  293.323858][ T5834] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  293.342425][ T5834] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  293.353748][ T5834] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  293.363576][ T5834] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  293.377656][ T5834] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  293.386891][ T5834] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.401610][ T5834] usb 1-1: config 0 descriptor??
[  293.452512][    T9] usb 2-1: Using ep0 maxpacket: 8
[  293.465172][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  293.474543][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.507272][    T9] usb 2-1: Product: syz
[  293.511514][    T9] usb 2-1: Manufacturer: syz
[  293.516625][    T9] usb 2-1: SerialNumber: syz
[  293.553327][    T9] usb 2-1: config 0 descriptor??
[  294.521918][ T8712] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  294.557475][ T5826] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  294.629759][    T9] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  294.649051][ T5834] usbhid 1-1:0.0: can't add hid device: -71
[  294.656572][ T5834] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  294.815059][ T5834] usb 1-1: USB disconnect, device number 35
[  294.873494][ T5874] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  294.884580][ T5874] usb 3-1: USB disconnect, device number 25
[  295.622081][ T8731] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  296.158375][    T9] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  296.367882][    T9] usb 2-1: USB disconnect, device number 31
[  296.788990][ T8741] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  297.252498][ T5826] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  297.282502][    T9] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  297.454934][    T9] usb 2-1: Using ep0 maxpacket: 8
[  297.526014][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  297.556957][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.588133][    T9] usb 2-1: Product: syz
[  297.598236][    T9] usb 2-1: Manufacturer: syz
[  297.603102][ T5878] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  297.621441][    T9] usb 2-1: SerialNumber: syz
[  297.634488][    T9] usb 2-1: config 0 descriptor??
[  297.772432][ T5878] usb 3-1: Using ep0 maxpacket: 8
[  297.779225][ T5878] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  297.792159][ T5878] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  297.807617][ T5878] usb 3-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  297.831698][ T5878] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  297.841079][ T5878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.860770][    T9] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  297.889255][ T5878] usbtmc 3-1:16.0: bulk endpoints not found
[  297.943604][ T8745] ceph: No mds server is up or the cluster is laggy
[  297.959074][   T45] libceph: connect (1)[c::]:6789 error -101
[  297.965201][   T45] libceph: mon0 (1)[c::]:6789 connect error
[  298.103082][ T5878] usb 3-1: USB disconnect, device number 26
[  298.964783][ T8762] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  299.035710][ T5826] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  300.825361][    T9] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  300.846469][    T9] dvbdev: DVB: registering new adapter (TerraTec NOXON DAB Stick)
[  300.854424][    T9] usb 2-1: media controller created
[  300.867812][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  301.719095][    T9] i2c i2c-1: Added multiplexed i2c bus 2
[  301.724904][    T9] rtl2832 1-0010: Realtek RTL2832 successfully attached
[  301.732037][    T9] usb 2-1: DVB: registering adapter 1 frontend 0 (Realtek RTL2832 (DVB-T))...
[  301.741873][    T9] dvbdev: dvb_create_media_entity: media entity 'Realtek RTL2832 (DVB-T)' registered.
[  301.752630][   T45] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  301.921415][    T9] DVB: Unable to find symbol r820t_attach()
[  302.000701][    T9] usb 2-1: USB disconnect, device number 32
[  302.042782][   T45] usb 4-1: Using ep0 maxpacket: 32
[  302.053358][   T45] usb 4-1: config 0 has an invalid interface number: 250 but max is 0
[  302.062223][   T45] usb 4-1: config 0 has no interface number 0
[  302.207182][   T25] usb 3-1: new full-speed USB device number 27 using dummy_hcd
[  302.443510][   T45] usb 4-1: New USB device found, idVendor=04f1, idProduct=1001, bcdDevice=19.63
[  302.497686][   T25] usb 3-1: config 1 interface 0 altsetting 245 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  302.542753][   T25] usb 3-1: config 1 interface 0 altsetting 245 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  302.615376][   T45] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.637415][   T45] usb 4-1: Product: syz
[  302.641603][   T45] usb 4-1: Manufacturer: syz
[  302.646641][   T25] usb 3-1: config 1 interface 0 has no altsetting 0
[  302.672199][   T45] usb 4-1: SerialNumber: syz
[  302.679488][   T25] usb 3-1: New USB device found, idVendor=05ac, idProduct=024d, bcdDevice= 0.40
[  302.693389][   T45] usb 4-1: config 0 descriptor??
[  302.702543][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.713472][   T45] gspca_main: sunplus-2.14.0 probing 04f1:1001
[  302.731098][   T25] usb 3-1: Product: syz
[  302.742405][   T25] usb 3-1: Manufacturer: syz
[  302.752767][   T25] usb 3-1: SerialNumber: syz
[  302.768807][ T8777] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  302.802605][    T9] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  303.035584][ T8791] netlink: 'syz.3.746': attribute type 1 has an invalid length.
[  303.072436][   T45] gspca_sunplus: reg_w_riv err -71
[  303.077637][   T45] sunplus 4-1:0.250: probe with driver sunplus failed with error -71
[  303.077683][    T9] usb 2-1: Using ep0 maxpacket: 8
[  303.089840][   T45] usb 4-1: USB disconnect, device number 28
[  303.176151][ T8795] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  303.669674][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  303.705518][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.731225][   T25] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input26
[  303.735803][    T9] usb 2-1: Product: syz
[  303.754408][ T8791] netlink: 8 bytes leftover after parsing attributes in process `syz.3.746'.
[  303.763279][    T9] usb 2-1: Manufacturer: syz
[  303.768249][    T9] usb 2-1: SerialNumber: syz
[  303.772435][ T8791] netlink: 4 bytes leftover after parsing attributes in process `syz.3.746'.
[  303.784813][    T9] usb 2-1: config 0 descriptor??
[  303.862901][  T965] libceph: connect (1)[c::]:6789 error -101
[  303.869070][  T965] libceph: mon0 (1)[c::]:6789 connect error
[  303.894375][ T8791] bond1 (unregistering): Released all slaves
[  303.925888][ T8797] ceph: No mds server is up or the cluster is laggy
[  303.993701][ T8804] netlink: 4 bytes leftover after parsing attributes in process `syz.0.747'.
[  304.037906][ T8804] netlink: 8 bytes leftover after parsing attributes in process `syz.0.747'.
[  304.099126][    T9] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  304.245332][ T5185] bcm5974 3-1:1.0: could not read from device
[  304.658511][ T5185] bcm5974 3-1:1.0: could not read from device
[  304.703312][ T5834] usb 3-1: USB disconnect, device number 27
[  304.709463][ T7648] bcm5974 3-1:1.0: could not read from device
[  304.723562][ T5185] bcm5974 3-1:1.0: could not read from device
[  305.442759][   T45] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  305.657762][   T45] usb 1-1: Using ep0 maxpacket: 32
[  305.680030][   T45] usb 1-1: config 0 has an invalid interface number: 250 but max is 0
[  305.712529][   T45] usb 1-1: config 0 has no interface number 0
[  305.731049][   T45] usb 1-1: New USB device found, idVendor=04f1, idProduct=1001, bcdDevice=19.63
[  305.782534][   T45] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  305.810615][   T45] usb 1-1: Product: syz
[  305.828218][   T45] usb 1-1: Manufacturer: syz
[  305.835658][ T8820] netlink: 4 bytes leftover after parsing attributes in process `syz.2.751'.
[  305.848521][   T45] usb 1-1: SerialNumber: syz
[  305.861580][   T45] usb 1-1: config 0 descriptor??
[  305.872547][ T8820] netlink: 8 bytes leftover after parsing attributes in process `syz.2.751'.
[  305.881061][   T45] gspca_main: sunplus-2.14.0 probing 04f1:1001
[  306.402685][   T45] gspca_sunplus: reg_w_riv err -110
[  306.420648][   T45] sunplus 1-1:0.250: probe with driver sunplus failed with error -110
[  306.751432][    T9] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  306.769601][    T9] usb 2-1: USB disconnect, device number 33
[  306.920147][ T8831] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  307.067599][ T5826] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  307.731171][ T8842] netlink: 4 bytes leftover after parsing attributes in process `syz.3.757'.
[  307.769576][ T8842] netlink: 8 bytes leftover after parsing attributes in process `syz.3.757'.
[  307.796893][ T8842] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (458764)
[  307.812504][ T8842] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  307.849597][   T45] usb 1-1: USB disconnect, device number 36
[  308.192421][  T965] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  308.286423][ T8849] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  308.577355][  T965] usb 5-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  308.637515][  T965] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  308.711257][  T965] usb 5-1: Product: syz
[  308.733724][  T965] usb 5-1: Manufacturer: syz
[  308.770964][  T965] usb 5-1: SerialNumber: syz
[  308.821565][  T965] r8152-cfgselector 5-1: Unknown version 0x0000
[  308.827888][  T965] r8152-cfgselector 5-1: config 0 descriptor??
[  311.503776][ T5834] r8152-cfgselector 5-1: USB disconnect, device number 20
[  311.701514][ T8867] netlink: 4 bytes leftover after parsing attributes in process `syz.4.765'.
[  311.772865][ T8867] netlink: 8 bytes leftover after parsing attributes in process `syz.4.765'.
[  311.795016][ T8870] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in;
[  311.795016][ T8870]    program syz.2.762 not setting count and/or reply_len properly
[  312.062625][   T29] audit: type=1400 audit(1731060723.233:551): avc:  denied  { read write } for  pid=8863 comm="syz.2.762" name="sg0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  312.135143][   T29] audit: type=1400 audit(1731060723.233:552): avc:  denied  { open } for  pid=8863 comm="syz.2.762" path="/dev/sg0" dev="devtmpfs" ino=710 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  312.470895][   T29] audit: type=1400 audit(1731060723.823:553): avc:  denied  { mount } for  pid=8863 comm="syz.2.762" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  312.542502][   T29] audit: type=1400 audit(1731060723.983:554): avc:  denied  { unmount } for  pid=5823 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  312.562491][    C0] vkms_vblank_simulate: vblank timer overrun
[  313.082528][ T5834] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  313.483029][ T5834] usb 2-1: Using ep0 maxpacket: 32
[  313.498410][ T5834] usb 2-1: config 0 has an invalid interface number: 250 but max is 0
[  313.518580][ T5834] usb 2-1: config 0 has no interface number 0
[  313.537251][ T5834] usb 2-1: New USB device found, idVendor=04f1, idProduct=1001, bcdDevice=19.63
[  313.550292][ T5834] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.558708][ T5834] usb 2-1: Product: syz
[  313.569937][ T5834] usb 2-1: Manufacturer: syz
[  313.575276][ T5834] usb 2-1: SerialNumber: syz
[  313.665714][   T25] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  313.697475][ T5834] usb 2-1: config 0 descriptor??
[  313.725947][ T5834] gspca_main: sunplus-2.14.0 probing 04f1:1001
[  313.904184][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  314.063655][   T25] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  314.077757][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  314.109093][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  314.165810][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  314.192698][   T25] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  314.272710][ T5834] gspca_sunplus: reg_w_riv err -110
[  314.278079][ T5834] sunplus 2-1:0.250: probe with driver sunplus failed with error -110
[  314.353450][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  314.376695][   T25] usb 3-1: config 0 descriptor??
[  314.495248][ T8908] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  314.683312][ T8886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.732404][ T8886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.747334][ T8886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.757638][ T8886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.776457][ T8886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.786705][ T8886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.799248][ T8886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.809465][ T8886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.823421][ T8886] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.832091][ T8886] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.843026][ T5826] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  315.041355][   T29] audit: type=1400 audit(1731060726.483:555): avc:  denied  { read } for  pid=8912 comm="syz.2.775" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  315.050793][   T25] usbhid 3-1:0.0: can't add hid device: -71
[  315.077830][   T25] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  315.082502][   T29] audit: type=1400 audit(1731060726.483:556): avc:  denied  { open } for  pid=8912 comm="syz.2.775" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  315.088506][   T25] usb 3-1: USB disconnect, device number 28
[  315.126100][   T29] audit: type=1400 audit(1731060726.483:557): avc:  denied  { ioctl } for  pid=8912 comm="syz.2.775" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  315.292957][ T5883] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  315.442580][ T5883] usb 1-1: Using ep0 maxpacket: 8
[  315.453380][ T5883] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  315.478279][ T5883] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  315.495999][ T5883] usb 1-1: Product: syz
[  315.510823][ T5883] usb 1-1: Manufacturer: syz
[  315.524922][ T5883] usb 1-1: SerialNumber: syz
[  315.627429][  T965] usb 2-1: USB disconnect, device number 34
[  315.639305][ T5883] usb 1-1: config 0 descriptor??
[  316.268319][ T5883] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  316.292498][   T29] audit: type=1400 audit(1731060727.733:558): avc:  denied  { connect } for  pid=8914 comm="syz.3.777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  316.402525][ T5834] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  317.607342][  T965] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  317.673289][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  317.679768][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  317.803274][ T5834] usb 5-1: Using ep0 maxpacket: 8
[  317.810372][ T5834] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  317.813442][  T965] usb 3-1: Using ep0 maxpacket: 32
[  317.819124][ T5834] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  317.835256][ T5834] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  317.848324][ T5834] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  317.857480][ T5834] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.869486][ T8937] netlink: 32 bytes leftover after parsing attributes in process `syz.3.782'.
[  317.880209][ T5834] usbtmc 5-1:16.0: bulk endpoints not found
[  317.912304][  T965] usb 3-1: config 0 has an invalid interface number: 250 but max is 0
[  317.920724][  T965] usb 3-1: config 0 has no interface number 0
[  318.006958][  T965] usb 3-1: New USB device found, idVendor=04f1, idProduct=1001, bcdDevice=19.63
[  318.016138][  T965] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.024363][  T965] usb 3-1: Product: syz
[  318.028549][  T965] usb 3-1: Manufacturer: syz
[  318.042435][  T965] usb 3-1: SerialNumber: syz
[  318.073208][  T965] usb 3-1: config 0 descriptor??
[  318.091663][  T965] gspca_main: sunplus-2.14.0 probing 04f1:1001
[  318.134611][ T5834] usb 5-1: USB disconnect, device number 21
[  318.291083][   T25] libceph: connect (1)[c::]:6789 error -101
[  318.308444][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  318.574253][   T25] libceph: connect (1)[c::]:6789 error -101
[  318.591179][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  318.602575][  T965] gspca_sunplus: reg_w_riv err -110
[  318.607843][  T965] sunplus 3-1:0.250: probe with driver sunplus failed with error -110
[  318.835421][ T8942] ceph: No mds server is up or the cluster is laggy
[  319.260738][  T965] libceph: connect (1)[c::]:6789 error -101
[  319.266849][  T965] libceph: mon0 (1)[c::]:6789 connect error
[  319.333533][ T8960] FAULT_INJECTION: forcing a failure.
[  319.333533][ T8960] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  319.872394][  T965] libceph: connect (1)[c::]:6789 error -101
[  319.892131][ T8960] CPU: 0 UID: 0 PID: 8960 Comm: syz.1.787 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  319.902750][ T8960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  319.912825][ T8960] Call Trace:
[  319.916100][ T8960]  <TASK>
[  319.919027][ T8960]  dump_stack_lvl+0x16c/0x1f0
[  319.923710][ T8960]  should_fail_ex+0x497/0x5b0
[  319.928403][ T8960]  ? fs_reclaim_acquire+0xae/0x150
[  319.933519][ T8960]  should_fail_alloc_page+0xe7/0x130
[  319.938839][ T8960]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  319.945010][ T8960]  __alloc_pages_noprof+0x190/0x25a0
[  319.950306][ T8960]  ? bpf_trace_run4+0x2ba/0x5a0
[  319.955171][ T8960]  ? __pfx_mark_lock+0x10/0x10
[  319.959935][ T8960]  ? psi_task_switch+0x203/0x8e0
[  319.964885][ T8960]  ? find_held_lock+0x2d/0x110
[  319.969663][ T8960]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  319.975410][ T8960]  ? __pfx_lock_release+0x10/0x10
[  319.980429][ T8960]  ? mark_held_locks+0x9f/0xe0
[  319.985175][ T8960]  ? finish_task_switch.isra.0+0x217/0xcc0
[  319.990963][ T8960]  ? lockdep_hardirqs_on+0x7c/0x110
[  319.996152][ T8960]  ? finish_task_switch.isra.0+0x217/0xcc0
[  320.001954][ T8960]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  320.007847][ T8960]  ? policy_nodemask+0xea/0x4e0
[  320.012694][ T8960]  alloc_pages_mpol_noprof+0x2c9/0x610
[  320.018150][ T8960]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  320.024122][ T8960]  ? __pfx_mark_lock+0x10/0x10
[  320.028886][ T8960]  get_free_pages_noprof+0xc/0x40
[  320.033925][ T8960]  vcs_write+0x11b/0xdb0
[  320.038204][ T8960]  ? __pfx___might_resched+0x10/0x10
[  320.043487][ T8960]  ? __pfx_vcs_write+0x10/0x10
[  320.048248][ T8960]  ? inode_security+0x101/0x130
[  320.053098][ T8960]  loop_rw_iter+0x22e/0x590
[  320.057599][ T8960]  io_write+0xf85/0x13d0
[  320.061831][ T8960]  io_issue_sqe+0x175/0x13d0
[  320.066412][ T8960]  io_submit_sqes+0x9b4/0x2530
[  320.071168][ T8960]  __do_sys_io_uring_enter+0xc0f/0x1170
[  320.076718][ T8960]  ? __fget_files+0x244/0x3f0
[  320.081396][ T8960]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[  320.087366][ T8960]  ? xfd_validate_state+0x5d/0x180
[  320.092461][ T8960]  ? rcu_is_watching+0x12/0xc0
[  320.097231][ T8960]  do_syscall_64+0xcd/0x250
[  320.101818][ T8960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  320.107712][ T8960] RIP: 0033:0x7f134ed7e719
[  320.112111][ T8960] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  320.131701][ T8960] RSP: 002b:00007f134fb1e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  320.140114][ T8960] RAX: ffffffffffffffda RBX: 00007f134ef35f80 RCX: 00007f134ed7e719
[  320.148159][ T8960] RDX: 0000000000000000 RSI: 0000000000007a98 RDI: 0000000000000004
[  320.156130][ T8960] RBP: 00007f134fb1e090 R08: 0000000000000000 R09: 0000000000000000
[  320.164086][ T8960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  320.172040][ T8960] R13: 0000000000000000 R14: 00007f134ef35f80 R15: 00007ffd988d4d58
[  320.180003][ T8960]  </TASK>
[  320.183726][  T965] libceph: mon0 (1)[c::]:6789 connect error
[  320.243185][ T5883] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  320.271045][ T5883] usb 1-1: USB disconnect, device number 37
[  320.379449][  T965] usb 3-1: USB disconnect, device number 29
[  320.412812][ T8954] ceph: No mds server is up or the cluster is laggy
[  320.884385][   T25] libceph: connect (1)[c::]:6789 error -101
[  320.890833][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  321.075799][ T5834] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  321.350406][ T5834] usb 5-1: Using ep0 maxpacket: 16
[  321.362524][  T965] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  321.373664][ T5834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  321.383984][ T5834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  321.421053][ T5834] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  321.461955][ T8970] ip6tnl1: entered promiscuous mode
[  321.491487][ T5834] usb 5-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=15.7a
[  321.512595][ T5834] usb 5-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  321.532453][ T5834] usb 5-1: Product: syz
[  321.536761][ T5834] usb 5-1: Manufacturer: syz
[  321.541362][ T5834] usb 5-1: SerialNumber: syz
[  321.554099][  T965] usb 3-1: Using ep0 maxpacket: 32
[  321.573931][ T5834] usb 5-1: config 0 descriptor??
[  321.600910][ T5834] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  321.608584][  T965] usb 3-1: config 0 has an invalid interface number: 250 but max is 0
[  321.619852][  T965] usb 3-1: config 0 has no interface number 0
[  321.643637][  T965] usb 3-1: New USB device found, idVendor=04f1, idProduct=1001, bcdDevice=19.63
[  321.663527][  T965] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.671551][  T965] usb 3-1: Product: syz
[  321.692531][  T965] usb 3-1: Manufacturer: syz
[  321.700525][  T965] usb 3-1: SerialNumber: syz
[  321.728192][  T965] usb 3-1: config 0 descriptor??
[  321.750701][  T965] gspca_main: sunplus-2.14.0 probing 04f1:1001
[  321.772679][ T7647] udevd[7647]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  321.862518][ T5883] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  321.897118][ T5834] usb 5-1: USB disconnect, device number 22
[  321.902591][ T5874] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  322.013410][ T5883] usb 1-1: Using ep0 maxpacket: 8
[  322.021484][ T5883] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  322.039185][ T5883] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.047690][ T5883] usb 1-1: Product: syz
[  322.052229][ T5883] usb 1-1: Manufacturer: syz
[  322.062772][   T29] audit: type=1400 audit(1731060733.513:559): avc:  denied  { setopt } for  pid=8983 comm="syz.3.794" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  322.064316][ T5874] usb 2-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  322.082634][ T5883] usb 1-1: SerialNumber: syz
[  322.101909][ T5874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.110227][ T5883] usb 1-1: config 0 descriptor??
[  322.134134][ T5874] usb 2-1: config 0 descriptor??
[  322.241020][ T8984] netlink: 8 bytes leftover after parsing attributes in process `syz.3.794'.
[  322.302542][  T965] gspca_sunplus: reg_w_riv err -110
[  322.325791][ T5883] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  322.327735][  T965] sunplus 3-1:0.250: probe with driver sunplus failed with error -110
[  322.452708][   T29] audit: type=1400 audit(1731060733.893:560): avc:  denied  { ioctl } for  pid=8990 comm="syz.4.796" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  322.542490][ T5834] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  322.547620][ T5874] usbhid 2-1:0.0: can't add hid device: -71
[  322.559177][ T5874] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  322.575365][   T29] audit: type=1400 audit(1731060734.023:561): avc:  denied  { append } for  pid=8993 comm="syz.4.797" name="media0" dev="devtmpfs" ino=929 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  322.597949][    C1] vkms_vblank_simulate: vblank timer overrun
[  322.607614][ T5874] usb 2-1: USB disconnect, device number 35
[  322.619717][ T6181] udevd[6181]: setting mode of /dev/bus/usb/002/035 to 020664 failed: No such file or directory
[  322.621091][   T29] audit: type=1400 audit(1731060734.023:562): avc:  denied  { create } for  pid=8993 comm="syz.4.797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  322.631896][ T6181] udevd[6181]: setting owner of /dev/bus/usb/002/035 to uid=0, gid=0 failed: No such file or directory
[  322.722606][ T5834] usb 4-1: Using ep0 maxpacket: 8
[  322.729835][ T5834] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  322.741148][ T5834] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  322.751280][ T5834] usb 4-1: New USB device found, idVendor=09da, idProduct=022b, bcdDevice= 0.00
[  322.760699][ T5834] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.772000][ T5834] usb 4-1: config 0 descriptor??
[  323.079616][   T29] audit: type=1400 audit(1731060734.513:563): avc:  denied  { create } for  pid=8988 comm="syz.3.795" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  323.315193][ T5878] usb 3-1: USB disconnect, device number 30
[  323.499939][ T9002] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not ''
[  323.511712][   T29] audit: type=1400 audit(1731060734.963:564): avc:  denied  { setopt } for  pid=9001 comm="syz.4.800" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  324.754475][ T5883] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  324.785091][   T29] audit: type=1400 audit(1731060734.983:565): avc:  denied  { connect } for  pid=9001 comm="syz.4.800" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  325.372591][   T29] audit: type=1400 audit(1731060736.813:566): avc:  denied  { create } for  pid=9010 comm="syz.4.802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  325.492632][ T5874] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  325.702799][   T29] audit: type=1400 audit(1731060736.993:567): avc:  denied  { mount } for  pid=9010 comm="syz.4.802" name="/" dev="ramfs" ino=16940 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  325.703540][ T5883] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  325.725573][ T5874] usb 3-1: Using ep0 maxpacket: 32
[  325.791907][ T5874] usb 3-1: config 0 has an invalid interface number: 250 but max is 0
[  325.821338][ T5834] usbhid 4-1:0.0: can't add hid device: -71
[  325.827433][ T5874] usb 3-1: config 0 has no interface number 0
[  325.833696][ T5834] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  325.843745][   T29] audit: type=1804 audit(1731060737.193:568): pid=9014 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.802" name="/newroot/159/file0/bus" dev="ramfs" ino=16941 res=1 errno=0
[  325.878297][ T5874] usb 3-1: New USB device found, idVendor=04f1, idProduct=1001, bcdDevice=19.63
[  325.884264][ T5834] usb 4-1: USB disconnect, device number 29
[  325.888393][ T5874] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.901338][ T5874] usb 3-1: Product: syz
[  325.905559][ T5874] usb 3-1: Manufacturer: syz
[  325.910176][ T5874] usb 3-1: SerialNumber: syz
[  325.917032][ T5874] usb 3-1: config 0 descriptor??
[  325.962445][ T5883] usb 2-1: Using ep0 maxpacket: 8
[  326.012742][ T5874] gspca_main: sunplus-2.14.0 probing 04f1:1001
[  326.046011][ T5883] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  326.062005][ T5878] usb 1-1: USB disconnect, device number 38
[  326.071226][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.080341][ T5883] usb 2-1: Product: syz
[  326.085013][ T5883] usb 2-1: Manufacturer: syz
[  326.089619][ T5883] usb 2-1: SerialNumber: syz
[  326.106410][ T5883] usb 2-1: config 0 descriptor??
[  326.262881][ T9022] FAULT_INJECTION: forcing a failure.
[  326.262881][ T9022] name fail_futex, interval 1, probability 0, space 0, times 1
[  326.311188][ T9022] CPU: 0 UID: 0 PID: 9022 Comm: syz.0.805 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  326.321814][ T9022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  326.331870][ T9022] Call Trace:
[  326.332826][ T5826] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  326.335138][ T9022]  <TASK>
[  326.335149][ T9022]  dump_stack_lvl+0x16c/0x1f0
[  326.350360][ T9022]  should_fail_ex+0x497/0x5b0
[  326.355045][ T9022]  get_futex_key+0x1bc/0x10a0
[  326.359730][ T9022]  ? __pfx_get_futex_key+0x10/0x10
[  326.364847][ T9022]  ? kasan_save_track+0x14/0x30
[  326.369695][ T9022]  ? __kasan_kmalloc+0xaa/0xb0
[  326.374456][ T9022]  futex_lock_pi+0x258/0x710
[  326.379057][ T9022]  ? __pfx_futex_lock_pi+0x10/0x10
[  326.384188][ T9022]  ? find_held_lock+0x2d/0x110
[  326.388959][ T9022]  ? __pfx_futex_wake_mark+0x10/0x10
[  326.394255][ T9022]  ? vfs_write+0x306/0x1150
[  326.398774][ T9022]  do_futex+0x11b/0x350
[  326.402948][ T9022]  ? __pfx_do_futex+0x10/0x10
[  326.407634][ T9022]  __x64_sys_futex+0x1e1/0x4c0
[  326.412401][ T9022]  ? fput+0x30/0x390
[  326.416295][ T9022]  ? __pfx___x64_sys_futex+0x10/0x10
[  326.421591][ T9022]  ? ksys_write+0x1ad/0x260
[  326.426109][ T9022]  ? __pfx_ksys_write+0x10/0x10
[  326.430987][ T9022]  do_syscall_64+0xcd/0x250
[  326.435498][ T9022]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  326.441409][ T9022] RIP: 0033:0x7f837417e719
[  326.445822][ T9022] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  326.465450][ T9022] RSP: 002b:00007f8374f9e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  326.473871][ T9022] RAX: ffffffffffffffda RBX: 00007f8374335f80 RCX: 00007f837417e719
[  326.481845][ T9022] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000020000140
[  326.489815][ T9022] RBP: 00007f8374f9e090 R08: 0000000000000000 R09: 0000000000000002
[  326.497784][ T9022] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  326.505759][ T9022] R13: 0000000000000000 R14: 00007f8374335f80 R15: 00007ffc3dded378
[  326.513745][ T9022]  </TASK>
[  326.765252][ T5883] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  327.083445][ T5874] gspca_sunplus: reg_w_riv err -110
[  327.179533][ T5874] sunplus 3-1:0.250: probe with driver sunplus failed with error -110
[  327.317126][ T5878] usb 3-1: USB disconnect, device number 31
[  327.626588][ T9036] netlink: 'syz.0.808': attribute type 1 has an invalid length.
[  327.666012][ T9036] bond2 (unregistering): Released all slaves
[  328.067102][   T25] libceph: connect (1)[c::]:6789 error -101
[  328.076640][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  328.172416][ T5874] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  328.332427][  T965] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  328.340096][ T5874] usb 1-1: Using ep0 maxpacket: 8
[  328.345956][   T25] libceph: connect (1)[c::]:6789 error -101
[  328.352249][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  328.361095][ T5874] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  328.375486][ T5874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.390086][ T5874] usb 1-1: Product: syz
[  328.397611][ T5874] usb 1-1: Manufacturer: syz
[  328.405802][ T5874] usb 1-1: SerialNumber: syz
[  328.416317][ T5874] usb 1-1: config 0 descriptor??
[  328.506134][ T9045] ceph: No mds server is up or the cluster is laggy
[  328.515957][  T965] usb 4-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  328.525136][  T965] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.562112][  T965] usb 4-1: config 0 descriptor??
[  328.642723][ T5874] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  328.797814][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  328.797829][   T29] audit: type=1400 audit(1731060740.243:571): avc:  denied  { map } for  pid=9050 comm="syz.2.812" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  328.860618][   T29] audit: type=1400 audit(1731060740.303:572): avc:  denied  { ioctl } for  pid=9050 comm="syz.2.812" path="socket:[17240]" dev="sockfs" ino=17240 ioctlcmd=0x6721 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  328.902205][   T29] audit: type=1400 audit(1731060740.343:573): avc:  denied  { execmod } for  pid=9050 comm="syz.2.812" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  328.930767][   T29] audit: type=1400 audit(1731060740.343:574): avc:  denied  { execute } for  pid=9050 comm="syz.2.812" path="/dev/bus/usb/003/001" dev="devtmpfs" ino=732 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  328.983440][  T965] usbhid 4-1:0.0: can't add hid device: -71
[  328.989703][  T965] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  329.001992][  T965] usb 4-1: USB disconnect, device number 30
[  329.195665][   T29] audit: type=1400 audit(1731060740.643:575): avc:  denied  { create } for  pid=9054 comm="syz.4.813" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  329.252092][   T29] audit: type=1400 audit(1731060740.693:576): avc:  denied  { ioctl } for  pid=9054 comm="syz.4.813" path="socket:[17247]" dev="sockfs" ino=17247 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  329.276656][    C0] vkms_vblank_simulate: vblank timer overrun
[  329.645622][ T5883] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  329.681515][ T5883] usb 2-1: USB disconnect, device number 36
[  330.557305][    T8] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  330.805958][    T8] usb 5-1: device descriptor read/64, error -71
[  331.092560][    T8] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  331.710979][   T29] audit: type=1400 audit(1731060742.643:577): avc:  denied  { remount } for  pid=9070 comm="syz.1.818" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  331.746132][ T5874] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  331.766169][    T8] usb 5-1: device descriptor read/64, error -71
[  331.777381][ T5874] usb 1-1: USB disconnect, device number 39
[  331.962450][    T8] usb usb5-port1: attempt power cycle
[  331.993004][   T29] audit: type=1400 audit(1731060743.433:578): avc:  denied  { read write } for  pid=9084 comm="syz.2.821" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  332.016831][   T29] audit: type=1400 audit(1731060743.433:579): avc:  denied  { open } for  pid=9084 comm="syz.2.821" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  332.040608][   T29] audit: type=1400 audit(1731060743.453:580): avc:  denied  { name_connect } for  pid=9088 comm="syz.1.822" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  332.302551][    T8] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  332.335138][    T8] usb 5-1: device descriptor read/8, error -71
[  332.549237][   T45] hid (null): invalid report_count 47633
[  332.558910][   T45] hid-generic 0009:0007:0009.0011: invalid report_count 47633
[  332.566685][   T45] hid-generic 0009:0007:0009.0011: item 0 2 1 9 parsing failed
[  332.574706][   T45] hid-generic 0009:0007:0009.0011: probe with driver hid-generic failed with error -22
[  332.606069][ T9092] netlink: 68 bytes leftover after parsing attributes in process `syz.1.823'.
[  332.805805][ T9099] netlink: 8 bytes leftover after parsing attributes in process `syz.1.824'.
[  333.412507][    T8] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  333.542205][ T9105] netlink: 24 bytes leftover after parsing attributes in process `syz.4.827'.
[  333.652616][    T8] usb 5-1: device not accepting address 26, error -71
[  333.662657][    T8] usb usb5-port1: unable to enumerate USB device
[  335.183119][ T5874] libceph: connect (1)[c::]:6789 error -101
[  335.190090][ T5874] libceph: mon0 (1)[c::]:6789 connect error
[  335.201768][ T5874] libceph: connect (1)[c::]:6789 error -101
[  335.213110][ T5874] libceph: mon0 (1)[c::]:6789 connect error
[  335.731329][ T5874] libceph: connect (1)[c::]:6789 error -101
[  335.742827][ T9119] ceph: No mds server is up or the cluster is laggy
[  335.777816][ T5874] libceph: mon0 (1)[c::]:6789 connect error
[  335.859891][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  335.859907][   T29] audit: type=1400 audit(1731060747.303:582): avc:  denied  { sqpoll } for  pid=9122 comm="syz.4.832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  335.864095][ T9141] ieee802154 phy0 wpan0: encryption failed: -90
[  335.939241][ T9145] netlink: 32 bytes leftover after parsing attributes in process `syz.2.836'.
[  336.054189][   T29] audit: type=1400 audit(1731060747.503:583): avc:  denied  { read write } for  pid=9148 comm="syz.0.837" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  336.178874][ T9153] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  336.188124][   T29] audit: type=1400 audit(1731060747.503:584): avc:  denied  { open } for  pid=9148 comm="syz.0.837" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  336.305105][    T8] hid (null): invalid report_count 47633
[  336.460646][    T8] hid-generic 0009:0007:0009.0012: invalid report_count 47633
[  337.016092][    T8] hid-generic 0009:0007:0009.0012: item 0 2 1 9 parsing failed
[  337.024145][    T8] hid-generic 0009:0007:0009.0012: probe with driver hid-generic failed with error -22
[  337.376098][   T29] audit: type=1400 audit(1731060748.823:585): avc:  denied  { create } for  pid=9165 comm="syz.0.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  337.432461][   T29] audit: type=1400 audit(1731060748.863:586): avc:  denied  { getopt } for  pid=9165 comm="syz.0.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  337.638411][   T29] audit: type=1400 audit(1731060748.863:587): avc:  denied  { read write } for  pid=9165 comm="syz.0.841" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  337.638453][   T29] audit: type=1400 audit(1731060748.863:588): avc:  denied  { open } for  pid=9165 comm="syz.0.841" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  338.024297][ T9186] netlink: 24 bytes leftover after parsing attributes in process `syz.3.843'.
[  338.800010][ T9191] ip6tnl1: entered promiscuous mode
[  339.849886][ T9202] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  339.997048][ T9204] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  340.128902][ T5826] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  340.408748][   T29] audit: type=1400 audit(1731060751.813:589): avc:  denied  { mount } for  pid=9200 comm="syz.2.849" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  340.430452][    C1] vkms_vblank_simulate: vblank timer overrun
[  340.532851][   T29] audit: type=1400 audit(1731060751.903:590): avc:  denied  { unmount } for  pid=9200 comm="syz.2.849" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  340.977124][ T9218] netlink: 68 bytes leftover after parsing attributes in process `syz.4.852'.
[  341.592682][   T29] audit: type=1400 audit(1731060752.423:591): avc:  denied  { write } for  pid=9211 comm="syz.4.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  341.892552][ T5878] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  341.982726][   T29] audit: type=1400 audit(1731060752.423:592): avc:  denied  { nlmsg_write } for  pid=9211 comm="syz.4.852" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  342.872423][ T5878] usb 5-1: Using ep0 maxpacket: 8
[  342.879267][ T5878] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.941194][ T5878] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.964349][ T5878] usb 5-1: New USB device found, idVendor=046d, idProduct=c24f, bcdDevice= 0.00
[  342.974190][ T5878] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.980989][ T9226] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  343.004359][ T9226] audit: out of memory in audit_log_start
[  343.019973][ T9226] IPVS: length: 128 != 24
[  343.043219][ T5878] usb 5-1: config 0 descriptor??
[  343.498695][ T5878] logitech 0003:046D:C24F.0013: hidraw0: USB HID v0.00 Device [HID 046d:c24f] on usb-dummy_hcd.4-1/input0
[  343.517116][ T5878] logitech 0003:046D:C24F.0013: no inputs found
[  343.570219][ T9233] netlink: 24 bytes leftover after parsing attributes in process `syz.0.857'.
[  343.611783][ T9234] veth0_macvtap: left promiscuous mode
[  343.662518][   T29] audit: type=1400 audit(1731060755.113:593): avc:  denied  { map } for  pid=9231 comm="syz.3.858" path="socket:[18043]" dev="sockfs" ino=18043 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  343.743059][ T9234] macvtap0: entered allmulticast mode
[  343.930888][ T9239] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  344.260934][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  344.403823][   T29] audit: type=1400 audit(1731060755.813:594): avc:  denied  { unlink } for  pid=9231 comm="syz.3.858" name="#1" dev="tmpfs" ino=996 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  344.538424][   T29] audit: type=1400 audit(1731060755.833:595): avc:  denied  { mount } for  pid=9231 comm="syz.3.858" name="/" dev="overlay" ino=991 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  344.796162][    T8] usb 5-1: USB disconnect, device number 27
[  345.130237][ T9252] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  345.215855][ T5829] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  346.000599][ T9257] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  346.027438][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  346.856320][    T8] hid (null): invalid report_count 47633
[  346.868221][    T8] hid-generic 0009:0007:0009.0014: invalid report_count 47633
[  346.896206][    T8] hid-generic 0009:0007:0009.0014: item 0 2 1 9 parsing failed
[  347.208997][    T8] hid-generic 0009:0007:0009.0014: probe with driver hid-generic failed with error -22
[  347.767138][ T9285] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  347.843797][ T5829] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  347.898392][   T29] audit: type=1400 audit(1731060759.343:596): avc:  denied  { create } for  pid=9287 comm="syz.0.872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  348.018740][   T29] audit: type=1400 audit(1731060759.383:597): avc:  denied  { setopt } for  pid=9287 comm="syz.0.872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  348.040276][   T29] audit: type=1400 audit(1731060759.403:598): avc:  denied  { write } for  pid=9287 comm="syz.0.872" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  348.062476][    T8] usb 2-1: new low-speed USB device number 37 using dummy_hcd
[  348.277489][    T8] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  348.295450][   T45] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  348.295517][    T8] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  348.313748][    T8] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  348.326915][    T8] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  348.337237][    T8] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  348.362945][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.377067][    T8] hub 2-1:1.0: bad descriptor, ignoring hub
[  348.388255][    T8] hub 2-1:1.0: probe with driver hub failed with error -5
[  348.397595][    T8] cdc_wdm 2-1:1.0: skipping garbage
[  348.405708][    T8] cdc_wdm 2-1:1.0: skipping garbage
[  348.414975][    T8] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  348.420933][    T8] cdc_wdm 2-1:1.0: Unknown control protocol
[  348.604322][ T9300] netlink: 32 bytes leftover after parsing attributes in process `syz.4.876'.
[  348.718608][   T45] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  348.729851][   T45] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  348.739078][   T45] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.773165][   T45] usb 4-1: config 0 descriptor??
[  349.167574][    T8] usb 2-1: USB disconnect, device number 37
[  349.173877][ T9286] cdc_wdm 2-1:1.0: Error autopm - -16
[  349.234029][   T45] keytouch 0003:0926:3333.0015: fixing up Keytouch IEC report descriptor
[  349.245210][   T45] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0015/input/input28
[  349.392704][    T8] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  349.432458][   T29] audit: type=1400 audit(1731060760.843:599): avc:  denied  { create } for  pid=9289 comm="syz.3.873" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  349.452136][   T29] audit: type=1400 audit(1731060760.843:600): avc:  denied  { ioctl } for  pid=9289 comm="syz.3.873" path="socket:[18726]" dev="sockfs" ino=18726 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  349.523069][   T45] keytouch 0003:0926:3333.0015: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  349.553104][    T8] usb 2-1: Using ep0 maxpacket: 8
[  349.571360][    T8] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  349.612419][    T8] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  349.654959][    T8] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  349.692576][    T8] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  349.735517][    T8] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  349.768660][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.779907][    C1] keyboard: can't emulate rawmode for keycode 240
[  349.786910][    C1] keyboard: can't emulate rawmode for keycode 240
[  349.794032][    C1] keyboard: can't emulate rawmode for keycode 240
[  349.800845][    C1] keyboard: can't emulate rawmode for keycode 240
[  349.807274][    C1] keyboard: can't emulate rawmode for keycode 240
[  349.833366][    T8] hub 2-1:1.0: bad descriptor, ignoring hub
[  349.869710][    T8] hub 2-1:1.0: probe with driver hub failed with error -5
[  349.911036][    T8] cdc_wdm 2-1:1.0: skipping garbage
[  349.922674][    T8] cdc_wdm 2-1:1.0: skipping garbage
[  349.949284][    T8] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  349.987836][    T8] cdc_wdm 2-1:1.0: Unknown control protocol
[  350.025687][ T9286] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  350.057452][ T9286] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  350.115911][ T9286] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  350.151522][ T9286] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  350.323444][    T8] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  350.359897][ T5883] usb 2-1: USB disconnect, device number 38
[  350.993979][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.005473][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.042452][    T8] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  351.051533][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.085131][    T8] usb 3-1: config 0 descriptor??
[  351.254328][ T5874] usb 4-1: USB disconnect, device number 31
[  351.363420][ T9331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  351.391541][   T45] libceph: connect (1)[c::]:6789 error -101
[  351.401298][ T9331] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  351.577197][   T45] libceph: mon0 (1)[c::]:6789 connect error
[  351.590101][   T45] libceph: connect (1)[c::]:6789 error -101
[  351.596208][   T45] libceph: mon0 (1)[c::]:6789 connect error
[  351.607679][ T9330] ceph: No mds server is up or the cluster is laggy
[  351.811204][ T5874] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  352.017181][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  352.079680][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  352.281248][    T8] pyra 0003:1E7D:2CF6.0016: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.2-1/input0
[  352.285198][ T5874] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  352.303759][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.323773][ T5874] usb 4-1: config 0 descriptor??
[  352.348576][    T8] pyra 0003:1E7D:2CF6.0016: couldn't init struct pyra_device
[  352.356209][    T8] pyra 0003:1E7D:2CF6.0016: couldn't install mouse
[  352.378577][    T8] pyra 0003:1E7D:2CF6.0016: probe with driver pyra failed with error -5
[  353.464283][ T5874] hid-multitouch 0003:1FD2:6007.0017: item fetching failed at offset 3/5
[  353.473271][ T5874] hid-multitouch 0003:1FD2:6007.0017: probe with driver hid-multitouch failed with error -22
[  353.703580][ T9352] netlink: 'syz.1.889': attribute type 29 has an invalid length.
[  354.309757][ T5878] usb 4-1: USB disconnect, device number 32
[  354.345291][   T29] kauditd_printk_skb: 304 callbacks suppressed
[  354.345308][   T29] audit: type=1400 audit(1731060765.253:602): avc:  denied  { bind } for  pid=9346 comm="syz.4.887" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  354.410811][    T8] usb 3-1: USB disconnect, device number 32
[  354.481605][   T29] audit: type=1400 audit(1731060765.253:603): avc:  denied  { connect } for  pid=9346 comm="syz.4.887" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  354.503947][   T29] audit: type=1400 audit(1731060765.263:604): avc:  denied  { write } for  pid=9346 comm="syz.4.887" laddr=::1 lport=7 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  354.525927][    C0] vkms_vblank_simulate: vblank timer overrun
[  354.539393][ T9352] netlink: 'syz.1.889': attribute type 29 has an invalid length.
[  354.729906][ T9359] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  355.004646][ T5829] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  355.246145][   T29] audit: type=1400 audit(1731060766.683:605): avc:  denied  { read write } for  pid=9366 comm="syz.3.893" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  355.292125][   T29] audit: type=1400 audit(1731060766.683:606): avc:  denied  { open } for  pid=9366 comm="syz.3.893" path="/dev/raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  355.336826][   T29] audit: type=1400 audit(1731060766.683:607): avc:  denied  { ioctl } for  pid=9366 comm="syz.3.893" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  355.482440][ T5878] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  355.695304][ T5878] usb 4-1: Using ep0 maxpacket: 16
[  355.768503][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  355.850778][ T5878] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  355.872559][ T5878] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  355.892521][ T5878] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  356.003296][ T5878] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  356.025244][ T5878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.096256][ T9378] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  356.218941][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  356.557927][ T5878] usb 4-1: config 0 descriptor??
[  357.043006][ T9389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.899'.
[  357.070622][ T9389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.899'.
[  357.090980][ T5878] microsoft 0003:045E:07DA.0018: unknown main item tag 0x0
[  357.103559][ T5878] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0018/input/input29
[  357.184999][ T5878] microsoft 0003:045E:07DA.0018: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  358.041624][ T5878] usb 4-1: USB disconnect, device number 33
[  358.532629][    T8] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  358.934701][    T8] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  358.989260][ T9416] ip6tnl1: entered promiscuous mode
[  359.092584][    T8] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  359.212497][    T8] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  359.221970][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  359.250322][    T8] usb 2-1: Product: syz
[  359.261002][    T8] usb 2-1: Manufacturer: syz
[  359.357950][    T8] usb 2-1: SerialNumber: syz
[  359.384916][    T8] usb 2-1: config 0 descriptor??
[  359.410848][ T9398] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  359.428661][ T9398] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  359.437987][ T9428] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  359.458055][ T9428] Cannot find set identified by id 0 to match
[  359.483172][ T5829] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  359.712637][ T5878] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  359.857924][ T9398] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  359.872423][ T9398] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  359.918425][ T5829] Bluetooth: hci2: ACL packet for unknown connection handle 200
[  359.942508][ T5878] usb 4-1: Using ep0 maxpacket: 16
[  359.954026][ T5878] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  359.979866][ T5878] usb 4-1: New USB device found, idVendor=0c72, idProduct=000c, bcdDevice=f6.59
[  360.001417][ T5878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.021958][ T5878] usb 4-1: Product: syz
[  360.032393][ T5878] usb 4-1: Manufacturer: syz
[  360.037031][ T5878] usb 4-1: SerialNumber: syz
[  360.058611][ T5878] usb 4-1: config 0 descriptor??
[  360.112248][ T5878] peak_usb 4-1:0.0 can0: sending cmd f=0x6 n=0x1 failure: -22
[  360.122605][ T5878] peak_usb 4-1:0.0: unable to read PCAN-USB serial number (err -22)
[  360.642001][ T5874] libceph: connect (1)[c::]:6789 error -101
[  360.694605][ T5874] libceph: mon0 (1)[c::]:6789 connect error
[  360.713738][ T5878] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -22
[  360.725535][ T5874] libceph: connect (1)[c::]:6789 error -101
[  360.818080][ T5874] libceph: mon0 (1)[c::]:6789 connect error
[  360.824260][ T9440] ceph: No mds server is up or the cluster is laggy
[  360.912835][ T9449] netlink: 32 bytes leftover after parsing attributes in process `syz.2.916'.
[  361.478175][   T29] audit: type=1400 audit(1731060772.923:608): avc:  denied  { read } for  pid=9453 comm="syz.4.918" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  361.522073][   T29] audit: type=1400 audit(1731060772.923:609): avc:  denied  { open } for  pid=9453 comm="syz.4.918" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  361.554598][    T8] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[  361.580218][   T29] audit: type=1400 audit(1731060772.953:610): avc:  denied  { ioctl } for  pid=9453 comm="syz.4.918" path="/dev/input/mice" dev="devtmpfs" ino=916 ioctlcmd=0x5602 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  361.621736][    T8] dm9601 2-1:0.0 eth1: register 'dm9601' at usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet, 54:00:00:00:00:00
[  361.654563][   T29] audit: type=1400 audit(1731060772.963:611): avc:  denied  { ioctl } for  pid=9453 comm="syz.4.918" path="/dev/ptp0" dev="devtmpfs" ino=1265 ioctlcmd=0x3d0c scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  361.670168][    T8] usb 2-1: USB disconnect, device number 39
[  361.685874][   T29] audit: type=1400 audit(1731060772.963:612): avc:  denied  { create } for  pid=9453 comm="syz.4.918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  361.744840][   T29] audit: type=1400 audit(1731060772.963:613): avc:  denied  { setopt } for  pid=9453 comm="syz.4.918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  361.760381][    T8] dm9601 2-1:0.0 eth1: unregister 'dm9601' usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet
[  361.790169][   T29] audit: type=1400 audit(1731060773.233:614): avc:  denied  { search } for  pid=5494 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  361.877522][   T29] audit: type=1400 audit(1731060773.233:615): avc:  denied  { read } for  pid=5494 comm="dhcpcd" name="n101" dev="tmpfs" ino=5527 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  362.061649][   T29] audit: type=1400 audit(1731060773.233:616): avc:  denied  { open } for  pid=5494 comm="dhcpcd" path="/run/udev/data/n101" dev="tmpfs" ino=5527 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  362.311277][   T29] audit: type=1400 audit(1731060773.233:617): avc:  denied  { getattr } for  pid=5494 comm="dhcpcd" path="/run/udev/data/n101" dev="tmpfs" ino=5527 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  362.474390][ T5874] usb 4-1: USB disconnect, device number 34
[  362.802562][   T25] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  363.052568][   T25] usb 5-1: Using ep0 maxpacket: 16
[  363.212029][   T25] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  363.277493][   T25] usb 5-1: config 0 has no interface number 0
[  363.330616][ T9478] ip6tnl1: entered promiscuous mode
[  363.332172][   T25] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  363.393204][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.410568][   T25] usb 5-1: Product: syz
[  363.422429][   T25] usb 5-1: Manufacturer: syz
[  363.471131][   T25] usb 5-1: SerialNumber: syz
[  363.712215][   T25] usb 5-1: config 0 descriptor??
[  363.719541][   T25] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  363.792595][   T45] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  363.962612][   T45] usb 1-1: Using ep0 maxpacket: 8
[  363.979664][   T45] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  364.010045][   T45] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  364.040121][   T45] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  364.092633][   T45] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  364.163718][   T45] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  364.319610][   T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.623241][   T45] usb 1-1: GET_CAPABILITIES returned 0
[  364.650227][   T45] usbtmc 1-1:16.0: can't read capabilities
[  365.005073][ T9514] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9514 comm=syz.1.931
[  365.064401][   T45] usb 1-1: USB disconnect, device number 40
[  365.148349][ T8526] libceph: connect (1)[c::]:6789 error -101
[  365.154685][ T8526] libceph: mon0 (1)[c::]:6789 connect error
[  365.292066][ T9529] netlink: 24 bytes leftover after parsing attributes in process `syz.1.932'.
[  365.306412][ T9516] ceph: No mds server is up or the cluster is laggy
[  365.316923][   T45] libceph: connect (1)[c::]:6789 error -101
[  365.323230][   T45] libceph: mon0 (1)[c::]:6789 connect error
[  365.367657][ T9528] ceph: No mds server is up or the cluster is laggy
[  366.552752][   T29] kauditd_printk_skb: 21 callbacks suppressed
[  366.552785][   T29] audit: type=1400 audit(1731060777.993:639): avc:  denied  { bind } for  pid=9537 comm="syz.1.935" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  366.615775][   T25] gspca_spca1528: reg_r err -71
[  366.620704][   T25] spca1528 5-1:0.1: probe with driver spca1528 failed with error -71
[  366.637768][   T25] usb 5-1: USB disconnect, device number 28
[  366.672663][   T29] audit: type=1400 audit(1731060778.043:640): avc:  denied  { setopt } for  pid=9537 comm="syz.1.935" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  366.702420][ T5829] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  366.711067][ T5829] Bluetooth: hci2: Injecting HCI hardware error event
[  366.719313][ T5829] Bluetooth: hci2: hardware error 0x00
[  366.772432][ T9540] syz.3.934 uses obsolete (PF_INET,SOCK_PACKET)
[  366.819381][   T29] audit: type=1400 audit(1731060778.263:641): avc:  denied  { ioctl } for  pid=9538 comm="syz.3.934" path="socket:[19224]" dev="sockfs" ino=19224 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  366.851331][ T9544] netlink: 'syz.0.937': attribute type 9 has an invalid length.
[  367.386722][ T9562] FAULT_INJECTION: forcing a failure.
[  367.386722][ T9562] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  367.411522][ T9562] CPU: 1 UID: 0 PID: 9562 Comm: syz.4.942 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  367.422139][ T9562] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  367.432190][ T9562] Call Trace:
[  367.435456][ T9562]  <TASK>
[  367.438371][ T9562]  dump_stack_lvl+0x16c/0x1f0
[  367.443037][ T9562]  should_fail_ex+0x497/0x5b0
[  367.447700][ T9562]  _copy_from_user+0x2e/0xd0
[  367.452277][ T9562]  copy_msghdr_from_user+0x99/0x160
[  367.457462][ T9562]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  367.463258][ T9562]  ? __pfx___lock_acquire+0x10/0x10
[  367.468440][ T9562]  ___sys_sendmsg+0xff/0x1e0
[  367.473014][ T9562]  ? __pfx____sys_sendmsg+0x10/0x10
[  367.478205][ T9562]  ? lock_acquire+0x2f/0xb0
[  367.482686][ T9562]  ? __fget_files+0x40/0x3f0
[  367.487268][ T9562]  ? fdget+0x176/0x210
[  367.491325][ T9562]  __sys_sendmsg+0x117/0x1f0
[  367.495899][ T9562]  ? __pfx___sys_sendmsg+0x10/0x10
[  367.500990][ T9562]  ? __fget_files+0x244/0x3f0
[  367.505665][ T9562]  do_syscall_64+0xcd/0x250
[  367.510151][ T9562]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.516033][ T9562] RIP: 0033:0x7f3ce777e719
[  367.520432][ T9562] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.540034][ T9562] RSP: 002b:00007f3ce84d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.548449][ T9562] RAX: ffffffffffffffda RBX: 00007f3ce7935f80 RCX: 00007f3ce777e719
[  367.556411][ T9562] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  367.564367][ T9562] RBP: 00007f3ce84d5090 R08: 0000000000000000 R09: 0000000000000000
[  367.572334][ T9562] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  367.580297][ T9562] R13: 0000000000000000 R14: 00007f3ce7935f80 R15: 00007ffd903b3898
[  367.588268][ T9562]  </TASK>
[  367.673809][ T9564] netlink: 128 bytes leftover after parsing attributes in process `syz.3.943'.
[  367.733492][ T9564] netlink: 16 bytes leftover after parsing attributes in process `syz.3.943'.
[  367.866321][ T9572] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  367.930598][ T5826] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  368.242434][ T8526] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  368.434019][ T5883] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  368.452638][ T8526] usb 1-1: Using ep0 maxpacket: 8
[  368.478918][ T8526] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  368.493442][ T8526] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.544295][ T8526] usb 1-1: Product: syz
[  368.570812][ T8526] usb 1-1: Manufacturer: syz
[  368.599341][ T8526] usb 1-1: SerialNumber: syz
[  368.673282][ T8526] usb 1-1: config 0 descriptor??
[  368.710321][ T5883] usb 5-1: Using ep0 maxpacket: 8
[  368.748660][ T5883] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  368.765733][ T5829] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  368.782102][ T5883] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  368.802637][    T8] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  368.838307][ T5883] usb 5-1: New USB device found, idVendor=09da, idProduct=022b, bcdDevice= 0.00
[  368.857379][   T25] libceph: connect (1)[c::]:6789 error -101
[  368.863830][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  368.865652][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.879168][ T9584] netlink: 209844 bytes leftover after parsing attributes in process `syz.3.949'.
[  368.893308][ T5883] usb 5-1: config 0 descriptor??
[  368.942197][ T8526] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  368.983894][ T9579] ceph: No mds server is up or the cluster is laggy
[  368.992391][    T8] usb 2-1: Using ep0 maxpacket: 8
[  369.000719][    T8] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  369.021316][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  369.039201][    T8] usb 2-1: Product: syz
[  369.056397][    T8] usb 2-1: Manufacturer: syz
[  369.066008][    T8] usb 2-1: SerialNumber: syz
[  369.084101][    T8] usb 2-1: config 0 descriptor??
[  369.852419][    T8] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  370.081226][ T9571] =======================================================
[  370.081226][ T9571] WARNING: The mand mount option has been deprecated and
[  370.081226][ T9571]          and is ignored by this kernel. Remove the mand
[  370.081226][ T9571]          option from the mount to silence this warning.
[  370.081226][ T9571] =======================================================
[  370.119908][ T9571] syz.4.946: attempt to access beyond end of device
[  370.119908][ T9571] loop4: rw=0, sector=2, nr_sectors = 1 limit=0
[  370.133229][ T9571] hfs: can't find a HFS filesystem on dev loop4
[  370.162741][ T5883] usbhid 5-1:0.0: can't add hid device: -71
[  370.168747][ T5883] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  370.213760][ T5883] usb 5-1: USB disconnect, device number 29
[  371.732453][ T9580] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  372.043075][ T9580] usb 5-1: Using ep0 maxpacket: 8
[  372.187767][ T9580] usb 5-1: config 0 has an invalid descriptor of length 159, skipping remainder of the config
[  372.240286][ T9580] usb 5-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54
[  372.262481][ T9580] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.282417][ T9580] usb 5-1: Product: syz
[  372.286657][ T9580] usb 5-1: Manufacturer: syz
[  372.291281][ T9580] usb 5-1: SerialNumber: syz
[  372.320149][ T9580] usb 5-1: config 0 descriptor??
[  372.355404][ T9580] cdc_phonet 5-1:0.0: probe with driver cdc_phonet failed with error -22
[  372.483945][    T8] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  372.506241][    T8] usb 2-1: USB disconnect, device number 40
[  373.575220][ T8526] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  373.599479][ T8526] usb 1-1: USB disconnect, device number 41
[  373.931170][ T1201] usb 5-1: USB disconnect, device number 30
[  374.110491][   T29] audit: type=1400 audit(1731060785.553:642): avc:  denied  { listen } for  pid=9633 comm="syz.2.962" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  374.137118][ T9634] syz.2.962 (9634) used greatest stack depth: 20912 bytes left
[  375.312620][ T8526] usb 1-1: new full-speed USB device number 42 using dummy_hcd
[  375.754349][ T8526] usb 1-1: unable to get BOS descriptor or descriptor too short
[  375.762606][ T8526] usb 1-1: not running at top speed; connect to a high speed hub
[  375.771152][ T8526] usb 1-1: config 64 has an invalid interface number: 16 but max is 0
[  375.779629][ T8526] usb 1-1: config 64 has no interface number 0
[  375.786414][ T8526] usb 1-1: config 64 interface 16 altsetting 6 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  375.820805][ T8526] usb 1-1: config 64 interface 16 altsetting 6 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  376.001284][ T8526] usb 1-1: config 64 interface 16 altsetting 6 endpoint 0x8F has invalid maxpacket 57417, setting to 64
[  376.024552][ T8526] usb 1-1: config 64 interface 16 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  376.287969][ T8526] usb 1-1: config 64 interface 16 has no altsetting 0
[  376.305052][ T8526] usb 1-1: string descriptor 0 read error: -22
[  376.311285][ T8526] usb 1-1: New USB device found, idVendor=040b, idProduct=6521, bcdDevice=3c.11
[  376.321946][ T8526] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.343607][ T9629] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  376.405929][ T9658] afs: Unknown parameter '¯N¶­D[ùR’¡V×U‹àÅó@š敟‚Ÿ)ø{"Ý�ö­Žïå:¶íKéƒÕõ'
[  376.462656][ T8526] rc_core: IR keymap rc-xbox-dvd not found
[  376.468509][ T8526] Registered IR keymap rc-empty
[  376.668416][ T8526] rc rc0: Xbox DVD USB Remote Control(040b,6521) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:64.16/rc/rc0
[  376.689319][ T8526] input: Xbox DVD USB Remote Control(040b,6521) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:64.16/rc/rc0/input30
[  377.747647][    C1] xbox_remote 1-1:64.16: xbox_remote_irq_in: usb_submit_urb()=-19
[  377.761739][   T45] usb 1-1: USB disconnect, device number 42
[  378.350841][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  378.363207][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  378.423123][   T29] audit: type=1400 audit(1731060789.843:643): avc:  denied  { create } for  pid=9679 comm="syz.0.975" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  378.450326][ T9680] FAULT_INJECTION: forcing a failure.
[  378.450326][ T9680] name failslab, interval 1, probability 0, space 0, times 0
[  378.661267][ T9680] CPU: 1 UID: 0 PID: 9680 Comm: syz.0.975 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  378.671895][ T9680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  378.681957][ T9680] Call Trace:
[  378.685240][ T9680]  <TASK>
[  378.688167][ T9680]  dump_stack_lvl+0x16c/0x1f0
[  378.692853][ T9680]  should_fail_ex+0x497/0x5b0
[  378.697538][ T9680]  ? fs_reclaim_acquire+0xae/0x150
[  378.702654][ T9680]  should_failslab+0xc2/0x120
[  378.707339][ T9680]  __kmalloc_noprof+0xcb/0x400
[  378.712113][ T9680]  copy_splice_read+0x1a8/0xb90
[  378.716974][ T9680]  ? look_up_lock_class+0x59/0x150
[  378.722185][ T9680]  ? __pfx_copy_splice_read+0x10/0x10
[  378.727571][ T9680]  ? do_splice_read+0x85/0x370
[  378.732341][ T9680]  ? __pfx_shmem_file_splice_read+0x10/0x10
[  378.738236][ T9680]  do_splice_read+0x2bd/0x370
[  378.742922][ T9680]  splice_direct_to_actor+0x2a4/0xa40
[  378.748284][ T9680]  ? __pfx_direct_splice_actor+0x10/0x10
[  378.753905][ T9680]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  378.759787][ T9680]  ? __pfx_file_has_perm+0x10/0x10
[  378.764891][ T9680]  do_splice_direct+0x178/0x250
[  378.769726][ T9680]  ? __pfx_do_splice_direct+0x10/0x10
[  378.775087][ T9680]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  378.780964][ T9680]  ? bpf_lsm_file_permission+0x9/0x10
[  378.786319][ T9680]  ? security_file_permission+0x71/0x210
[  378.791937][ T9680]  do_sendfile+0xb0c/0xe40
[  378.796345][ T9680]  ? __pfx_do_sendfile+0x10/0x10
[  378.801269][ T9680]  ? __pfx___schedule+0x10/0x10
[  378.806109][ T9680]  __x64_sys_sendfile64+0x1da/0x220
[  378.811292][ T9680]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  378.817002][ T9680]  do_syscall_64+0xcd/0x250
[  378.821494][ T9680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.827376][ T9680] RIP: 0033:0x7f837417e719
[  378.831789][ T9680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.851393][ T9680] RSP: 002b:00007f8374f9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  378.859798][ T9680] RAX: ffffffffffffffda RBX: 00007f8374335f80 RCX: 00007f837417e719
[  378.867752][ T9680] RDX: 0000000000000000 RSI: 000000000000000f RDI: 0000000000000010
[  378.875715][ T9680] RBP: 00007f8374f9e090 R08: 0000000000000000 R09: 0000000000000000
[  378.883668][ T9680] R10: 0000000100000002 R11: 0000000000000246 R12: 0000000000000001
[  378.891623][ T9680] R13: 0000000000000000 R14: 00007f8374335f80 R15: 00007ffc3dded378
[  378.899585][ T9680]  </TASK>
[  379.242826][ T5873] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  379.442926][ T5873] usb 4-1: Using ep0 maxpacket: 32
[  379.488991][ T5873] usb 4-1: config 0 has an invalid interface number: 5 but max is 0
[  379.507950][ T5873] usb 4-1: config 0 has no interface number 0
[  379.531438][ T5873] usb 4-1: config 0 interface 5 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  379.554339][ T5873] usb 4-1: config 0 interface 5 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  379.564825][ T5873] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  379.574220][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.648550][ T5873] usb 4-1: config 0 descriptor??
[  379.762911][   T45] usb 1-1: new full-speed USB device number 43 using dummy_hcd
[  379.963229][   T45] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  379.972533][   T45] usb 1-1: config 0 has no interface number 0
[  379.978794][   T45] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  380.033160][   T45] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  380.235491][ T5873] ft260 0003:0403:6030.0019: unknown main item tag 0x0
[  380.288582][   T45] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  380.462301][   T45] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 64
[  380.474451][ T5873] ft260 0003:0403:6030.0019: chip code: 5e81 abf2
[  380.492383][   T45] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  380.512651][   T45] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  380.521721][   T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.563185][   T45] usb 1-1: config 0 descriptor??
[  380.570443][ T9691] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  380.582227][   T45] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  380.678076][ T5873] ft260 0003:0403:6030.0019: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.3-1/input5
[  380.728072][   T45] libceph: connect (1)[c::]:6789 error -101
[  380.741935][   T45] libceph: mon0 (1)[c::]:6789 connect error
[  380.878616][ T5873] ft260 0003:0403:6030.0019: failed to retrieve status: -32, no wakeup
[  380.887048][ T9705] ceph: No mds server is up or the cluster is laggy
[  381.098513][ T5873] ft260 0003:0403:6030.0019: failed to reset I2C controller: -71
[  381.172543][ T5873] usb 4-1: USB disconnect, device number 35
[  381.402962][    T8] usb 1-1: USB disconnect, device number 43
[  381.445097][    T8] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  382.477835][    T8] hid (null): invalid report_count 47633
[  382.488367][    T8] hid-generic 0009:0007:0009.001A: invalid report_count 47633
[  382.551943][    T8] hid-generic 0009:0007:0009.001A: item 0 2 1 9 parsing failed
[  382.684209][    T8] hid-generic 0009:0007:0009.001A: probe with driver hid-generic failed with error -22
[  382.697542][ T9726] overlayfs: missing 'workdir'
[  383.602837][   T45] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  384.032495][   T45] usb 1-1: Using ep0 maxpacket: 16
[  384.108753][   T45] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=36.00
[  384.226977][   T45] usb 1-1: New USB device strings: Mfr=168, Product=81, SerialNumber=40
[  384.446359][   T45] usb 1-1: Product: syz
[  384.459893][   T45] usb 1-1: Manufacturer: syz
[  384.475516][   T45] usb 1-1: SerialNumber: syz
[  384.494563][   T45] usb 1-1: config 0 descriptor??
[  384.716403][   T45] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  384.756301][   T45] usb 1-1: Detected FT4232HA
[  384.781511][   T45] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  384.842841][   T45] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  384.850817][   T45] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  384.857754][   T45] usb 1-1: USB disconnect, device number 44
[  384.863825][   T45] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  384.864159][   T45] ftdi_sio 1-1:0.0: device disconnected
[  385.204393][ T9760] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  385.214011][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  386.692554][    T8] hid (null): invalid report_count 47633
[  386.703914][    T8] hid-generic 0009:0007:0009.001B: invalid report_count 47633
[  386.711401][    T8] hid-generic 0009:0007:0009.001B: item 0 2 1 9 parsing failed
[  386.801533][    T8] hid-generic 0009:0007:0009.001B: probe with driver hid-generic failed with error -22
[  386.904886][ T5829] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  387.015328][   T45] libceph: connect (1)[c::]:6789 error -101
[  387.021399][   T45] libceph: mon0 (1)[c::]:6789 connect error
[  387.244047][ T9778] ceph: No mds server is up or the cluster is laggy
[  387.282962][   T45] libceph: connect (1)[c::]:6789 error -101
[  387.302532][   T45] libceph: mon0 (1)[c::]:6789 connect error
[  388.194086][ T9793] ip6tnl1: entered promiscuous mode
[  389.837568][ T9814] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  389.951751][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  391.093682][   T29] audit: type=1400 audit(1731060802.543:644): avc:  denied  { read } for  pid=9822 comm="syz.0.1013" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  391.353772][ T9828] syz.2.1015: attempt to access beyond end of device
[  391.353772][ T9828] loop2: rw=0, sector=2, nr_sectors = 1 limit=0
[  391.563328][ T9833] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  392.070917][ T5829] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  392.193748][ T9828] hfs: can't find a HFS filesystem on dev loop2
[  392.314870][   T29] audit: type=1400 audit(1731060803.763:645): avc:  denied  { read } for  pid=9837 comm="syz.0.1017" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  392.844719][   T25] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  392.921466][   T29] audit: type=1400 audit(1731060804.293:646): avc:  denied  { create } for  pid=9842 comm="syz.0.1019" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  393.932062][   T25] usb 3-1: Using ep0 maxpacket: 8
[  393.948543][   T25] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  393.960528][   T25] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  393.970495][   T25] usb 3-1: config 1 has no interface number 1
[  393.977885][   T25] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  394.601794][   T25] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  394.611208][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  395.607438][   T25] usb 3-1: Product: syz
[  395.612037][   T25] usb 3-1: Manufacturer: syz
[  395.692377][   T25] usb 3-1: SerialNumber: syz
[  395.730608][   T25] usb 3-1: can't set config #1, error -71
[  395.743512][   T25] usb 3-1: USB disconnect, device number 33
[  395.998537][ T5829] Bluetooth: hci4: ACL packet for unknown connection handle 200
[  396.047508][ T9878] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  396.064084][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  397.290107][   T29] audit: type=1400 audit(1731060808.733:647): avc:  denied  { ioctl } for  pid=9894 comm="syz.1.1032" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x125d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  397.523582][   T29] audit: type=1400 audit(1731060808.783:648): avc:  denied  { connect } for  pid=9894 comm="syz.1.1032" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  397.544448][   T29] audit: type=1400 audit(1731060808.793:649): avc:  denied  { bind } for  pid=9894 comm="syz.1.1032" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  397.582447][   T29] audit: type=1400 audit(1731060808.793:650): avc:  denied  { connect } for  pid=9894 comm="syz.1.1032" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  398.303759][ T9906] netlink: 'syz.1.1035': attribute type 1 has an invalid length.
[  398.438319][ T9913] netlink: 'syz.4.1038': attribute type 1 has an invalid length.
[  398.477757][ T9913] 8021q: adding VLAN 0 to HW filter on device batadv7
[  398.486297][ T9913] bond5: (slave batadv7): Enslaving as a backup interface with an up link
[  398.526683][ T9906] 8021q: adding VLAN 0 to HW filter on device batadv1
[  398.547371][ T9906] bond2: (slave batadv1): Enslaving as a backup interface with an up link
[  399.706592][ T9936] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  400.244257][ T5878] hid (null): invalid report_count 47633
[  400.252220][ T5878] hid-generic 0009:0007:0009.001C: invalid report_count 47633
[  400.260339][ T5878] hid-generic 0009:0007:0009.001C: item 0 2 1 9 parsing failed
[  400.292830][ T5878] hid-generic 0009:0007:0009.001C: probe with driver hid-generic failed with error -22
[  402.245330][ T8526] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  402.433864][ T8526] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  402.455676][ T8526] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  402.492471][ T8526] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  402.524541][ T8526] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  402.559117][ T8526] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  402.596891][ T8526] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.632538][ T8526] usb 5-1: config 0 descriptor??
[  402.638002][    T9] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  402.794104][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  402.805536][    T9] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  402.826785][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.851223][    T9] usb 2-1: config 0 descriptor??
[  403.109908][ T8526] plantronics 0003:047F:FFFF.001D: No inputs registered, leaving
[  403.322825][ T8526] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  403.480849][    T9] keytouch 0003:0926:3333.001E: fixing up Keytouch IEC report descriptor
[  403.501894][    T9] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.001E/input/input31
[  404.563815][    T9] keytouch 0003:0926:3333.001E: input,hidraw1: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  404.589675][   T25] hid (null): invalid report_count 47633
[  404.599533][   T25] hid-generic 0009:0007:0009.001F: invalid report_count 47633
[  404.620540][   T29] audit: type=1400 audit(1731060816.063:651): avc:  denied  { ioctl } for  pid=9991 comm="syz.2.1057" path="/dev/sg0" dev="devtmpfs" ino=710 ioctlcmd=0x563d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  404.655079][   T25] hid-generic 0009:0007:0009.001F: item 0 2 1 9 parsing failed
[  404.682721][   T25] hid-generic 0009:0007:0009.001F: probe with driver hid-generic failed with error -22
[  405.807038][   T25] usb 5-1: USB disconnect, device number 31
[  405.972493][    T9] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  406.024451][ T5883] usb 2-1: USB disconnect, device number 41
[  406.133992][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  406.152458][    T9] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  406.209524][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  406.946756][    T9] usb 3-1: config 0 descriptor??
[  407.309043][T10030] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1064'.
[  407.739621][    T9] keytouch 0003:0926:3333.0020: fixing up Keytouch IEC report descriptor
[  407.751789][    T9] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0020/input/input32
[  407.871318][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  407.902463][ T8526] usb 4-1: new full-speed USB device number 36 using dummy_hcd
[  407.926958][    T9] keytouch 0003:0926:3333.0020: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  408.155338][ T8526] usb 4-1: config 1 interface 0 has no altsetting 0
[  408.172506][ T8526] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  408.199557][ T8526] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.214322][ T8526] usb 4-1: Product: syz
[  408.218566][ T8526] usb 4-1: Manufacturer: syz
[  408.265803][ T8526] usb 4-1: SerialNumber: syz
[  408.943894][    C0] keyboard: can't emulate rawmode for keycode 240
[  408.950805][    C0] keyboard: can't emulate rawmode for keycode 240
[  408.958132][    C0] keyboard: can't emulate rawmode for keycode 240
[  408.964896][    C0] keyboard: can't emulate rawmode for keycode 240
[  408.971325][    C0] keyboard: can't emulate rawmode for keycode 240
[  408.977799][    C0] keyboard: can't emulate rawmode for keycode 240
[  408.984225][    C0] keyboard: can't emulate rawmode for keycode 240
[  408.984835][T10046] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1069'.
[  408.991249][    C0] keyboard: can't emulate rawmode for keycode 240
[  409.006025][    C0] keyboard: can't emulate rawmode for keycode 240
[  409.065347][ T8526] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 36 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  409.279111][ T8526] usb 4-1: USB disconnect, device number 36
[  409.297601][ T8526] usblp0: removed
[  409.910560][T10058] FAULT_INJECTION: forcing a failure.
[  409.910560][T10058] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  409.943258][T10058] CPU: 0 UID: 0 PID: 10058 Comm: syz.3.1073 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  409.954056][T10058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  409.964114][T10058] Call Trace:
[  409.967394][T10058]  <TASK>
[  409.970332][T10058]  dump_stack_lvl+0x16c/0x1f0
[  409.975022][T10058]  should_fail_ex+0x497/0x5b0
[  409.979688][T10058]  _copy_from_user+0x2e/0xd0
[  409.984269][T10058]  wext_handle_ioctl+0xc5/0x2c0
[  409.989119][T10058]  ? __pfx_wext_handle_ioctl+0x10/0x10
[  409.994569][T10058]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  410.001057][T10058]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  410.007559][T10058]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  410.014399][T10058]  sock_ioctl+0x3a6/0x6c0
[  410.018720][T10058]  ? __pfx_sock_ioctl+0x10/0x10
[  410.023567][T10058]  ? selinux_file_ioctl+0x180/0x270
[  410.028750][T10058]  ? selinux_file_ioctl+0xb4/0x270
[  410.033848][T10058]  ? __pfx_sock_ioctl+0x10/0x10
[  410.038695][T10058]  __x64_sys_ioctl+0x18f/0x220
[  410.044321][T10058]  do_syscall_64+0xcd/0x250
[  410.048813][T10058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.054721][T10058] RIP: 0033:0x7ff70b37e719
[  410.059149][T10058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.078741][T10058] RSP: 002b:00007ff70c265038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  410.087138][T10058] RAX: ffffffffffffffda RBX: 00007ff70b535f80 RCX: 00007ff70b37e719
[  410.095092][T10058] RDX: 0000000020000040 RSI: 0000000000008b2c RDI: 0000000000000004
[  410.103054][T10058] RBP: 00007ff70c265090 R08: 0000000000000000 R09: 0000000000000000
[  410.111025][T10058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.118980][T10058] R13: 0000000000000000 R14: 00007ff70b535f80 R15: 00007ffc3e3d17b8
[  410.126943][T10058]  </TASK>
[  410.542707][   T45] usb 3-1: USB disconnect, device number 34
[  410.833924][ T5878] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  411.009943][ T5878] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  411.046824][ T5878] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  411.378086][ T5878] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  411.648516][ T5878] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  411.673262][T10084] netlink: 'syz.0.1080': attribute type 1 has an invalid length.
[  411.821691][ T5878] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  411.861376][ T5878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.991728][ T5878] usb 4-1: config 0 descriptor??
[  413.198185][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  413.398005][ T5878] plantronics 0003:047F:FFFF.0021: No inputs registered, leaving
[  413.634110][ T5878] plantronics 0003:047F:FFFF.0021: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  413.745819][T10116] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1091'.
[  413.748618][   T29] kauditd_printk_skb: 302 callbacks suppressed
[  413.748633][   T29] audit: type=1400 audit(1731060825.193:655): avc:  denied  { watch watch_reads } for  pid=10117 comm="syz.2.1090" path="/220" dev="tmpfs" ino=1163 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  413.755043][T10116] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1091'.
[  413.882638][T10116] ieee802154 phy0 wpan0: encryption failed: -22
[  414.183089][   T29] audit: type=1400 audit(1731060825.553:656): avc:  denied  { block_suspend } for  pid=10126 comm="syz.0.1093" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  415.344213][   T29] audit: type=1400 audit(1731060826.793:657): avc:  denied  { create } for  pid=10152 comm="syz.4.1101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  415.392627][ T5878] usb 4-1: reset high-speed USB device number 37 using dummy_hcd
[  415.428306][T10155] capability: warning: `syz.4.1101' uses 32-bit capabilities (legacy support in use)
[  415.593379][T10157] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1101'.
[  415.608732][   T29] audit: type=1400 audit(1731060827.043:658): avc:  denied  { write } for  pid=10152 comm="syz.4.1101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  415.637970][   T29] audit: type=1400 audit(1731060827.083:659): avc:  denied  { write } for  pid=10152 comm="syz.4.1101" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  417.759194][    T9] usb 4-1: USB disconnect, device number 37
[  419.281730][T10199] netlink: 'syz.4.1113': attribute type 1 has an invalid length.
[  420.212054][T10191] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  420.264784][ T5829] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  420.314812][T10200] 8021q: adding VLAN 0 to HW filter on device batadv8
[  420.381948][T10200] bond6: (slave batadv8): Enslaving as a backup interface with an up link
[  420.586349][ T5878] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  420.617584][T10210] futex_wake_op: syz.4.1116 tries to shift op by -1; fix this program
[  421.635402][ T5878] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  421.647037][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  421.657956][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  421.667703][ T5878] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  421.680654][ T5878] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  421.862427][ T5878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.885376][ T5878] usb 2-1: config 0 descriptor??
[  422.019912][   T29] audit: type=1400 audit(1731060833.463:660): avc:  denied  { ioctl } for  pid=10221 comm="syz.4.1120" path="socket:[21344]" dev="sockfs" ino=21344 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  422.481426][T10227] FAULT_INJECTION: forcing a failure.
[  422.481426][T10227] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  422.669960][T10227] CPU: 1 UID: 0 PID: 10227 Comm: syz.2.1121 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  422.680762][T10227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  422.690832][T10227] Call Trace:
[  422.694113][T10227]  <TASK>
[  422.697038][T10227]  dump_stack_lvl+0x16c/0x1f0
[  422.701712][T10227]  should_fail_ex+0x497/0x5b0
[  422.706395][T10227]  _copy_from_user+0x2e/0xd0
[  422.710994][T10227]  tun_set_ebpf+0x7d/0x140
[  422.715419][T10227]  ? __pfx_tun_set_ebpf+0x10/0x10
[  422.720442][T10227]  ? __rcu_read_unlock+0x2b4/0x580
[  422.725026][ T5878] plantronics 0003:047F:FFFF.0022: No inputs registered, leaving
[  422.725547][T10227]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  422.735206][ T5878] plantronics 0003:047F:FFFF.0022: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  422.739100][T10227]  __tun_chr_ioctl+0x2889/0x4760
[  422.756272][T10227]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  422.762783][T10227]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  422.769293][T10227]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  422.774612][T10227]  ? selinux_file_ioctl+0x180/0x270
[  422.779815][T10227]  ? selinux_file_ioctl+0xb4/0x270
[  422.784931][T10227]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  422.790054][T10227]  __x64_sys_ioctl+0x18f/0x220
[  422.794856][T10227]  do_syscall_64+0xcd/0x250
[  422.799365][T10227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.805270][T10227] RIP: 0033:0x7f83bab7e719
[  422.809690][T10227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  422.829312][T10227] RSP: 002b:00007f83bb985038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  422.837743][T10227] RAX: ffffffffffffffda RBX: 00007f83bad36058 RCX: 00007f83bab7e719
[  422.845722][T10227] RDX: 0000000000000000 RSI: 00000000800454e0 RDI: 0000000000000003
[  422.853696][T10227] RBP: 00007f83bb985090 R08: 0000000000000000 R09: 0000000000000000
[  422.861680][T10227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  422.869732][T10227] R13: 0000000000000001 R14: 00007f83bad36058 R15: 00007fffe7b799a8
[  422.877704][T10227]  </TASK>
[  422.978230][   T29] audit: type=1400 audit(1731060834.423:661): avc:  denied  { read write } for  pid=10229 comm="syz.3.1123" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  423.083582][   T29] audit: type=1400 audit(1731060834.423:662): avc:  denied  { ioctl } for  pid=10229 comm="syz.3.1123" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  423.160735][   T29] audit: type=1400 audit(1731060834.423:663): avc:  denied  { write } for  pid=10229 comm="syz.3.1123" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  423.614837][T10248] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1126'.
[  423.624261][T10248] (unnamed net_device) (uninitialized): option lacp_active: mode dependency failed, not supported in mode balance-rr(0)
[  424.409962][   T25] usb 2-1: USB disconnect, device number 42
[  425.069502][ T5878] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  425.602464][ T5878] usb 3-1: Using ep0 maxpacket: 16
[  425.610959][ T5878] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  425.637044][ T5878] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  425.677328][ T5878] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  425.847921][T10280] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  426.303977][ T5878] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  426.313114][ T5878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.328259][ T5878] usb 3-1: config 0 descriptor??
[  426.872540][   T29] audit: type=1400 audit(1731060838.243:664): avc:  denied  { setopt } for  pid=10283 comm="syz.3.1137" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  426.917659][ T5878] microsoft 0003:045E:07DA.0023: ignoring exceeding usage max
[  427.036108][   T29] audit: type=1400 audit(1731060838.253:665): avc:  denied  { write } for  pid=10283 comm="syz.3.1137" path="socket:[21445]" dev="sockfs" ino=21445 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  427.105818][ T5878] microsoft 0003:045E:07DA.0023: No inputs registered, leaving
[  427.158263][ T5878] microsoft 0003:045E:07DA.0023: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  427.178823][ T5878] microsoft 0003:045E:07DA.0023: no inputs found
[  427.185857][ T5878] microsoft 0003:045E:07DA.0023: could not initialize ff, continuing anyway
[  427.200669][ T5878] usb 3-1: USB disconnect, device number 35
[  427.252505][   T45] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  427.403897][   T45] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  427.425101][   T45] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  427.459305][   T45] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  427.742542][    T9] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  427.747061][   T45] usb 1-1: config 0 descriptor??
[  427.969470][T10301] FAULT_INJECTION: forcing a failure.
[  427.969470][T10301] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  427.998568][T10301] CPU: 1 UID: 0 PID: 10301 Comm: syz.2.1143 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  428.009357][T10301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  428.019414][T10301] Call Trace:
[  428.022681][T10301]  <TASK>
[  428.025597][T10301]  dump_stack_lvl+0x16c/0x1f0
[  428.030271][T10301]  should_fail_ex+0x497/0x5b0
[  428.034936][T10301]  _copy_from_user+0x2e/0xd0
[  428.039517][T10301]  kstrtouint_from_user+0xd7/0x1c0
[  428.044706][T10301]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  428.050420][T10301]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  428.056037][T10301]  proc_fail_nth_write+0x84/0x250
[  428.061048][T10301]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  428.066669][T10301]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  428.072283][T10301]  vfs_write+0x24c/0x1150
[  428.076610][T10301]  ? __fget_files+0x23a/0x3f0
[  428.081274][T10301]  ? fdget_pos+0x24c/0x360
[  428.085693][T10301]  ? __pfx_lock_release+0x10/0x10
[  428.090699][T10301]  ? trace_lock_acquire+0x14a/0x1d0
[  428.095882][T10301]  ? __pfx_vfs_write+0x10/0x10
[  428.100634][T10301]  ? __pfx___mutex_lock+0x10/0x10
[  428.105647][T10301]  ? __fget_files+0x244/0x3f0
[  428.110317][T10301]  ksys_write+0x12f/0x260
[  428.114636][T10301]  ? __pfx_ksys_write+0x10/0x10
[  428.119588][T10301]  do_syscall_64+0xcd/0x250
[  428.124073][T10301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  428.129952][T10301] RIP: 0033:0x7f83bab7d1ff
[  428.134353][T10301] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  428.153942][T10301] RSP: 002b:00007f83bb985030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  428.162345][T10301] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f83bab7d1ff
[  428.170301][T10301] RDX: 0000000000000001 RSI: 00007f83bb9850a0 RDI: 0000000000000003
[  428.178259][T10301] RBP: 00007f83bb985090 R08: 0000000000000000 R09: 0000000000000000
[  428.186214][T10301] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  428.194167][T10301] R13: 0000000000000001 R14: 00007f83bad36058 R15: 00007fffe7b799a8
[  428.202129][T10301]  </TASK>
[  428.223622][    T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  428.245777][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  428.283010][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  428.313172][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  428.372465][    T9] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  428.394021][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.436627][    T9] usb 4-1: config 0 descriptor??
[  428.555505][   T45] keytouch 0003:0926:3333.0024: fixing up Keytouch IEC report descriptor
[  428.566121][   T45] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0024/input/input34
[  428.637102][   T45] keytouch 0003:0926:3333.0024: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  428.849658][    T9] plantronics 0003:047F:FFFF.0025: No inputs registered, leaving
[  428.860333][    T9] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  429.394273][   T45] hid (null): invalid report_count 47633
[  429.405399][   T45] hid-generic 0009:0007:0009.0026: invalid report_count 47633
[  429.412941][   T45] hid-generic 0009:0007:0009.0026: item 0 2 1 9 parsing failed
[  429.420882][   T45] hid-generic 0009:0007:0009.0026: probe with driver hid-generic failed with error -22
[  430.229444][   T25] usb 1-1: USB disconnect, device number 45
[  430.410162][T10329] input: syz1 as /devices/virtual/input/input35
[  430.510275][ T5883] usb 4-1: USB disconnect, device number 38
[  430.853460][T10336] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  430.981739][ T5829] Bluetooth: hci1: ACL packet for unknown connection handle 200
[  431.290800][T10346] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1155'.
[  431.418471][ T5873] libceph: connect (1)[c::]:6789 error -101
[  431.419338][T10353] FAULT_INJECTION: forcing a failure.
[  431.419338][T10353] name failslab, interval 1, probability 0, space 0, times 0
[  431.424561][ T5873] libceph: mon0 (1)[c::]:6789 connect error
[  431.452394][T10353] CPU: 1 UID: 0 PID: 10353 Comm: syz.2.1156 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  431.463177][T10353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  431.473238][T10353] Call Trace:
[  431.476514][T10353]  <TASK>
[  431.479447][T10353]  dump_stack_lvl+0x16c/0x1f0
[  431.484134][T10353]  should_fail_ex+0x497/0x5b0
[  431.488823][T10353]  should_failslab+0xc2/0x120
[  431.493509][T10353]  kmem_cache_alloc_node_noprof+0x71/0x310
[  431.499331][T10353]  ? __alloc_skb+0x2b1/0x380
[  431.503943][T10353]  __alloc_skb+0x2b1/0x380
[  431.508364][T10353]  ? __pfx___alloc_skb+0x10/0x10
[  431.513303][T10353]  ? __pfx_nsim_fib_event_nb+0x10/0x10
[  431.518752][T10353]  mr6_netlink_event+0xde/0x190
[  431.523594][T10353]  mroute_clean_tables+0x4e9/0xb20
[  431.528715][T10353]  ? __pfx_mroute_clean_tables+0x10/0x10
[  431.534361][T10353]  ? __might_fault+0xe3/0x190
[  431.539050][T10353]  ip6_mroute_setsockopt+0x1284/0x2630
[  431.544511][T10353]  ? __pfx_ip6_mroute_setsockopt+0x10/0x10
[  431.550318][T10353]  ? __pfx___lock_acquire+0x10/0x10
[  431.555517][T10353]  ? __pfx___lock_acquire+0x10/0x10
[  431.560706][T10353]  ? find_held_lock+0x2d/0x110
[  431.565465][T10353]  ? lock_acquire+0x2f/0xb0
[  431.569952][T10353]  ? __might_fault+0xe3/0x190
[  431.574616][T10353]  ? __might_fault+0xe3/0x190
[  431.579286][T10353]  ? do_ipv6_setsockopt+0x8e7/0x4790
[  431.584556][T10353]  do_ipv6_setsockopt+0x8e7/0x4790
[  431.589657][T10353]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  431.595187][T10353]  ? __pfx_lock_release+0x10/0x10
[  431.600200][T10353]  ? lock_acquire+0x2f/0xb0
[  431.604686][T10353]  ? avc_has_perm_noaudit+0x61/0x3a0
[  431.609961][T10353]  ? avc_has_perm_noaudit+0x143/0x3a0
[  431.615323][T10353]  ? avc_has_perm+0x11b/0x1c0
[  431.619988][T10353]  ? __pfx_avc_has_perm+0x10/0x10
[  431.625002][T10353]  ? __lock_acquire+0xbdd/0x3ce0
[  431.629924][T10353]  ? sock_has_perm+0x25d/0x2f0
[  431.634681][T10353]  ? ipv6_setsockopt+0xcb/0x170
[  431.639514][T10353]  ipv6_setsockopt+0xcb/0x170
[  431.644180][T10353]  rawv6_setsockopt+0xd7/0x680
[  431.648926][T10353]  ? __pfx_rawv6_setsockopt+0x10/0x10
[  431.654285][T10353]  ? selinux_socket_setsockopt+0x6a/0x80
[  431.659922][T10353]  ? sock_common_setsockopt+0x2e/0xf0
[  431.665296][T10353]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  431.671190][T10353]  do_sock_setsockopt+0x222/0x480
[  431.676211][T10353]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  431.681755][T10353]  ? fdget+0x176/0x210
[  431.685834][T10353]  __sys_setsockopt+0x1a4/0x270
[  431.690673][T10353]  ? __pfx___sys_setsockopt+0x10/0x10
[  431.696049][T10353]  ? fput+0x30/0x390
[  431.699931][T10353]  ? ksys_write+0x1ad/0x260
[  431.704423][T10353]  ? __pfx_ksys_write+0x10/0x10
[  431.709266][T10353]  __x64_sys_setsockopt+0xbd/0x160
[  431.714362][T10353]  ? do_syscall_64+0x91/0x250
[  431.719020][T10353]  ? lockdep_hardirqs_on+0x7c/0x110
[  431.724207][T10353]  do_syscall_64+0xcd/0x250
[  431.728692][T10353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.734572][T10353] RIP: 0033:0x7f83bab7e719
[  431.738968][T10353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.758562][T10353] RSP: 002b:00007f83bb9a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  431.766959][T10353] RAX: ffffffffffffffda RBX: 00007f83bad35f80 RCX: 00007f83bab7e719
[  431.774913][T10353] RDX: 00000000000000d4 RSI: 0000000000000029 RDI: 0000000000000003
[  431.782868][T10353] RBP: 00007f83bb9a6090 R08: 0000000000000004 R09: 0000000000000000
[  431.790819][T10353] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[  431.798770][T10353] R13: 0000000000000000 R14: 00007f83bad35f80 R15: 00007fffe7b799a8
[  431.806733][T10353]  </TASK>
[  432.115537][ T5873] libceph: connect (1)[c::]:6789 error -101
[  432.129608][ T5873] libceph: mon0 (1)[c::]:6789 connect error
[  432.529000][T10341] ceph: No mds server is up or the cluster is laggy
[  433.150265][ T5873] libceph: connect (1)[c::]:6789 error -101
[  433.156394][ T5873] libceph: mon0 (1)[c::]:6789 connect error
[  433.402545][T10375] netlink: 'syz.1.1161': attribute type 1 has an invalid length.
[  433.473435][   T45] libceph: connect (1)[c::]:6789 error -101
[  433.479578][   T45] libceph: mon0 (1)[c::]:6789 connect error
[  433.501964][T10378] 8021q: adding VLAN 0 to HW filter on device batadv2
[  433.567370][T10378] bond3: (slave batadv2): Enslaving as a backup interface with an up link
[  433.584538][T10373] ceph: No mds server is up or the cluster is laggy
[  436.236294][   T29] audit: type=1400 audit(1731060847.653:666): avc:  denied  { create } for  pid=10396 comm="syz.1.1166" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  436.485578][   T29] audit: type=1400 audit(1731060847.933:667): avc:  denied  { execute } for  pid=10400 comm="syz.4.1170" path="/240/cpu.stat" dev="tmpfs" ino=1270 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  437.148506][T10410] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  437.504636][   T29] audit: type=1400 audit(1731060848.953:668): avc:  denied  { lock } for  pid=10400 comm="syz.4.1170" path="socket:[22798]" dev="sockfs" ino=22798 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  437.588183][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  439.310331][   T45] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  439.362388][T10438] FAULT_INJECTION: forcing a failure.
[  439.362388][T10438] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  439.411142][T10438] CPU: 0 UID: 0 PID: 10438 Comm: syz.1.1177 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  439.421945][T10438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  439.432010][T10438] Call Trace:
[  439.435295][T10438]  <TASK>
[  439.438229][T10438]  dump_stack_lvl+0x16c/0x1f0
[  439.442912][T10438]  should_fail_ex+0x497/0x5b0
[  439.447596][T10438]  _copy_from_user+0x2e/0xd0
[  439.452198][T10438]  do_sock_getsockopt+0x5f6/0x800
[  439.457241][T10438]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  439.462805][T10438]  ? __fget_files+0x244/0x3f0
[  439.467490][T10438]  __sys_getsockopt+0x1a1/0x270
[  439.472329][T10438]  ? __pfx___sys_getsockopt+0x10/0x10
[  439.477687][T10438]  ? fput+0x30/0x390
[  439.481559][T10438]  ? ksys_write+0x1ad/0x260
[  439.486056][T10438]  ? __pfx_ksys_write+0x10/0x10
[  439.490899][T10438]  __x64_sys_getsockopt+0xbd/0x160
[  439.495985][T10438]  ? do_syscall_64+0x91/0x250
[  439.500647][T10438]  ? lockdep_hardirqs_on+0x7c/0x110
[  439.505853][T10438]  do_syscall_64+0xcd/0x250
[  439.510346][T10438]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.516230][T10438] RIP: 0033:0x7f134ed7e719
[  439.520625][T10438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.540231][T10438] RSP: 002b:00007f134fb1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  439.548638][T10438] RAX: ffffffffffffffda RBX: 00007f134ef35f80 RCX: 00007f134ed7e719
[  439.556597][T10438] RDX: 0000000000000480 RSI: 0000000000000000 RDI: 0000000000000003
[  439.564557][T10438] RBP: 00007f134fb1e090 R08: 00000000200000c0 R09: 0000000000000000
[  439.572515][T10438] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  439.580469][T10438] R13: 0000000000000000 R14: 00007f134ef35f80 R15: 00007ffd988d4d58
[  439.588430][T10438]  </TASK>
[  439.642715][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  439.649387][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  439.681328][   T29] audit: type=1400 audit(1731060851.123:669): avc:  denied  { create } for  pid=10441 comm="syz.3.1179" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  439.722211][T10444] FAULT_INJECTION: forcing a failure.
[  439.722211][T10444] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  439.741817][   T45] usb 3-1: Using ep0 maxpacket: 16
[  439.751189][T10444] CPU: 0 UID: 0 PID: 10444 Comm: syz.0.1178 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  439.752748][   T45] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  439.761958][T10444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  439.761973][T10444] Call Trace:
[  439.761979][T10444]  <TASK>
[  439.761987][T10444]  dump_stack_lvl+0x16c/0x1f0
[  439.777440][   T45] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  439.783477][T10444]  should_fail_ex+0x497/0x5b0
[  439.783507][T10444]  _copy_from_user+0x2e/0xd0
[  439.786842][   T45] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.789685][T10444]  bpf_test_init.isra.0+0xf1/0x150
[  439.794363][   T45] usb 3-1: Product: syz
[  439.803324][T10444]  bpf_prog_test_run_skb+0x246/0x20f0
[  439.803358][T10444]  ? lock_acquire+0x2f/0xb0
[  439.803374][T10444]  ? __fget_files+0x40/0x3f0
[  439.803400][T10444]  ? __fget_files+0x244/0x3f0
[  439.803420][T10444]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  439.803444][T10444]  ? fput+0x30/0x390
[  439.803464][T10444]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  439.803487][T10444]  __sys_bpf+0xfc6/0x49a0
[  439.831208][   T45] usb 3-1: Manufacturer: syz
[  439.835218][T10444]  ? ksys_write+0x21e/0x260
[  439.835249][T10444]  ? reacquire_held_locks+0x480/0x4c0
[  439.835268][T10444]  ? __pfx___sys_bpf+0x10/0x10
[  439.880687][   T45] usb 3-1: SerialNumber: syz
[  439.883089][T10444]  ? vfs_write+0x306/0x1150
[  439.883132][T10444]  ? __mutex_unlock_slowpath+0x164/0x650
[  439.892759][   T45] usb 3-1: config 0 descriptor??
[  439.896910][T10444]  ? fput+0x30/0x390
[  439.911424][T10444]  ? ksys_write+0x1ad/0x260
[  439.915943][T10444]  ? __pfx_ksys_write+0x10/0x10
[  439.920807][T10444]  __x64_sys_bpf+0x78/0xc0
[  439.925232][T10444]  ? lockdep_hardirqs_on+0x7c/0x110
[  439.930448][T10444]  do_syscall_64+0xcd/0x250
[  439.934963][T10444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  439.940870][T10444] RIP: 0033:0x7f837417e719
[  439.945296][T10444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  439.964912][T10444] RSP: 002b:00007f8374f9e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  439.973328][T10444] RAX: ffffffffffffffda RBX: 00007f8374335f80 RCX: 00007f837417e719
[  439.981304][T10444] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  439.989542][T10444] RBP: 00007f8374f9e090 R08: 0000000000000000 R09: 0000000000000000
[  439.997516][T10444] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  440.005495][T10444] R13: 0000000000000000 R14: 00007f8374335f80 R15: 00007ffc3dded378
[  440.013514][T10444]  </TASK>
[  440.483267][T10460] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  440.627824][ T5829] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  440.789208][   T45] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  441.001968][ T6028] usb 3-1: Failed to submit usb control message: -71
[  441.008908][ T6028] usb 3-1: unable to send the bmi data to the device: -71
[  441.017451][ T6028] usb 3-1: unable to get target info from device
[  441.024445][ T6028] usb 3-1: could not get target info (-71)
[  441.030553][ T6028] usb 3-1: could not probe fw (-71)
[  441.087316][   T45] usb 3-1: USB disconnect, device number 36
[  441.095956][T10428] can: request_module (can-proto-0) failed.
[  441.672481][   T25] usb 4-1: new low-speed USB device number 39 using dummy_hcd
[  441.936200][   T25] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  441.950593][   T25] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  442.023576][   T25] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  442.141223][   T25] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  442.152431][    T8] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  442.159663][   T25] usb 4-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  442.214991][T10481] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1188'.
[  442.224309][   T25] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  442.234628][T10481] ip6gretap0: entered promiscuous mode
[  442.240863][T10481] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1188'.
[  442.250414][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.265445][   T25] usbtmc 4-1:16.0: bulk endpoints not found
[  442.357661][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  442.364837][   T29] audit: type=1400 audit(1731060853.793:670): avc:  denied  { ioctl } for  pid=10482 comm="syz.1.1189" path="socket:[22987]" dev="sockfs" ino=22987 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  442.379454][    T8] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  442.424671][    T9] hid (null): invalid report_count 47633
[  442.443569][    T9] hid-generic 0009:0007:0009.0027: invalid report_count 47633
[  442.451484][    T9] hid-generic 0009:0007:0009.0027: item 0 2 1 9 parsing failed
[  442.459223][    T8] usb 5-1: New USB device found, idVendor=04d5, idProduct=0001, bcdDevice= 0.00
[  442.469585][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  442.478017][    T9] hid-generic 0009:0007:0009.0027: probe with driver hid-generic failed with error -22
[  442.496199][    T8] usb 5-1: config 0 descriptor??
[  442.507281][   T25] hid (null): invalid report_count 47633
[  442.515953][   T25] hid-generic 0009:0007:0009.0028: invalid report_count 47633
[  442.524879][   T25] hid-generic 0009:0007:0009.0028: item 0 2 1 9 parsing failed
[  442.533981][   T25] hid-generic 0009:0007:0009.0028: probe with driver hid-generic failed with error -22
[  442.959075][   T45] usb 5-1: USB disconnect, device number 32
[  501.075964][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  501.085730][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  562.524741][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  562.531038][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  602.202746][   T30] INFO: task syz-executor:5832 blocked for more than 143 seconds.
[  602.210694][   T30]       Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  602.218401][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  602.227129][   T30] task:syz-executor    state:D stack:22928 pid:5832  tgid:5832  ppid:1      flags:0x00004004
[  602.237473][   T30] Call Trace:
[  602.240755][   T30]  <TASK>
[  602.243992][   T30]  __schedule+0xe55/0x5740
[  602.248421][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  602.254872][   T30]  ? mark_lock+0xb5/0xc60
[  602.259209][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  602.264716][   T30]  ? __pfx___schedule+0x10/0x10
[  602.269579][   T30]  ? schedule+0x298/0x350
[  602.274361][   T30]  ? __pfx_lock_release+0x10/0x10
[  602.279402][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  602.285193][   T30]  ? lock_acquire+0x2f/0xb0
[  602.289699][   T30]  ? schedule+0x1fd/0x350
[  602.294307][   T30]  schedule+0xe7/0x350
[  602.298389][   T30]  schedule_preempt_disabled+0x13/0x30
[  602.304276][   T30]  rwsem_down_write_slowpath+0x539/0x12a0
[  602.310001][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  602.316509][   T30]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  602.322159][   T30]  ? rcu_is_watching+0x12/0xc0
[  602.327233][   T30]  ? lock_acquire+0x2f/0xb0
[  602.331742][   T30]  ? exit_mmap+0x208/0xb30
[  602.336452][   T30]  down_write+0x1d8/0x200
[  602.340782][   T30]  ? __pfx_down_write+0x10/0x10
[  602.345884][   T30]  exit_mmap+0x208/0xb30
[  602.350127][   T30]  ? trace_contention_end+0xea/0x140
[  602.356272][   T30]  ? __pfx_exit_mmap+0x10/0x10
[  602.361058][   T30]  ? __mutex_lock+0x1a6/0x9c0
[  602.366123][   T30]  __mmput+0x12a/0x480
[  602.370201][   T30]  mmput+0x62/0x70
[  602.374214][   T30]  do_exit+0x9bf/0x2d70
[  602.378382][   T30]  ? get_signal+0x8f2/0x2770
[  602.383274][   T30]  ? __pfx_do_exit+0x10/0x10
[  602.387878][   T30]  ? do_raw_spin_lock+0x12d/0x2c0
[  602.393191][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  602.398568][   T30]  do_group_exit+0xd3/0x2a0
[  602.403597][   T30]  get_signal+0x25fb/0x2770
[  602.408108][   T30]  ? __pfx_child_wait_callback+0x10/0x10
[  602.414042][   T30]  ? __pfx_get_signal+0x10/0x10
[  602.418914][   T30]  ? __do_sys_wait4+0xd2/0x170
[  602.423963][   T30]  arch_do_signal_or_restart+0x90/0x7e0
[  602.429533][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  602.435773][   T30]  syscall_exit_to_user_mode+0x150/0x2a0
[  602.441430][   T30]  do_syscall_64+0xda/0x250
[  602.446011][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  602.451925][   T30] RIP: 0033:0x7ff70b374997
[  602.457118][   T30] RSP: 002b:00007ffc3e3d1b20 EFLAGS: 00000293 ORIG_RAX: 000000000000003d
[  602.465816][   T30] RAX: fffffffffffffe00 RBX: 0000000000000361 RCX: 00007ff70b374997
[  602.474015][   T30] RDX: 0000000040000000 RSI: 00007ffc3e3d1b7c RDI: 00000000ffffffff
[  602.482012][   T30] RBP: 00007ffc3e3d1b7c R08: 0000000000000000 R09: 00007ff70c266080
[  602.490041][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 000055557ee095eb
[  602.498073][   T30] R13: 000055557ee09590 R14: 000000000006bb95 R15: 00007ffc3e3d1bd0
[  602.506308][   T30]  </TASK>
[  602.509373][   T30] INFO: task syz.3.1183:10467 blocked for more than 143 seconds.
[  602.517732][   T30]       Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  602.525572][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  602.534478][   T30] task:syz.3.1183      state:D stack:25824 pid:10467 tgid:10467 ppid:5832   flags:0x00004004
[  602.544777][   T30] Call Trace:
[  602.548054][   T30]  <TASK>
[  602.550968][   T30]  __schedule+0xe55/0x5740
[  602.555425][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  602.561121][   T30]  ? mark_lock+0xb5/0xc60
[  602.565499][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  602.570718][   T30]  ? __pfx___schedule+0x10/0x10
[  602.575623][   T30]  ? schedule+0x298/0x350
[  602.579956][   T30]  ? __pfx_lock_release+0x10/0x10
[  602.585015][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  602.590233][   T30]  ? lock_acquire+0x2f/0xb0
[  602.594867][   T30]  ? schedule+0x1fd/0x350
[  602.599220][   T30]  schedule+0xe7/0x350
[  602.603392][   T30]  schedule_preempt_disabled+0x13/0x30
[  602.608864][   T30]  rwsem_down_write_slowpath+0x539/0x12a0
[  602.614623][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  602.620794][   T30]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  602.626491][   T30]  ? rcu_is_watching+0x12/0xc0
[  602.631287][   T30]  ? lock_acquire+0x2f/0xb0
[  602.635822][   T30]  ? exit_mmap+0x208/0xb30
[  602.640238][   T30]  down_write+0x1d8/0x200
[  602.644610][   T30]  ? __pfx_down_write+0x10/0x10
[  602.649469][   T30]  exit_mmap+0x208/0xb30
[  602.653761][   T30]  ? trace_contention_end+0xea/0x140
[  602.659056][   T30]  ? __pfx_exit_mmap+0x10/0x10
[  602.664467][   T30]  ? __mutex_lock+0x1a6/0x9c0
[  602.669179][   T30]  __mmput+0x12a/0x480
[  602.673299][   T30]  mmput+0x62/0x70
[  602.677019][   T30]  do_exit+0x9bf/0x2d70
[  602.681155][   T30]  ? get_signal+0x8f2/0x2770
[  602.685812][   T30]  ? __pfx_do_exit+0x10/0x10
[  602.690662][   T30]  ? do_raw_spin_lock+0x12d/0x2c0
[  602.695727][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  602.701122][   T30]  do_group_exit+0xd3/0x2a0
[  602.705661][   T30]  get_signal+0x25fb/0x2770
[  602.710180][   T30]  ? down_write_killable+0x218/0x250
[  602.715537][   T30]  ? __pfx_down_write_killable+0x10/0x10
[  602.721179][   T30]  ? __pfx_get_signal+0x10/0x10
[  602.726076][   T30]  ? vm_mmap_pgoff+0xf2/0x360
[  602.730765][   T30]  arch_do_signal_or_restart+0x90/0x7e0
[  602.736392][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  602.742577][   T30]  ? __pfx___schedule+0x10/0x10
[  602.747435][   T30]  ? ksys_mmap_pgoff+0x85/0x5c0
[  602.752431][   T30]  syscall_exit_to_user_mode+0x150/0x2a0
[  602.758078][   T30]  do_syscall_64+0xda/0x250
[  602.763411][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  602.769328][   T30] RIP: 0033:0x7ff70b37e753
[  602.773799][   T30] RSP: 002b:00007ffc3e3d1758 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  602.782211][   T30] RAX: fffffffffffffffc RBX: 00007ff709ff76c0 RCX: 00007ff70b37e753
[  602.790224][   T30] RDX: 0000000000000000 RSI: 0000000000021000 RDI: 0000000000000000
[  602.798247][   T30] RBP: 0000000000000000 R08: 00000000ffffffff R09: 0000000000000000
[  602.806270][   T30] R10: 0000000000020022 R11: 0000000000000246 R12: 00007ffc3e3d18b0
[  602.814288][   T30] R13: ffffffffffffffc0 R14: 0000000000001000 R15: 0000000000000000
[  602.822356][   T30]  </TASK>
[  602.825399][   T30] INFO: task syz.4.1186:10472 blocked for more than 143 seconds.
[  602.833151][   T30]       Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  602.840782][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  602.849509][   T30] task:syz.4.1186      state:D stack:23416 pid:10472 tgid:10471 ppid:5828   flags:0x00004000
[  602.859728][   T30] Call Trace:
[  602.863103][   T30]  <TASK>
[  602.866655][   T30]  __schedule+0xe55/0x5740
[  602.871096][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  602.876358][   T30]  ? mark_lock+0xb5/0xc60
[  602.880689][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  602.885930][   T30]  ? __pfx___schedule+0x10/0x10
[  602.890785][   T30]  ? schedule+0x298/0x350
[  602.895161][   T30]  ? __pfx_lock_release+0x10/0x10
[  602.900180][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  602.905414][   T30]  ? lock_acquire+0x2f/0xb0
[  602.909919][   T30]  ? schedule+0x1fd/0x350
[  602.914336][   T30]  schedule+0xe7/0x350
[  602.918407][   T30]  schedule_preempt_disabled+0x13/0x30
[  602.923907][   T30]  rwsem_down_write_slowpath+0x539/0x12a0
[  602.929655][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  602.935866][   T30]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  602.941508][   T30]  ? rcu_is_watching+0x12/0xc0
[  602.946344][   T30]  ? lock_acquire+0x2f/0xb0
[  602.950863][   T30]  ? exit_mmap+0x208/0xb30
[  602.955326][   T30]  down_write+0x1d8/0x200
[  602.959668][   T30]  ? __pfx_down_write+0x10/0x10
[  602.964591][   T30]  exit_mmap+0x208/0xb30
[  602.969477][   T30]  ? trace_contention_end+0xea/0x140
[  602.974843][   T30]  ? __pfx_exit_mmap+0x10/0x10
[  602.979617][   T30]  ? __mutex_lock+0x1a6/0x9c0
[  602.984396][   T30]  __mmput+0x12a/0x480
[  602.988476][   T30]  mmput+0x62/0x70
[  602.992198][   T30]  do_exit+0x9bf/0x2d70
[  602.996424][   T30]  ? get_signal+0x8f2/0x2770
[  603.001019][   T30]  ? __pfx_do_exit+0x10/0x10
[  603.005713][   T30]  ? do_raw_spin_lock+0x12d/0x2c0
[  603.010749][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  603.016224][   T30]  do_group_exit+0xd3/0x2a0
[  603.020742][   T30]  get_signal+0x25fb/0x2770
[  603.025496][   T30]  ? __pfx_get_signal+0x10/0x10
[  603.030348][   T30]  ? __pfx_do_futex+0x10/0x10
[  603.035056][   T30]  arch_do_signal_or_restart+0x90/0x7e0
[  603.040603][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  603.046837][   T30]  ? selinux_file_ioctl+0xb4/0x270
[  603.051955][   T30]  syscall_exit_to_user_mode+0x150/0x2a0
[  603.057631][   T30]  do_syscall_64+0xda/0x250
[  603.058030][   T29] audit: type=1400 audit(1731061014.513:671): avc:  denied  { write } for  pid=5182 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  603.062128][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.092398][   T30] RIP: 0033:0x7f3ce777e719
[  603.092606][   T29] audit: type=1400 audit(1731061014.533:672): avc:  denied  { remove_name } for  pid=5182 comm="syslogd" name="messages" dev="tmpfs" ino=8 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  603.096815][   T30] RSP: 002b:00007f3ce84d50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  603.129203][   T30] RAX: fffffffffffffe00 RBX: 00007f3ce7935f88 RCX: 00007f3ce777e719
[  603.137437][   T30] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f3ce7935f88
[  603.145617][   T30] RBP: 00007f3ce7935f80 R08: 0000000000000000 R09: 0000000000000000
[  603.153642][   T29] audit: type=1400 audit(1731061014.533:673): avc:  denied  { add_name } for  pid=5182 comm="syslogd" name="messages.0" dev="tmpfs" ino=7 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  603.176663][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3ce7935f8c
[  603.184704][   T30] R13: 0000000000000000 R14: 00007ffd903b37b0 R15: 00007ffd903b3898
[  603.192712][   T30]  </TASK>
[  603.195744][   T30] INFO: task syz.0.1191:10487 blocked for more than 144 seconds.
[  603.203506][   T30]       Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  603.211120][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  603.219826][   T30] task:syz.0.1191      state:D stack:24800 pid:10487 tgid:10486 ppid:5831   flags:0x00004006
[  603.230025][   T30] Call Trace:
[  603.233334][   T30]  <TASK>
[  603.236273][   T30]  __schedule+0xe55/0x5740
[  603.240698][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  603.245940][   T30]  ? mark_lock+0xb5/0xc60
[  603.250261][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  603.255514][   T30]  ? __pfx___schedule+0x10/0x10
[  603.260365][   T30]  ? schedule+0x298/0x350
[  603.264738][   T30]  ? __pfx_lock_release+0x10/0x10
[  603.269761][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  603.275776][   T30]  ? lock_acquire+0x2f/0xb0
[  603.280375][   T30]  ? schedule+0x1fd/0x350
[  603.284767][   T30]  schedule+0xe7/0x350
[  603.288848][   T30]  schedule_preempt_disabled+0x13/0x30
[  603.294340][   T30]  rwsem_down_write_slowpath+0x539/0x12a0
[  603.300058][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  603.306255][   T30]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  603.311888][   T30]  ? rcu_is_watching+0x12/0xc0
[  603.316857][   T30]  ? lock_acquire+0x2f/0xb0
[  603.321362][   T30]  ? exit_mmap+0x208/0xb30
[  603.326820][   T30]  down_write+0x1d8/0x200
[  603.331169][   T30]  ? __pfx_down_write+0x10/0x10
[  603.337103][   T30]  exit_mmap+0x208/0xb30
[  603.341447][   T30]  ? trace_contention_end+0xea/0x140
[  603.346834][   T30]  ? __pfx_exit_mmap+0x10/0x10
[  603.351601][   T30]  ? __mutex_lock+0x1a6/0x9c0
[  603.356327][   T30]  __mmput+0x12a/0x480
[  603.360401][   T30]  mmput+0x62/0x70
[  603.364204][   T30]  vhost_detach_mm+0xd3/0x110
[  603.368887][   T30]  vhost_dev_cleanup+0xb1b/0xe40
[  603.373881][   T30]  ? __pfx_vhost_dev_cleanup+0x10/0x10
[  603.379987][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  603.385762][   T30]  ? vhost_vsock_dev_release+0x2ce/0x400
[  603.391410][   T30]  ? __local_bh_enable_ip+0xa4/0x120
[  603.396773][   T30]  vhost_vsock_dev_release+0x2d6/0x400
[  603.402237][   T30]  ? evm_file_release+0xd0/0x1d0
[  603.407268][   T30]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[  603.413314][   T30]  __fput+0x3f6/0xb60
[  603.417307][   T30]  task_work_run+0x14e/0x250
[  603.421891][   T30]  ? __pfx_task_work_run+0x10/0x10
[  603.427071][   T30]  ? do_raw_spin_unlock+0x172/0x230
[  603.432570][   T30]  do_exit+0xadd/0x2d70
[  603.436742][   T30]  ? get_signal+0x8f2/0x2770
[  603.441326][   T30]  ? __pfx_do_exit+0x10/0x10
[  603.446052][   T30]  ? do_raw_spin_lock+0x12d/0x2c0
[  603.451083][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  603.456496][   T30]  do_group_exit+0xd3/0x2a0
[  603.461005][   T30]  get_signal+0x25fb/0x2770
[  603.465588][   T30]  ? __pfx_inet_bind_sk+0x10/0x10
[  603.470618][   T30]  ? __pfx_get_signal+0x10/0x10
[  603.476932][   T30]  arch_do_signal_or_restart+0x90/0x7e0
[  603.483654][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  603.490434][   T30]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  603.496144][   T30]  syscall_exit_to_user_mode+0x150/0x2a0
[  603.501803][   T30]  do_syscall_64+0xda/0x250
[  603.506374][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.512294][   T30] RIP: 0033:0x7f837417e719
[  603.516735][   T30] RSP: 002b:00007f8374f9e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  603.525233][   T30] RAX: fffffffffffffe00 RBX: 00007f8374335f80 RCX: 00007f837417e719
[  603.533236][   T30] RDX: 0000000000000001 RSI: 0000000020000dc0 RDI: 000000000000000a
[  603.541200][   T30] RBP: 00007f83741f139e R08: 0000000000000000 R09: 0000000000000000
[  603.549249][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  603.562350][   T30] R13: 0000000000000000 R14: 00007f8374335f80 R15: 00007ffc3dded378
[  603.570362][   T30]  </TASK>
[  603.574375][   T30] INFO: task syz.1.1192:10490 blocked for more than 144 seconds.
[  603.582627][   T30]       Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  603.590251][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  603.598983][   T30] task:syz.1.1192      state:D stack:26320 pid:10490 tgid:10489 ppid:5822   flags:0x00004006
[  603.609319][   T30] Call Trace:
[  603.612670][   T30]  <TASK>
[  603.615607][   T30]  __schedule+0xe55/0x5740
[  603.620027][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  603.625245][   T30]  ? mark_lock+0xb5/0xc60
[  603.629593][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  603.634881][   T30]  ? __pfx___schedule+0x10/0x10
[  603.639742][   T30]  ? schedule+0x298/0x350
[  603.644117][   T30]  ? __pfx_lock_release+0x10/0x10
[  603.649143][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  603.654428][   T30]  ? lock_acquire+0x2f/0xb0
[  603.658929][   T30]  ? schedule+0x1fd/0x350
[  603.663336][   T30]  schedule+0xe7/0x350
[  603.667419][   T30]  schedule_preempt_disabled+0x13/0x30
[  603.672959][   T30]  rwsem_down_write_slowpath+0x539/0x12a0
[  603.678692][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  603.685535][   T30]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  603.691171][   T30]  ? rcu_is_watching+0x12/0xc0
[  603.696015][   T30]  ? lock_acquire+0x2f/0xb0
[  603.700515][   T30]  ? exit_mmap+0x208/0xb30
[  603.704966][   T30]  down_write+0x1d8/0x200
[  603.709301][   T30]  ? __pfx_down_write+0x10/0x10
[  603.714353][   T30]  exit_mmap+0x208/0xb30
[  603.718603][   T30]  ? trace_contention_end+0xea/0x140
[  603.723928][   T30]  ? __pfx_exit_mmap+0x10/0x10
[  603.728695][   T30]  ? __mutex_lock+0x1a6/0x9c0
[  603.733467][   T30]  __mmput+0x12a/0x480
[  603.737554][   T30]  mmput+0x62/0x70
[  603.741270][   T30]  vhost_detach_mm+0xd3/0x110
[  603.745983][   T30]  vhost_dev_cleanup+0xb1b/0xe40
[  603.750943][   T30]  ? __pfx_vhost_dev_cleanup+0x10/0x10
[  603.756473][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  603.761846][   T30]  ? vhost_vsock_dev_release+0x2ce/0x400
[  603.767589][   T30]  ? __local_bh_enable_ip+0xa4/0x120
[  603.773719][   T30]  vhost_vsock_dev_release+0x2d6/0x400
[  603.779187][   T30]  ? evm_file_release+0xd0/0x1d0
[  603.784176][   T30]  ? __pfx_vhost_vsock_dev_release+0x10/0x10
[  603.790916][   T30]  __fput+0x3f6/0xb60
[  603.795033][   T30]  task_work_run+0x14e/0x250
[  603.799631][   T30]  ? __pfx_task_work_run+0x10/0x10
[  603.804776][   T30]  ? do_raw_spin_unlock+0x172/0x230
[  603.809972][   T30]  do_exit+0xadd/0x2d70
[  603.814211][   T30]  ? get_signal+0x8f2/0x2770
[  603.818807][   T30]  ? __pfx_do_exit+0x10/0x10
[  603.823577][   T30]  ? do_raw_spin_lock+0x12d/0x2c0
[  603.828608][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  603.834060][   T30]  do_group_exit+0xd3/0x2a0
[  603.838574][   T30]  get_signal+0x25fb/0x2770
[  603.843114][   T30]  ? __pfx_inet_bind_sk+0x10/0x10
[  603.848145][   T30]  ? __pfx_get_signal+0x10/0x10
[  603.853558][   T30]  arch_do_signal_or_restart+0x90/0x7e0
[  603.859207][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  603.865403][   T30]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  603.870946][   T30]  syscall_exit_to_user_mode+0x150/0x2a0
[  603.876661][   T30]  do_syscall_64+0xda/0x250
[  603.881177][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  603.887131][   T30] RIP: 0033:0x7f134ed7e719
[  603.892157][   T30] RSP: 002b:00007f134fb1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  603.903696][   T30] RAX: fffffffffffffe00 RBX: 00007f134ef35f80 RCX: 00007f134ed7e719
[  603.911684][   T30] RDX: 0000000000000001 RSI: 0000000020000dc0 RDI: 000000000000000a
[  603.919719][   T30] RBP: 00007f134edf139e R08: 0000000000000000 R09: 0000000000000000
[  603.927716][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  603.935869][   T30] R13: 0000000000000000 R14: 00007f134ef35f80 R15: 00007ffd988d4d58
[  603.943877][   T30]  </TASK>
[  603.946958][   T30] INFO: task syz.2.1193:10492 blocked for more than 145 seconds.
[  603.954887][   T30]       Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  603.962617][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  603.971270][   T30] task:syz.2.1193      state:D stack:26432 pid:10492 tgid:10492 ppid:5823   flags:0x00004004
[  603.981455][   T30] Call Trace:
[  603.984789][   T30]  <TASK>
[  603.987721][   T30]  __schedule+0xe55/0x5740
[  603.992699][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  603.997906][   T30]  ? mark_lock+0xb5/0xc60
[  604.002233][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  604.007517][   T30]  ? __pfx___schedule+0x10/0x10
[  604.012417][   T30]  ? schedule+0x298/0x350
[  604.016753][   T30]  ? __pfx_lock_release+0x10/0x10
[  604.021768][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  604.027033][   T30]  ? lock_acquire+0x2f/0xb0
[  604.031528][   T30]  ? schedule+0x1fd/0x350
[  604.035878][   T30]  schedule+0xe7/0x350
[  604.039946][   T30]  schedule_preempt_disabled+0x13/0x30
[  604.045584][   T30]  rwsem_down_write_slowpath+0x539/0x12a0
[  604.051303][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[  604.057486][   T30]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  604.063193][   T30]  ? rcu_is_watching+0x12/0xc0
[  604.067967][   T30]  ? lock_acquire+0x2f/0xb0
[  604.072498][   T30]  ? exit_mmap+0x208/0xb30
[  604.076918][   T30]  down_write+0x1d8/0x200
[  604.081241][   T30]  ? __pfx_down_write+0x10/0x10
[  604.086163][   T30]  exit_mmap+0x208/0xb30
[  604.090411][   T30]  ? trace_contention_end+0xea/0x140
[  604.096266][   T30]  ? __pfx_exit_mmap+0x10/0x10
[  604.101033][   T30]  ? __mutex_lock+0x1a6/0x9c0
[  604.105793][   T30]  __mmput+0x12a/0x480
[  604.109868][   T30]  mmput+0x62/0x70
[  604.113630][   T30]  do_exit+0x9bf/0x2d70
[  604.117798][   T30]  ? get_signal+0x8f2/0x2770
[  604.122463][   T30]  ? __pfx_do_exit+0x10/0x10
[  604.127067][   T30]  ? do_raw_spin_lock+0x12d/0x2c0
[  604.132094][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  604.137512][   T30]  do_group_exit+0xd3/0x2a0
[  604.142025][   T30]  get_signal+0x25fb/0x2770
[  604.146613][   T30]  ? down_write_killable+0x218/0x250
[  604.151913][   T30]  ? __pfx_down_write_killable+0x10/0x10
[  604.157679][   T30]  ? __pfx_get_signal+0x10/0x10
[  604.162598][   T30]  ? vm_mmap_pgoff+0xf2/0x360
[  604.167284][   T30]  arch_do_signal_or_restart+0x90/0x7e0
[  604.172881][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  604.179039][   T30]  ? __fget_files+0x244/0x3f0
[  604.183803][   T30]  ? ksys_mmap_pgoff+0x85/0x5c0
[  604.188652][   T30]  syscall_exit_to_user_mode+0x150/0x2a0
[  604.194304][   T30]  do_syscall_64+0xda/0x250
[  604.199493][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  604.205504][   T30] RIP: 0033:0x7f83bab7e753
[  604.209918][   T30] RSP: 002b:00007fffe7b79ad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  604.218350][   T30] RAX: fffffffffffffffc RBX: 0000000000400000 RCX: 00007f83bab7e753
[  604.226410][   T30] RDX: 0000000000000003 RSI: 00000000003c0000 RDI: 0000001b2f760000
[  604.234424][   T30] RBP: 0000001b2f760000 R08: 0000000000000004 R09: 0000000000040000
[  604.242459][   T30] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000032
[  604.250420][   T30] R13: 000000000006c014 R14: 000000000006bfdc R15: 00007fffe7b79dc0
[  604.258422][   T30]  </TASK>
[  604.261485][   T30] 
[  604.261485][   T30] Showing all locks held in the system:
[  604.269573][   T30] 1 lock held by khungtaskd/30:
[  604.274460][   T30]  #0: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390
[  604.284455][   T30] 2 locks held by getty/5588:
[  604.289125][   T30]  #0: ffff88814d6ac0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  604.299540][   T30]  #1: ffffc90002f062f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480
[  604.309731][   T30] 1 lock held by syz-executor/5812:
[  604.314951][   T30]  #0: ffff88802a410198 (&mm->mmap_lock){++++}-{3:3}, at: vm_mmap_pgoff+0x160/0x360
[  604.324456][   T30] 1 lock held by syz-executor/5832:
[  604.329657][   T30]  #0: ffff88802a414d98 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x208/0xb30
[  604.338740][   T30] 1 lock held by udevd/6181:
[  604.343386][   T30]  #0: ffff88807d319e18 (&mm->mmap_lock){++++}-{3:3}, at: __vm_munmap+0x10f/0x340
[  604.353226][   T30] 2 locks held by kworker/u8:10/7195:
[  604.358605][   T30] 1 lock held by syz.3.1183/10467:
[  604.364039][   T30]  #0: ffff88807c914d98 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x208/0xb30
[  604.373254][   T30] 1 lock held by syz.4.1186/10472:
[  604.378361][   T30]  #0: ffff88802a417398 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x208/0xb30
[  604.387504][   T30] 1 lock held by syz.0.1191/10487:
[  604.392642][   T30]  #0: ffff88801b076a18 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x208/0xb30
[  604.402235][   T30] 1 lock held by syz.1.1192/10490:
[  604.407375][   T30]  #0: ffff888032a50198 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x208/0xb30
[  604.416541][   T30] 1 lock held by syz.2.1193/10492:
[  604.421639][   T30]  #0: ffff88801b072798 (&mm->mmap_lock){++++}-{3:3}, at: exit_mmap+0x208/0xb30
[  604.430719][   T30] 
[  604.433257][   T30] =============================================
[  604.433257][   T30] 
[  604.441699][   T30] NMI backtrace for cpu 1
[  604.446011][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  604.456505][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  604.466559][   T30] Call Trace:
[  604.469825][   T30]  <TASK>
[  604.472748][   T30]  dump_stack_lvl+0x116/0x1f0
[  604.477446][   T30]  nmi_cpu_backtrace+0x27b/0x390
[  604.482405][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  604.488394][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  604.494383][   T30]  watchdog+0xf0c/0x1240
[  604.498631][   T30]  ? __pfx_watchdog+0x10/0x10
[  604.503305][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  604.508498][   T30]  ? __kthread_parkme+0x148/0x220
[  604.513513][   T30]  ? __pfx_watchdog+0x10/0x10
[  604.518184][   T30]  kthread+0x2c1/0x3a0
[  604.522242][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  604.527435][   T30]  ? __pfx_kthread+0x10/0x10
[  604.532010][   T30]  ret_from_fork+0x45/0x80
[  604.536409][   T30]  ? __pfx_kthread+0x10/0x10
[  604.540984][   T30]  ret_from_fork_asm+0x1a/0x30
[  604.545744][   T30]  </TASK>
[  604.549336][   T30] Sending NMI from CPU 1 to CPUs 0:
[  604.554908][    C0] NMI backtrace for cpu 0
[  604.554917][    C0] CPU: 0 UID: 0 PID: 9182 Comm: kworker/u8:24 Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  604.554933][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  604.554942][    C0] Workqueue: events_unbound nsim_dev_trap_report_work
[  604.554964][    C0] RIP: 0010:kernel_text_address+0xc/0x100
[  604.554979][    C0] Code: 8c 96 00 8b 44 24 04 eb a9 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 53 48 89 fb 48 83 ec 08 <48> 81 ff 00 00 00 81 72 18 48 81 ff 00 00 60 8b 73 0f 48 83 c4 08
[  604.554991][    C0] RSP: 0018:ffffc90003da76e8 EFLAGS: 00000296
[  604.555001][    C0] RAX: dffffc0000000000 RBX: ffffffff86c2d384 RCX: 0000000000000000
[  604.555010][    C0] RDX: 1ffff920007b4eee RSI: ffffc90003da7be0 RDI: ffffffff86c2d384
[  604.555019][    C0] RBP: ffffc90003da7770 R08: ffffc90003da775c R09: ffffffff917fa1ec
[  604.555027][    C0] R10: ffffc90003da7728 R11: 000000000007f461 R12: ffffffff817946c0
[  604.555035][    C0] R13: ffffc90003da77e8 R14: 0000000000000000 R15: ffff88805f87a440
[  604.555044][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  604.555058][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  604.555067][    C0] CR2: 00005573a94da680 CR3: 000000000df7c000 CR4: 00000000003526f0
[  604.555076][    C0] Call Trace:
[  604.555080][    C0]  <NMI>
[  604.555085][    C0]  ? nmi_cpu_backtrace+0x1d8/0x390
[  604.555102][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  604.555120][    C0]  ? nmi_handle+0x1a9/0x5c0
[  604.555134][    C0]  ? kernel_text_address+0xc/0x100
[  604.555146][    C0]  ? default_do_nmi+0x6a/0x160
[  604.555161][    C0]  ? exc_nmi+0x170/0x1e0
[  604.555175][    C0]  ? end_repeat_nmi+0xf/0x53
[  604.555187][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  604.555203][    C0]  ? nsim_dev_trap_report_work+0x2a4/0xc90
[  604.555222][    C0]  ? nsim_dev_trap_report_work+0x2a4/0xc90
[  604.555239][    C0]  ? kernel_text_address+0xc/0x100
[  604.555252][    C0]  ? kernel_text_address+0xc/0x100
[  604.555264][    C0]  ? kernel_text_address+0xc/0x100
[  604.555276][    C0]  </NMI>
[  604.555280][    C0]  <TASK>
[  604.555285][    C0]  ? nsim_dev_trap_report_work+0x2a4/0xc90
[  604.555302][    C0]  __kernel_text_address+0xd/0x40
[  604.555314][    C0]  unwind_get_return_address+0x59/0xa0
[  604.555328][    C0]  arch_stack_walk+0xa7/0x100
[  604.555344][    C0]  ? nsim_dev_trap_report_work+0x2a4/0xc90
[  604.555363][    C0]  stack_trace_save+0x95/0xd0
[  604.555377][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  604.555391][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  604.555411][    C0]  ? __pfx_mark_lock+0x10/0x10
[  604.555424][    C0]  kasan_save_stack+0x33/0x60
[  604.555437][    C0]  ? kasan_save_stack+0x33/0x60
[  604.555449][    C0]  ? kasan_save_track+0x14/0x30
[  604.555462][    C0]  ? __kasan_kmalloc+0xaa/0xb0
[  604.555474][    C0]  ? __kmalloc_node_track_caller_noprof+0x20f/0x430
[  604.555491][    C0]  ? kmalloc_reserve+0xef/0x2c0
[  604.555512][    C0]  ? __alloc_skb+0x164/0x380
[  604.555536][    C0]  kasan_save_track+0x14/0x30
[  604.555548][    C0]  __kasan_kmalloc+0xaa/0xb0
[  604.555562][    C0]  __kmalloc_node_track_caller_noprof+0x20f/0x430
[  604.555577][    C0]  ? __alloc_skb+0x164/0x380
[  604.555591][    C0]  kmalloc_reserve+0xef/0x2c0
[  604.555607][    C0]  __alloc_skb+0x164/0x380
[  604.555619][    C0]  ? __pfx___alloc_skb+0x10/0x10
[  604.555631][    C0]  ? do_raw_spin_lock+0x12d/0x2c0
[  604.555645][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  604.555659][    C0]  ? lock_acquire+0x2f/0xb0
[  604.555670][    C0]  ? nsim_dev_trap_report_work+0x1c5/0xc90
[  604.555690][    C0]  nsim_dev_trap_report_work+0x2a4/0xc90
[  604.555711][    C0]  process_one_work+0x9c5/0x1ba0
[  604.555727][    C0]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  604.555739][    C0]  ? __pfx_process_one_work+0x10/0x10
[  604.555754][    C0]  ? assign_work+0x1a0/0x250
[  604.555773][    C0]  worker_thread+0x6c8/0xf00
[  604.555787][    C0]  ? __kthread_parkme+0x148/0x220
[  604.555802][    C0]  ? __pfx_worker_thread+0x10/0x10
[  604.555814][    C0]  kthread+0x2c1/0x3a0
[  604.555828][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  604.555844][    C0]  ? __pfx_kthread+0x10/0x10
[  604.555859][    C0]  ret_from_fork+0x45/0x80
[  604.555870][    C0]  ? __pfx_kthread+0x10/0x10
[  604.555884][    C0]  ret_from_fork_asm+0x1a/0x30
[  604.555905][    C0]  </TASK>
[  604.557139][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  604.976667][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc6-syzkaller-00169-g906bd684e4b1 #0
[  604.987138][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  604.997166][   T30] Call Trace:
[  605.000419][   T30]  <TASK>
[  605.003333][   T30]  dump_stack_lvl+0x3d/0x1f0
[  605.007926][   T30]  panic+0x71d/0x800
[  605.011824][   T30]  ? __pfx_panic+0x10/0x10
[  605.016245][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  605.021619][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  605.027578][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  605.032936][   T30]  ? watchdog+0xd76/0x1240
[  605.037328][   T30]  ? watchdog+0xd69/0x1240
[  605.041727][   T30]  watchdog+0xd87/0x1240
[  605.045946][   T30]  ? __pfx_watchdog+0x10/0x10
[  605.050593][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  605.055783][   T30]  ? __kthread_parkme+0x148/0x220
[  605.060807][   T30]  ? __pfx_watchdog+0x10/0x10
[  605.065479][   T30]  kthread+0x2c1/0x3a0
[  605.069552][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  605.074727][   T30]  ? __pfx_kthread+0x10/0x10
[  605.079296][   T30]  ret_from_fork+0x45/0x80
[  605.083685][   T30]  ? __pfx_kthread+0x10/0x10
[  605.088259][   T30]  ret_from_fork_asm+0x1a/0x30
[  605.093004][   T30]  </TASK>
[  605.096200][   T30] Kernel Offset: disabled
[  605.100512][   T30] Rebooting in 86400 seconds..