last executing test programs:

25m31.045956724s ago: executing program 0 (id=503):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0}, 0x18)
socketpair$tipc(0x1e, 0x5, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x98041, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$incfs(0xffffffffffffff9c, 0x0, 0x10841, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
vmsplice(r3, &(0x7f0000000400), 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000004d80)=@deltfilter={0x2434, 0x2d, 0x200, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x1, 0xffe2}, {0xa, 0x8}, {0x9, 0x6}}, [@TCA_CHAIN={0x8, 0xb, 0x10000}, @filter_kind_options=@f_basic={{0xa}, {0x23f4, 0x2, [@TCA_BASIC_EMATCHES={0x1260, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x125c, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x18, 0x2, 0x0, 0x0, {{0x9}, {0x6, 0x7, 0x2, "a9764d78a53916"}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x3ff, 0x1, 0xa4b}, {0x6, 0x2, 0x9, 0x5, 0x8}}}, @TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0xc1, 0x3, 0x9}, {0x3, 0x4, 0x4}}}, @TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0xfffa, 0x1, 0x7}, {0x5, 0x7, 0x82c0, 0x2, 0x3, 0x1}}}, @TCF_EM_CONTAINER={0x101c, 0x2, 0x0, 0x0, {{0x44a, 0x0, 0x101}, "45182d3970b38c14bc3aff297322ccd59c734e175713b2ded44c02c6015d3dc725fd965981d1f219d31b37328bfd83fab3f7e3f773e72d028041bed0d0fd32339f4ab6ca7772a800d3a5b456faa2cec277490bfcf59a97bc92ec40c012ed67939956964e6be8e9b3de0c11b8b852bb32b9f84c925958b652eaed902ee1e0fdc095a8eb44a9c14091a03b8e52cc5100e3b4ad36c1a0e9fdc9d20a70a2579ff1c6c1dddf482374d543771d13f60bb7b54c6cd1208e7c1f9b261c6dd4d986dad104fe9fbe9720dab3ee5d6ae37d51b21c2456f1040fca809281667a7d83b9e2c8773832ff241f296a482adb0c42f822e5e2659b133fa311f51a70374917f9a63f35684186434ce4023b2d00bb32a76affce7a2606b8977e8d931f7665b3ca1a0efa326f7ab63bcc97b2901a8fc6c7dd440f680bec98112f66ce50e453e754c7663a095a2e82a22696496e80100960bea5c10f938867d96664728aabd4bd55c9d0c47abe58690765ac6aa687891e00bddbb8c09e01b098701004b1cca8dd7359a082e06b3a42ca9823244c7d2d6d9a619d8d7bea15e8d28c428150744f10e677e542b6caa120084a604a42774486af67419a8dc93a8bb07fc1e137d21325b7139aca3cb55fae1f6b4b18639f7038131faa40dd91baef635cf6f7dbda971db6c0e838402c8ce6e5bdedbe60bc6192bfb02978d07403dc56da8a8b70aa0b72d21e0837103582c0a41c1aa5e36dbf9be6ba79dc67e13e7cf6c152aa15fd0a751b011422d71e81e328ecace1263f9c3c92033e520e34244780e4828f6022aefba698e789d69546eec5edc7543aa8108a78db7bc5742dd5573e92bdf9d014ad0352d025ead93dcdf91b667b20ad89d448df229f6d38c9d5b07dba4380b6a94e8a7b3d8401b557f882828b89e41fe9fe33dbf7535479c362ad29f79ba4660b4efe6acd953cd732b58c5b7b8d152605ca49b3b4395c8cc1c796bba007f2378337577317fadbf12317a5739932a0ed488acc78724554c38948b907d5bd3505f4cd521911e03fe8c9d564b1a3ed9733692d636eb6a49ce576ee2dd0e287bfc9d05eb832b076eb56afbc26502b1e01a983a11629876a740930c4fee040433712b7464576b7be787b25785e57aab0af14f87b5c2738266b13dc2e4c63bb6d135ba3c3561e5b7b77840d594371eb2cad6a6d65a61d8c7a4c24e9d4e9ffbb07378c83c00a31b711e406fb71213c40cdeafa8c46556d529ea011e0f66578a8f99b97133d9e62ee1dd1dcb280117c156cd39b466f1567bf4ced0da2ef0ab2e85ad9c872d052fa41315dafa74505d4c04009247615aebc0f8ea4d060998ef3bfed17c1fbc220128379b41ae52acffb670aad7ac1a138144fcfbb79f3d4b015849ee46c9625fe2519f426bffdcc12512bfa0ab3336167b3b69f5c29feb2a8f0f3243e0b827a13da53f95a678696f677302dca360e570e20734b04b4913a6da6120c55d4bca8592ac452a72a69dfe36a2b58a6d783f05a6420f89c0a3615dbba4da28b8aac15311c107066989fc313095179cdcfbd36820647d44beb87eaaf1efb769c5875df37c525c38b82a6a979061a60eba44b1fa7c4aa9478c6447868e38febe3e804016256827475bf92c31f51248a20db344fcfa2a1402b0501fa00f5fea4cdf6494115ad4e4923835490b5f7793d9482d9fd492e7606a68b84ff849791b9111dd27a677ee2f968e29e59b4f56fe09aa19543a143b2f0b27ef095a8893fe8c157c84b1d75995184127275573c9f68becd6ac900f5796d6eea21abf609edcf60150131cb3548f3768fde8a0d247d094a43d5cc2dc814b0861b2e1d51967f22654d6e65cb251a4e3d27cc36ae07d8b2fa9e5e8921cb6f1815307222e7b928615d9ba4d5096c455fe165e09ac67fa8e5d5f5b81084e8c0ac55dc86cc93f69111429d2e7668337d322bfaa8ae3bda3cfd201ff98c09be309acdbc47a589b9495172a2eb90965f82230f9d3ea3d012933effdb6460299a7ced8852eddf27dabe38e5c39e8a6d2b1d19c5395f446bec21ac0f3a5bf05fa1289b6d0c583e8f70ffb0ca1742e32e013f5b0da2fda63cc4657bb39d6427e7ba1d820a48d803d25def0a77adde34a6906083cd64fe0112bdf5138307c6deb3dcc2875f26027c2840967831319ebdc44227d71d152f267fb64af6f4d72ab0eedbc3edc4d6286d7ecc1195ca4606f6deb142c8cb6c46fe18b9a12d9c26eea67a1bf5d6c830fc7c4c32a5bd1f90c45dae3ac096d713fc847413b4321490fc0c89c00ba289e017898bbaa3e7f0576fccebd8e21a14db737c44c4245b4850f43c96dc7f81e7bc3415544de792d1ddc852b6cd11d7c4369c2b0fb511f029f69345f5b6571f2d45b31a5e1eb51fc9acf1967d390ae385281501e879538b07a3f92090b4ff68044d230e626762be04841a92b68565b31e14b5d144aad0ea551537e9a7d995b721521a658acbaf4864b89fc77e6a2f92419d0cf755f7e70fe5abfcaed648d18b89ce5efff61162c309cd49dc8c0225e50ab3b7b773a17d2afb0b2ee7eb3b49cd62a115b3be10705b14c751922ed0d42bcf6330dd63edadac365f8aa83991a2f446bb01ee8758a1638465720b1c136d79e83aa653b9eb9b638a8a5ac55328a82e80f8bff28e61e2154715c2c842d2b48231686a25ad09c3ee2bc6249c94ff89683543f8c513c4e689a9b6b6c062b12bbca9b3f2e21c2d00e2303066e91e26e62707375883e437176f8bcecc9db23b1639850de07a9907038a1481bc767e3de660c00cf5a9f77a8a9529361962540de72b63adfb5ee99f6483defe102351e61f337065ba3f8b8dfc438d40a6cd492afda55560f6eb781e09af24c819c862fb58b8e52f7c34d1132fcdd283356ad9f46296c4e813caeb18bd71fd64bda87db49e93f263f14728725247423eee5de82b9656705f485178238c24f879ee394d4c53df74a866023b52f7245a149331389914705945bd14ac7d6b256a4a4325e8df9bcca0eab7ce944f63cd9528481f077affc544b01f3ea9d857d7ec72c5b0a305c0785959d6e9f2be9e8d3531bc024ed7c855d47c41117fb4f183b0985d30db5787f4eda5303e15c2ea1f72f48e1524dfbcbd3a04bbcd96996a2b0088da555ebddda0199d966b343deff3e2844da84f6158fa3b33893a6d1cd6d2e61e72b03fd38ecee798c34fabd0313660a751c7f062bee4690c90caf59d7e253920869b84a0492aea087a54092d3dd35c155e96026ddedee04acce2d221c8980dd1208865b252fdfa3065ad249f3771cca4c51fd95d66e4e8f776314ed7c2f617f6732ee368bca8a73436f1f95da75d7a2896377de2b8a88bc4d31c286cf1dd97406da47cdf957d809fbcfa2261ddd056c36a7a09259d3eb844b4250e4074f2b427cf280ec4a57f58a22a70117a5fd8c30f345a504862675a63dd4f19336c9e3e04f481783190db893739d69f6bd5edbfd9f694f0cc0f11d66ac869201776e922a37a4448d1702e93f9e92ab02674a9cdb9e13dcc0e3cb6f9f6492e79aeb141c2511d2812400e0884c24374f82c1ab90621e2a7d8ca8e3d34f99cfe53a67f899cded4626a903781d97bdf7cabb26266c7916fedd689c61bc28f75020c0d0af306bd38d69bdacf38cb83145c0db85254188bddd4e8cd9eead5a327e037bac86d8b2ef9d20604c014df46e01596d1b5c0073b485a4d16d92162e7c0c4ed3ceae8034871c0342237189e763cf126d790b9f660a368fc34c4c4f9b471cf29f0346005c19c5edca0ea8652832fcce37f3ed8b05da484c6a2b609719fca9dc259bd9dc621f85ff1a7b9c1afabdc01dc3e2ce58d785240d458a538428c728bcec3c5e981f0128fa8602654ceeb1646d54582c12c488c59df14725be5628d398d7ebb9cf1ecc15c3c9153ecd6389f2186509b240773f522e88b9967df6db4021285614b76096fba6f2d9f0a7e467851efd75618e7cdb92ce95e7eddb11890a267cb2556f4dcb54fa994c4cad78f260e6c370d92ce5c1bf6b33cf46cce36b8524b009ad6a1c0da3e2ce209d2730f1044b60aa1e7df3b6dcc61d4eb58d72ff1b146cd325c11ce2baa183280e5b12cdc5d4212760a6e9ecc110a5e0d4093f3806a2ef933a6188c621046da15bff45f62966f60610005cbe076bb4385d27dc8b57da3a57556cf248b88ed824a5e3da790c4fa69b637c55d587541a950448683c8046ecd1bc325fa1cce1f6ad526d8fe8795ecab941caceb6a1cb5469fde9882102587493837e8fc709b1d8594cafd10d29fb3ec567eac254611a59ff9ad50b388b955f2efda29fbf46d547967239f1844536de87320256c9d60867e3e757547b0986966c079bb611202fd598d12d69b4241c8db75f310d61a815ee54bbec020bea0bd1e79d0e3eb842e36c145782e12aab07e65baa1f78468b308ba1f3dcb0f0e64ea36943ec5b49dd85d9856c5d3b7ac9d64a933f9ed81bb0234de4d4275272fe86b4c057cc8a77568ecd996d8c3a84f8d22804e4c32f5604adde4c4eb621c3f9a5138cdec2ffe9ee67b7c5765185ddd4b4f59667d91187ed99fc6a3ad46fe6b7d00e552ba7f361e8c9879c2efbac374eedcff871123c8621903e42ecfda49ceb085200c99dd494a46bca0cdf161c84ff4a4c622e8948d81363dd48e0569c8ae94f9708a1da0a48437b95e60a9592cb565f781d77c537b3cc9c6f9b1a9b011a3131733d1f41137fc46c0add30d608c8d85deec27edc148baf11770b4737464d4d0bf837866dfd1335713b1d221f7604244f158428043d80d6db9d02924e6e215bd36dfb130ab673ed8e1a7c59e834361fe3c404e7b0b7fe08737db7508de6459136989ff28d5a3d16497f9a824d29c359b2078dfd4d8e49e29a4e045650f7bfa9a8dbc57ef0d0c348c2de6b638fb7360f5a4f21fad289dcbffbb67d42f940a0f241881b6784bbdc2970b1fac55da225cad9077f0c1594c4828eba6ba56e23a2da2e810a59f9d86d9a9f318a3232e3ce03d11e7211265bdc0058942724aba1646f39a1a1cf20d1f156fb88733ccadf98ca9feb0a74f7af81ac6e109a3e72c223123321244fd776f495c339b1f8aa837a790bfab4f7edf7b53b18d608b6b8f71b115cf17230fea31e3d877ab3ab284470488bd1502248c26e3d8f60c5f22d57f199736e0336b7c384662e620f3c83c2b3682a5a9ffd69c49c7c4571f1d3ae534dcca64fdb90adc1d82dee1c4ee4ca421a522efde7d10ffef242f4ae2b7694543c0f3b99949c3bf5d13d5eae9597478b92c7800475e4f7476c03c474c24824809d84b2c3830e461c6752998122ca8e641a873cd4c7aa3f906c0f7765962217c090bc7fa96f4b968ceb43402827f7efe32c75023365dd795fed0b78eb80306406dd73175ded3501104a33b81e1a78ba89762954c0097ae0a8cf9b4365c3579cb18778d8e516a27859885b340a3f85daba0110d22ba2468c6da894c40626afad476e82cb1cc452cc829c210525a51ed34de6655dbf100b79c6c6820ac06b1a47b32dcfdf84732a2c9115e9c3756b6b94f8be510180e5d86e7b9010c5b98caa3dae03e4eb5779d100d988f87712a2d7ec673b9bbb68beb7b52960f994e953862b178f264a567455de2324638e11c04afc987d52d4cfc1a8c9bcdcacca5140e40578d776258b17809b6b24ea1e40deba8c5a907158b7ab33c64424dac050e1b0b0c405511fdcd755047ca6b58f01f7e35bdb2a42c3fd96acd9e07f7591548e88ef9f9cd550d7b266ae4c98bfd9e45f0fe7aa1637b23958cfceedc045fa256103b96b7bc7b170279e36ccd2304d4e2b10f"}}, @TCF_EM_CONTAINER={0x88, 0x3, 0x0, 0x0, {{0x2, 0x0, 0x6}, "65e4859837b4b4f913d2deabe9882f4c52c5a50c047ad10070f8e40dd7b2db20a8e0d25e9e07dbdbada097ad9be4d840a6da3ee2db81af17235d0bd4f6301534a77b2272db8170fdf905f67d8c614a1de8fd95bcf0778888d2d99bd5ac366f86448948bca9b500b07aa88cd184c60b3c45403fda2fe31f0c0e7f6796"}}, @TCF_EM_CMP={0x18, 0x3, 0x0, 0x0, {{0x6, 0x1, 0x5}, {0x800, 0x8, 0x200, 0x2, 0x7, 0x1, 0x2}}}, @TCF_EM_META={0xd8, 0x2, 0x0, 0x0, {{0x3, 0x4, 0x5}, [@TCA_EM_META_LVALUE={0x23, 0x2, [@TCF_META_TYPE_VAR="ec8fb4547aeec2", @TCF_META_TYPE_VAR="cf", @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_VAR="c3f3d878f90d60", @TCF_META_TYPE_INT=0x6]}, @TCA_EM_META_LVALUE={0x1f, 0x2, [@TCF_META_TYPE_VAR="8dc3b12ef9504da46710", @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="15956a2c17c71c", @TCF_META_TYPE_VAR="e39e", @TCF_META_TYPE_INT=0x2]}, @TCA_EM_META_RVALUE={0x22, 0x3, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR="9b56cd647ad291", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="8f6514f3", @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="3cb72a"]}, @TCA_EM_META_LVALUE={0x10, 0x2, [@TCF_META_TYPE_VAR="05e9cfee800e4496", @TCF_META_TYPE_INT=0xa]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x9, 0x3, 0x1}, {0xe93, 0xfa, 0x2}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x200, 0x9, 0x2}, {0xff, 0xd3, 0x2}}}, @TCA_EM_META_LVALUE={0x16, 0x2, [@TCF_META_TYPE_VAR="b8dc6bc2e1", @TCF_META_TYPE_VAR="09c7d6828980", @TCF_META_TYPE_VAR="72f2dab636e257"]}, @TCA_EM_META_LVALUE={0x16, 0x2, [@TCF_META_TYPE_INT=0x5, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="eb12bcbcd53b"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0xfff9, 0x0, 0x2}, {0x4, 0x9}}}]}}, @TCF_EM_NBYTE={0x1c, 0x1, 0x0, 0x0, {{0x7, 0x2, 0x8000}, {0xc, 0xa, 0x2, "9a8f5ae63abb22081dd2"}}}, @TCF_EM_META={0x44, 0x3, 0x0, 0x0, {{0x37, 0x4, 0xfffe}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x5b6d, 0x7}, {0xf42, 0x1, 0x1}}}, @TCA_EM_META_LVALUE={0xf, 0x2, [@TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="dc9522"]}, @TCA_EM_META_LVALUE={0x19, 0x2, [@TCF_META_TYPE_VAR="064730567b7bbd", @TCF_META_TYPE_INT=0x2, @TCF_META_TYPE_VAR="a236", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x9]}]}}]}]}, @TCA_BASIC_POLICE={0x874, 0x4, [@TCA_POLICE_TBF={0x3c, 0x1, {0x60346571, 0x5, 0x2, 0x1, 0x3, {0x4, 0x0, 0x4, 0x3, 0x4, 0xffff1abe}, {0x7f, 0x0, 0x3, 0x4, 0x4, 0xfffffffb}, 0x6, 0x62, 0x6}}, @TCA_POLICE_RATE={0x404, 0x2, [0x3a48, 0x80000000, 0x83bc, 0x1, 0x79b, 0x5, 0x5e, 0x4, 0x81, 0x4, 0x7ff, 0x1, 0x7, 0xffff0e56, 0x10000, 0x8, 0x6, 0x7, 0x800, 0x7fff, 0x0, 0xfffffff9, 0x7, 0x0, 0x31f, 0x0, 0x81, 0x3, 0x5, 0xff, 0x8, 0x3ff, 0x2, 0x75, 0x2, 0x4, 0xad6, 0x3, 0x9, 0x9, 0x2, 0x1192, 0x7ff, 0xb41, 0xd2a, 0xfffffffe, 0x0, 0x1, 0x1, 0x83b, 0x5f, 0x1, 0xc, 0x5d, 0x8, 0x2, 0x3, 0x40, 0x0, 0xc4, 0x401, 0x6, 0x9, 0x5d4e, 0x80000001, 0x0, 0x743, 0x5, 0xb89, 0x36, 0xfff, 0x9, 0x1, 0x1, 0x4bf, 0x0, 0xfdc, 0xe0, 0x1, 0x4, 0x81, 0x0, 0x800, 0xff, 0x0, 0x1, 0x0, 0x3, 0x20b7, 0x3, 0x9, 0x1, 0x8, 0x2, 0x0, 0xff, 0x8, 0xbd7, 0x0, 0x0, 0x7, 0x10, 0x100, 0x0, 0x4, 0x8, 0x7, 0xfcc, 0x6, 0x80, 0x4, 0x10000, 0x7, 0x9, 0x1, 0xa843, 0x1, 0x1, 0xfffffff9, 0x9, 0x9, 0xb138, 0xb, 0x3, 0xe87, 0x0, 0xffff, 0x5, 0x8, 0x7, 0x2, 0x1, 0x401, 0x1, 0x1, 0x0, 0x9, 0x2, 0x5, 0xff, 0x69, 0x2aad, 0x81, 0x10, 0x8001, 0x8, 0x9, 0x9, 0x6, 0x8001, 0x28de, 0x5, 0x8, 0x7, 0x0, 0x3, 0x1, 0x2, 0x9, 0x7fffffff, 0x766, 0x81, 0x6, 0x10001, 0x1, 0x0, 0x9, 0xfffffffa, 0xa, 0x4, 0x7, 0x9, 0xfffffffd, 0x0, 0x2, 0x7, 0xd8d, 0x8, 0xe1a16117, 0x1, 0x9, 0x721, 0x6, 0x3, 0x9, 0x9, 0x3, 0x1, 0x2, 0x1, 0x8, 0x8000, 0x7, 0x6, 0x53c, 0x0, 0x4, 0x0, 0x8, 0x6, 0x0, 0x6, 0x3, 0x9, 0x2, 0x8, 0xfffffffd, 0x2, 0x7, 0x7, 0x80000000, 0x3, 0x2194, 0x0, 0x4, 0x7fff, 0x10000, 0x10001, 0x3, 0x1, 0x20fa, 0x5, 0x2, 0x7, 0x8, 0xffffff7f, 0x9, 0x7fffffff, 0x8, 0x9, 0x2, 0x9a, 0xb, 0x4, 0x6, 0x5, 0x0, 0x3, 0x7, 0x4, 0x8ab2, 0x7, 0xff, 0x3, 0x0, 0x6, 0x3, 0x40, 0xfffffae2, 0x0, 0x5b, 0x101, 0x0, 0x8, 0x2, 0x6d6]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x8}, @TCA_POLICE_RATE={0x404, 0x2, [0x38000000, 0x7, 0x4, 0x6, 0x5, 0x101, 0x10000, 0x0, 0xa, 0x7, 0x0, 0x1000, 0x6, 0x401, 0x14a9, 0x3, 0x0, 0x2f86, 0xffffff20, 0x4, 0x8, 0x1, 0x5, 0x6, 0x1, 0x3, 0xf6, 0x5620, 0x0, 0x9, 0xc, 0x8000, 0x34c00, 0x5, 0xf, 0x7fff, 0x8, 0x7, 0x5, 0xf, 0x0, 0xea1, 0xfffffffd, 0x5, 0xfffffffa, 0x7fff, 0x5, 0x3, 0xc6d, 0x4, 0x7, 0x3, 0xf75, 0x7, 0x6d0, 0x4, 0xa, 0x2, 0x4, 0x8, 0x8, 0xff, 0x3, 0x0, 0x2, 0x6, 0xef, 0x9, 0xe, 0x6, 0xd2c2, 0x0, 0x10001, 0x9, 0x9, 0x5, 0xfffffffa, 0xc7, 0x0, 0x6, 0x1, 0x7, 0x0, 0xef9, 0x4, 0x1, 0x0, 0x6, 0x1bc, 0xe, 0xaf, 0x5, 0x400, 0xc, 0x17, 0x6, 0x80000001, 0xcc7, 0x0, 0x3, 0x6, 0x9, 0x4, 0x10001, 0xc, 0x3, 0x10000, 0x3, 0xffff, 0x7, 0x6, 0x7, 0x9, 0xfffffff4, 0xb08, 0x9, 0x8cad, 0xaa, 0x4, 0x16, 0x6, 0x200, 0x9, 0x3, 0x8, 0x7, 0xd558, 0x81, 0x8, 0xf4b909a5, 0x8001, 0x6, 0x5, 0x9, 0x8000, 0x43d, 0xffffffff, 0x9, 0x10001, 0xd38, 0x200, 0x40, 0x0, 0x4, 0x7, 0x2, 0xffffff00, 0xdfe, 0x4, 0x9, 0x3, 0x101, 0x0, 0xbcd, 0x4, 0xffffffff, 0x3, 0x14000, 0xfffffff7, 0x9, 0x7, 0x0, 0x1, 0x7ff, 0x4021358f, 0x7ff, 0x8, 0xa, 0x800, 0x5, 0xa, 0x8, 0x4, 0x1ffc00, 0x2, 0xdbd0, 0x16d, 0x0, 0x0, 0x7, 0x7, 0x0, 0x9, 0x7fffffff, 0xc2b, 0x6, 0x5, 0x0, 0xca88, 0x6, 0x9, 0x87f5, 0xe783, 0x1, 0x0, 0x10001, 0x3, 0x8, 0x7, 0x2, 0x5f071c29, 0x6, 0x4, 0x3, 0x100000, 0xffffffaf, 0x3, 0x7, 0x5, 0xc868, 0x9, 0xffff1baf, 0xc3d, 0x3, 0x2, 0x6, 0x9fb, 0x8, 0x500, 0xc514, 0x9, 0x7, 0x7fffffff, 0x5, 0x70000, 0x4, 0x5, 0x9, 0x3, 0x6, 0x8, 0x1, 0x8, 0x400, 0x492, 0x3, 0xfffffffc, 0x4, 0xff, 0x2, 0x0, 0x200, 0x8, 0x7, 0x3, 0x4, 0x8, 0x0, 0x881, 0x7, 0x80, 0xf, 0x7fff, 0x0, 0x3b, 0x11]}, @TCA_POLICE_RESULT={0x8, 0x5, 0x80}, @TCA_POLICE_RESULT={0x8, 0x5, 0x4}, @TCA_POLICE_RESULT={0x8, 0x5, 0x401}, @TCA_POLICE_RESULT={0x8, 0x5, 0x6}]}, @TCA_BASIC_EMATCHES={0x91c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x90, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x100, 0x3, 0xfff}, {0x8, 0x3ff, 0xe, 0xbf}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0x0, 0x7, 0x1}, {{0x0, 0x0, 0x1}, {0x4, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x6, 0x1, 0xbc4}, {0x3, 0x3, 0xb7b, 0x3, 0x9, 0x2}}}, @TCF_EM_META={0x44, 0x3, 0x0, 0x0, {{0x6, 0x4, 0x5}, [@TCA_EM_META_LVALUE={0x2a, 0x2, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_VAR="b8fb72a223c5", @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="ebb9a6b6be9d699ce287", @TCF_META_TYPE_VAR="51a0", @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x1935, 0x9, 0x2}, {0x8, 0x8}}}]}}]}, @TCA_EMATCH_TREE_LIST={0x50, 0x2, 0x0, 0x1, [@TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0xd, 0x3, 0x1}, {0x2, 0x4, 0x1, 0x10000}}}, @TCF_EM_NBYTE={0x18, 0x1, 0x0, 0x0, {{0x7, 0x2, 0x80}, {0x1, 0x8, 0x2, "9d13380d306d65ba"}}}, @TCF_EM_NBYTE={0x18, 0x2, 0x0, 0x0, {{0xf55b, 0x2, 0x4}, {0x7, 0x7, 0x2, "407183ab2e27be"}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x6}}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xd}}, @TCA_EMATCH_TREE_LIST={0x5c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x1, 0x0, 0x0, {{0xfff7, 0x1, 0x9}, {0x7, 0x9, 0x800, 0x4, 0x4, 0x2173fa24bbb3e72f}}}, @TCF_EM_CANID={0x14, 0x2, 0x0, 0x0, {{0xfff8, 0x7, 0x5}, {{0x1, 0x1, 0x0, 0x1}, {0x2, 0x1}}}}, @TCF_EM_IPT={0x1c, 0x1, 0x0, 0x0, {{0x0, 0x9, 0x5}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x9}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x40}]}}, @TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x6, 0x8, 0x2}, {0xffffffffffffffff, 0x1, 0x2}}}]}, @TCA_EMATCH_TREE_LIST={0x100, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x1c, 0x3, 0x0, 0x0, {{0x10, 0x2, 0x7}, {0x401, 0x9, 0x2, "9fa3e41fbfa594fb1f"}}}, @TCF_EM_U32={0x1c, 0x2, 0x0, 0x0, {{0x8000, 0x3, 0xc325}, {0x5, 0xe, 0x8, 0xfffffff4}}}, @TCF_EM_U32={0x1c, 0x3, 0x0, 0x0, {{0x8, 0x3, 0x4000}, {0x5, 0x40000, 0x5, 0x3ff}}}, @TCF_EM_META={0x4c, 0x2, 0x0, 0x0, {{0x1, 0x4, 0x100}, [@TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_RVALUE={0x22, 0x3, [@TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="26e83791a84f", @TCF_META_TYPE_INT=0x8, @TCF_META_TYPE_VAR="af728d30"]}, @TCA_EM_META_HDR={0xc, 0x1, {{0xfff}, {0x66, 0x6}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0xffae, 0x8, 0x2}, {0x2, 0xfb}}}]}}, @TCF_EM_META={0x5c, 0x1, 0x0, 0x0, {{0x5, 0x4, 0x9}, [@TCA_EM_META_LVALUE={0x1b, 0x2, [@TCF_META_TYPE_VAR="16a43c0f62", @TCF_META_TYPE_VAR="7dfb9939f9b4", @TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x3]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x8, 0x4, 0x2}, {0x7f, 0x8, 0x1}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x1, 0x0, 0x1}, {0xb, 0xc, 0x1}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x2, 0x2, 0x2}, {0xff, 0xf4, 0x2}}}, @TCA_EM_META_RVALUE={0x10, 0x3, [@TCF_META_TYPE_INT=0x6, @TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_INT]}]}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x1}}, @TCA_EMATCH_TREE_LIST={0x60, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0x7620, 0x8, 0x6}, {0x3, 0x2, 0x4}}}, @TCF_EM_CONTAINER={0x38, 0x2, 0x0, 0x0, {{0x200, 0x0, 0x5a}, "f2bf75b8221403652d36a3afe538451c90075a4dabe0745e5975e9b844c2dce33b98de0abaaf0889d6028818"}}, @TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0xd23}, {{0x1, 0x1, 0x1}, {0x2, 0x1, 0x1}}}}]}, @TCA_EMATCH_TREE_HDR={0x8}, @TCA_EMATCH_TREE_LIST={0x3ec, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x1a8, 0x2, 0x0, 0x0, {{0x8, 0x9, 0x1}, [@TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x4}, @TCA_EM_IPT_MATCH_DATA={0x4f, 0x5, "d0cead0af29dae29d768137c532291b5df6402a3e2b4e4cbd69457311c4c34a2c748d9b87e91a80b89536cd38abb3eae37307334511ec823960ce9c6fb2df3fc9b923cc640794ed2af2723"}, @TCA_EM_IPT_HOOK={0x8}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x1}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x8c}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_MATCH_DATA={0x100, 0x5, "ff4a17fe33f9623ae8719989a726b7fab465789ad1f7c8adba24ea147a51ed412de057a35e658220a2f8f55f961ead83521d07ceed8b536c33f8a8e39b0d7f50689b4c1a8975f3ab304a0b32fa9762f7979376ca7d1542cbf114fa535ec00fc9d4f69e5747ce6136a7ae2509aa7ebb838a8c975cfa3cdcc1aad5d7e2634fdfb2dd81df1104a46ed0ca417efc4b776ea6069c1005302667220eb1c553c560fb64a55897f9d1b3fbe1f4f22225687704bc1599c54e3f1ac1d4618f4a242b6a187cdc1b6ad5bc443f795e5b8d6627c6a29fff2a2698d43768d257d9580057b106be62444dcd874086789bfccd21bf1afb795120b7d7497acb41aca45851"}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x2}]}}, @TCF_EM_CONTAINER={0x90, 0x1, 0x0, 0x0, {{0x3c0, 0x0, 0x81}, "cb959f3746e26ad439ca3018b798264b0300604d0cf5cac56ad8e59099fa07c3abe05cf3c14e4ce7588847fb1ebf504803648d07f8438ab2c79730761ab8852c359c57d53afb127cfa6d3dad51498af3d462306dc069190f7b1e7cdd0566fdbccd566e6a7ec3d5e993cb5d3d95b64c3d52421a962443807c16a36b976e9cc7e25c0f29"}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x100, 0x1, 0x2}, {0x8, 0x5, 0x7fff, 0x5, 0x1, 0x1, 0x1}}}, @TCF_EM_NBYTE={0x18, 0x3, 0x0, 0x0, {{0x1, 0x2, 0xffff}, {0x9, 0x8, 0x2, "83c03e4c63db99f5"}}}, @TCF_EM_CONTAINER={0xe0, 0x3, 0x0, 0x0, {{0xda, 0x0, 0x101}, "95693ff43b1c772f0590eeccbf942d260eece1941b508e3f4dc96d86ddc212bae97a7fddc6205b75c7ce0d4a5f4825813e903f44d4bb4f931b62c1015a7d72246021d89cd1b33992ad3628cd03a9cca1e482b7fe3e8ab8d42b058ed3428abb07707e12fcb2ea50d9d4255cf6d23008e13baef94a1507b5d99e5da30c17efb0c721d6652ed0945e75d3daa7592469f3f25651c55f6ddf367d990d5eb5c8824dfcbf74b6c9ca897087bde5de9d0ddedddda15895d3e8f312e12ecfb74ef8191bacf42647debc129cc9c97d8597d1c5f2248a484d"}}, @TCF_EM_NBYTE={0x14, 0x3, 0x0, 0x0, {{0x60f7, 0x2, 0x1}, {0x0, 0x3, 0x0, "f316d2"}}}, @TCF_EM_META={0x8c, 0x3, 0x0, 0x0, {{0x8}, [@TCA_EM_META_LVALUE={0x31, 0x2, [@TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="2fabfb8f95a1aff6", @TCF_META_TYPE_INT=0x3, @TCF_META_TYPE_VAR="c3b093cc0a", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="ed99", @TCF_META_TYPE_VAR="d17e547ecf31e57d0b38"]}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0x9]}, @TCA_EM_META_LVALUE={0x10, 0x2, [@TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_INT=0x7]}, @TCA_EM_META_LVALUE={0x8, 0x2, [@TCF_META_TYPE_INT=0xa]}, @TCA_EM_META_RVALUE={0x1e, 0x3, [@TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_VAR="60b398", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="c7f627", @TCF_META_TYPE_INT=0x4, @TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_INT=0x4]}, @TCA_EM_META_HDR={0xc, 0x1, {{0x8, 0x1, 0x1}, {0x9, 0x1, 0x1}}}]}}]}, @TCA_EMATCH_TREE_LIST={0x1c, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x200, 0x1, 0x7}, {0x6, 0x3, 0x2, 0x6, 0x5, 0x1, 0x2}}}]}, @TCA_EMATCH_TREE_LIST={0x254, 0x2, 0x0, 0x1, [@TCF_EM_IPSET={0x10, 0x2, 0x0, 0x0, {{0xff, 0x8, 0x7}, {0x3, 0x4}}}, @TCF_EM_IPT={0x130, 0x2, 0x0, 0x0, {{0xff84, 0x9, 0xfff9}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0xa}, @TCA_EM_IPT_MATCH_NAME={0xb}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x3}, @TCA_EM_IPT_MATCH_DATA={0xe6, 0x5, "99a134de9e3dda10518adf6eea8b992b0717602bed531d36d17bd8ae5735280353d5ffe4b29fd00bea7f3b51957db96578051543879a67828c8da17842508914417ad7ba2e5146ae76aaf22716df924ed8677ff3f5875a2b908546d183db6353ad1536935f3ed786cef45b005348e0898265280cfb260c8544a3e3b8dd38903fa61f5ab6823a3526d3aa9910f5549d230ff483882c99c4240bf1e9eb107c450a70cf5205c6e9d6dd6de96dc1d91a67fae1680d963b458d9366b2b0ebc5b7c0946b6db30156794e0474cf90f31f2eaf21eb4363c1009589500eb668d619ce74a28ec1"}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x9}, @TCA_EM_IPT_NFPROTO={0x5, 0x4, 0xa}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0x3}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0xe}]}}, @TCF_EM_CONTAINER={0xf8, 0x2, 0x0, 0x0, {{0x9, 0x0, 0x45}, "9c3dd223f0eed17be65f7374f51385c1fc19158675166bc490fc59d52f2f751b5929cd22022e82b07127837af36a32575339a6fafeb3738be72d8629f2121b1a5a49a63466946fe2839bd499c63f4d47682e921c3b4dc2d979a4941a45042c45494b6c8d3c1d2f7a7b36495fd560d98e539eaf8c79176ec2a58a305924e6ae0beec43f5294469b993238751378714580d57ec181074f9c80462e1dde17826811c43ac525ee646c4d3129721fb383a9448b9268398792b73bc7e726ddeaa4b8ded1e007b95d2d8b4f55108faa9ad41ce10eeba015ef1f52c7d672d9db3703dd0a56a00829dc242c394edfc6fc"}}, @TCF_EM_CMP={0x18, 0x3, 0x0, 0x0, {{0x2, 0x1, 0x6}, {0x2, 0x7, 0x512, 0x1, 0x1, 0x1ba6fa9c0bf942f}}}]}]}]}}, @TCA_RATE={0x6, 0x5, {0x10, 0x2}}]}, 0x2434}, 0x1, 0x0, 0x0, 0x4004800}, 0x44810)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000000480), 0x21, 0x0)
migrate_pages(0x0, 0xfc, &(0x7f0000000200)=0x8000000000000001, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r7, 0x0, 0x0}, 0x20)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000003c0), r8)
sendmsg$IEEE802154_LLSEC_DEL_DEV(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000", @ANYRES16=r9, @ANYBLOB='\x00'], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

25m30.655547s ago: executing program 0 (id=504):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
pidfd_send_signal(r0, 0x0, 0x0, 0x4)
set_mempolicy(0x3, &(0x7f0000000040)=0xffffffffffffffff, 0xd)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r1, 0x100000000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
openat$selinux_user(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$OSF_MSG_ADD(r2, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40084}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r4, 0x5453, 0x0)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r5, &(0x7f0000000240)='cgroup.controllers\x00', 0x275a, 0x0)
capset(0x0, 0x0)
lsetxattr$security_ima(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000180)=@md5={0x1, "4bf15792a3addb53022d803d9030ddfe"}, 0x11, 0x1)

25m30.158566265s ago: executing program 0 (id=506):
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="580100001000330100000000000000007f000001000000000000000000000000fe8000000000000000000000000000bb00"/62, @ANYRES32=r0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032a51f00ff02000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200020000000000000000004c0012"], 0x158}}, 0x0)

25m29.967062457s ago: executing program 0 (id=508):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = fanotify_init(0xf00, 0x0)
fanotify_mark(r4, 0x105, 0x4800003a, r3, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)={0x30, 0x3d, 0x9, 0x0, 0x0, {0x1}, [@typed={0x4}, @nested={0x10, 0x1, 0x0, 0x1, [@nested={0xc, 0x10, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @ipv4=@private=0xa0100fe}]}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x30}}, 0x0)

25m26.570021296s ago: executing program 0 (id=519):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='pids.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x1, 0x0, 0x200, 0x1000000, 0xa, 0x1ff, 0x1})

25m25.558742526s ago: executing program 0 (id=523):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000001480))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x34325842, 0x0, 0x0, [{}, {}, {}, {}, {}, {0x0, 0x1}]}})

25m9.784656558s ago: executing program 32 (id=523):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000001480))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x0, 0x0, 0x34325842, 0x0, 0x0, [{}, {}, {}, {}, {}, {0x0, 0x1}]}})

11m59.254045427s ago: executing program 5 (id=2590):
socket$inet_mptcp(0x2, 0x1, 0x106)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x53cb1000)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000140)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}, 0x1, 0x3}}, 0x26)
getsockopt$bt_BT_SECURITY(r1, 0x111, 0x3, 0x0, 0x20000000)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003)
syz_emit_ethernet(0x2a, 0x0, 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r3, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r4, 0x0, 0x0, 0x0, <r5=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r3, 0x3b89, &(0x7f00000001c0)={0x28, 0x3, r5, r4, <r6=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_HWPT_ALLOC$TEST(r3, 0x3b89, &(0x7f0000000200)={0x28, 0x0, r5, r6, 0x0, 0x0, 0xdead, 0x2, &(0x7f0000000240)})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="4000000012000501"], 0x40}}, 0x0)

11m55.492307257s ago: executing program 5 (id=2594):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="0000000000000000200012800b0001006272696467650000100002800c002e0000000000feff"], 0x40}}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000280)={'gretap0\x00', 0x0, 0x80, 0x8000, 0x8000, 0x7, {{0x5, 0x4, 0x3, 0x0, 0x14, 0x68, 0x0, 0xfe, 0x2f, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010101}}}})
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
sendmmsg$unix(r5, &(0x7f000000b980)=[{{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0xd4}}, {{&(0x7f0000001bc0)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x2, 0x0)

11m43.950708051s ago: executing program 5 (id=2615):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000240)="67f30f09660fae7e0066b9c100000066b80d00000066ba000000000f3066670f30f2e18d0f20c06635000001000f22c066b9800000c00f326635008000000f30c02d1866b9ac0200000f32f30f01df", 0x4f}], 0x1, 0x2, 0x0, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="8800000000080102001d000000000000050000040900010073797a300000000014000480080006400000000008000640000000013c000480080002400000000408000240000000860800014000000009080002400000255508000240000000030800014000000061080002400000ffff060002408864000006000240809b0000050003003a"], 0x88}, 0x1, 0x0, 0x0, 0x4004}, 0x40010)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r4, 0x1, 0x48, &(0x7f0000001600), 0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000500000000000000", @ANYRES32, @ANYBLOB="02000400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="03000000050000007500"/27], 0x50)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000000))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{0x1}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x26, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
syz_open_procfs(0x0, 0x0)
r6 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r6)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x101, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000140)='bridge0\x00', 0x52c)
r7 = socket$phonet_pipe(0x23, 0x5, 0x2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])

11m42.188956168s ago: executing program 5 (id=2624):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(0xffffffffffffffff, 0x11, 0x0, 0x2)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, 0x0, 0x0)
r4 = openat$drirender128(0xffffffffffffff9c, &(0x7f00000000c0), 0x101, 0x0)
r5 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r6})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000100))
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
ioctl$IOMMU_VFIO_SET_IOMMU(r7, 0x3b66, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

11m36.040778898s ago: executing program 5 (id=2635):
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='maps\x00')
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7d)
r1 = getpid()
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r4, &(0x7f0000000200)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=@newqdisc={0x78, 0x24, 0xf0b, 0x70bd2a, 0x2001, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}, {0x5, 0xd}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0xff, 0xec2, 0x5, 0x2, 0x400}, 0x9ad6, 0x1, 0x7ff, 0x6, 0x12, 0x14, 0x1f, 0x1b, 0x6, 0x2, {0x6, 0x19d, 0xa9, 0x8, 0x7743, 0xfd1}}}}]}, 0x78}}, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r6, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r7, &(0x7f00000103c0)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INIT(r7, &(0x7f0000000040)={0x50, 0x0, r8, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
syz_fuse_handle_req(r7, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
syz_fuse_handle_req(r7, &(0x7f0000006340)="b31c8430e2e856e4d513f6038b594a4cf8b712cc20e3d9687f596968a8ab6d3ae91a411bd6e9c4c9e2db5ac139eedec62e6a30d42113e8e6f9f77ed30d68d07afdc477310ce42be8ec39abc353c171d984f9da1543201b6894743bef9757c1cfde68716f7a2564be40d6b4392b8bfc3459870e6524e9ccd3efc1a03887dc9b3f48a2b105a727636023926601904c5feb8071abe51602032003864f1c8894ac1e608f6902b94bfdf10cbdc540e1684596ccc86f092121d87c87f782c85710896e9319921962db650ed3a5fe61559f247f5051d123aee5cea859d64e6ea0421328bda439e3a7aab088e2aa908823e155fce87bcb13630d3088e0a91529f359d68580469c67d3beee2b7d7c46403b876cbe464430cdce52cd142ac535b8a1b2e19a4538623a39631dbd8fdd41d16c4ef5d34d23050bbe077006898677d30e4523cc1e01407da1ed125b4d00051b8c17de2df26a60b3965a9b761ab5bf9fdc53ca4b0e0a0e250405fd9ff49237e0f4aa0af0a0abafcc96f628ab75c5be18afaedb5ac02ecf6584b93369100c33e57dc9bdcfb3ed4daaab698f1553c0880e7b8ea2d86395da349661b1d3f6ed6ac75445a8f86c35b55e0459c5587aca2a58e430c0f5bf138a9476f4044dd75f4cc27e5730d87a1357413bcf858c1c87d79923d2129373d275ca9dd8b0a1c76497bbd47e589bf10544249236e610c428ea5616af293617239068fddf0ed87d36040d26e133573fbbe91fa82529cdc5ecc2e917a599c6f4adaa4eeabd05062dc579664d8d28835f62b37e148419ec3962571dc04f068771ddc3869b17f0accfe8748555b5d59026b14e65bcb77375c713dde1de0be3924a769b429cec3f708910b94bf927a0c20321d72f08dd6e7df85dfadf8c62e4f40be2c686b65ac00a86d086f8078d7409c4f103f0786da02d618fdf414d4e44ba932a1f598fd6527b4efe83dcd0ed6826d23eab1d54b1c9454832dd021e15148660dda52f836918062f2e0356e4e1641a7dce78ae7d42c8f40e7797d39e1996787a2c18fe699f2fa81e828968e682be92051fb78ccda1f8b42817801f50809db82a5a08fe708f27f3ce8a68cbbf5c46f5fe872db289d55c96cf00ff5c1eaf50c770d1d44cfa0d33fd72c34e18893c25ea17c5d05833b8655edd7c331aa961b5e62799465a28c40cfc97c9eb7afe164cee023df12693cb9fd155e51168df2c3a56d6c3182123aae2f0f10d5318694bca2ad67b44699569016936bec85afedac2e6fa655c1093269afe5b392e662e8235321810ee858d26614a90fea3953d2a5a920b056fa5dd8bc8ee2d67aa6c582c7b3725f4deb5b42a4c6c310e9d602f9a397631e163af225250bed87f13d1ac2906b5320faa3b26ab148dcbed47b304bf3b25494c33fd68b0acd900415d159d5ce94a66c8d6c468f8b48369a79105f6885b2128e0534eee7e75efa292ded465f97909eee0b90d5836e8a2bef8e24dfb80520608891ba3a78e2233f61cc27eb44e88cadac813101b7f9a4f844a5c71eb9bcf98bc8d906e31e4592cc27437089901fca7ec6cbed8900fd5d1248120012a284c641193a5ee06a2a41c075af3384913847a11c0e2c0464d78a8ddb4f66bbe0311bfd881c92e279a6f2e2eb02516e8265e2148aee37095ad12d460b257efb63409a70fdb96899c7ed331320584f84a12ba8043596b2b5c510190010a4889783cbec6aec0377aa2f39bd67dea5a9788d05d3d9808116c8d90cf481bd25e9f33911e1197f8966196e7b69b5d52e64e4179c9ff164c3dab6a08de0d68e083ab63e2167d748522659aba740381ec8361f25eaf2e5fd3fda7ffb8c4bd227f94fcea7980dae7930f3d76703c17d0c14ec62e609acfd4813799e56f8231ab8eef61974ac703f6f3c77caf4b28b8d20db343f4a92ed5b774195d102a9881434394888936ba2702f46b2e68b802a35b8d4ce05e711d4beb3f452fc46239741d07b711e89adaf54be60ddcce7a4aeb6b2bcd80a7e3ed2885a9dafde68cf94caa62cace789e0d86bb8e080c35a2a9aa9e4b2d550503220ce400012a553b4f2916446e6325856991445c7b8ed53f42f39e5423b2d443669541f22acce3a35cd294464558714ab658a2f419a492288f2a824a398c2169c43621857d2387f831479901e723799b0cd40585f11b3733f60b74134cdbd7df193c71533ad790e627a5111f4db3fc2cd5e010c38320f950769c3c35504125f12fb2ea92cf36e98afd0805177553866986e41c077ea04a9249827309a38dbd81942dcccdb72f7563ce915f6412a9cb50cb57b50bc208dc85193a142217f9810240a807bb01c365505ac09c3ddb4860b07726d507e2ecbee7962f91e0856b5f7064b4bd5ff6285c68c9ce35c89db81c777ca9b616170be140b9bbc1e26b64cf7445f9f27967981b0b73ce2bbe4d577e5167349f8aef07cdfa585783097cb776a9ff7b51261dc2dc4de71fa795c0e2b6e5023f160a21516653d28b82ba5d2d7fcf6cfe068665ae51a5fdefdcd939f0c02b10d311b80f1aa25b2a644d1df93236341c4f2e70b04e6c38c3f815bd9cc41795a5c7fca8cddcca2cbca4906bb6d58359696de8212f11b1c899916f9bd484d34302c7aa80f3661d9f255b5beb66b6cc4f699d3059b3e8a828a0b162f6b4066fd4fe09b2ef3351eaea66507ee3c605087a7f2b2ab3b2c2c0a0423bb9a91e027301dd283b17f87733a2682b82eb040aa9fb804ca80ca0c85c401841bd81411cb626745ba784dca67485219cdce90b92624a4d341ed074273579c2fdff566bf49b8a9b48ee5da8cf511eafce5c789eabc89b9d5273e4bab36a066e755e3b1a6451509f4b615e03ec3c2638534b741567c5a30e87e8f00808dd5f9f7ced4d88d5cc8c56278d0e929b50fb4f9b3b092f3ef3e337f5d413e36555f28440a8bb811fb79fc560acaaff868daf2b614d397071077e2ae7ba2674b18027fe51ebd6c427203ab20c6201c6c13a40f21bdba827f6ee9779244c28a37b5e4fe6bf5c430fdf51d8246f222275ea1c9f3315c4afd18be688106f5cedc6c4371190786fcc97c231dd5b90eeaed4ac12363d7f710aeb43f3a3b3c7ba0b4de10231ab6e43f73f8b732fdf9c5326adea5ba5c38b4a610eff9e4a5440285fb4510a43178100ef92d7e32ea1033fe0d850ad4fb4d61f174fecf7db32a203ef210d20abde4c0b38c1ff5c40c2725956d1789a00360055e3a67ad5b6055caa5887605505f56e1be82d31df424dc59d00fce949971b615f58b1584a128548a1f5a7aea7c3ca7b598861ad905a18d680c31bb05fae49074a2572f7c9b61a1786ca6cdbd375cfd3f70d1b26560abd41f2dc78db0452b2800b480343f78c39b892c7af17673730cff41499e822ff6b8bdd5c4246d688b333dc567645136d2852e0d371e122df9749d26174e9218c500d172aca91f0f4b620e425a21a1c9b4b43b21ec08575acc7ac1a468fbf86f66a5e47ae716b81288d065aa9ad0bdaddcc10f6070f5513fb562682fe687ed49c5407305cb09e3b71939665c7f49b526259ccb6f2a298f1ef8b6e803d19c3eed4046ebafc6754b089d6613810426afbdc8c6a7ffa1f2db8b242f48197005da14911ade186fefce677a2d257277b8f7c2c766b95122832630b941ab7cb4d4ce2e65a73a64ac4f8cc569126f3f8342a492dad8bbb3a7685b7ce23a843658ac44868017c768ab7a8020cc81a470c75e1ca6592a531fae4553ba4cea0cd941dd0cf4db4c6c725630013b6d26bd923538ccc59f4409ec0c198385ac95cef5d752de5d9cdd5fcdf5afe914e41e48343d27b674b730a348cdb4ab9ee45a1f6a84dc255cea7ad4578dffac568c7a255413d7e56001bb687eb29d0bb68e7ea4a6989ffe3fe4cef336bf22bf547101bd5538a4e07e40cb0f4f720e8b0cce90362fc892678adf2487b8b9eb5ce2e6efc786c810d66a19bbf7907de6a865bf71958779bb59adb79e0912ce57ad37c3e8c558f979fa8f68a3a0c96d80840fdf8a3c1eafe5ebd1e2fb64b6d62d58117e2b33107b7442814885e63c858e5a3aba29d5eb4f8916a0ba007e28db21185edce798ce9e05f7b4dc5acd4feea0caef87ae403753d5423172b30a52ee32dec57052ef97fec67e2559656bc6ed30ac3dd312cf43bd1e3e7e4307503b97120468262148162553ee4fff0549f69bb2d73602138f29e6a2986248d65e6ac68e09c6c6e50e9faec454f8e873975f5904732f637bcb7ee2a5f7dc28bf913c931ff596e9cc440c0af9c6c0c512cc3a44d140a8d91e37c493cabda57f224dbbe8810dc66ecce280417a6c1c4f1a4663b10136195db8942082b0704d000e26dea736092136251c30682769367ec6fe7a082f8752aa2c08bbd0d6b3bfcfdba96bd341379d3935d6ab58550c117eae6a9ee0654c50c8663f14bcaa6192c83435bcb1c086e7a0cdaaea01ff46df676200202bb6bc4c7e14f118d4781a98cfba632d3fad08450cad20b7e05b9819a82c042cd6047398171bcf947cbcf4d3cc83da18066a0605503252529651a11946fecaf7a3f28ef6a2aa5790c269ea7e67c67de5711be3a3c7a6944677f348e18cabf5fcb01a3846b0d3ce507cabb9304554e5ed8f5a3fd056111e00a7af6b972022abad462695a22cb8b21b6ee94763ae14e0c1da3de634c7214264ec5a4f74e6226b0b60942fe2208e37776c76c756872361d4636d67b283830ca7f8681081f8787cd96ba2ec87afdacba4c056675e0561fdbd9cb784085457814160c145047adf1b1b6a5e5e063d6f659f4dbfefeb360667247a3d4823409ffcf72583148b4ebfc4a3935a363659465514a56bacfe6d7074ce77c8ee7025437dfa82cef7833c7073d0adc3ace7cf48bbc0addc3d7b151cd2ea4a3e15f1b35a3c3b18bf4e4d69a2c05f9650a4b03f262da1ebacf25b19c527a628bc515bde4b68f596ba2eb6c925165c863bfb6b5207ede82bba34bb94870ed43f9eefa899a06bbd16fad10295b11bc32e3b9802f32554cb1ed62daeae706e32bf5a8ebbc364ded77f5d294678f81b7c84b173f848564b291774bc984b349d21896a5ae6d73f1de63bb17fafda2e72bad8d68ccb3e5f01ff5df044493199b51ff96149d643e3e6d6ae97272c60d1ac429eed605d168c1c251c2e76c426b88b03ac6824bcc32fffb709b9dc2ef58c6a2825b046a5ebd4b07fa7a5d02489759e6be99c8b6c6b7576bd4c0ea21bb56bfa7cfe0f2b88ac3e0f5ec1367eb75ee5dc4711e560e61da5f41425a9edac298fabc34f868eee57e26ef8e57a4216719f5f82202d38458dea003f91227c69cd29e5435cd508df70df544d6db142fe713c5246099e71080872bfde33c3c3ecd7a8a3e4d8b32706c45934e87a0bde9d967fc9123d2430e8455577eb2cbfef74ad796802353e4131661b05914159cb910ce6dd8c8868554b9edcacb32c5066494431315d4bc1a10bba958f9a91e4e1b4f4b01c021518b6d2dc5c5fa9aeb987646bdd36fb369f03769f05ff55bfe5fad541519376808512378e58f0f87f5b935ce681c3eba7cc5a453b0a975c2dc11063525750dd859d72da38f88cb8e7b827c8ad065efa1ed6242b47271a4713a35ca78db319973472078fe02d7f7010164af9867a0136956feb9e55834531d4058523b290a425f097b9df7e44e9947bf9f590d63642f2dc5663919be30eb5ab3e10e9ea31e86d1c4b552e12fec9e70c55348f6ee50cf009b6764040c4435daa714ee8f9ba82fe12fea4ea5100945d97b849484056cf5f72d1e4700e72f763882f1b0939d51f80ce869a2f7cdf00ac4b601094c6134363c883c3a7438cc4c87d611c0ac0431570ec2b6a4aac2652a68562f7876600833a3dad2bba0831176e8fcc6825d4ca1fe655c55ac6db6ddd6eb2e92c73cd5cde1838047d6a8dc982087d3be3ee9173a34d55f2b3317458f0d31dad70ea81d51239a41258b1393ae7daa92c0169625216485b68bc780f3e0dc8de3adfcd792a05b884a4df1e1bfc428b9e86da61b2017dadaeca2cbece453a5efba0348aa02cb8c9e6473d95a43ec4813a5c2e8f0664a23c9f67c2cf0712904ab44d59d645d4bee66c47c3f15c224d8b2d8b0c93753b2c2ee57aac93f634d86907882d6868957dd284a1ecfcdcbff989d7e9decae7afd8ff8cbb27726a1eb298860488d8232f186c65c7561afed11c6e6d9e5e81c118695d02498bcc2a035b089c414df3a37437fe2413223ea3e10ecca254008df73f22c06e7e85610f802c342e7f31059f4cdc5524a6f6b0d1e0ff2ec88e8a395aaae956708d401c372a8cbe68d375382fc2d0ef1f070e6dc703e392b7ff5265aaadd727426af5350d88e4969430906d46995d5cd76edf4b7e0e93cdaed900112f1ca0963da6dc5d771cf4c1e721e3c0e375fd157a090f67c955a168200c1386d200fa3e575921668e20f7ac496224cb85555ec112b38319f62159a3fe10f4d7996f6bf35873c7a42edb925da16874930d7671c19ec118f2173b76ac7e9cabdff90ccb7e6a3e716b41b6447573dd8aa4f13a92b545e05cc35568c45dd6a6ee731a1b8c34a7caf57909b8c818b3a22dcd66de1873037889cc906d50f579db2a37be36624aecd90d833f484ea684fbac40e4c69e95a252fe93e406e3b45339887aeabedd9adbced6738fe29d4a9ed913405cae0ea1ea44348398fbf30a1f74de457b3543bd1a7941ba8429aa78f5bf86c8662dd814d46e14fd7624f76452fc566537668fa3222225bab95b7d46a6db4cdd7dfd34d89aab015a170925620ddb10754496c343182d3a83c0ba28bf0590e6955bf43aae50b00a5a9175fb90d84acb871dab9dba29cf2b9257f3ea37eeddee7e019f17e0983791e3a0715720e48bda36948b24109bcb8fd747519a625ca3175bfcb1c6a1b597d415aa06478ec1a26c81099367322d18af53d5f5b388ab208d3447d901f87c7bcc51ab4743e593c03592f892fcfdedb00c800168d6688d974382dd2c18e6fcd9c5ea3328c2269053b683f0cdb61b50d9d558a296af79b8ec11bb9a032b336231d9c5549c40fae8ed5ae468b5fb00eb66006e86e3f48f4b5d7881b9a32377d04ca7f5ab92f64cdd063d8df798fe469359df247d925915e39401f5b203bba45a28d3079bb87a35c53114a7785753b565dab74874a3b78e45730330381585d24a169b0187a45ce0be67f69133332b8d0945f517d3760c8fc168a802106b087528f91a9990ebb19910eeff0d8aa2355587648518f095433e52c84ccdac81909e299b23493cf8b9ba7e6039f95ce6f02e0ae70e624691a280e0e66df1e6686489e5b03295853fa9b1a9900816a3b3cc5a7c442feb2d3da4f55e185333096a649bcef6a223cb7815450529674c8fa8aa73257e3517a0879e45f41af8b7be93730bfbad9d3ab176e47610a76f3bc72637d30e57bae38e1cb5049d06aab1b271290e897532a0dbe7e97e5a759526c81bfe1040ddcfd73dea397b4879571244963e90a981fdb32b5156bc5f6c0eecb48f9e8773209c62fa2903090ee871615586f93df99a6e403467adc70323c87e758bd2a05b9bd12f2b222d52a045206ccf1b57ffeb1e336b3ccaea6f8c27ddef68901e2aa74ea3c3f51e2268645dbc6d0acf7acff098beac1216074109733d81547fd4b8cb542ee40365a7cf5b650595ed878540ee1531afe842328acbbc6d8b9d84228e4911428a896f67888f881e09b5cba464920e27c06c846e9971284ef7be2d8af0575ecdf97555ea71f81c7563fe564a601af993df1de8066fe860ac025b25c590249b01732074ff9fa6adeba714c92eb44ecaa9563ad1f248d4c2a9a354bf7f16be95f53409a25067059e087252d102faea16c8030ff010c9df0efd47e00aa18f6a7eeaa059dacb0fa86117a8efdfc300c95cf5f10f3b23ebf659ccda174087e49409f8f53438f6f9247ba57221a8f3a2fcf3817cb2117efa58ddc32805bd61fb59ca42a10d95e0cdf38e2d8fe3244468437a564f7c6f43f799790534c45e74d0aab7d1334fc9944cc41cb375a6ea422edf5655a6985056662741f648d909049e86d32d1525e4d203e373ce8df6a5f94b7763bae3664b0878777e95a8abeb112bc917271865afb2c161bde5fb895ecba49b7aa80ae23f0058e22215d24aee844547296bda70c068f7465652826abfafab50573096a2ca26a92faec48f6ad1239b087ea5c693dfc740612805b31db94b4e0d60b9b0bc2ef755807cda981afd5428692f2e689aae3614d4c7b6bbdb5316ad3cf7a9ac173e40ebb707aceedf27a2c1587430840db44fb0f2a11b8f5b405f1169c6aad4dd1da7417ec9a27d9e2fb93480ccdacf66fb9cc773aff017ce344e0b8d478d7e025442303a026ad21f81bbb798efed40788f7842e00aea5abbcd8c6e7b090815aafd90a7608c8b2901798aadbaa07580d8b5a2f6ab57beb5642108ffacba4e59e000445e2bb153371e04c0909a2b37aff198a36cd633eb906826bb11b487c3393e7cf0cc449f4f4a6b5e079708ba6eab609a0e5bbdf7c7f359d02f625a88c9441ca34b24a3a3d1f0068d3df8bc92d1ca060a52b6214da87a4b0f35b5a9204f124b02793878a02fb3d098b9929cdb6a3f169690ef6205d0d8ee556d6f21fcfe3c40910e2e7570ca01d190f34b484e7ada1116cde78992beb1a7fddbf18bf1ca6b56000d1483ac44604eca570da76f0aa4772d74bcef773bf54e911aa34b48cfeabf77b56bc660f7d0226fc3b88a67e7d748cd63faa141bb5aa1e28275048ed0ec8b9c6b6eacace501ab43a2206873fe3c4e91e6c523160ebcc1f51c87a14c2d37a247b00bc47e8fb462c61c52b9ff6b5bffc0de47dc5931465b627d141ae06ab40f35903ce5eb68bfeedcf755c985bb0302d2c9b4d8f814e624bd8ce6fd6e50f70bb70025ada430910c6e6ea64587adef38fea72e986221c8960fc8b55c677648050e82ca34c6e654656c3b0edcc048b4c20dd3daf65e9ba912ac4d451d34d64c7e16ef731187d82bb762aaa4888dd76f0ca9884474c80334c1814c439278d51da447bffd865e121992db98d46031c86e4b2d506e4c895f62299a08647e512fb6d37e830529ca0f56f2a2b973c269b16a88f58c9a338d2cd333490cf0b034040f0589b92af25e308a7254b3daf94502ee90db5d6e1fc83c3041fa551bf71348db59f5e3559ec5839cec8b39ad447c1b94233f0f23bbc4964df8b0d199aa376d6db04201185a473b50c8072a06040830d33387887047c036147d7b4b726ed1ab55f0937a3a416411165fbf5b479762ff39acbeadab8d6c6994b2056e1b6083e18dff8d4cd2effb994fdd66a052e0840777d0a86b68fe20574e7b107dff8690098721b2da187a359907071a43560f7be046d67c72ad7ad97b31fbe6d5053d51d1f41247de3bf846b819b1ff79f8e67432db27f6fde13b3ec86d28d8913204af540360b465c91e6c4d3ffae32ca53fd890364d645df51afa92fdbc5011eb70b0a601fb8714021b0d9f0e643684454f2b0e2525d37142bdb10fe8885e464fdcc3a068ee9defd10a64288b0aa907fc7af1c7c008ceb2c2ccdacad22df72e74f61466cb0be8aad594a3a4b8adbc696c01921ea62b143cb26a05a1dd335a7c2e94e4e4cc7f9ee6352d2cc1e1682fabb3e66d0df9f7e768ad404020e31b7c36fc83b4aa91716cba722a0d20dc6ade58281acbdfd15eddc5293c2131e4b25a7acb435b3816bd70e5514456d0462b7276478531a30c59eb77b3008f1bcdb4940130b46062ebfdd6a22051ab6a87a06a8d1a8cdb410ae2c976769e2a1f4e198ab4d6606cbc37d9aab132a811933dc953d77e025d641611348f5c27aa155fdc482849da16251e5d3ce77f7ce3165a505704aa79482fa2bb83db98ca1e32508fa08a16ce1438a26ce5d10790dfda92b41122a6819521eb863f0c2c6a59c65215030d765d9ab89b3e8bd3dc9cdc21cd74e77ae0eea77eefc09872de52b176e7f1baad29a00591143fe43f3f009a801431f735757397c38597cd0d05fd596d13dbbd3b92c73f3867efdb4cf762d3dd0d6e45197b78af48cdd080806646b04b198d4c77f26f782980136fe61f706771f9fbdc608ec3842e6b9e45e12d118a7b4dc166f4d5192097a39fc415b92721a57b7d0fdb98a3a39a1faaab822f9cbb402c8d1e85fd9e6e6930882f9c56623779fca4c9ed955a77d49cd04503af530f601e4e47435e0e0bd485c8eb4cf991c0b12c7a1f9e27b5ca6d0b8adfea5248f8251231355c41fc4b3c41fa89bfc3df8227f44009a9609af0ff50a96ac71c36693cf37b55533755d5a8929fec081a98b789c13541a84d5efdd105ff9c70eed73fc9de2d86d2fba184a97a76e4aa9ddbe1bfeb1e760ffc44ae3ac6f7a126fce0007308627837023913f0b213779e176a25e467bce3b9a6948eff4126a2ae19c23db60b049cca0f9fdf7a54a67b561519eb68f8c5f6b879947e2e54a4401250251244b554780af563a8409e0a847b0e59d36bd36d6d1adb32271a9f8af86165f94804c0e7b3fc6f4d4e450b7c652dbc2cbd87bafae53690b97e3fc81e5d48c877a42c2c472f8520e0929e920db596580623458b80c49ec89fb1082e7130ae5d88bd8e65b07b50429828a66ae22cf03c0db37fd58cce4fd92d3d461f0b61005dfdfec0417f04d019dd4728d90b5aad7f3dd997064742c35584c9ebb9d72f382fc4be0766096d8b8263740c2e32e70bedc1ed9a2a3532214c33d13754fe427d64ac1e324f9ba89cce107d5097acd8a8c7ccbaa33729952eb8a75b0f86f11fa408712087f97aca5a17414d1a3dccfa7f3ae5e40b2af27f7da8b70ecf3afd2959a8d680c36ab37310588f35925e38e38f12eab52676ac89ed7e9d272dd85b179a6867b6f74790a8ffe21a6a8f0a6ad7ffd439d6557306013f750e961c259c0ccb646c77d7150772e7a618e30e5327f47cb92ff99e17f8a7ae58a51f0e2cd7fee2b7d2817106f28599b7e93754a7f296f9c57f3e290b758c03f3f622485106745c9cf75dd00ce402cbee47867dde4ea7c7628567eb750b5caa3a81b1e4091e1f09f07e9de7e54d9aa0d161694fb4a51418d9e075ea81859795414cc07f96fe2d4954e5f70fcb5f81742d87702321eebe165ce6d4028249351937bf0fddfa0273e4ef20f9be1e9c7ccc848e4fedaf62f92a4cbffae1bd3b1307b905124319ca4dd9567abfc228b1c57b2f3d5079461f97b7359a866be1e0b36f5506b9fc9a0f6fd07f136dcd98eee38c16829dd9415ff92ef49e4c1ea42b5a5f846109bbb5ad18e1b211efe15a0fd000cf4478eac290e211d54fd5609d0bbfec7c143747a2a33a4491db64aef28ff3ad01f0e5bd18b142fd3c9b4e64de740d60cbdef3c6efa063fcf31d73ff10bf71eb51324b3dc4b62420794a7f08daf21a93856c775e8c2b97604f16a18432a4908d9acd1043f1ceb4670023b42978a9dc5330826997c0f55371a1877edb9b0cd5ea2d69f32b51b3fe59570855cc8c99af6a915add9f2e92ef1c044bb7258187194ee67ee7d8d954afe322b8b7fff5515fc2514e7a09b4ceab28fefac760fb2ab6a57b2d11408600d63bab4404d9f75ae30", 0x2000, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x18, 0xffffffffffffffda, 0xc, {0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
write$tcp_congestion(r9, &(0x7f00000000c0)='lp\x00', 0xfffffdef)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'})
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=ANY=[], 0x13c}}, 0x0)

11m30.750751036s ago: executing program 5 (id=2644):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
getrlimit(0xf, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='cpuset.mem_exclusive\x00', 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$alg(0x26, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8}}}}]}, 0x38}}, 0x0)

11m15.676170212s ago: executing program 33 (id=2644):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
getrlimit(0xf, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='cpuset.mem_exclusive\x00', 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$alg(0x26, 0x5, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8}}}}]}, 0x38}}, 0x0)

14.0381819s ago: executing program 1 (id=4477):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x84000)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x0, 0x0}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x12, r2, 0x0)
rt_sigtimedwait(&(0x7f00000001c0), 0x0, 0xfffffffffffffffc, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180200000400000000000000000000008500000041000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="4800000010003b15000000000000000000214907", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b00010067726574617000001800028004001200060003"], 0x48}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000640)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000600)={&(0x7f00000003c0)=@allocspi={0x22c, 0x16, 0x20, 0x70bd28, 0x25dfdbfe, {{{@in=@dev={0xac, 0x14, 0x14, 0xa}, @in=@private=0xa010102, 0x4e20, 0x5, 0x4e23, 0x8, 0x2, 0x80, 0x20, 0x6}, {@in6=@mcast2, 0x4d6, 0x2b}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, {0x1, 0x240, 0x100000000, 0xd, 0x9, 0xa1, 0x6, 0x2}, {0x4, 0x0, 0x8, 0x9}, {0x9, 0xb, 0x713}, 0x70bd2a, 0x3505, 0x2, 0x0, 0x2, 0x47}, 0x401, 0x9}, [@migrate={0x134, 0x11, [{@in=@empty, @in6=@loopback, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x32, 0x0, 0x0, 0x3501, 0xa, 0xa}, {@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, @in=@local, @in=@local, @in=@rand_addr=0x64010101, 0x32, 0x8dbe4ed97bda627, 0x0, 0x3501, 0xa, 0xa}, {@in6=@mcast2, @in=@dev={0xac, 0x14, 0x14, 0x41}, @in6=@empty, @in6=@mcast2, 0x2b, 0x1, 0x0, 0x0, 0x2, 0xa}, {@in=@broadcast, @in6=@empty, @in=@rand_addr=0x64010100, @in=@local, 0x3c, 0x1, 0x0, 0x0, 0x2, 0xa}]}]}, 0x22c}, 0x1, 0x0, 0x0, 0x40080}, 0x2000010)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff42, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0xcd4d, 0x10100}, &(0x7f0000000100), &(0x7f0000000140))
move_pages(0x0, 0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r4, &(0x7f0000000180)=ANY=[], 0x118)
futex(&(0x7f0000000000), 0x8c, 0x1, 0x0, 0x0, 0x0)

13.244443388s ago: executing program 2 (id=4478):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00'})
syz_usb_connect(0x3, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000058d63740402010c09437000000010902120001000000000904f400001a8afe00"], 0x0)
bind$can_j1939(r0, 0x0, 0x0)
socket(0x200000100000011, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r3 = open(&(0x7f0000000080)='./file1\x00', 0x12b842, 0x0)
sendfile(r3, r2, 0x0, 0x80000000)
sendmsg$nl_xfrm(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2000c001}, 0xbd4d29f246c670f8)
bind$inet6(r2, &(0x7f000047b000)={0xa, 0x4e20, 0x0, @mcast2, 0x9}, 0x1c)
r4 = socket$rds(0x15, 0x5, 0x0)
sendfile(r2, r3, 0x0, 0x6)
bind$rds(r4, &(0x7f0000000840)={0x2, 0x1, @loopback}, 0x10)
listen(0xffffffffffffffff, 0x20000005)
r5 = socket$inet6(0xa, 0x6, 0x0)
r6 = landlock_create_ruleset(&(0x7f00000000c0)={0x0, 0x2, 0x3}, 0x11, 0x0)
landlock_restrict_self(r6, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
getpgrp(0x0)
connect$inet6(r5, &(0x7f0000000040)={0xa, 0x4e20, 0x6, @empty, 0x700}, 0x1c)
r7 = syz_open_dev$hiddev(&(0x7f0000000040), 0x6, 0x40)
read$hiddev(r7, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000800)
openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)

12.989145445s ago: executing program 1 (id=4479):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x9)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000080)={'ip6gre0\x00', &(0x7f0000000180)={'syztnl1\x00', 0x0, 0x2f, 0x4, 0x5, 0x0, 0x53, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2={0xff, 0x5}, 0x0, 0x8}})
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
r3 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000200)={0x0, 0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(r4, 0x0, r4)
keyctl$chown(0x4, r2, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000003240)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x15)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000002c0)=[0x0], &(0x7f00000010c0), 0x0, 0x1, 0x0, 0x0, r6})
r7 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
setrlimit(0xf, &(0x7f0000000100)={0x7, 0x81})
kexec_load(0x0, 0x1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x41000000}], 0x0)
syz_clone(0x4002000, &(0x7f0000000240)="a6392886ab8f24654f62edfebcc8b6a0b3f903a3f4e2934ec9f1488d4cd13432fa913f7c435187e020c7a03542b7aacb177c70c88cce2ab36fdfefa18d441f8b208e37ef3d1c", 0x46, &(0x7f0000000300), &(0x7f0000000340), &(0x7f0000000380)="0b9ef4d6b11bb3f9ba02ff7de3656e989f09d5c025d2a4")
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)={0x34, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x1}]}]}, 0x34}}, 0x0)
sendmsg$nl_generic(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c00018006000600800a000004050280000514"], 0x528}}, 0xc000)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bond0\x00'})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010003b15000800"/20, @ANYRES32=0x0, @ANYBLOB="0000000000b401002400128009000100697069700000000014000280060009000000"], 0x44}}, 0x0)

12.60965848s ago: executing program 6 (id=4482):
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0)
io_setup(0xffff, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000002180)='net/mcfilter\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r5 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r5, 0x5423, 0x0)
ioctl$sock_bt_hci(r4, 0x400448e0, &(0x7f00000003c0))
r6 = socket$inet_udp(0x2, 0x2, 0x0)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x149000, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r6, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_group_source_req(r6, 0x0, 0x2e, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
preadv(r0, &(0x7f0000000380)=[{&(0x7f0000000000)=""/8, 0x8}], 0x1, 0x5c, 0x2)

11.233688691s ago: executing program 6 (id=4484):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000400)={{0x12, 0x1, 0x250, 0xb5, 0x9b, 0xb8, 0x40, 0x7ca, 0xa807, 0x192c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x7, 0xa7, 0x30, 0x4, [{{0x9, 0x4, 0x3a, 0x8, 0x0, 0xcf, 0xda, 0x2a, 0xc7, [@hid_hid={0x9, 0x21, 0x4, 0x5c, 0x1, {0x22, 0x708}}]}}]}}]}}, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0})
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r1, @ANYBLOB="4dbb0b487fadbc2f712b26"], 0x14}}, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000180)={@loopback, 0x800, 0x1, 0xff, 0x1}, 0x20)
r3 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
r4 = dup(r3)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f00000001c0)={@private2, 0x800, 0x2, 0x5, 0x3, 0x3, 0x2}, 0x20)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{}, {}, {0x1}, {0x4000, 0x80}, {0x0, 0x0, 0x0, 0x420004}]})
r5 = socket$kcm(0xa, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000000000000003"], 0x48)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x890b, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x890c, &(0x7f0000000000))
r7 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$bt_BT_SECURITY(r7, 0x10e, 0x8, 0x0, 0x20000000)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
sendmsg$IPSET_CMD_SWAP(r6, &(0x7f0000000140)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c00000006060101000000000000000002c24eb971d64eb26100000005000100070000000900020073797a31000000000900030073"], 0x3c}, 0x1, 0x0, 0x0, 0x80c1}, 0x20000000)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000100)={'gre0\x00', &(0x7f0000000440)={'gretap0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x15, 0x4, 0x0, 0x2, 0x54, 0x67, 0x0, 0x0, 0x0, 0x0, @multicast1, @remote, {[@timestamp={0x44, 0x4, 0x76, 0x0, 0x9}, @rr={0x7, 0xb, 0xcd, [@broadcast, @broadcast]}, @timestamp_prespec={0x44, 0xc, 0x9c, 0x3, 0x8, [{@rand_addr=0x64010101, 0xfffffffc}]}, @noop, @timestamp_prespec={0x44, 0x24, 0x3b, 0x3, 0x4, [{@initdev={0xac, 0x1e, 0x0, 0x0}, 0x10001}, {@dev={0xac, 0x14, 0x14, 0x1e}, 0x8}, {@rand_addr=0x64010101, 0x9}, {@dev={0xac, 0x14, 0x14, 0x34}, 0x1000}]}]}}}}})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

10.58250678s ago: executing program 1 (id=4485):
pipe2$9p(&(0x7f0000001900), 0x0)
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[<r1=>0x0], &(0x7f0000000340)=[<r2=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r2, r1], 0x2})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000002c0)={0x1, 0x0, &(0x7f0000003340)=[0x0]})

10.454231334s ago: executing program 1 (id=4486):
syz_emit_ethernet(0x6e, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
r3 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r4 = add_key$keyring(0x0, &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r3, 0xffffffffffffffff, r4, 0x0)
ioctl$BLKRESETZONE(0xffffffffffffffff, 0x40101283, &(0x7f00000001c0)={0x4, 0x6})
r5 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(r5, 0x110, 0x3)
r6 = msgget$private(0x0, 0x70b)
msgctl$IPC_RMID(r6, 0x0)
socket$inet(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0xa, 0x4, 0x4, 0xc, 0x0, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x32}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0xf7fffffffffffffd)

10.194689997s ago: executing program 2 (id=4487):
sched_rr_get_interval(0x0, &(0x7f00000000c0))
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r0, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000240)="aefc00001a0025f01d85bc04fef7681d020b49ff708800008003280008021000ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r4, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000002c00)}}, {{0x0, 0x0, &(0x7f0000002f00)=[{&(0x7f0000000540)="679512f062b8d965651edd4c06c901784e56aa174403ad4134742b71d211c6a85d8bc563c27f754fc2af5351f2f41e867c71c19837f2feba7862e511a47c446cd11c960f018962a53f6cf31a1123ff8092c9ff560701bfc579fa80f9149acafe2a225fed70d9173f0243a55be3c4028da556cf126da9c1b9b8f8e11356", 0x7d}, {&(0x7f0000002d80)="15", 0x1}, {&(0x7f0000000280)="12c038be099f99539dba8c94fa00bc6518fb0ecece", 0x15}], 0x3}}, {{0x0, 0x0, &(0x7f0000000c00)}}, {{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)="bd217b883eff5b6e467f803c917dcbfcc0fdaf1deaff78e802f01faa15d1fc8b0b762ae7e8bcd6af4848c6960c1b42f34f57277f1c4f04116a58ac8c2c5a9675ef96", 0x42}], 0x1}}], 0x4, 0xf000080)
syz_usb_connect(0x0, 0x4f, &(0x7f0000000080)=ANY=[@ANYBLOB="120100003bd387404c05c306ad3c0102030109023d0001000000000904640003153f6400090504"], 0x0)
setsockopt$sock_int(r4, 0x1, 0x3, &(0x7f0000000000)=0x7fffffff, 0x4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5543, 0x64, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)

8.622394563s ago: executing program 1 (id=4490):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000180)={{0x7}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x2, 0x5, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffdeffc]})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
r6 = dup(0xffffffffffffffff)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
setsockopt$TIPC_IMPORTANCE(r6, 0x10f, 0x7f, &(0x7f00000006c0)=0x7, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000007000800612200000200000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\b\x00'/22], 0x50)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r7, &(0x7f0000000000), &(0x7f0000000080)=@tcp6}, 0x20)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
mq_open(&(0x7f00005a1ffb)='e\xeeQ\x92o', 0x42, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pselect6(0x40, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f00000001c0)={0xff, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x3e36, 0x200000000000, 0x3}, 0x0, 0x0)
waitid$P_PIDFD(0x3, r1, 0x0, 0x4, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)

7.942709092s ago: executing program 4 (id=4491):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000180)={{0x7}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x2, 0x5, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffdeffc]})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
r6 = dup(0xffffffffffffffff)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
setsockopt$TIPC_IMPORTANCE(r6, 0x10f, 0x7f, &(0x7f00000006c0)=0x7, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000007000800612200000200000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\b\x00'/22], 0x50)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r7, &(0x7f0000000000), &(0x7f0000000080)=@tcp6}, 0x20)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
mq_open(&(0x7f00005a1ffb)='e\xeeQ\x92o', 0x42, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pselect6(0x40, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f00000001c0)={0xff, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x3e36, 0x200000000000, 0x3}, 0x0, 0x0)
waitid$P_PIDFD(0x3, r1, 0x0, 0x4, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)

7.660698228s ago: executing program 3 (id=4493):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002c40), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x30, 0x0, 0x1, 0x70bd27, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HT_OPMODE={0x6, 0x16, 0x8}, @NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x1}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000002c80)=<r6=>0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000002d80)={&(0x7f0000002c00)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000002d40)={&(0x7f0000002cc0)={0x44, r2, 0x800, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x4a}, @val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x79}, @NL80211_ATTR_PID={0x8, 0x52, r5}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x71}, @NL80211_ATTR_PID={0x8, 0x52, r6}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x10)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x2, 0x0, 0x4}}, 0x2e)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0x1, @mcast2, 0x9}, 0x1c)
socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r7, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e5804", '\x00', "fffffffffffffffd"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
writev(r7, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

6.733265693s ago: executing program 4 (id=4494):
r0 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x6}}}, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000680)={'batadv0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x1, 0x3, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x4, 0x2}, {0x10, 0x7}}}, 0x24}, 0x1, 0x0, 0x0, 0x40c0}, 0x4000004)
sched_setaffinity(0x0, 0x3a, &(0x7f0000000240)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x2}}}}}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000002e40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [{0x0, 0x2, "122b472e41e24b11f34b608816e5"}]}}}}}}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000002e40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x28, 0x3a, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [{0x0, 0x2, "122b472e41e24b11f34b608816e5"}]}}}}}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/14, @ANYRES32, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa20000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x20000000, @void, @value}, 0x94)
writev(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_SET(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010028bd7000fbdbdf2505000000200001800d0001007564703a73797a3200"], 0x34}, 0x1, 0x0, 0x0, 0x40404}, 0x100)

6.28738656s ago: executing program 6 (id=4495):
socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={0x0}}, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0xd8}}, 0x0)
sched_setaffinity(0x0, 0xfffffe60, &(0x7f00000002c0)=0x400001000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOMMU_VFIO_IOAS$GET(0xffffffffffffffff, 0x3b88, &(0x7f0000000080)={0xc, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r1, 0x3b85, &(0x7f0000000200)={0x28, 0x0, r2, 0x0, &(0x7f0000952000/0x1000)=nil, 0x1000, 0x8})
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0a000000020000000200"], 0x2d)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
socket$unix(0x1, 0x1, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r5, &(0x7f0000000000)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "0f03c8c7e8da000000000000ffffff017f000000cce67e1d0000e565aa9a9d32c7627ffe7a54cdbd77b3000000000000000000060000000000000000deff00", 0x1b}, 0x60)
getsockopt$nfc_llcp(r5, 0x118, 0x0, &(0x7f0000000140)=""/192, 0x20000057)

6.225666048s ago: executing program 2 (id=4496):
pipe2$9p(&(0x7f0000001900), 0x0)
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[<r1=>0x0], &(0x7f0000000340)=[<r2=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r2, r1], 0x2})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r0, 0xc01064c7, &(0x7f00000002c0)={0x1, 0x0, &(0x7f0000003340)=[0x0]})

6.166469202s ago: executing program 3 (id=4497):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)="711f04800000000000000c55f5", 0xd}}, 0x84)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000002c80)=0x2040, 0x4)
recvmmsg(r0, &(0x7f0000002e40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40012140, 0x0) (fail_nth: 8)

5.701382525s ago: executing program 2 (id=4498):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
open(0x0, 0x10b942, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004000001080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYRES32=0x0, @ANYRES16, @ANYRES8=r1, @ANYRES64=r3, @ANYRES8, @ANYRES32=r0, @ANYRESHEX=r4], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r6}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x18, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRESOCT=0x0, @ANYRES64=r5], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_DEFER_SETUP(r7, 0x112, 0x7, 0x0, &(0x7f00000000c0))
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r8, &(0x7f0000000100)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r9 = socket$inet6(0x10, 0x2, 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r8, 0x6, 0xd, &(0x7f0000000180)='dctcp\x00', 0xe)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendto$inet6(r9, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784004000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(0x0)
accept$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000100)={"e58b0f5f9483b6623103130250df2c17", 0x0, 0x0, {0xfffffffffffffffa, 0xf}, {0x2, 0x9}, 0xf, [0x3ff, 0x5, 0x0, 0x7, 0xc15, 0x7, 0xdca, 0x7470, 0xc8df, 0x5, 0x2, 0x40, 0x8e, 0xff, 0x5, 0x4]})

5.532681277s ago: executing program 1 (id=4499):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x9, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x2, 0x6, 0xf9, 0x7, 0x2, 0x0, 0x0, 0x25dfdbff}, 0x10}}, 0x4004000)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
sendfile(0xffffffffffffffff, r4, 0x0, 0xfacf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
r5 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000340)='source', &(0x7f0000000740)='//\xf2b\x06\b\xba\xdfXo\xdc\xea\x95/\x82\x10\x97W\x8f7\x98\x9b/Q9\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\\\x14///\xff\xea\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o\xe5\xa8Q\xc9\xe75Q\xea\xd8\xa2=F\x9b\x8f\x8d\xfc\' {e\x949X\xda\xe8H\x1a\x85\xd7%\x93?w}\xfb\xd9t\xea\xbb\xbe\x9b\\\xd7\xd7\xd4\xe2\xd6c(`(r\xd2\xb1G\xe3\xda&\xca\xaa\xba\v\xc5\xa3H\xb1\x11G\xab\xa2\x1f\xa0\xc3\xd9\xcd\xfb\x1a,\x13S\xf1\xfe\xe5F\xf4\xfb\xc8|\x89\x0fNq\x97J\xb9J\x88S\xc5\xb8\x12\x93\xbe\xb9b\xc7\xbc\x03\x03.E\xab\x82\x1c\xbc1\x9d\x14\xfa\x1f\xdd\x1e*\x03`\x91\xe8x\x0f\x05\x1e\xf5\xbfNo\xd4\x0f]S\x85\x89@\xa9f\x05\xfe\x9fkM\xa5\xf6\xc2\x04\xbf\xc7', 0x0)

4.673260667s ago: executing program 6 (id=4500):
r0 = socket$kcm(0x21, 0x2, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x7, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x9c0d0000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
socket$packet(0x11, 0x2, 0x300)
openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180)={0x0, 0x108, 0x2}, 0x18)
r4 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r4, &(0x7f0000000040)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0202}}}, 0x14)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r5 = add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000200)={r5, r5, r5}, &(0x7f0000000040)=""/217, 0xd9, 0x0)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001f00010000000000fddbdf25010100800c0001000300000000000000140003002001000000000000000000000000000050bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ee22dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe810100000001000000ab9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd000000"], 0x114}], 0x1}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[], 0x10b8}, 0x0)
socket$kcm(0x21, 0x2, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000001c80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x8}, @union={0x0, 0x1, 0x0, 0x5, 0x0, 0x0, [{0x0, 0x1}]}]}}, 0x0, 0x42, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x20)
pipe2$watch_queue(&(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x80)
tee(r8, r7, 0x8, 0xc)
sendmsg$kcm(r8, &(0x7f0000000080)={&(0x7f0000000100)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @remote}}, 0x80, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYRESDEC=r0], 0x18}, 0x0)

4.671457465s ago: executing program 2 (id=4501):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
sendmsg$tipc(r4, &(0x7f00000001c0)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x2, {0x2, 0x1, 0x4}}, 0x10, &(0x7f0000000180)=[{0x0}], 0x1, &(0x7f0000001280), 0x0, 0x404009c}, 0x4000)
getpeername$packet(r4, 0x0, &(0x7f00000002c0))
bpf$MAP_CREATE(0x0, 0x0, 0x0)
setsockopt$packet_fanout(r1, 0x107, 0x12, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
r5 = syz_io_uring_setup(0xd2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r5, 0x47ba, 0x0, 0x0, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000003cc0), 0x0, 0x0)

4.670917573s ago: executing program 3 (id=4502):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1, 0x8000000}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb01001800b64f84bb5369d500000001000018000000180180000000000000000000010000050000ab7d9355083996397196dc7500000000"], &(0x7f00000001c0)=""/2, 0x32, 0x2, 0x1, 0x0, 0x0, @void, @value}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x2)
write$UHID_INPUT(r3, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e24, 0xd, @loopback, 0x6}, 0x1c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x25dfdbff, {0x60, 0x0, 0x0, 0x0, {}, {0xfff3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x18, 0x2, [@TCA_CAKE_BASE_RATE64={0xc, 0x2, 0x7}, @TCA_CAKE_ACK_FILTER={0x8, 0x10, 0x1}]}}]}, 0x48}}, 0x0)
r4 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180), 0xab80, 0x0)
ioctl$SNDCTL_FM_4OP_ENABLE(r5, 0x4004510f, &(0x7f0000000300)=0x1506)
syz_emit_vhci(&(0x7f0000000180)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x4}, @HCI_OP_WRITE_SC_SUPPORT={{0x7}, 0x5}}}, 0x7)
socket$packet(0x11, 0x2, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

4.633022488s ago: executing program 4 (id=4503):
syz_init_net_socket$ax25(0x3, 0x2, 0xcb)
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x200002, 0x0)
fcntl$setlease(r4, 0x403, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ipvlan1\x00', <r5=>0x0})
syz_open_dev$usbfs(&(0x7f00000001c0), 0x2, 0x6a000)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@private2, 0x0, r5})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000580)=ANY=[@ANYBLOB="6c0000001000390400"/20, @ANYRES32=r5, @ANYBLOB="01"], 0x6c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000006c0)={0x5, @raw_data="ce328998e3fe09288062344015bc6722b78679debe5b49f701e51f7ebc42d207d3985a0831d666b3a16461ff5f02000000ffb10857f49434643d5e5919e9db1179d37a06a6482b2200b95d0ce8d3a190bb46ddce82ca8dc56015c70c897f4230102a15678cd35e6bfda07e0faa6b224cd45a73ebcb9c9d17a770cd88ae5ba0a8926e42a8c324837feb9fd5ccca2eea75dcf5a5a5f255101984505406276d851b6807499ad90f7624e1b00f2be3421d6165c589648bf1ea93b9047ec560a17caf29d1605100"})
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000240)=0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000200)='./bus/file0\x00', 0x0)
mount(&(0x7f0000000040)=@filename='./bus/file0\x00', &(0x7f0000000480)='./file0/../file0\x00', 0x0, 0x3000, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000000)={0x280000, "421a05120f000009001505003ab4c90100cc026411ec941ebfdd3700"})
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"e50d1af80100007ea25edd00ff000000080000f6907ff16b7e00"})
epoll_create1(0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
readv(r6, &(0x7f00000001c0)=[{0x0}], 0x1)
ioctl$TCSETS(r6, 0x5402, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r7 = socket$inet(0x2, 0x4000000000000001, 0xfffffffc)
setsockopt$inet_int(r7, 0x0, 0x32, 0x0, 0x0)

4.274827809s ago: executing program 4 (id=4504):
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0)

3.289754746s ago: executing program 4 (id=4505):
syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000feffefff8900000008000300", @ANYRES32=r2, @ANYBLOB="14231d800c00008006000500520000000000589d7c0080"], 0x30}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
socket(0x1d, 0x2, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000002100)=ANY=[@ANYBLOB="b0000000000000001659ec0889419429aa5db97288b0f8a87ea8e66d9a8b"], 0xb0)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB="10"], 0x10)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="a8"], 0xa8)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
write$FUSE_ENTRY(0xffffffffffffffff, &(0x7f0000000440)={0x90}, 0x90)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {}, 0x2c, {[{@posixacl}]}})

2.449098753s ago: executing program 3 (id=4506):
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000000300)={0x2, 0x4e23, @local}, 0x10)
r5 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r5, 0x40045542, &(0x7f0000000100)=0x200009)
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0)
io_setup(0x8, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000440)=[&(0x7f0000000140)={0x0, 0x0, 0x2000, 0x7, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0, 0x5}])
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)
sendto$inet(r4, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000040)=@FILEID_BTRFS_WITH_PARENT={0x28, 0x4e, {0x3, 0x7, 0x0, 0x6, 0x9, 0x101}}, 0x82800)
pwritev2(r0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

2.366093519s ago: executing program 6 (id=4507):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000400000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000044000500000000000000000000000000000000000000000033"], 0xfc}}, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002c40), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x30, 0x0, 0x1, 0x70bd27, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HT_OPMODE={0x6, 0x16, 0x8}, @NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x1}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000002c80)=<r6=>0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000002d80)={&(0x7f0000002c00)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000002d40)={&(0x7f0000002cc0)={0x44, r2, 0x800, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8, 0x1, 0x4a}, @val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x79}, @NL80211_ATTR_PID={0x8, 0x52, r5}, @NL80211_ATTR_WIPHY={0x8, 0x1, 0x71}, @NL80211_ATTR_PID={0x8, 0x52, r6}]}, 0x44}, 0x1, 0x0, 0x0, 0x4}, 0x10)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x2, 0x0, 0x4}}, 0x2e)
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x4e24, 0x1, @mcast2, 0x9}, 0x1c)
socket$pppl2tp(0x18, 0x1, 0x1)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r7, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e5804", '\x00', "fffffffffffffffd"}, 0x38)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r7, 0x6, 0x14, &(0x7f0000000040)=0x2, 0x4)
writev(r7, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)

1.369888958s ago: executing program 3 (id=4508):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000003c0)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r2, 0x40806685, &(0x7f00000000c0)={0x1, 0x3, 0x1000, 0x12, &(0x7f0000000040)="13760989bad5d9b8ca0fc8796caa950f48fb", 0x25, 0x0, &(0x7f0000000080)="ae28a3988e85210ac5a713cbfd25bf7a22d3a02176fc78ffc935f3147f943b0ecf19514a1b"})
getsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x107, 0x15, 0x0, 0x20000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x1, 0x100000000000000, &(0x7f0000000200)="ee"})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000640)={0x20, 0x0, &(0x7f0000000e00)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
r5 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendmmsg$inet6(r6, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x5dc, @ipv4={'\x00', '\xff\xff', @multicast1=0xe0000010}}, 0x1c, 0x0}}], 0x6c00, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x0, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x4}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x80000}}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x6}}}}]}]}, 0x70}}, 0x20040000)
syz_open_procfs(0x0, &(0x7f0000000100)='stack\x00')
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00'})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/kexec_loaded', 0x0, 0x0)
socket$inet(0x2, 0xa, 0x1)
socket$nl_route(0x10, 0x3, 0x0)

1.23155377s ago: executing program 4 (id=4509):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000180)={{0x7}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x2, 0x5, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, 0x3, 0x3, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffdeffc]})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
r6 = dup(0xffffffffffffffff)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
setsockopt$TIPC_IMPORTANCE(r6, 0x10f, 0x7f, &(0x7f00000006c0)=0x7, 0x4)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000007000800612200000200000000000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\b\x00'/22], 0x50)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r7, &(0x7f0000000000), &(0x7f0000000080)=@tcp6}, 0x20)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
mq_open(&(0x7f00005a1ffb)='e\xeeQ\x92o', 0x42, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
pselect6(0x40, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, &(0x7f00000001c0)={0xff, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x3e36, 0x200000000000, 0x3}, 0x0, 0x0)
waitid$P_PIDFD(0x3, r1, 0x0, 0x4, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)

211.466748ms ago: executing program 6 (id=4510):
r0 = socket$key(0xf, 0x3, 0x2)
clock_gettime(0x0, &(0x7f00000019c0)={<r1=>0x0, <r2=>0x0})
recvmmsg(r0, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000000080)=""/176, 0xb0}, {&(0x7f00000001c0)=""/190, 0xbe}, {&(0x7f0000000280)=""/28, 0x1c}, {&(0x7f00000002c0)=""/26, 0x1a}, {&(0x7f0000000300)=""/250, 0xfa}, {&(0x7f0000000580)=""/101, 0x65}, {&(0x7f0000000600)=""/227, 0xe3}, {&(0x7f0000000800)=""/4096, 0x1000}, {&(0x7f0000000700)=""/100, 0x64}, {&(0x7f0000000400)=""/21, 0x15}], 0xa, &(0x7f00000018c0)=""/213, 0xd5}, 0x2}], 0x1, 0x40, &(0x7f0000001a00)={r1, r2+10000000})
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
close(r3)
r4 = timerfd_create(0x0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])
timerfd_settime(r4, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xb, 0x8000000})
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_OPENQRY(r7, 0x5600, &(0x7f0000000000))

209.620495ms ago: executing program 2 (id=4511):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = io_uring_setup(0x17b9, &(0x7f00000004c0))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r4, 0x11, 0x0, 0x2)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000240)=[@mss, @sack_perm, @timestamp, @mss={0x2, 0x1}, @window, @window={0x3, 0x0, 0xfffc}, @timestamp], 0x7)
r5 = openat$drirender128(0xffffffffffffff9c, &(0x7f00000000c0), 0x101, 0x0)
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETENCODER(r5, 0xc01464a6, &(0x7f0000000280))
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, [<r7=>0x0], [], [0x0, 0x0, 0x3]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000080)={r7})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f0000000100)={r7})
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='nv\x00', 0x3)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0xc7)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

0s ago: executing program 3 (id=4512):
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0xb, 0x4, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast=0xac14140a, @multicast1}, "040088be00000000"}}}}}, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000140)={0x0, &(0x7f0000000280)}, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000009003940422c021664da010203010902120001000000040904"], 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000440)={0xd, @win={{0x4, 0x2, 0x15, 0x7}, 0x7, 0x147, 0x0, 0x2, 0x0}})
pipe2$9p(&(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
quotactl_fd$Q_SYNC(r1, 0xffffffff80000101, 0x0, 0x0)
ioctl$sock_SIOCSIFBR(r3, 0x890c, 0x0)
r4 = geteuid()
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x100480, &(0x7f0000000300)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3dd6a4e153f8a6f522601532bdcb6dd8d36ec2949af82a993a82b8a5a88e911d24ccc04bdfc958992f4c1f4fd0037cb5cc8cecff0f0000000000006bb5b72c7e8bfc857367aaf3f4b4631b7375110dc08d1d8f68228b1b6835095c7888db95cd0ed2da126fb6ead7a485895aca2ccd1589661767667cb8a70100000000000000aa2b38b9462b5d1434e63850e284f24714ef368f055100fd0cf6720716557f5b00c885e068bb6b02077f8a8015a101c68ec90474d8ddeb095a", @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3, @ANYBLOB=',cache=readahead,obj_user=)&\\):})(*\\/,fowner=', @ANYRESDEC=r4, @ANYBLOB=',audit,\x00'])

kernel console output (not intermixed with test programs):

 1531.185561][    T8] usb 4-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38
[ 1531.196578][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1531.208041][    T8] usb 4-1: Product: syz
[ 1531.212211][    T8] usb 4-1: Manufacturer: syz
[ 1531.579035][    T8] usb 4-1: SerialNumber: syz
[ 1531.598218][    T8] usb 4-1: config 0 descriptor??
[ 1531.614149][ T5869] usb 7-1: USB disconnect, device number 32
[ 1531.643706][   T29] audit: type=1400 audit(2000000086.894:1382): avc:  denied  { setopt } for  pid=21677 comm="syz.2.3865" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1532.240246][T21678] netlink: 2300 bytes leftover after parsing attributes in process `syz.2.3865'.
[ 1532.250888][T21678] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3865'.
[ 1532.261212][T21678] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1532.298921][    T8] usb 4-1: USB disconnect, device number 106
[ 1532.535555][   T29] audit: type=1400 audit(2000000087.824:1383): avc:  denied  { read } for  pid=21685 comm="syz.6.3867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 1534.307519][T21703] FAULT_INJECTION: forcing a failure.
[ 1534.307519][T21703] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1534.354467][T21703] CPU: 0 UID: 0 PID: 21703 Comm: syz.1.3874 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1534.365277][T21703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1534.375338][T21703] Call Trace:
[ 1534.378614][T21703]  <TASK>
[ 1534.381542][T21703]  dump_stack_lvl+0x16c/0x1f0
[ 1534.386206][T21703]  should_fail_ex+0x497/0x5b0
[ 1534.390873][T21703]  _copy_to_user+0x32/0xd0
[ 1534.395289][T21703]  simple_read_from_buffer+0xd0/0x160
[ 1534.400672][T21703]  proc_fail_nth_read+0x198/0x270
[ 1534.405686][T21703]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1534.411224][T21703]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1534.416764][T21703]  vfs_read+0x1df/0xbe0
[ 1534.420912][T21703]  ? __pfx___mutex_lock+0x10/0x10
[ 1534.426441][T21703]  ? __pfx_vfs_read+0x10/0x10
[ 1534.431108][T21703]  ? fdget_pos+0x237/0x390
[ 1534.435552][T21703]  ksys_read+0x12b/0x250
[ 1534.439784][T21703]  ? __pfx_ksys_read+0x10/0x10
[ 1534.444542][T21703]  do_syscall_64+0xcd/0x250
[ 1534.449067][T21703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1534.454946][T21703] RIP: 0033:0x7f8538f7e92c
[ 1534.459347][T21703] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1534.478941][T21703] RSP: 002b:00007f8539d65050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1534.487343][T21703] RAX: ffffffffffffffda RBX: 00007f8539145fa0 RCX: 00007f8538f7e92c
[ 1534.495298][T21703] RDX: 000000000000000f RSI: 00007f8539d650b0 RDI: 0000000000000004
[ 1534.503258][T21703] RBP: 00007f8539d650a0 R08: 0000000000000000 R09: 0000000000000000
[ 1534.511214][T21703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1534.519169][T21703] R13: 0000000000000000 R14: 00007f8539145fa0 R15: 00007ffc80184af8
[ 1534.527133][T21703]  </TASK>
[ 1535.388053][ T5133] Bluetooth: hci2: unexpected event for opcode 0x0c7a
[ 1536.245085][   T29] audit: type=1400 audit(2000000091.535:1384): avc:  denied  { read } for  pid=21729 comm="syz.1.3880" path="socket:[68283]" dev="sockfs" ino=68283 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1536.268491][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1536.476817][ T5869] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1537.528299][ T5869] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1537.659052][ T5869] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1537.755244][ T5869] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1537.765928][ T5869] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1537.899394][T21730] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1538.050124][ T5869] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1539.285542][ T5133] Bluetooth: hci1: unexpected event for opcode 0x0c7a
[ 1540.617367][ T5869] usb 3-1: USB disconnect, device number 105
[ 1541.248125][ T5869] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[ 1541.712120][ T5869] usb 3-1: config 0 has an invalid interface number: 100 but max is 0
[ 1541.721813][ T5869] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1542.183994][ T5869] usb 3-1: config 0 has no interface number 0
[ 1542.223089][T21773] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[ 1542.234135][T21773] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[ 1542.244985][T21773] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[ 1542.253065][ T5869] usb 3-1: config 0 interface 100 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1542.257257][T21773] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[ 1542.277844][T21773] geneve2: entered promiscuous mode
[ 1542.283266][T21773] geneve2: entered allmulticast mode
[ 1542.347145][ T5869] usb 3-1: config 0 interface 100 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1542.441151][T21785] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3894'.
[ 1542.488220][ T5869] usb 3-1: string descriptor 0 read error: -71
[ 1542.495077][ T5869] usb 3-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=3c.ad
[ 1542.504942][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1542.526842][ T5869] usb 3-1: config 0 descriptor??
[ 1542.542288][ T5869] usb 3-1: can't set config #0, error -71
[ 1542.555009][ T5869] usb 3-1: USB disconnect, device number 106
[ 1543.097769][   T29] audit: type=1400 audit(2000000000.090:1385): avc:  denied  { connect } for  pid=21790 comm="syz.4.3897" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1543.177319][ T5869] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[ 1543.389555][ T5869] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1543.409884][ T5869] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1543.442344][ T5869] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1543.451584][ T5869] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1543.462535][T21788] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1543.472782][ T5869] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1543.627170][T21805] binder: 21802:21805 ioctl 4018620d 0 returned -22
[ 1544.809487][    T8] usb 3-1: USB disconnect, device number 107
[ 1544.896363][   T29] audit: type=1400 audit(2000000001.910:1386): avc:  denied  { read } for  pid=21812 comm="syz.4.3902" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1546.062173][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1547.533536][T21836] FAULT_INJECTION: forcing a failure.
[ 1547.533536][T21836] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1547.628717][T21836] CPU: 0 UID: 0 PID: 21836 Comm: syz.6.3905 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1547.639524][T21836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1547.649583][T21836] Call Trace:
[ 1547.652870][T21836]  <TASK>
[ 1547.655811][T21836]  dump_stack_lvl+0x16c/0x1f0
[ 1547.660503][T21836]  should_fail_ex+0x497/0x5b0
[ 1547.665182][T21836]  _copy_from_user+0x2e/0xd0
[ 1547.669793][T21836]  kvm_vm_ioctl+0x735/0x3df0
[ 1547.674438][T21836]  ? security_file_ioctl+0x9b/0x240
[ 1547.679671][T21836]  ? do_syscall_64+0xcd/0x250
[ 1547.684433][T21836]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1547.690492][T21836]  ? hlock_class+0x4e/0x130
[ 1547.694985][T21836]  ? mark_lock+0xb5/0xc60
[ 1547.699303][T21836]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1547.704329][T21836]  ? __pfx_mark_lock+0x10/0x10
[ 1547.709090][T21836]  ? find_held_lock+0x2d/0x110
[ 1547.713842][T21836]  ? tomoyo_path_number_perm+0x298/0x590
[ 1547.719463][T21836]  ? __pfx_lock_release+0x10/0x10
[ 1547.724474][T21836]  ? tomoyo_path_number_perm+0x46d/0x590
[ 1547.730097][T21836]  ? tomoyo_path_number_perm+0x190/0x590
[ 1547.735712][T21836]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1547.741670][T21836]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1547.747550][T21836]  ? do_vfs_ioctl+0x513/0x1990
[ 1547.752300][T21836]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1547.757313][T21836]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[ 1547.763801][T21836]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1547.770634][T21836]  ? __pfx_lock_release+0x10/0x10
[ 1547.775648][T21836]  ? selinux_file_ioctl+0x180/0x270
[ 1547.780827][T21836]  ? selinux_file_ioctl+0xb4/0x270
[ 1547.785926][T21836]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[ 1547.790934][T21836]  __x64_sys_ioctl+0x190/0x200
[ 1547.795683][T21836]  do_syscall_64+0xcd/0x250
[ 1547.800169][T21836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1547.806093][T21836] RIP: 0033:0x7f4d0637ff19
[ 1547.810508][T21836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1547.830096][T21836] RSP: 002b:00007f4d07101058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1547.838488][T21836] RAX: ffffffffffffffda RBX: 00007f4d06546080 RCX: 00007f4d0637ff19
[ 1547.846437][T21836] RDX: 0000000020000000 RSI: 000000004020aed2 RDI: 0000000000000004
[ 1547.854387][T21836] RBP: 00007f4d071010a0 R08: 0000000000000000 R09: 0000000000000000
[ 1547.862337][T21836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1547.870284][T21836] R13: 0000000000000000 R14: 00007f4d06546080 R15: 00007fff0d390a58
[ 1547.878242][T21836]  </TASK>
[ 1550.874480][T21868] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3913'.
[ 1552.361467][   T29] audit: type=1400 audit(2000000000.940:1387): avc:  denied  { ioctl } for  pid=21888 comm="syz.4.3919" path="socket:[69401]" dev="sockfs" ino=69401 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 1552.487144][   T29] audit: type=1400 audit(2000000001.040:1388): avc:  denied  { setopt } for  pid=21889 comm="syz.2.3921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1555.196848][T13127] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[ 1555.485813][T13127] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1555.566326][T13127] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1555.664112][T21897] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1555.672204][T21897] IPv6: NLM_F_CREATE should be set when creating new route
[ 1555.772425][T13127] usb 5-1: config 0 descriptor??
[ 1555.895387][T13127] cp210x 5-1:0.0: cp210x converter detected
[ 1557.007750][T21912] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1557.016506][T21912] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1557.029253][T13127] cp210x 5-1:0.0: failed to get vendor val 0x370b size 1: -121
[ 1557.038103][T13127] cp210x 5-1:0.0: querying part number failed
[ 1557.080253][T13127] usb 5-1: cp210x converter now attached to ttyUSB0
[ 1558.571683][T21952] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3937'.
[ 1560.394055][ T5869] usb 5-1: USB disconnect, device number 101
[ 1560.419367][ T5869] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1560.427672][ T5869] cp210x 5-1:0.0: device disconnected
[ 1563.775697][T22018] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3954'.
[ 1563.785674][   T29] audit: type=1400 audit(2000000012.350:1389): avc:  denied  { unmount } for  pid=17654 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 1564.787355][T22032] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3959'.
[ 1565.016032][ T5872] usb 5-1: new low-speed USB device number 102 using dummy_hcd
[ 1565.207874][ T5872] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 1565.219885][ T5872] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1565.267260][ T5872] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1565.289779][T22000] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1565.312373][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1565.393608][T22005] netlink: 'syz.1.3949': attribute type 9 has an invalid length.
[ 1565.434736][T22005] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3949'.
[ 1565.999119][ T5872] usb 5-1: string descriptor 0 read error: -71
[ 1566.005587][ T5872] hub 5-1:32.0: USB hub found
[ 1566.014523][ T5872] hub 5-1:32.0: config failed, can't read hub descriptor (err -22)
[ 1566.067206][ T5872] usb 5-1: USB disconnect, device number 102
[ 1567.188800][T22053] binder: 22048:22053 ioctl 4018620d 0 returned -22
[ 1568.049410][T22060] ax25_connect(): syz.4.3966 uses autobind, please contact jreuter@yaina.de
[ 1570.595952][T22075] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1570.606723][T22075] netlink: 'syz.4.3968': attribute type 9 has an invalid length.
[ 1570.614502][T22075] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3968'.
[ 1571.171055][ T5869] usb 7-1: new high-speed USB device number 33 using dummy_hcd
[ 1572.638495][   T29] audit: type=1400 audit(2000000021.221:1390): avc:  denied  { ioctl } for  pid=22091 comm="syz.3.3978" path="socket:[70927]" dev="sockfs" ino=70927 ioctlcmd=0x7436 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 1576.702850][T22108] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1577.120797][T22135] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3987'.
[ 1577.184538][T22108] netlink: 'syz.6.3979': attribute type 9 has an invalid length.
[ 1577.670182][T22108] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3979'.
[ 1579.597635][T22161] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1585.624964][   T29] audit: type=1400 audit(2000000000.850:1391): avc:  denied  { bind } for  pid=22209 comm="syz.4.4009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1585.694917][   T29] audit: type=1400 audit(2000000000.850:1392): avc:  denied  { bind } for  pid=22209 comm="syz.4.4009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1585.945197][   T29] audit: type=1400 audit(2000000000.850:1393): avc:  denied  { name_bind } for  pid=22209 comm="syz.4.4009" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[ 1586.735487][   T29] audit: type=1400 audit(2000000000.850:1394): avc:  denied  { node_bind } for  pid=22209 comm="syz.4.4009" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[ 1586.763471][   T29] audit: type=1400 audit(2000000000.850:1395): avc:  denied  { write } for  pid=22209 comm="syz.4.4009" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1587.560408][   T29] audit: type=1400 audit(2000000002.930:1396): avc:  denied  { write } for  pid=22225 comm="syz.4.4013" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1587.580576][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1589.111295][ T5133] Bluetooth: hci2: unexpected event for opcode 0x0c7a
[ 1590.594596][   T29] audit: type=1400 audit(2000000005.950:1397): avc:  denied  { map } for  pid=22259 comm="syz.4.4023" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1590.618157][   T29] audit: type=1400 audit(2000000005.950:1398): avc:  denied  { execute } for  pid=22259 comm="syz.4.4023" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1591.875758][T22275] binder: 22271:22275 ioctl 4018620d 0 returned -22
[ 1594.604522][    T8] usb 7-1: new high-speed USB device number 34 using dummy_hcd
[ 1594.766458][    T8] usb 7-1: config 0 has an invalid interface number: 100 but max is 0
[ 1594.954993][T22306] binder: 22298:22306 ioctl 4018620d 0 returned -22
[ 1594.978421][    T8] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1595.731428][    T8] usb 7-1: config 0 has no interface number 0
[ 1595.737880][    T8] usb 7-1: config 0 interface 100 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1595.747951][    T8] usb 7-1: config 0 interface 100 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1596.143569][    T8] usb 7-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=3c.ad
[ 1596.156390][    T8] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1596.179026][    T8] usb 7-1: Product: syz
[ 1596.183217][    T8] usb 7-1: Manufacturer: syz
[ 1596.187898][    T8] usb 7-1: SerialNumber: syz
[ 1596.196273][    T8] usb 7-1: config 0 descriptor??
[ 1596.207174][    T8] port100 7-1:0.100: NFC: Could not find bulk-in or bulk-out endpoint
[ 1596.456471][T22290] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1596.465079][T22290] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1596.537640][ T5872] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1596.593906][T22320] ax25_connect(): syz.4.4035 uses autobind, please contact jreuter@yaina.de
[ 1596.987932][ T5872] usb 3-1: config 0 has an invalid interface number: 244 but max is 0
[ 1596.999264][ T5872] usb 3-1: config 0 has no interface number 0
[ 1597.005548][ T5872] usb 3-1: New USB device found, idVendor=2040, idProduct=c010, bcdDevice=37.94
[ 1597.017493][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1597.039193][ T5872] usb 3-1: config 0 descriptor??
[ 1597.100977][ T5872] smsusb:smsusb_probe: board id=8, interface number 244
[ 1598.229601][T22233] usb 7-1: USB disconnect, device number 34
[ 1599.508459][   T29] audit: type=1400 audit(2000000014.880:1399): avc:  denied  { nlmsg_write } for  pid=22354 comm="syz.3.4045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 1599.531639][T22356] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4045'.
[ 1599.626526][ T5883] usb 3-1: USB disconnect, device number 108
[ 1599.831897][T22363] binder: 22360:22363 ioctl 4018620d 0 returned -22
[ 1601.879390][   T29] audit: type=1400 audit(2000000017.240:1400): avc:  denied  { bind } for  pid=22370 comm="syz.3.4050" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[ 1601.976495][   T29] audit: type=1400 audit(2000000017.320:1401): avc:  denied  { ioctl } for  pid=22382 comm="syz.1.4052" path="/dev/input/mice" dev="devtmpfs" ino=916 ioctlcmd=0xae79 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[ 1602.353981][ T5883] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[ 1602.645951][ T5883] usb 5-1: config 0 has an invalid interface number: 100 but max is 0
[ 1602.669829][ T5883] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1602.691173][ T5883] usb 5-1: config 0 has no interface number 0
[ 1602.710253][ T5883] usb 5-1: config 0 interface 100 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1602.734076][ T5883] usb 5-1: config 0 interface 100 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1602.753454][ T5883] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=3c.ad
[ 1602.857003][ T5883] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1602.903430][ T5883] usb 5-1: Product: syz
[ 1602.929796][ T5883] usb 5-1: Manufacturer: syz
[ 1602.955574][ T5883] usb 5-1: SerialNumber: syz
[ 1603.057008][ T5883] usb 5-1: config 0 descriptor??
[ 1603.082430][ T5883] port100 5-1:0.100: NFC: Could not find bulk-in or bulk-out endpoint
[ 1603.372067][T22389] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1603.380888][T22389] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1603.486192][T22407] ax25_connect(): syz.3.4058 uses autobind, please contact jreuter@yaina.de
[ 1604.311710][ T5133] Bluetooth: hci4: command 0x0406 tx timeout
[ 1605.253817][T22418] binder: 22412:22418 ioctl 4018620d 0 returned -22
[ 1605.623128][T22233] usb 5-1: USB disconnect, device number 103
[ 1607.943944][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1611.407082][T22464] binder: 22462:22464 ioctl c0306201 0 returned -14
[ 1611.414125][T22469] binder: 22462:22469 ioctl c0306201 0 returned -14
[ 1612.223331][T17885] Bluetooth: hci2: unexpected event for opcode 0x0c7a
[ 1613.554213][T22485] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4077'.
[ 1613.569589][   T29] audit: type=1400 audit(2000000028.941:1402): avc:  denied  { bind } for  pid=22481 comm="syz.2.4077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1613.589113][   T29] audit: type=1400 audit(2000000028.941:1403): avc:  denied  { getopt } for  pid=22481 comm="syz.2.4077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1613.617604][   T29] audit: type=1400 audit(2000000028.991:1404): avc:  denied  { ioctl } for  pid=22490 comm="syz.3.4079" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[ 1614.505575][T22503] binder: 22497:22503 ioctl 4018620d 0 returned -22
[ 1617.475829][T22523] ax25_connect(): syz.2.4086 uses autobind, please contact jreuter@yaina.de
[ 1618.274857][   T29] audit: type=1400 audit(2000000033.651:1405): avc:  denied  { read } for  pid=22521 comm="syz.6.4088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1618.583320][ T5901] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[ 1620.553730][ T5901] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1620.568760][ T5901] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1620.579386][ T5901] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1620.589182][ T5901] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1620.606645][T22531] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1620.813726][ T5901] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1620.833571][T22545] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4094'.
[ 1620.883040][T22233] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[ 1621.139360][T22233] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1621.229422][T22233] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1621.380923][ T5901] usb 4-1: USB disconnect, device number 107
[ 1621.401726][T22233] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1621.435581][T22233] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1621.456277][T22542] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1621.475693][T22233] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1621.635673][T22554] binder: 22551:22554 ioctl 4018620d 0 returned -22
[ 1622.341162][    T8] usb 7-1: USB disconnect, device number 35
[ 1624.733422][T22576] Invalid logical block size (2147483647)
[ 1627.682871][T22603] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4106'.
[ 1628.189694][T22606] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4108'.
[ 1628.444940][T22616] binder: 22612:22616 ioctl 4018620d 0 returned -22
[ 1628.823118][ T5883] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[ 1628.997475][ T5883] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1629.037972][T20537] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[ 1629.048684][ T5883] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1629.146020][ T5883] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1629.193244][ T5883] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1629.244050][T20537] usb 5-1: Using ep0 maxpacket: 8
[ 1629.252866][T22614] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1629.261790][T20537] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1629.262652][ T5883] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1629.288675][T20537] usb 5-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1629.352451][T20537] usb 5-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1629.371276][T20537] usb 5-1: Manufacturer: syz
[ 1629.378060][T20537] usb 5-1: config 0 descriptor??
[ 1629.385903][T20537] usb 5-1: selecting invalid altsetting 1
[ 1629.391677][T20537] usb 5-1: Can not set alternate setting to 1, error: -22
[ 1629.440572][T20537] synaptics_usb 5-1:0.0: probe with driver synaptics_usb failed with error -22
[ 1630.201701][T20537] usb 5-1: USB disconnect, device number 104
[ 1630.230086][    T8] usb 7-1: USB disconnect, device number 36
[ 1632.773562][   T29] audit: type=1400 audit(2000000048.152:1406): avc:  denied  { sqpoll } for  pid=22646 comm="syz.6.4119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 1632.894435][   T29] audit: type=1400 audit(2000000048.262:1407): avc:  denied  { name_bind } for  pid=22646 comm="syz.6.4119" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 1632.925490][T22655] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4122'.
[ 1633.570289][   T29] audit: type=1326 audit(2000000048.942:1408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22654 comm="syz.4.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b86f7ff19 code=0x7ffc0000
[ 1633.602340][   T29] audit: type=1326 audit(2000000048.972:1409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22654 comm="syz.4.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f0b86f7ff19 code=0x7ffc0000
[ 1633.680725][   T29] audit: type=1326 audit(2000000048.972:1410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22654 comm="syz.4.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b86f7ff19 code=0x7ffc0000
[ 1633.704224][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1633.710933][   T29] audit: type=1326 audit(2000000048.972:1411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22654 comm="syz.4.4122" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0b86f7ff19 code=0x7ffc0000
[ 1633.734400][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1635.018832][T20537] usb 4-1: new low-speed USB device number 108 using dummy_hcd
[ 1636.133945][T20537] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 1636.153516][T20537] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1636.961968][ T5883] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[ 1636.990949][T20537] usb 4-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1637.025476][T20537] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1637.135574][T20537] usb 4-1: can't set config #32, error -71
[ 1637.233540][ T5883] usb 5-1: config 0 has an invalid interface number: 100 but max is 0
[ 1637.242239][ T5883] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1638.048334][ T5883] usb 5-1: config 0 has no interface number 0
[ 1638.054577][ T5883] usb 5-1: config 0 interface 100 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1638.064450][ T5883] usb 5-1: config 0 interface 100 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1638.079205][ T5883] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=3c.ad
[ 1638.088337][T20537] usb 4-1: USB disconnect, device number 108
[ 1638.088527][ T5883] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1638.103444][ T5901] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[ 1638.242062][   T29] audit: type=1400 audit(2000000004.440:1412): avc:  denied  { create } for  pid=22683 comm="syz.3.4131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[ 1638.315974][ T5883] usb 5-1: Product: syz
[ 1638.320180][ T5883] usb 5-1: Manufacturer: syz
[ 1638.341851][ T5883] usb 5-1: SerialNumber: syz
[ 1638.354537][ T5883] usb 5-1: config 0 descriptor??
[ 1638.361980][ T5883] usb 5-1: can't set config #0, error -71
[ 1638.369354][ T5883] usb 5-1: USB disconnect, device number 105
[ 1638.480421][ T5901] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1638.495317][ T5901] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1638.529792][ T5901] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1638.581104][ T5901] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1638.780740][T22690] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1638.790686][ T5901] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1639.936275][T22233] usb 3-1: USB disconnect, device number 109
[ 1640.479570][T17885] Bluetooth: hci3: unexpected event for opcode 0x0c7a
[ 1641.543808][T22733] veth1_macvtap: left promiscuous mode
[ 1641.549339][T22733] macsec0: entered promiscuous mode
[ 1641.554684][T22733] macsec0: entered allmulticast mode
[ 1641.572530][T17885] Bluetooth: hci3: unexpected event for opcode 0x0c14
[ 1642.737387][   T29] audit: type=1400 audit(2000000008.210:1413): avc:  denied  { write } for  pid=22731 comm="syz.4.4142" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[ 1642.760726][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1644.738503][   T29] audit: type=1326 audit(2000000010.920:1414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22745 comm="syz.6.4143" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4d0637ff19 code=0x7fc00000
[ 1644.832074][ T5822] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[ 1644.971567][   T29] audit: type=1400 audit(2000000011.170:1415): avc:  denied  { read } for  pid=22765 comm="syz.4.4149" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1645.036966][   T29] audit: type=1400 audit(2000000011.250:1416): avc:  denied  { open } for  pid=22765 comm="syz.4.4149" path="/dev/ptyqd" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 1645.060654][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1645.101564][   T29] audit: type=1400 audit(2000000011.250:1417): avc:  denied  { map } for  pid=22765 comm="syz.4.4149" path="/dev/ptyqd" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[ 1645.127443][ T5822] usb 3-1: config 0 has an invalid interface number: 100 but max is 0
[ 1645.136080][ T5822] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1645.160941][ T5822] usb 3-1: config 0 has no interface number 0
[ 1645.187463][ T5822] usb 3-1: config 0 interface 100 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1645.221696][ T5822] usb 3-1: config 0 interface 100 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1645.253985][ T5822] usb 3-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=3c.ad
[ 1645.308240][ T5822] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1645.336827][ T5822] usb 3-1: Product: syz
[ 1645.350487][ T5822] usb 3-1: Manufacturer: syz
[ 1645.375831][ T5822] usb 3-1: SerialNumber: syz
[ 1645.428281][ T5822] usb 3-1: config 0 descriptor??
[ 1645.443682][ T5822] port100 3-1:0.100: NFC: Could not find bulk-in or bulk-out endpoint
[ 1646.141977][T22750] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1646.150493][T22750] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1646.273738][   T29] audit: type=1400 audit(2000000012.490:1418): avc:  denied  { unmount } for  pid=18083 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[ 1646.293841][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1646.401492][   T29] audit: type=1400 audit(2000000012.610:1419): avc:  denied  { connect } for  pid=22783 comm="syz.6.4153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1646.424156][   T29] audit: type=1400 audit(2000000012.610:1420): avc:  denied  { mount } for  pid=22783 comm="syz.6.4153" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[ 1646.447478][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1646.475992][   T29] audit: type=1400 audit(2000000012.620:1421): avc:  denied  { create } for  pid=22783 comm="syz.6.4153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 1646.524352][   T29] audit: type=1400 audit(2000000012.620:1422): avc:  denied  { setopt } for  pid=22783 comm="syz.6.4153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 1646.544772][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1646.573121][   T29] audit: type=1400 audit(2000000012.620:1423): avc:  denied  { write } for  pid=22783 comm="syz.6.4153" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 1646.593481][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1647.514148][T20537] usb 3-1: USB disconnect, device number 110
[ 1647.757622][T22806] sg_write: data in/out 16777180/14 bytes for SCSI command 0x0-- guessing data in;
[ 1647.757622][T22806]    program syz.2.4156 not setting count and/or reply_len properly
[ 1648.427932][T22815] netlink: 'syz.4.4163': attribute type 10 has an invalid length.
[ 1648.526346][T22817] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[ 1648.573236][T22815] team0: Device hsr_slave_0 failed to register rx_handler
[ 1648.854087][T22824] can0: slcan on ptm0.
[ 1648.961441][T22823] can0 (unregistered): slcan off ptm0.
[ 1648.982259][ T5883] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[ 1649.191436][ T5133] Bluetooth: hci4: unexpected event for opcode 0x0c7a
[ 1649.217139][ T5883] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1649.228030][ T5883] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1649.243220][ T5883] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[ 1649.581865][ T5883] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1649.600229][T22233] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[ 1649.611735][ T5883] usb 3-1: config 0 descriptor??
[ 1650.502033][ T5133] Bluetooth: hci3: unexpected event for opcode 0x0c7a
[ 1650.942623][T22846] openvswitch: netlink: Flow key attr not present in new flow.
[ 1651.050860][T22848] netlink: 'syz.3.4171': attribute type 8 has an invalid length.
[ 1651.058838][T22848] netlink: 163260 bytes leftover after parsing attributes in process `syz.3.4171'.
[ 1651.855549][T22233] usb 5-1: config 0 has an invalid interface number: 18 but max is 0
[ 1651.865883][T22233] usb 5-1: config 0 has no interface number 0
[ 1651.872146][T22233] usb 5-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1651.901559][T22233] usb 5-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1651.912641][T22233] usb 5-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10
[ 1651.922455][T22233] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1651.930511][T22233] usb 5-1: Manufacturer: syz
[ 1651.937105][T22233] usb 5-1: config 0 descriptor??
[ 1652.071324][ T5872] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[ 1652.225316][ T5872] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1652.248381][    T8] usb 3-1: USB disconnect, device number 111
[ 1652.267337][T22233] usbhid 5-1:0.18: can't add hid device: -71
[ 1652.274038][T22233] usbhid 5-1:0.18: probe with driver usbhid failed with error -71
[ 1652.280104][ T5872] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1652.284083][T22233] usb 5-1: USB disconnect, device number 106
[ 1652.313524][ T5872] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1652.987812][ T5872] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1652.999461][T22850] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1653.010038][ T5872] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1653.056236][   T29] kauditd_printk_skb: 3 callbacks suppressed
[ 1653.056254][   T29] audit: type=1400 audit(2000000001.400:1427): avc:  denied  { name_connect } for  pid=22871 comm="syz.1.4180" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[ 1653.080646][T22233] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[ 1653.135798][   T29] audit: type=1400 audit(2000000001.480:1428): avc:  denied  { name_connect } for  pid=22871 comm="syz.1.4180" dest=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=sctp_socket permissive=1
[ 1653.224831][ T5872] usb 7-1: USB disconnect, device number 37
[ 1653.261142][T22233] usb 5-1: device descriptor read/64, error -71
[ 1653.371386][    T8] usb 3-1: new low-speed USB device number 112 using dummy_hcd
[ 1653.521042][T22233] usb 5-1: new high-speed USB device number 108 using dummy_hcd
[ 1653.530085][    T8] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 1653.562618][    T8] usb 3-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1653.576577][    T8] usb 3-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1653.585930][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1653.671831][T22233] usb 5-1: device descriptor read/64, error -71
[ 1653.781325][T22233] usb usb5-port1: attempt power cycle
[ 1653.819675][    T8] usb 3-1: string descriptor 0 read error: -71
[ 1653.826498][    T8] hub 3-1:32.0: USB hub found
[ 1653.832162][    T8] hub 3-1:32.0: config failed, can't read hub descriptor (err -22)
[ 1653.862206][    T8] usb 3-1: USB disconnect, device number 112
[ 1654.078552][T22881] binder: 22878:22881 ioctl 4018620d 0 returned -22
[ 1654.724222][T22233] usb 5-1: new high-speed USB device number 109 using dummy_hcd
[ 1654.860953][T22233] usb 5-1: device descriptor read/8, error -71
[ 1654.950376][T22893] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4184'.
[ 1654.969597][T22893] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4184'.
[ 1657.097803][T22893] netlink: 18 bytes leftover after parsing attributes in process `syz.2.4184'.
[ 1657.496293][T22893] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22893 comm=syz.2.4184
[ 1657.779862][T22917] usb usb9: usbfs: process 22917 (syz.3.4187) did not claim interface 0 before use
[ 1659.212052][T22936] Unsupported ieee802154 address type: 0
[ 1659.565816][T22929] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4192'.
[ 1659.657513][T22910] bridge0: port 3(erspan0) entered blocking state
[ 1659.664016][T22910] bridge0: port 3(erspan0) entered disabled state
[ 1659.670571][T22910] erspan0: entered allmulticast mode
[ 1659.676534][T22910] erspan0: entered promiscuous mode
[ 1659.681984][T22910] bridge0: port 3(erspan0) entered blocking state
[ 1659.688410][T22910] bridge0: port 3(erspan0) entered forwarding state
[ 1659.783976][   T29] audit: type=1400 audit(2000000002.100:1429): avc:  denied  { bind } for  pid=22925 comm="syz.2.4191" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1659.872868][   T29] audit: type=1400 audit(2000000002.160:1430): avc:  denied  { create } for  pid=22925 comm="syz.2.4191" name="#38" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1659.893609][   T29] audit: type=1400 audit(2000000002.160:1431): avc:  denied  { link } for  pid=22925 comm="syz.2.4191" name="#38" dev="tmpfs" ino=1436 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1659.916233][   T29] audit: type=1400 audit(2000000002.160:1432): avc:  denied  { rename } for  pid=22925 comm="syz.2.4191" name="#39" dev="tmpfs" ino=1436 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1661.120656][T22233] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[ 1661.194205][ T5883] usb 5-1: new low-speed USB device number 111 using dummy_hcd
[ 1661.272765][T22233] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1661.291311][T22233] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1661.301656][T22233] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1661.313459][T22233] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1661.324956][T22942] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1661.340832][ T5872] usb 7-1: new full-speed USB device number 38 using dummy_hcd
[ 1661.401808][T22233] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1661.415872][ T5883] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 1661.437101][ T5883] usb 5-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1661.447640][ T5883] usb 5-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1661.456741][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1661.457170][T22956] FAULT_INJECTION: forcing a failure.
[ 1661.457170][T22956] name failslab, interval 1, probability 0, space 0, times 0
[ 1661.478084][T22956] CPU: 0 UID: 0 PID: 22956 Comm: syz.3.4200 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1661.488863][T22956] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1661.498916][T22956] Call Trace:
[ 1661.502179][T22956]  <TASK>
[ 1661.505098][T22956]  dump_stack_lvl+0x16c/0x1f0
[ 1661.509777][T22956]  should_fail_ex+0x497/0x5b0
[ 1661.514460][T22956]  ? fs_reclaim_acquire+0xae/0x150
[ 1661.519589][T22956]  should_failslab+0xc2/0x120
[ 1661.524279][T22956]  __kmalloc_node_noprof+0xd1/0x510
[ 1661.529485][T22956]  ? __kvmalloc_node_noprof+0xad/0x1a0
[ 1661.534951][T22956]  __kvmalloc_node_noprof+0xad/0x1a0
[ 1661.540253][T22956]  alloc_netdev_mqs+0xf82/0x1510
[ 1661.545219][T22956]  rtnl_create_link+0xc10/0xfa0
[ 1661.550096][T22956]  rtnl_newlink+0x144b/0x1ce0
[ 1661.552380][T22233] usb 3-1: USB disconnect, device number 113
[ 1661.554784][T22956]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1661.554823][T22956]  ? __pfx___lock_acquire+0x10/0x10
[ 1661.554848][T22956]  ? cred_has_capability.isra.0+0x192/0x2f0
[ 1661.576882][T22956]  ? __pfx_cred_has_capability.isra.0+0x10/0x10
[ 1661.583151][T22956]  ? find_held_lock+0x2d/0x110
[ 1661.587938][T22956]  ? rtnetlink_rcv_msg+0x93a/0xea0
[ 1661.593065][T22956]  ? __pfx_lock_release+0x10/0x10
[ 1661.598089][T22956]  ? trace_lock_acquire+0x14e/0x1f0
[ 1661.603295][T22956]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1661.608335][T22956]  rtnetlink_rcv_msg+0x95b/0xea0
[ 1661.613279][T22956]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1661.618739][T22956]  netlink_rcv_skb+0x16b/0x440
[ 1661.623491][T22956]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1661.628965][T22956]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1661.634283][T22956]  ? netlink_deliver_tap+0x1ae/0xd30
[ 1661.639590][T22956]  netlink_unicast+0x53c/0x7f0
[ 1661.644371][T22956]  ? __pfx_netlink_unicast+0x10/0x10
[ 1661.649666][T22956]  netlink_sendmsg+0x8b8/0xd70
[ 1661.654440][T22956]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1661.659735][T22956]  ____sys_sendmsg+0xaaf/0xc90
[ 1661.664506][T22956]  ? copy_msghdr_from_user+0x10b/0x160
[ 1661.669972][T22956]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1661.675285][T22956]  ___sys_sendmsg+0x135/0x1e0
[ 1661.679984][T22956]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1661.685200][T22956]  ? __pfx_lock_release+0x10/0x10
[ 1661.690231][T22956]  ? trace_lock_acquire+0x14e/0x1f0
[ 1661.695445][T22956]  ? __fget_files+0x206/0x3a0
[ 1661.700122][T22956]  __sys_sendmsg+0x16e/0x220
[ 1661.704718][T22956]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1661.709850][T22956]  do_syscall_64+0xcd/0x250
[ 1661.714359][T22956]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1661.720255][T22956] RIP: 0033:0x7f4911f7ff19
[ 1661.724668][T22956] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1661.744290][T22956] RSP: 002b:00007f4912cc6058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1661.752709][T22956] RAX: ffffffffffffffda RBX: 00007f4912145fa0 RCX: 00007f4911f7ff19
[ 1661.760694][T22956] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[ 1661.768660][T22956] RBP: 00007f4912cc60a0 R08: 0000000000000000 R09: 0000000000000000
[ 1661.776627][T22956] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1661.784598][T22956] R13: 0000000000000000 R14: 00007f4912145fa0 R15: 00007fff07f37b08
[ 1661.792579][T22956]  </TASK>
[ 1661.816615][ T5883] usb 5-1: string descriptor 0 read error: -71
[ 1661.832733][ T5872] usb 7-1: not running at top speed; connect to a high speed hub
[ 1661.833814][ T5883] hub 5-1:32.0: USB hub found
[ 1661.854971][ T5883] hub 5-1:32.0: config failed, can't read hub descriptor (err -22)
[ 1661.861880][ T5872] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 919, setting to 64
[ 1661.878273][ T5872] usb 7-1: New USB device found, idVendor=047d, idProduct=2041, bcdDevice= 0.40
[ 1661.892053][ T5883] usb 5-1: USB disconnect, device number 111
[ 1661.898552][ T5872] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1661.923346][ T5872] usb 7-1: Product: syz
[ 1661.927529][ T5872] usb 7-1: SerialNumber: syz
[ 1661.946184][T22948] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[ 1662.173390][T22948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1662.182796][T22948] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1662.193382][T22948] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1662.202134][T22948] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1662.217004][ T5872] usbhid 7-1:1.0: can't add hid device: -71
[ 1662.802128][ T5872] usbhid 7-1:1.0: probe with driver usbhid failed with error -71
[ 1662.836838][ T5872] usb 7-1: USB disconnect, device number 38
[ 1664.257642][T22981] netlink: 'syz.1.4207': attribute type 7 has an invalid length.
[ 1664.284470][T22981] netlink: 208140 bytes leftover after parsing attributes in process `syz.1.4207'.
[ 1664.983831][ T5872] usb 5-1: new high-speed USB device number 112 using dummy_hcd
[ 1665.140501][ T5872] usb 5-1: Using ep0 maxpacket: 16
[ 1665.162315][ T5872] usb 5-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[ 1665.174666][ T5872] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1665.193950][ T5872] usb 5-1: Product: syz
[ 1665.198142][ T5872] usb 5-1: Manufacturer: syz
[ 1665.210034][ T5872] usb 5-1: SerialNumber: syz
[ 1665.221265][ T5872] usb 5-1: config 0 descriptor??
[ 1665.339144][ T5872] as10x_usb: device has been detected
[ 1665.358354][ T5872] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[ 1665.481665][T22979] random: crng reseeded on system resumption
[ 1665.489005][   T29] audit: type=1400 audit(2000000002.560:1433): avc:  denied  { write } for  pid=22978 comm="syz.4.4206" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 1665.518929][T22997] zonefs (nullb0) ERROR: Not a zoned block device
[ 1665.597951][ T5872] usb 5-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[ 1665.890828][   T29] audit: type=1400 audit(2000000002.560:1434): avc:  denied  { open } for  pid=22978 comm="syz.4.4206" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 1666.335962][ T5872] as10x_usb: error during firmware upload part1
[ 1666.350399][ T5872] Registered device Sky IT Digital Key (green led)
[ 1666.652349][T22233] usb 5-1: USB disconnect, device number 112
[ 1666.837042][ T5133] Bluetooth: hci2: unexpected event for opcode 0x0c7a
[ 1666.904546][T22233] Unregistered device Sky IT Digital Key (green led)
[ 1667.000655][ T5883] usb 7-1: new low-speed USB device number 39 using dummy_hcd
[ 1667.110367][T22233] as10x_usb: device has been disconnected
[ 1667.616099][ T5883] usb 7-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 1668.101993][ T5883] usb 7-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1668.120939][ T5883] usb 7-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1668.130201][ T5883] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1668.606957][ T5883] usb 7-1: string descriptor 0 read error: -71
[ 1668.614225][ T5883] hub 7-1:32.0: USB hub found
[ 1668.648410][ T5883] hub 7-1:32.0: config failed, can't read hub descriptor (err -22)
[ 1668.740585][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1668.835097][T23029] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4218'.
[ 1670.270523][ T5133] Bluetooth: hci4: unexpected event for opcode 0x0c7a
[ 1670.286283][T23037] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4220'.
[ 1670.529334][ T5883] usb 7-1: USB disconnect, device number 39
[ 1670.566906][T23047] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=123 sclass=netlink_route_socket pid=23047 comm=syz.4.4223
[ 1670.660162][ T5872] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[ 1671.820541][ T5872] usb 3-1: Using ep0 maxpacket: 16
[ 1672.613601][ T5872] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1672.624157][ T5872] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[ 1672.633912][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1672.745029][ T5872] usb 3-1: config 0 descriptor??
[ 1672.889400][ T5872] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input52
[ 1673.039261][   T29] audit: type=1400 audit(2000000010.110:1435): avc:  denied  { shutdown } for  pid=23070 comm="syz.3.4228" lport=33910 faddr=fc01:: scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1673.056021][T23071] overlayfs: failed to get index nlink (file1/file0, err=-61)
[ 1673.165187][T23040] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1673.174079][T23040] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1673.183425][T23040] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1673.192455][T23040] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1673.220132][T23040] vxlan0: entered promiscuous mode
[ 1673.225345][T23040] vxlan0: entered allmulticast mode
[ 1673.360784][ T5179] bcm5974 3-1:0.0: could not read from device
[ 1673.379944][ T5872] usb 5-1: new high-speed USB device number 113 using dummy_hcd
[ 1673.387774][ T5822] usb 3-1: USB disconnect, device number 114
[ 1673.466797][T23040] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1673.475989][T23040] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1673.485588][T23040] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1673.494554][T23040] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1673.590769][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1673.606598][ T5872] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1673.641698][ T5872] usb 5-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.00
[ 1673.686934][ T5872] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1673.739348][ T5872] usb 5-1: config 0 descriptor??
[ 1675.289986][T13127] usb 4-1: new low-speed USB device number 109 using dummy_hcd
[ 1675.483955][ T5872] sony 0003:054C:0268.000D: hiddev0,hidraw0: USB HID v80.00 Device [HID 054c:0268] on usb-dummy_hcd.4-1/input0
[ 1675.496298][ T5872] sony 0003:054C:0268.000D: failed to claim input
[ 1675.509227][ T5872] usb 5-1: USB disconnect, device number 113
[ 1675.562145][T13127] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 1675.574689][T13127] usb 4-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1675.675856][T13127] usb 4-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1675.685038][T13127] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1675.705760][T23090] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4234'.
[ 1675.918039][T23097] wireguard0: entered promiscuous mode
[ 1675.936877][T13127] usb 4-1: string descriptor 0 read error: -71
[ 1675.943364][T13127] hub 4-1:32.0: USB hub found
[ 1675.955444][T13127] hub 4-1:32.0: config failed, can't read hub descriptor (err -22)
[ 1675.971110][T23097] wireguard0: entered allmulticast mode
[ 1675.996265][T13127] usb 4-1: USB disconnect, device number 109
[ 1676.090242][T20537] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[ 1676.167545][T23103] FAULT_INJECTION: forcing a failure.
[ 1676.167545][T23103] name failslab, interval 1, probability 0, space 0, times 0
[ 1676.181126][T23103] CPU: 0 UID: 0 PID: 23103 Comm: syz.1.4239 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1676.191915][T23103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1676.201974][T23103] Call Trace:
[ 1676.205252][T23103]  <TASK>
[ 1676.208187][T23103]  dump_stack_lvl+0x16c/0x1f0
[ 1676.212880][T23103]  should_fail_ex+0x497/0x5b0
[ 1676.217585][T23103]  should_failslab+0xc2/0x120
[ 1676.222274][T23103]  kmem_cache_alloc_noprof+0x6e/0x3d0
[ 1676.227656][T23103]  ? skb_clone+0x190/0x3f0
[ 1676.232086][T23103]  skb_clone+0x190/0x3f0
[ 1676.236338][T23103]  netlink_deliver_tap+0xabd/0xd30
[ 1676.241481][T23103]  netlink_unicast+0x5e1/0x7f0
[ 1676.246261][T23103]  ? __pfx_netlink_unicast+0x10/0x10
[ 1676.251566][T23103]  netlink_sendmsg+0x8b8/0xd70
[ 1676.256352][T23103]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1676.261659][T23103]  ____sys_sendmsg+0xaaf/0xc90
[ 1676.266436][T23103]  ? copy_msghdr_from_user+0x10b/0x160
[ 1676.271915][T23103]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1676.277208][T23103]  ? __lock_acquire+0xcc5/0x3c40
[ 1676.282164][T23103]  ___sys_sendmsg+0x135/0x1e0
[ 1676.286858][T23103]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1676.292095][T23103]  ? trace_lock_acquire+0x14e/0x1f0
[ 1676.297328][T23103]  __sys_sendmmsg+0x201/0x420
[ 1676.302025][T23103]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1676.307298][T23103]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1676.313302][T23103]  ? fput+0x67/0x440
[ 1676.317233][T23103]  ? ksys_write+0x1ba/0x250
[ 1676.321752][T23103]  ? __pfx_ksys_write+0x10/0x10
[ 1676.326622][T23103]  __x64_sys_sendmmsg+0x9c/0x100
[ 1676.331579][T23103]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1676.336779][T23103]  do_syscall_64+0xcd/0x250
[ 1676.341288][T23103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1676.347183][T23103] RIP: 0033:0x7f8538f7ff19
[ 1676.351590][T23103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1676.371196][T23103] RSP: 002b:00007f8539d65058 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1676.379604][T23103] RAX: ffffffffffffffda RBX: 00007f8539145fa0 RCX: 00007f8538f7ff19
[ 1676.387575][T23103] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000004
[ 1676.395545][T23103] RBP: 00007f8539d650a0 R08: 0000000000000000 R09: 0000000000000000
[ 1676.403511][T23103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1676.411475][T23103] R13: 0000000000000000 R14: 00007f8539145fa0 R15: 00007ffc80184af8
[ 1676.419452][T23103]  </TASK>
[ 1676.470216][T20537] usb 3-1: Using ep0 maxpacket: 32
[ 1676.495823][T20537] usb 3-1: New USB device found, idVendor=0ccd, idProduct=003b, bcdDevice=a6.13
[ 1676.505845][T20537] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1677.464309][T20537] usb 3-1: Product: syz
[ 1677.468528][T20537] usb 3-1: Manufacturer: syz
[ 1677.473975][T20537] usb 3-1: SerialNumber: syz
[ 1677.517689][T23107] cgroup: fork rejected by pids controller in /syz1
[ 1677.657603][T20537] usb 3-1: config 0 descriptor??
[ 1677.675691][ T5133] Bluetooth: hci1: unexpected event for opcode 0x0c7a
[ 1677.854163][   T29] audit: type=1400 audit(2000000002.050:1436): avc:  denied  { ioctl } for  pid=23112 comm="syz.4.4244" path="socket:[74978]" dev="sockfs" ino=74978 ioctlcmd=0x9426 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1677.909669][   T29] audit: type=1400 audit(2000000002.050:1437): avc:  denied  { ioctl } for  pid=23112 comm="syz.4.4244" path="socket:[74976]" dev="sockfs" ino=74976 ioctlcmd=0x941b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 1677.935290][   T29] audit: type=1400 audit(2000000002.200:1438): avc:  denied  { bind } for  pid=23093 comm="syz.2.4237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1677.955778][   T29] audit: type=1400 audit(2000000002.200:1439): avc:  denied  { listen } for  pid=23093 comm="syz.2.4237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1677.975855][   T29] audit: type=1400 audit(2000000002.200:1440): avc:  denied  { connect } for  pid=23093 comm="syz.2.4237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1677.996044][   T29] audit: type=1400 audit(2000000002.210:1441): avc:  denied  { write } for  pid=23093 comm="syz.2.4237" path="socket:[74990]" dev="sockfs" ino=74990 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1678.218466][T22233] usb 3-1: USB disconnect, device number 115
[ 1678.349866][T13127] usb 5-1: new full-speed USB device number 114 using dummy_hcd
[ 1678.678125][T23125] FAULT_INJECTION: forcing a failure.
[ 1678.678125][T23125] name failslab, interval 1, probability 0, space 0, times 0
[ 1678.802947][T13127] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1678.803325][T23127] fuse: Bad value for 'fd'
[ 1678.814016][T13127] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1678.830047][T13127] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[ 1678.839133][T13127] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1678.856187][T13127] usb 5-1: SerialNumber: syz
[ 1678.873180][T13127] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[ 1678.882127][T13127] usb-storage 5-1:1.0: USB Mass Storage device detected
[ 1678.898194][T23125] CPU: 0 UID: 0 PID: 23125 Comm: syz.2.4247 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1678.908997][T23125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1678.909057][T13127] usb-storage 5-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[ 1678.919047][T23125] Call Trace:
[ 1678.919059][T23125]  <TASK>
[ 1678.919067][T23125]  dump_stack_lvl+0x16c/0x1f0
[ 1678.919097][T23125]  should_fail_ex+0x497/0x5b0
[ 1678.919124][T23125]  ? fs_reclaim_acquire+0xae/0x150
[ 1678.947452][T23125]  should_failslab+0xc2/0x120
[ 1678.952158][T23125]  __kmalloc_noprof+0xcb/0x510
[ 1678.956939][T23125]  ? d_absolute_path+0x137/0x1b0
[ 1678.961895][T23125]  ? rcu_is_watching+0x12/0xc0
[ 1678.966681][T23125]  tomoyo_encode2+0x100/0x3e0
[ 1678.971378][T23125]  tomoyo_encode+0x29/0x50
[ 1678.975809][T23125]  tomoyo_realpath_from_path+0x19d/0x720
[ 1678.981468][T23125]  tomoyo_path_number_perm+0x248/0x590
[ 1678.986941][T23125]  ? tomoyo_path_number_perm+0x235/0x590
[ 1678.992587][T23125]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1678.998605][T23125]  ? __pfx_lock_release+0x10/0x10
[ 1679.003652][T23125]  ? trace_lock_acquire+0x14e/0x1f0
[ 1679.008875][T23125]  ? lock_acquire+0x2f/0xb0
[ 1679.013388][T23125]  ? __fget_files+0x40/0x3a0
[ 1679.017990][T23125]  ? __fget_files+0x206/0x3a0
[ 1679.022684][T23125]  security_file_ioctl+0x9b/0x240
[ 1679.027734][T23125]  __x64_sys_ioctl+0xb7/0x200
[ 1679.032428][T23125]  do_syscall_64+0xcd/0x250
[ 1679.036949][T23125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1679.042862][T23125] RIP: 0033:0x7f329157ff19
[ 1679.047289][T23125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1679.066914][T23125] RSP: 002b:00007f329243a058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1679.075352][T23125] RAX: ffffffffffffffda RBX: 00007f3291745fa0 RCX: 00007f329157ff19
[ 1679.083334][T23125] RDX: 0000000020000280 RSI: 00000000c01864b0 RDI: 0000000000000003
[ 1679.091316][T23125] RBP: 00007f329243a0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1679.099301][T23125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1679.107285][T23125] R13: 0000000000000000 R14: 00007f3291745fa0 R15: 00007ffe15450088
[ 1679.115278][T23125]  </TASK>
[ 1679.135187][T23125] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1679.145324][T13127] scsi host1: usb-storage 5-1:1.0
[ 1679.213850][ T8222] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1679.362310][ T8222] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1679.550850][T23140] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4250'.
[ 1679.620144][ T8222] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1679.901625][T23137] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1679.962179][ T8222] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1680.210248][T20537] usb 7-1: new low-speed USB device number 40 using dummy_hcd
[ 1680.223679][ T8222] erspan0: left allmulticast mode
[ 1680.236570][ T8222] erspan0: left promiscuous mode
[ 1680.247410][ T8222] bridge0: port 3(erspan0) entered disabled state
[ 1680.272117][T22845] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1680.284410][T22845] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1680.293622][T22845] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1680.302552][ T8222] bridge_slave_1: left allmulticast mode
[ 1680.309185][T22845] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1680.317291][ T8222] bridge_slave_1: left promiscuous mode
[ 1680.323613][ T8222] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1680.334390][T22845] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 1680.350346][T22845] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1680.373761][T20537] usb 7-1: config 32 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 10
[ 1680.386300][ T8222] bridge_slave_0: left allmulticast mode
[ 1680.396249][T20537] usb 7-1: config 32 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[ 1680.396510][ T8222] bridge_slave_0: left promiscuous mode
[ 1680.417497][T20537] usb 7-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[ 1680.426743][T20537] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1680.437834][ T8222] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1680.446082][T22233] usb 5-1: USB disconnect, device number 114
[ 1680.599292][T23156] binder: 23150:23156 ioctl c0306201 0 returned -14
[ 1680.668271][T20537] usb 7-1: string descriptor 0 read error: -71
[ 1680.680358][T20537] hub 7-1:32.0: USB hub found
[ 1680.696071][T20537] hub 7-1:32.0: config failed, can't read hub descriptor (err -22)
[ 1680.760938][T20537] usb 7-1: USB disconnect, device number 40
[ 1680.909102][ T5901] usb 3-1: new high-speed USB device number 116 using dummy_hcd
[ 1681.058252][   T29] audit: type=1400 audit(2000000005.320:1442): avc:  denied  { map } for  pid=23159 comm="syz.3.4256" path="socket:[74447]" dev="sockfs" ino=74447 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 1682.026775][ T5901] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1682.099477][ T5901] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1682.126147][ T5901] usb 3-1: config 0 descriptor??
[ 1682.161343][ T5901] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1682.320569][ T5822] usb 7-1: new high-speed USB device number 41 using dummy_hcd
[ 1682.449525][ T5133] Bluetooth: hci0: command tx timeout
[ 1682.638839][ T5901] cpia1 3-1:0.0: unexpected state after lo power cmd: 00
[ 1682.951197][ T8222] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1682.961328][ T5822] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1682.972575][ T5822] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1682.982960][ T5822] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1682.989996][T22233] usb 5-1: new high-speed USB device number 115 using dummy_hcd
[ 1683.001521][ T5822] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1683.010865][ T8222] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1683.030598][T23169] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1683.032544][ T8222] bond0 (unregistering): Released all slaves
[ 1683.046458][ T5822] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1683.231740][T22233] usb 5-1: Using ep0 maxpacket: 8
[ 1683.239255][T22233] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[ 1683.266553][T22233] usb 5-1: config 179 has no interface number 0
[ 1683.281730][T22233] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1683.293259][T22233] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1683.330994][T22233] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1683.371139][T22233] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1683.395290][T22233] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1683.410959][T22233] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1683.419613][   T29] audit: type=1400 audit(2000000007.630:1443): avc:  denied  { connect } for  pid=23180 comm="syz.3.4260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1683.546106][T23179] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 1683.850208][T23185] fuse: Unknown parameter 'root4?ÍŸWíÀ“ƒâ¯Cˆ„ode9000000000@°00
'
[ 1684.211155][T20537] usb 7-1: USB disconnect, device number 41
[ 1684.283119][T23178] team0 (unregistering): Port device team_slave_0 removed
[ 1684.293445][ T5901] gspca_cpia1: usb_control_msg 02, error -110
[ 1684.310126][ T5901] gspca_cpia1: usb_control_msg 05, error -32
[ 1684.316927][ T5901] gspca_cpia1: usb_control_msg 05, error -32
[ 1684.329798][T23178] team0 (unregistering): Port device team_slave_1 removed
[ 1684.461966][ T5901] gspca_cpia1: usb_control_msg 05, error -71
[ 1684.468130][ T5901] cpia1 3-1:0.0: unexpected systemstate: 00
[ 1684.477082][ T5901] usb 3-1: USB disconnect, device number 116
[ 1684.505527][T20537] kernel write not supported for file bpf-map (pid: 20537 comm: kworker/0:4)
[ 1684.519307][ T5133] Bluetooth: hci0: command tx timeout
[ 1684.728753][T23148] chnl_net:caif_netlink_parms(): no params data found
[ 1684.787246][ T8222] hsr_slave_0: left promiscuous mode
[ 1684.793492][ T8222] hsr_slave_1: left promiscuous mode
[ 1684.801133][ T8222] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1684.815197][ T8222] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1684.843139][ T8222] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1684.850875][ T8222] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1684.908331][ T8222] veth1_macvtap: left promiscuous mode
[ 1684.919519][ T8222] veth0_macvtap: left promiscuous mode
[ 1684.925274][ T8222] veth1_vlan: left promiscuous mode
[ 1684.930741][ T8222] veth0_vlan: left promiscuous mode
[ 1685.527195][T22233] usb 5-1: USB disconnect, device number 115
[ 1686.591540][T22845] Bluetooth: hci0: command tx timeout
[ 1688.572364][ T8222] team0 (unregistering): Port device team_slave_1 removed
[ 1688.669903][T22845] Bluetooth: hci0: command tx timeout
[ 1688.907772][ T8222] team0 (unregistering): Port device team_slave_0 removed
[ 1689.044931][T23246] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4272'.
[ 1689.089812][T22845] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 1690.392244][T23266] ubi0: attaching mtd0
[ 1690.412060][T23266] ubi0: scanning is finished
[ 1690.416690][T23266] ubi0: empty MTD device detected
[ 1690.640710][T22845] Bluetooth: hci1: unexpected event for opcode 0x0c7a
[ 1691.160245][T23266] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1691.168324][T23266] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1691.176232][T23266] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1691.233700][T23266] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[ 1691.334255][T23266] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1691.346746][T23266] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1691.359074][T23266] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 584984675
[ 1691.389700][T23266] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1691.402442][T23269] ubi0: background thread "ubi_bgt0d" started, PID 23269
[ 1691.461192][T23148] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1691.478949][T23148] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1691.486415][T23148] bridge_slave_0: entered allmulticast mode
[ 1691.519417][ T5872] usb 3-1: new high-speed USB device number 117 using dummy_hcd
[ 1691.539825][T23148] bridge_slave_0: entered promiscuous mode
[ 1691.581686][T23148] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1691.599123][T23148] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1691.615384][T23148] bridge_slave_1: entered allmulticast mode
[ 1691.626629][T23148] bridge_slave_1: entered promiscuous mode
[ 1692.678837][ T5872] usb 3-1: Using ep0 maxpacket: 8
[ 1692.715212][ T5872] usb 3-1: config index 0 descriptor too short (expected 1219, got 18)
[ 1692.834986][T23148] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1692.848153][ T5872] usb 3-1: config 0 has an invalid descriptor of length 21, skipping remainder of the config
[ 1692.859446][ T5872] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1692.872094][ T5872] usb 3-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=d4.77
[ 1692.886583][T23148] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1692.895789][ T5872] usb 3-1: New USB device strings: Mfr=106, Product=2, SerialNumber=3
[ 1692.979228][ T5872] usb 3-1: Product: syz
[ 1692.983864][ T5872] usb 3-1: Manufacturer: syz
[ 1692.988578][ T5872] usb 3-1: SerialNumber: syz
[ 1693.025999][ T5872] usb 3-1: config 0 descriptor??
[ 1693.031145][    T8] usb 4-1: new high-speed USB device number 110 using dummy_hcd
[ 1694.048793][    T8] usb 4-1: device descriptor read/64, error -71
[ 1694.085826][T23148] team0: Port device team_slave_0 added
[ 1694.094824][T23148] team0: Port device team_slave_1 added
[ 1694.349748][    T8] usb 4-1: new high-speed USB device number 111 using dummy_hcd
[ 1694.373343][T23148] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1694.480947][T23148] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1694.830278][T23148] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1694.888170][T23148] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1694.895666][T23148] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1694.958191][T23148] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1695.158081][T23148] hsr_slave_0: entered promiscuous mode
[ 1695.183457][T23148] hsr_slave_1: entered promiscuous mode
[ 1695.195699][T23148] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1695.203638][T23148] Cannot create hsr debugfs directory
[ 1695.230938][T13127] usb 3-1: USB disconnect, device number 117
[ 1695.434413][   T29] audit: type=1326 audit(2000000019.701:1444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23325 comm="syz.4.4289" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0b86f7ff19 code=0x0
[ 1696.714055][T23339] overlayfs: failed to resolve './file0/file0': -2
[ 1697.330216][   T29] audit: type=1400 audit(2000000020.891:1445): avc:  denied  { listen } for  pid=23333 comm="syz.3.4291" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 1697.768795][T13127] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[ 1697.880482][T23148] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1697.932789][T13127] usb 7-1: Using ep0 maxpacket: 8
[ 1697.971503][T13127] usb 7-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1697.990246][T23148] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1698.001046][T13127] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1698.030176][T23148] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1698.045942][T23148] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1698.053878][T13127] usb 7-1: config 0 descriptor??
[ 1698.090858][T23349] binder: 23341:23349 ioctl 4018620d 0 returned -22
[ 1701.270522][T23148] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1701.287708][T23148] 8021q: adding VLAN 0 to HW filter on device team0
[ 1701.400954][ T3558] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1701.408215][ T3558] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1702.198411][T13127] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1702.228402][T13127] asix 7-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[ 1702.248491][T13127] asix 7-1:0.0: probe with driver asix failed with error -71
[ 1702.250120][ T8258] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1702.262985][ T8258] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1702.520601][T13127] usb 7-1: USB disconnect, device number 42
[ 1702.799458][T23374] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4298'.
[ 1702.890585][   T29] audit: type=1400 audit(2000000027.151:1446): avc:  denied  { append } for  pid=23376 comm="syz.4.4299" name="sg0" dev="devtmpfs" ino=759 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 1702.973995][T23148] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1703.246239][T23389] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4301'.
[ 1703.266058][T23385] FAULT_INJECTION: forcing a failure.
[ 1703.266058][T23385] name failslab, interval 1, probability 0, space 0, times 0
[ 1703.337856][T23385] CPU: 0 UID: 0 PID: 23385 Comm: syz.2.4300 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1703.348662][T23385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1703.358724][T23385] Call Trace:
[ 1703.362008][T23385]  <TASK>
[ 1703.364948][T23385]  dump_stack_lvl+0x16c/0x1f0
[ 1703.369647][T23385]  should_fail_ex+0x497/0x5b0
[ 1703.374350][T23385]  should_failslab+0xc2/0x120
[ 1703.379046][T23385]  kmem_cache_alloc_noprof+0x6e/0x3d0
[ 1703.384435][T23385]  ? skb_clone+0x190/0x3f0
[ 1703.388867][T23385]  skb_clone+0x190/0x3f0
[ 1703.393122][T23385]  netlink_deliver_tap+0xabd/0xd30
[ 1703.398258][T23385]  netlink_unicast+0x6b4/0x7f0
[ 1703.403042][T23385]  ? __pfx_netlink_unicast+0x10/0x10
[ 1703.408352][T23385]  netlink_ack+0x6ac/0xb80
[ 1703.412797][T23385]  netlink_rcv_skb+0x348/0x440
[ 1703.417592][T23385]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[ 1703.423072][T23385]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1703.428376][T23385]  ? xfrm_netlink_rcv+0x62/0x90
[ 1703.433267][T23385]  xfrm_netlink_rcv+0x71/0x90
[ 1703.437959][T23385]  netlink_unicast+0x53c/0x7f0
[ 1703.442741][T23385]  ? __pfx_netlink_unicast+0x10/0x10
[ 1703.448038][T23385]  netlink_sendmsg+0x8b8/0xd70
[ 1703.452812][T23385]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1703.458110][T23385]  ____sys_sendmsg+0xaaf/0xc90
[ 1703.462876][T23385]  ? copy_msghdr_from_user+0x10b/0x160
[ 1703.468370][T23385]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1703.473664][T23385]  ___sys_sendmsg+0x135/0x1e0
[ 1703.478343][T23385]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1703.483555][T23385]  ? __pfx_lock_release+0x10/0x10
[ 1703.488576][T23385]  ? trace_lock_acquire+0x14e/0x1f0
[ 1703.493786][T23385]  ? __fget_files+0x206/0x3a0
[ 1703.498465][T23385]  __sys_sendmsg+0x16e/0x220
[ 1703.503059][T23385]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1703.508192][T23385]  do_syscall_64+0xcd/0x250
[ 1703.512696][T23385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1703.518586][T23385] RIP: 0033:0x7f329157ff19
[ 1703.522995][T23385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1703.542598][T23385] RSP: 002b:00007f3292419058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1703.551009][T23385] RAX: ffffffffffffffda RBX: 00007f3291746080 RCX: 00007f329157ff19
[ 1703.558974][T23385] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000008
[ 1703.566938][T23385] RBP: 00007f32924190a0 R08: 0000000000000000 R09: 0000000000000000
[ 1703.574903][T23385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1703.582866][T23385] R13: 0000000000000000 R14: 00007f3291746080 R15: 00007ffe15450088
[ 1703.590848][T23385]  </TASK>
[ 1703.643876][T23398] FAULT_INJECTION: forcing a failure.
[ 1703.643876][T23398] name failslab, interval 1, probability 0, space 0, times 0
[ 1703.685862][T23398] CPU: 0 UID: 0 PID: 23398 Comm: syz.4.4303 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1703.696670][T23398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1703.706738][T23398] Call Trace:
[ 1703.710024][T23398]  <TASK>
[ 1703.712963][T23398]  dump_stack_lvl+0x16c/0x1f0
[ 1703.717656][T23398]  should_fail_ex+0x497/0x5b0
[ 1703.722353][T23398]  should_failslab+0xc2/0x120
[ 1703.727052][T23398]  kmem_cache_alloc_noprof+0x6e/0x3d0
[ 1703.732438][T23398]  ? skb_clone+0x190/0x3f0
[ 1703.736869][T23398]  skb_clone+0x190/0x3f0
[ 1703.741121][T23398]  netlink_deliver_tap+0xabd/0xd30
[ 1703.746253][T23398]  netlink_unicast+0x5e1/0x7f0
[ 1703.751033][T23398]  ? __pfx_netlink_unicast+0x10/0x10
[ 1703.756345][T23398]  netlink_sendmsg+0x8b8/0xd70
[ 1703.761133][T23398]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1703.766442][T23398]  ____sys_sendmsg+0xaaf/0xc90
[ 1703.771221][T23398]  ? copy_msghdr_from_user+0x10b/0x160
[ 1703.776698][T23398]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1703.782007][T23398]  ___sys_sendmsg+0x135/0x1e0
[ 1703.786704][T23398]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1703.791930][T23398]  ? __pfx_lock_release+0x10/0x10
[ 1703.796964][T23398]  ? trace_lock_acquire+0x14e/0x1f0
[ 1703.802189][T23398]  ? __fget_files+0x206/0x3a0
[ 1703.806881][T23398]  __sys_sendmsg+0x16e/0x220
[ 1703.811491][T23398]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1703.816639][T23398]  do_syscall_64+0xcd/0x250
[ 1703.821158][T23398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1703.827063][T23398] RIP: 0033:0x7f0b86f7ff19
[ 1703.831482][T23398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1703.851102][T23398] RSP: 002b:00007f0b86df9058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1703.859527][T23398] RAX: ffffffffffffffda RBX: 00007f0b87145fa0 RCX: 00007f0b86f7ff19
[ 1703.867493][T23398] RDX: 0000000000000000 RSI: 0000000020000c00 RDI: 0000000000000004
[ 1703.875458][T23398] RBP: 00007f0b86df90a0 R08: 0000000000000000 R09: 0000000000000000
[ 1703.883421][T23398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1703.891384][T23398] R13: 0000000000000000 R14: 00007f0b87145fa0 R15: 00007ffc810d2b78
[ 1703.899361][T23398]  </TASK>
[ 1704.100536][T23148] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1704.652216][T23148] veth0_vlan: entered promiscuous mode
[ 1704.698567][T23148] veth1_vlan: entered promiscuous mode
[ 1705.512458][T23416] sg_write: data in/out 406748/8 bytes for SCSI command 0xff-- guessing data in;
[ 1705.512458][T23416]    program syz.3.4306 not setting count and/or reply_len properly
[ 1705.756283][T23148] veth0_macvtap: entered promiscuous mode
[ 1705.809405][T23148] veth1_macvtap: entered promiscuous mode
[ 1705.848566][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1705.859148][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1705.869377][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1705.879852][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1705.890384][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1705.900871][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1705.917298][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1705.932042][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1705.947377][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1705.958110][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1705.968945][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1705.979516][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1705.990047][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1706.033455][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1706.048251][T23424] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4310'.
[ 1706.088161][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1706.137207][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1706.214371][T23148] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1706.848840][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1706.898053][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1706.927036][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1706.958024][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1706.967893][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1706.967911][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1706.967935][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.000362][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.010290][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.021383][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.031275][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.042008][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.052724][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.063796][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.074019][T23148] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1707.085227][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1707.096374][T23148] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1707.132086][T23148] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1707.136688][T23431] lo speed is unknown, defaulting to 1000
[ 1707.229891][T23148] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1707.240526][T23148] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1707.249735][T23148] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1707.705254][T23431] lo speed is unknown, defaulting to 1000
[ 1707.795605][T23431] lo speed is unknown, defaulting to 1000
[ 1708.529062][T23148] batman_adv: The newly added mac address (08:02:11:00:00:00) already exists on: macvlan2
[ 1708.612167][T23431] infiniband s
z1: set active
[ 1708.616637][T23148] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1708.617163][T23431] infiniband s
z1: added lo
[ 1708.633988][T23431] s
z1: rxe_create_cq: returned err = -12
[ 1708.642501][ T5883] lo speed is unknown, defaulting to 1000
[ 1708.664310][   T29] audit: type=1400 audit(2000000032.931:1447): avc:  denied  { map } for  pid=23443 comm="syz.4.4314" path="socket:[76207]" dev="sockfs" ino=76207 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 1708.688033][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1708.699556][ T3558] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1708.712880][ T3558] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1708.718046][T23431] infiniband s
z1: Couldn't create ib_mad CQ
[ 1708.736337][   T29] audit: type=1400 audit(2000000032.961:1448): avc:  denied  { accept } for  pid=23443 comm="syz.4.4314" path="socket:[76207]" dev="sockfs" ino=76207 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 1708.789949][T23431] infiniband s
z1: Couldn't open port 1
[ 1708.793344][ T8258] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1708.826720][ T8258] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1709.101092][T23431] RDS/IB: s
z1: added
[ 1709.106150][T23431] smc: adding ib device s
z1 with port count 1
[ 1709.112985][T23431] smc:    ib device s
z1 port 1 has pnetid 
[ 1709.123097][T13127] lo speed is unknown, defaulting to 1000
[ 1709.130816][T23431] lo speed is unknown, defaulting to 1000
[ 1709.308841][T23431] lo speed is unknown, defaulting to 1000
[ 1709.903465][T23472] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4320'.
[ 1709.950111][   T29] audit: type=1400 audit(2000000034.211:1449): avc:  denied  { connect } for  pid=23464 comm="syz.6.4321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 1710.185817][   T29] audit: type=1400 audit(2000000034.441:1450): avc:  denied  { lock } for  pid=23470 comm="syz.4.4320" path="/dev/fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[ 1710.346159][T23431] lo speed is unknown, defaulting to 1000
[ 1710.437977][T23431] lo speed is unknown, defaulting to 1000
[ 1710.528375][T23431] lo speed is unknown, defaulting to 1000
[ 1710.538013][    T8] usb 7-1: new high-speed USB device number 43 using dummy_hcd
[ 1710.617915][T23431] lo speed is unknown, defaulting to 1000
[ 1710.688578][    T8] usb 7-1: Using ep0 maxpacket: 8
[ 1710.699897][    T8] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1710.706773][T23431] lo speed is unknown, defaulting to 1000
[ 1710.708961][    T8] usb 7-1: config index 0 descriptor too short (expected 49, got 18)
[ 1710.750986][    T8] usb 7-1: invalid descriptor for config index 0: type = 0x2, length = 120
[ 1710.800440][T23431] lo speed is unknown, defaulting to 1000
[ 1710.802185][    T8] usb 7-1: can't read configurations, error -22
[ 1710.916090][T23431] lo speed is unknown, defaulting to 1000
[ 1710.997942][    T8] usb 7-1: new high-speed USB device number 44 using dummy_hcd
[ 1711.117650][T23492] Bluetooth: MGMT ver 1.23
[ 1711.187044][    T8] usb 7-1: Using ep0 maxpacket: 8
[ 1711.194178][    T8] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1711.206707][    T8] usb 7-1: config index 0 descriptor too short (expected 49, got 18)
[ 1711.228004][    T8] usb 7-1: invalid descriptor for config index 0: type = 0x2, length = 120
[ 1711.236651][    T8] usb 7-1: can't read configurations, error -22
[ 1711.247982][    T8] usb usb7-port1: attempt power cycle
[ 1711.619884][    T8] usb 7-1: new high-speed USB device number 45 using dummy_hcd
[ 1711.671502][    T8] usb 7-1: Using ep0 maxpacket: 8
[ 1711.679079][    T8] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1711.703048][    T8] usb 7-1: config index 0 descriptor too short (expected 49, got 18)
[ 1711.712045][    T8] usb 7-1: invalid descriptor for config index 0: type = 0x2, length = 120
[ 1711.728417][    T8] usb 7-1: can't read configurations, error -22
[ 1711.857927][    T8] usb 7-1: new high-speed USB device number 46 using dummy_hcd
[ 1711.900756][    T8] usb 7-1: Using ep0 maxpacket: 8
[ 1711.913756][    T8] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1711.926809][    T8] usb 7-1: config index 0 descriptor too short (expected 49, got 18)
[ 1711.945100][    T8] usb 7-1: invalid descriptor for config index 0: type = 0x2, length = 120
[ 1711.985029][    T8] usb 7-1: can't read configurations, error -22
[ 1712.003872][T23512] 9pnet_virtio: no channels available for device syz
[ 1712.028202][    T8] usb usb7-port1: unable to enumerate USB device
[ 1712.250995][T23512] netlink: 'syz.3.4331': attribute type 4 has an invalid length.
[ 1712.554290][T23520] FAULT_INJECTION: forcing a failure.
[ 1712.554290][T23520] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1712.568443][T23520] CPU: 0 UID: 0 PID: 23520 Comm: syz.2.4333 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1712.579220][T23520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1712.589261][T23520] Call Trace:
[ 1712.592522][T23520]  <TASK>
[ 1712.595440][T23520]  dump_stack_lvl+0x16c/0x1f0
[ 1712.600106][T23520]  should_fail_ex+0x497/0x5b0
[ 1712.604774][T23520]  _copy_from_user+0x2e/0xd0
[ 1712.609354][T23520]  io_sync_cancel+0x16e/0x6c0
[ 1712.614019][T23520]  ? __pfx_io_sync_cancel+0x10/0x10
[ 1712.619200][T23520]  ? __pfx_lock_release+0x10/0x10
[ 1712.624210][T23520]  ? __pfx___lock_acquire+0x10/0x10
[ 1712.629402][T23520]  ? __lock_acquire+0xcc5/0x3c40
[ 1712.634323][T23520]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1712.640377][T23520]  ? lock_acquire.part.0+0x11b/0x380
[ 1712.645659][T23520]  ? __mutex_trylock_common+0xea/0x250
[ 1712.651106][T23520]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1712.656991][T23520]  __io_uring_register+0x3a6/0x2290
[ 1712.662179][T23520]  ? trace_contention_end+0xee/0x140
[ 1712.667453][T23520]  ? __pfx___io_uring_register+0x10/0x10
[ 1712.673091][T23520]  ? __mutex_lock+0x1cc/0xa60
[ 1712.677761][T23520]  ? __fget_files+0x1fc/0x3a0
[ 1712.682423][T23520]  ? __x64_sys_io_uring_register+0x168/0x2b0
[ 1712.688388][T23520]  ? __pfx_lock_release+0x10/0x10
[ 1712.693398][T23520]  ? __pfx___mutex_lock+0x10/0x10
[ 1712.698410][T23520]  ? __fget_files+0x40/0x3a0
[ 1712.702984][T23520]  ? __fget_files+0x206/0x3a0
[ 1712.707658][T23520]  __x64_sys_io_uring_register+0x17a/0x2b0
[ 1712.713462][T23520]  do_syscall_64+0xcd/0x250
[ 1712.717954][T23520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1712.723831][T23520] RIP: 0033:0x7f329157ff19
[ 1712.728229][T23520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1712.747829][T23520] RSP: 002b:00007f329243a058 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[ 1712.756225][T23520] RAX: ffffffffffffffda RBX: 00007f3291745fa0 RCX: 00007f329157ff19
[ 1712.764203][T23520] RDX: 0000000020000000 RSI: 0000000000000018 RDI: 0000000000000003
[ 1712.772159][T23520] RBP: 00007f329243a0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1712.780113][T23520] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1712.788066][T23520] R13: 0000000000000000 R14: 00007f3291745fa0 R15: 00007ffe15450088
[ 1712.796026][T23520]  </TASK>
[ 1715.047922][T22233] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[ 1715.177315][T23553] lo speed is unknown, defaulting to 1000
[ 1715.355590][T23556] rdma_op ffff88806c49a9f0 conn xmit_rdma 0000000000000000
[ 1715.757018][T22233] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1715.760730][T23558] FAULT_INJECTION: forcing a failure.
[ 1715.760730][T23558] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1715.779201][T22233] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 4633, setting to 1024
[ 1715.779237][T22233] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[ 1715.808819][T22233] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1715.849714][T23558] CPU: 0 UID: 0 PID: 23558 Comm: syz.1.4344 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1715.860509][T23558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1715.870570][T23558] Call Trace:
[ 1715.873861][T23558]  <TASK>
[ 1715.876795][T23558]  dump_stack_lvl+0x16c/0x1f0
[ 1715.881483][T23558]  should_fail_ex+0x497/0x5b0
[ 1715.886214][T23558]  _copy_to_user+0x32/0xd0
[ 1715.890641][T23558]  simple_read_from_buffer+0xd0/0x160
[ 1715.896025][T23558]  proc_fail_nth_read+0x198/0x270
[ 1715.901057][T23558]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1715.906615][T23558]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1715.912163][T23558]  vfs_read+0x1df/0xbe0
[ 1715.916318][T23558]  ? __fget_files+0x1fc/0x3a0
[ 1715.920999][T23558]  ? __pfx___mutex_lock+0x10/0x10
[ 1715.926024][T23558]  ? __pfx_vfs_read+0x10/0x10
[ 1715.930702][T23558]  ? __fget_files+0x206/0x3a0
[ 1715.935380][T23558]  ksys_read+0x12b/0x250
[ 1715.939619][T23558]  ? __pfx_ksys_read+0x10/0x10
[ 1715.944385][T23558]  do_syscall_64+0xcd/0x250
[ 1715.948890][T23558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1715.954786][T23558] RIP: 0033:0x7f1194f7e92c
[ 1715.959196][T23558] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1715.978797][T23558] RSP: 002b:00007f1195cab050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1715.987205][T23558] RAX: ffffffffffffffda RBX: 00007f1195145fa0 RCX: 00007f1194f7e92c
[ 1715.995171][T23558] RDX: 000000000000000f RSI: 00007f1195cab0b0 RDI: 0000000000000003
[ 1716.003136][T23558] RBP: 00007f1195cab0a0 R08: 0000000000000000 R09: 0000000000000000
[ 1716.011103][T23558] R10: 0000000020003000 R11: 0000000000000246 R12: 0000000000000001
[ 1716.019070][T23558] R13: 0000000000000000 R14: 00007f1195145fa0 R15: 00007ffef3d9d268
[ 1716.027050][T23558]  </TASK>
[ 1716.037512][T22233] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1716.052982][T22233] usb 3-1: Manufacturer: syz
[ 1716.079352][T22233] usb 3-1: config 0 descriptor??
[ 1716.097923][T22233] usb 3-1: can't set config #0, error -71
[ 1716.109019][T22233] usb 3-1: USB disconnect, device number 118
[ 1716.297597][ T5869] usb 5-1: new high-speed USB device number 116 using dummy_hcd
[ 1716.335138][T23567] kernel read not supported for file /policy (pid: 23567 comm: syz.2.4348)
[ 1716.348108][   T29] audit: type=1400 audit(2000000040.602:1451): avc:  denied  { module_load } for  pid=23566 comm="syz.2.4348" path="/selinux/policy" dev="selinuxfs" ino=20 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=system permissive=1
[ 1716.447734][ T5869] usb 5-1: Using ep0 maxpacket: 16
[ 1716.456565][ T5869] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1716.466075][ T5869] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1716.486087][ T5869] usb 5-1: Product: syz
[ 1716.490506][ T5869] usb 5-1: Manufacturer: syz
[ 1716.495114][ T5869] usb 5-1: SerialNumber: syz
[ 1716.518414][ T5869] usb 5-1: config 0 descriptor??
[ 1716.758327][    T8] usb 5-1: USB disconnect, device number 116
[ 1716.980107][T23577] x_tables: duplicate underflow at hook 3
[ 1717.794392][   T29] audit: type=1400 audit(2000000000.890:1452): avc:  denied  { shutdown } for  pid=23584 comm="syz.4.4354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 1717.811010][T22845] Bluetooth: hci0: command tx timeout
[ 1717.843913][T23587] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4354'.
[ 1717.964383][T23590] lo speed is unknown, defaulting to 1000
[ 1718.925909][T23605] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4360'.
[ 1718.936903][T23605] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4360'.
[ 1718.947538][ T5869] usb 7-1: new full-speed USB device number 47 using dummy_hcd
[ 1719.149066][ T5869] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1719.160323][ T5869] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[ 1719.217455][ T5869] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 13155, setting to 64
[ 1719.268492][ T5869] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1719.327033][ T5869] usb 7-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[ 1719.336673][ T5869] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1719.376459][ T5869] usb 7-1: Product: syz
[ 1719.386587][ T5869] usb 7-1: Manufacturer: syz
[ 1719.393116][ T5869] usb 7-1: SerialNumber: syz
[ 1719.404965][ T5869] usb 7-1: config 0 descriptor??
[ 1719.416409][T23604] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1719.617525][ T5869] rc_core: IR keymap rc-imon-rsc not found
[ 1719.636225][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.652647][   T29] audit: type=1400 audit(2000000002.730:1453): avc:  denied  { read write } for  pid=23600 comm="syz.6.4359" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1719.687753][ T5869] Registered IR keymap rc-empty
[ 1719.693135][ T5869] rc rc0: iMON Station as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0
[ 1719.702820][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.726959][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.746353][   T29] audit: type=1400 audit(2000000002.730:1454): avc:  denied  { open } for  pid=23600 comm="syz.6.4359" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 1719.750504][ T5869] input: iMON Station as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input54
[ 1719.797566][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.817364][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.839663][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.877368][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.890818][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.910048][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.935533][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.965705][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1719.990753][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.012367][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.043581][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.059770][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.087680][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.105499][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.162811][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.197519][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.217967][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.237420][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.262298][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.278164][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.545324][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.553624][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.561945][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.569460][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.576916][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.584471][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.592005][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.599525][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.606995][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.614802][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.625448][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.633466][T13127] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[ 1720.657567][T13127] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID vffffff.ff Device [syz0] on syz0
[ 1720.743667][    T8] usb 7-1: USB disconnect, device number 47
[ 1724.189776][   T29] audit: type=1400 audit(2000000001.710:1455): avc:  denied  { name_bind } for  pid=23640 comm="syz.6.4370" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[ 1724.279582][T23652] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1728.382946][T23697] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4385'.
[ 1728.643281][   T29] audit: type=1400 audit(2000000000.280:1456): avc:  denied  { read } for  pid=23699 comm="syz.2.4386" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1728.676123][   T29] audit: type=1400 audit(2000000000.280:1457): avc:  denied  { open } for  pid=23699 comm="syz.2.4386" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1728.685232][T23700] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[ 1728.706322][T23700] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1728.736508][   T29] audit: type=1400 audit(2000000000.280:1458): avc:  denied  { ioctl } for  pid=23699 comm="syz.2.4386" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x9378 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 1728.758726][T23700] vhci_hcd vhci_hcd.0: Device attached
[ 1729.026918][    T8] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[ 1729.650876][ T5822] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[ 1730.149965][ T1291] ieee802154 phy1 wpan1: encryption failed: -22
[ 1730.164988][   T29] audit: type=1400 audit(2000000001.750:1459): avc:  denied  { getopt } for  pid=23717 comm="syz.1.4389" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 1730.807308][ T5822] usb 3-1: Using ep0 maxpacket: 8
[ 1730.817094][ T5822] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1730.826752][ T5822] usb 3-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.40
[ 1730.845476][ T5822] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1730.863154][ T5822] usb 3-1: Product: syz
[ 1730.895752][ T5822] usb 3-1: Manufacturer: syz
[ 1730.926378][ T5822] usb 3-1: SerialNumber: syz
[ 1731.394055][ T5822] usbhid 3-1:1.0: can't add hid device: -71
[ 1731.411169][T23702] vhci_hcd: connection reset by peer
[ 1731.446759][ T8258] vhci_hcd: stop threads
[ 1731.451045][ T8258] vhci_hcd: release socket
[ 1731.455590][ T8258] vhci_hcd: disconnect device
[ 1731.471436][ T5822] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[ 1731.488073][ T5822] usb 3-1: USB disconnect, device number 119
[ 1731.884225][T23741] tipc: Started in network mode
[ 1731.889764][T23741] tipc: Node identity fffffffe, cluster identity 4711
[ 1731.896970][T23741] tipc: Node number set to 4294967294
[ 1732.140739][   T29] audit: type=1400 audit(2000000003.520:1460): avc:  denied  { bind } for  pid=23740 comm="syz.6.4396" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 1732.408440][T23748] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4397'.
[ 1733.998106][T23771] nbd: must specify a device to reconfigure
[ 1734.160250][T23776] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4407'.
[ 1734.455131][T23783] FAULT_INJECTION: forcing a failure.
[ 1734.455131][T23783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1734.504683][T23783] CPU: 0 UID: 0 PID: 23783 Comm: syz.6.4408 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1734.515490][T23783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1734.525538][T23783] Call Trace:
[ 1734.528807][T23783]  <TASK>
[ 1734.531727][T23783]  dump_stack_lvl+0x16c/0x1f0
[ 1734.536403][T23783]  should_fail_ex+0x497/0x5b0
[ 1734.541088][T23783]  _copy_to_user+0x32/0xd0
[ 1734.545502][T23783]  simple_read_from_buffer+0xd0/0x160
[ 1734.550875][T23783]  proc_fail_nth_read+0x198/0x270
[ 1734.555895][T23783]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1734.561440][T23783]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1734.566983][T23783]  vfs_read+0x1df/0xbe0
[ 1734.571129][T23783]  ? __fget_files+0x1fc/0x3a0
[ 1734.575794][T23783]  ? __pfx___mutex_lock+0x10/0x10
[ 1734.580811][T23783]  ? __pfx_vfs_read+0x10/0x10
[ 1734.585485][T23783]  ? __fget_files+0x206/0x3a0
[ 1734.590159][T23783]  ksys_read+0x12b/0x250
[ 1734.594395][T23783]  ? __pfx_ksys_read+0x10/0x10
[ 1734.599156][T23783]  do_syscall_64+0xcd/0x250
[ 1734.603659][T23783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1734.609543][T23783] RIP: 0033:0x7f4d0637e92c
[ 1734.613945][T23783] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1734.633540][T23783] RSP: 002b:00007f4d07101050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1734.641941][T23783] RAX: ffffffffffffffda RBX: 00007f4d06546080 RCX: 00007f4d0637e92c
[ 1734.649899][T23783] RDX: 000000000000000f RSI: 00007f4d071010b0 RDI: 0000000000000003
[ 1734.657861][T23783] RBP: 00007f4d071010a0 R08: 0000000000000000 R09: 0000000000000000
[ 1734.665818][T23783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1734.673774][T23783] R13: 0000000000000001 R14: 00007f4d06546080 R15: 00007fff0d390a58
[ 1734.681743][T23783]  </TASK>
[ 1734.684764][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1734.856511][    T8] vhci_hcd: vhci_device speed not set
[ 1736.209459][T23812] batadv1: entered promiscuous mode
[ 1736.250487][T23812] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1737.055063][T23816] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4416'.
[ 1737.186382][    T8] usb 5-1: new high-speed USB device number 117 using dummy_hcd
[ 1737.337994][    T8] usb 5-1: config 0 has an invalid interface number: 100 but max is 0
[ 1737.346735][    T8] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1737.376314][    T8] usb 5-1: config 0 has no interface number 0
[ 1737.387016][    T8] usb 5-1: config 0 interface 100 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1737.398653][    T8] usb 5-1: config 0 interface 100 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1737.419928][T23825] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4420'.
[ 1737.420209][    T8] usb 5-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=3c.ad
[ 1737.456370][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1737.470217][    T8] usb 5-1: Product: syz
[ 1737.474467][    T8] usb 5-1: Manufacturer: syz
[ 1737.485499][    T8] usb 5-1: SerialNumber: syz
[ 1737.492315][    T8] usb 5-1: config 0 descriptor??
[ 1737.497480][ T5872] usb 3-1: new high-speed USB device number 120 using dummy_hcd
[ 1737.508736][    T8] port100 5-1:0.100: NFC: Could not find bulk-in or bulk-out endpoint
[ 1737.793551][T23809] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1737.803368][T23809] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1738.258014][ T5822] usb 7-1: new high-speed USB device number 48 using dummy_hcd
[ 1738.267298][    T8] usb 5-1: USB disconnect, device number 117
[ 1738.287104][ T5872] usb 3-1: Using ep0 maxpacket: 8
[ 1738.293603][ T5872] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1738.304853][ T5872] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1738.357952][ T5872] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1738.382944][ T5872] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1738.397157][ T5872] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1738.406540][ T5872] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1739.138697][ T5822] usb 7-1: Using ep0 maxpacket: 32
[ 1739.812397][ T5872] usb 3-1: GET_CAPABILITIES returned 0
[ 1739.818185][ T5822] usb 7-1: config 0 has an invalid interface number: 67 but max is 0
[ 1739.826825][ T5872] usbtmc 3-1:16.0: can't read capabilities
[ 1739.833152][ T5822] usb 7-1: config 0 has no interface number 0
[ 1740.740391][T23844] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1740.769527][ T5822] usb 7-1: New USB device found, idVendor=0424, idProduct=98f0, bcdDevice=c2.57
[ 1740.776415][T23844] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1740.779414][ T5822] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1740.813552][ T5822] usb 7-1: Product: syz
[ 1740.818051][ T5822] usb 7-1: Manufacturer: syz
[ 1740.822665][ T5822] usb 7-1: SerialNumber: syz
[ 1740.830653][ T5822] usb 7-1: config 0 descriptor??
[ 1740.927939][   T29] audit: type=1400 audit(2000000012.550:1461): avc:  denied  { watch watch_reads } for  pid=23856 comm="syz.4.4428" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="tmpfs" ino=736 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 1741.301112][T23874] binder: 23865:23874 ioctl 4018620d 0 returned -22
[ 1742.594627][ T5869] usb 3-1: USB disconnect, device number 120
[ 1742.663823][T13127] usb 7-1: USB disconnect, device number 48
[ 1745.195972][T23911] binder: 23908:23911 ioctl 4018620d 0 returned -22
[ 1745.370337][   T29] audit: type=1400 audit(2000000017.010:1462): avc:  denied  { setopt } for  pid=23884 comm="syz.3.4434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1747.476279][T23928] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6)
[ 1747.482833][T23928] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1747.490711][T23928] vhci_hcd vhci_hcd.0: Device attached
[ 1747.694579][   T29] audit: type=1400 audit(2000000019.331:1463): avc:  denied  { ioctl } for  pid=23942 comm="syz.4.4449" path="socket:[79402]" dev="sockfs" ino=79402 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 1747.717296][T23945] fuse: Bad value for 'user_id'
[ 1747.720370][T13127] vhci_hcd: vhci_device speed not set
[ 1747.724299][T23945] fuse: Bad value for 'user_id'
[ 1747.744004][   T29] audit: type=1400 audit(2000000019.381:1464): avc:  denied  { read } for  pid=23929 comm="syz.3.4445" path="socket:[78515]" dev="sockfs" ino=78515 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1747.768805][   T29] audit: type=1400 audit(2000000019.381:1465): avc:  denied  { watch_reads } for  pid=23944 comm="syz.2.4448" path="/301" dev="tmpfs" ino=1648 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[ 1747.799977][T13127] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[ 1748.465141][T23954] tipc: Started in network mode
[ 1748.470907][T23954] tipc: Node identity aaaaaaaaaa32, cluster identity 4711
[ 1748.478773][T23954] tipc: Enabled bearer <eth:vlan0>, priority 10
[ 1748.485271][T23954] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=53 sclass=netlink_route_socket pid=23954 comm=syz.3.4452
[ 1748.532636][T23955] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=53 sclass=netlink_route_socket pid=23955 comm=syz.3.4452
[ 1748.641485][T23958] FAULT_INJECTION: forcing a failure.
[ 1748.641485][T23958] name failslab, interval 1, probability 0, space 0, times 0
[ 1748.645217][T23960] netlink: 68 bytes leftover after parsing attributes in process `syz.3.4454'.
[ 1748.654554][T23958] CPU: 0 UID: 0 PID: 23958 Comm: syz.4.4453 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1748.673867][T23958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1748.683938][T23958] Call Trace:
[ 1748.687229][T23958]  <TASK>
[ 1748.690167][T23958]  dump_stack_lvl+0x16c/0x1f0
[ 1748.694863][T23958]  should_fail_ex+0x497/0x5b0
[ 1748.699558][T23958]  ? fs_reclaim_acquire+0xae/0x150
[ 1748.704692][T23958]  should_failslab+0xc2/0x120
[ 1748.709382][T23958]  __kmalloc_noprof+0xcb/0x510
[ 1748.714163][T23958]  ? rcu_is_watching+0x12/0xc0
[ 1748.718948][T23958]  tomoyo_encode2+0x100/0x3e0
[ 1748.723651][T23958]  tomoyo_encode+0x29/0x50
[ 1748.728088][T23958]  tomoyo_realpath_from_path+0x19d/0x720
[ 1748.733734][T23958]  ? tomoyo_path_number_perm+0x235/0x590
[ 1748.739375][T23958]  tomoyo_path_number_perm+0x248/0x590
[ 1748.744838][T23958]  ? tomoyo_path_number_perm+0x235/0x590
[ 1748.750480][T23958]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1748.756502][T23958]  ? __pfx_lock_release+0x10/0x10
[ 1748.761541][T23958]  ? trace_lock_acquire+0x14e/0x1f0
[ 1748.766759][T23958]  ? lock_acquire+0x2f/0xb0
[ 1748.771272][T23958]  ? __fget_files+0x40/0x3a0
[ 1748.775876][T23958]  ? __fget_files+0x206/0x3a0
[ 1748.780571][T23958]  security_file_ioctl+0x9b/0x240
[ 1748.785612][T23958]  __x64_sys_ioctl+0xb7/0x200
[ 1748.790308][T23958]  do_syscall_64+0xcd/0x250
[ 1748.794823][T23958]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1748.800735][T23958] RIP: 0033:0x7f0b86f7ff19
[ 1748.805160][T23958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1748.824785][T23958] RSP: 002b:00007f0b86df9058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1748.833218][T23958] RAX: ffffffffffffffda RBX: 00007f0b87145fa0 RCX: 00007f0b86f7ff19
[ 1748.841196][T23958] RDX: 0000000020000580 RSI: 0000000000008947 RDI: 0000000000000003
[ 1748.849175][T23958] RBP: 00007f0b86df90a0 R08: 0000000000000000 R09: 0000000000000000
[ 1748.857157][T23958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1748.865137][T23958] R13: 0000000000000000 R14: 00007f0b87145fa0 R15: 00007ffc810d2b78
[ 1748.873139][T23958]  </TASK>
[ 1748.895032][T23958] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1749.990330][ T5822] tipc: Node number set to 10005162
[ 1750.264474][T23930] vhci_hcd: connection reset by peer
[ 1750.289861][ T8222] vhci_hcd: stop threads
[ 1750.294143][ T8222] vhci_hcd: release socket
[ 1750.347210][ T8222] vhci_hcd: disconnect device
[ 1751.050525][   T29] audit: type=1326 audit(2000000022.691:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23980 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1194f7ff19 code=0x7ffc0000
[ 1751.117452][ T1849] Bluetooth: (null): Invalid header checksum
[ 1751.135996][ T1849] Bluetooth: (null): Invalid header checksum
[ 1751.247415][T23988] lo speed is unknown, defaulting to 1000
[ 1751.251221][ T8258] Bluetooth: (null): Invalid header checksum
[ 1751.273815][   T29] audit: type=1326 audit(2000000022.861:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23980 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1194f7ff19 code=0x7ffc0000
[ 1751.344105][ T3478] Bluetooth: (null): Invalid header checksum
[ 1751.462169][ T8258] Bluetooth: (null): Invalid header checksum
[ 1751.476355][   T29] audit: type=1326 audit(2000000022.901:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23980 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f1194f7ff19 code=0x7ffc0000
[ 1751.525654][   T29] audit: type=1326 audit(2000000022.901:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23980 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1194f7ff19 code=0x7ffc0000
[ 1751.543066][T24000] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4465'.
[ 1751.593274][ T3558] Bluetooth: (null): Invalid header checksum
[ 1751.602064][   T29] audit: type=1326 audit(2000000022.901:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23980 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1194f7ff19 code=0x7ffc0000
[ 1751.630023][   T29] audit: type=1326 audit(2000000022.911:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23980 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1194f7ff19 code=0x7ffc0000
[ 1751.660071][   T29] audit: type=1326 audit(2000000022.911:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23980 comm="syz.1.4461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1194f7ff19 code=0x7ffc0000
[ 1753.431587][T13127] vhci_hcd: vhci_device speed not set
[ 1754.420595][   T29] kauditd_printk_skb: 5 callbacks suppressed
[ 1754.420612][   T29] audit: type=1400 audit(2000000002.360:1478): avc:  denied  { bind } for  pid=24023 comm="syz.4.4472" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[ 1756.132805][T24046] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4477'.
[ 1756.675396][T13127] usb 3-1: new high-speed USB device number 121 using dummy_hcd
[ 1756.882787][T13127] usb 3-1: config 0 has an invalid interface number: 244 but max is 0
[ 1756.891925][T13127] usb 3-1: config 0 has no interface number 0
[ 1756.977032][T13127] usb 3-1: New USB device found, idVendor=2040, idProduct=c010, bcdDevice=37.94
[ 1757.073774][T13127] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1757.217527][T13127] usb 3-1: config 0 descriptor??
[ 1757.225030][T13127] smsusb:smsusb_probe: board id=8, interface number 244
[ 1758.403418][T23839] usb 3-1: USB disconnect, device number 121
[ 1758.553963][T24052] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1758.589648][T24052] netlink: 'syz.1.4479': attribute type 9 has an invalid length.
[ 1758.597657][T24052] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4479'.
[ 1758.675166][ T5822] usb 7-1: new full-speed USB device number 49 using dummy_hcd
[ 1758.851960][ T5822] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1758.865731][ T5822] usb 7-1: not running at top speed; connect to a high speed hub
[ 1758.884918][ T5822] usb 7-1: config 7 has an invalid interface number: 58 but max is 0
[ 1758.895101][ T5822] usb 7-1: config 7 has no interface number 0
[ 1758.901209][ T5822] usb 7-1: config 7 interface 58 has no altsetting 0
[ 1759.826236][ T5822] usb 7-1: New USB device found, idVendor=07ca, idProduct=a807, bcdDevice=19.2c
[ 1759.845285][ T5822] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1759.853334][ T5822] usb 7-1: Product: syz
[ 1760.185543][ T5869] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 1760.407796][ T5822] usb 7-1: Manufacturer: syz
[ 1760.412414][ T5822] usb 7-1: SerialNumber: syz
[ 1760.432560][   T29] audit: type=1400 audit(2000000009.150:1479): avc:  denied  { setopt } for  pid=24084 comm="syz.3.4488" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1760.726745][ T5869] usb 3-1: config 0 has an invalid interface number: 100 but max is 0
[ 1760.758765][ T5869] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1760.929187][   T29] audit: type=1400 audit(2000000009.630:1480): avc:  denied  { setopt } for  pid=24072 comm="syz.6.4484" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[ 1761.288235][ T5869] usb 3-1: config 0 has no interface number 0
[ 1761.294459][ T5869] usb 3-1: config 0 interface 100 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1761.305602][ T5869] usb 3-1: config 0 interface 100 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1761.376092][ T5869] usb 3-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=3c.ad
[ 1761.454986][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1761.463016][ T5869] usb 3-1: Product: syz
[ 1761.468010][ T5869] usb 3-1: Manufacturer: syz
[ 1761.472630][ T5869] usb 3-1: SerialNumber: syz
[ 1761.486431][ T5869] usb 3-1: config 0 descriptor??
[ 1761.492743][ T5869] port100 3-1:0.100: NFC: Could not find bulk-in or bulk-out endpoint
[ 1761.975807][T24083] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1761.985008][T24083] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1762.773539][ T5822] dvb-usb: found a 'AVerMedia AVerTV DVB-T Volar' in cold state, will try to load a firmware
[ 1762.961617][ T5822] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1762.970013][ T5822] dib0700: firmware download failed at 7 with -22
[ 1762.976811][T24113] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4494'.
[ 1762.976880][T24113] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1762.976927][T24113] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1763.006990][ T5822] usb 7-1: USB disconnect, device number 49
[ 1763.066897][ T5869] usb 3-1: USB disconnect, device number 122
[ 1763.106257][T24113] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1763.113724][T24113] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1763.776439][T24114] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4494'.
[ 1764.718666][T24140] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4503'.
[ 1765.123914][T22845] Bluetooth: hci4: unexpected event for opcode 0x0c7a
[ 1765.954932][T24149] netlink: 'syz.6.4500': attribute type 1 has an invalid length.
[ 1765.962748][T24149] netlink: 'syz.6.4500': attribute type 3 has an invalid length.
[ 1765.970556][T24149] netlink: 224 bytes leftover after parsing attributes in process `syz.6.4500'.
[ 1767.019288][T24156] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4505'.
[ 1767.130172][T24156] 9pnet_fd: Insufficient options for proto=fd
[ 1768.271271][T24168] binder: 24164:24168 ioctl c0306201 0 returned -14
[ 1874.448574][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1874.455570][    C0] rcu: 	1-...!: (1 GPs behind) idle=2784/0/0x1 softirq=92356/92373 fqs=0
[ 1874.465825][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P21085/1:b..l P24180/1:b..l
[ 1874.475080][    C0] rcu: 	(detected by 0, t=10505 jiffies, g=97141, q=381 ncpus=2)
[ 1874.482807][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1874.482837][    C1] NMI backtrace for cpu 1
[ 1874.482849][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1874.482872][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1874.482885][    C1] RIP: 0010:write_comp_data+0x8b/0x90
[ 1874.482915][    C1] Code: 00 00 4a 8d 34 dd 28 00 00 00 48 39 f2 72 1b 48 83 c7 01 48 89 38 4c 89 44 30 e0 4c 89 4c 30 e8 4c 89 54 30 f0 4a 89 4c d8 20 <c3> cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3
[ 1874.482934][    C1] RSP: 0018:ffffc90000a18e28 EFLAGS: 00000046
[ 1874.482950][    C1] RAX: 0000000000010002 RBX: 1d9e43bb8480dc1e RCX: ffffffff81873815
[ 1874.482963][    C1] RDX: ffff88801d684880 RSI: 1bc97e5d18000000 RDI: 0000000000000006
[ 1874.482977][    C1] RBP: 1bc97e5d18000000 R08: 0000000000000006 R09: 1bc97e5d18000000
[ 1874.482991][    C1] R10: 1d9e43bb8480dc1e R11: 0000000000000001 R12: ffff88806da80340
[ 1874.483004][    C1] R13: ffff8880b872cb00 R14: ffff8880b872ca00 R15: ffffffff8940d9b0
[ 1874.483018][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1874.483038][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1874.483053][    C1] CR2: 00007f4d07100fb8 CR3: 0000000034d2a000 CR4: 00000000003526f0
[ 1874.483067][    C1] DR0: 0000000000000000 DR1: 0000000000000400 DR2: 0000000000000000
[ 1874.483079][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1874.483092][    C1] Call Trace:
[ 1874.483099][    C1]  <NMI>
[ 1874.483110][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[ 1874.483143][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1874.483162][    C1]  ? nmi_handle+0x1ac/0x5d0
[ 1874.483183][    C1]  ? write_comp_data+0x8b/0x90
[ 1874.483205][    C1]  ? default_do_nmi+0x6a/0x160
[ 1874.483233][    C1]  ? exc_nmi+0x170/0x1e0
[ 1874.483259][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1874.483283][    C1]  ? __pfx_advance_sched+0x10/0x10
[ 1874.483305][    C1]  ? __hrtimer_run_queues+0x415/0xae0
[ 1874.483332][    C1]  ? write_comp_data+0x8b/0x90
[ 1874.483354][    C1]  ? write_comp_data+0x8b/0x90
[ 1874.483376][    C1]  ? write_comp_data+0x8b/0x90
[ 1874.483398][    C1]  </NMI>
[ 1874.483404][    C1]  <IRQ>
[ 1874.483410][    C1]  __hrtimer_run_queues+0x415/0xae0
[ 1874.483439][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1874.483465][    C1]  ? read_tsc+0x9/0x20
[ 1874.483493][    C1]  hrtimer_interrupt+0x392/0x8e0
[ 1874.483524][    C1]  __sysvec_apic_timer_interrupt+0x10f/0x400
[ 1874.483549][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1874.483571][    C1]  </IRQ>
[ 1874.483577][    C1]  <TASK>
[ 1874.483584][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1874.483614][    C1] RIP: 0010:acpi_safe_halt+0x1a/0x20
[ 1874.483640][    C1] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 65 48 8b 05 b8 d5 da 74 48 8b 00 a8 08 75 0c 66 90 0f 00 2d 48 67 b4 00 fb f4 <fa> c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1874.483657][    C1] RSP: 0018:ffffc900001a7d58 EFLAGS: 00000246
[ 1874.483672][    C1] RAX: 0000000000004000 RBX: 0000000000000001 RCX: ffffffff8b28e679
[ 1874.483684][    C1] RDX: 0000000000000001 RSI: ffff888020eb7000 RDI: ffff888020eb7064
[ 1874.483697][    C1] RBP: ffff888020eb7064 R08: 0000000000000001 R09: ffffed10170e6fed
[ 1874.483710][    C1] R10: ffff8880b8737f6b R11: 0000000000000000 R12: ffff888020f80000
[ 1874.483723][    C1] R13: ffffffff8ee14e20 R14: 0000000000000001 R15: 0000000000000000
[ 1874.483739][    C1]  ? ct_kernel_exit+0x139/0x190
[ 1874.483764][    C1]  acpi_idle_enter+0xc5/0x160
[ 1874.483790][    C1]  cpuidle_enter_state+0xaa/0x4f0
[ 1874.483814][    C1]  ? __pfx_tsc_verify_tsc_adjust+0x10/0x10
[ 1874.483835][    C1]  cpuidle_enter+0x4e/0xa0
[ 1874.483861][    C1]  do_idle+0x310/0x3f0
[ 1874.483881][    C1]  ? __pfx_do_idle+0x10/0x10
[ 1874.483904][    C1]  cpu_startup_entry+0x4f/0x60
[ 1874.483924][    C1]  start_secondary+0x222/0x2b0
[ 1874.483953][    C1]  ? __pfx_start_secondary+0x10/0x10
[ 1874.483983][    C1]  common_startup_64+0x13e/0x148
[ 1874.484013][    C1]  </TASK>
[ 1874.484831][    C0] task:syz.6.4510      state:R  running task     stack:28608 pid:24180 tgid:24177 ppid:17058  flags:0x00004000
[ 1874.876577][    C0] Call Trace:
[ 1874.879856][    C0]  <TASK>
[ 1874.882792][    C0]  __schedule+0xe58/0x5ad0
[ 1874.887243][    C0]  ? find_held_lock+0x2d/0x110
[ 1874.892022][    C0]  ? find_held_lock+0x2d/0x110
[ 1874.896812][    C0]  ? __pfx___schedule+0x10/0x10
[ 1874.901680][    C0]  ? preempt_schedule_thunk+0x1a/0x30
[ 1874.907061][    C0]  preempt_schedule_common+0x44/0xc0
[ 1874.912355][    C0]  preempt_schedule_thunk+0x1a/0x30
[ 1874.917564][    C0]  _raw_spin_unlock_irqrestore+0x61/0x80
[ 1874.923209][    C0]  timerfd_clock_was_set+0x164/0x310
[ 1874.928504][    C0]  clock_was_set+0x67c/0x850
[ 1874.933112][    C0]  ? __pfx_clock_was_set+0x10/0x10
[ 1874.938238][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1874.944050][    C0]  timekeeping_inject_offset+0x402/0x520
[ 1874.949688][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1874.954900][    C0]  ? __pfx_timekeeping_inject_offset+0x10/0x10
[ 1874.961063][    C0]  ? bpf_lsm_capable+0x9/0x10
[ 1874.965755][    C0]  ? security_capable+0x7e/0x260
[ 1874.970711][    C0]  do_adjtimex+0x369/0xaa0
[ 1874.975135][    C0]  ? __pfx_do_adjtimex+0x10/0x10
[ 1874.980081][    C0]  ? __might_fault+0x13b/0x190
[ 1874.984861][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[ 1874.990080][    C0]  ? __might_fault+0xe3/0x190
[ 1874.994775][    C0]  ? __pfx_posix_clock_realtime_adj+0x10/0x10
[ 1875.000848][    C0]  __do_sys_clock_adjtime+0x173/0x290
[ 1875.006228][    C0]  ? __pfx___do_sys_clock_adjtime+0x10/0x10
[ 1875.012140][    C0]  ? __pfx_do_futex+0x10/0x10
[ 1875.016841][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1875.021641][    C0]  do_syscall_64+0xcd/0x250
[ 1875.026172][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1875.032089][    C0] RIP: 0033:0x7f4d0637ff19
[ 1875.036516][    C0] RSP: 002b:00007f4d07101058 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[ 1875.044947][    C0] RAX: ffffffffffffffda RBX: 00007f4d06546080 RCX: 00007f4d0637ff19
[ 1875.052928][    C0] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000000
[ 1875.060902][    C0] RBP: 00007f4d063f3cc8 R08: 0000000000000000 R09: 0000000000000000
[ 1875.068877][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1875.076851][    C0] R13: 0000000000000000 R14: 00007f4d06546080 R15: 00007fff0d390a58
[ 1875.084841][    C0]  </TASK>
[ 1875.087862][    C0] task:syz-executor    state:R  running task     stack:23456 pid:21085 tgid:21085 ppid:21077  flags:0x00000000
[ 1875.099631][    C0] Call Trace:
[ 1875.102909][    C0]  <TASK>
[ 1875.105842][    C0]  __schedule+0xe58/0x5ad0
[ 1875.110270][    C0]  ? mark_lock+0x70/0xc60
[ 1875.114618][    C0]  ? __pfx___schedule+0x10/0x10
[ 1875.119475][    C0]  ? find_held_lock+0x2d/0x110
[ 1875.124264][    C0]  ? preempt_schedule_thunk+0x1a/0x30
[ 1875.129643][    C0]  preempt_schedule_common+0x44/0xc0
[ 1875.134937][    C0]  preempt_schedule_thunk+0x1a/0x30
[ 1875.140146][    C0]  _raw_spin_unlock+0x3e/0x50
[ 1875.144826][    C0]  copy_page_range+0x1e15/0x57d0
[ 1875.149818][    C0]  ? __pfx_copy_page_range+0x10/0x10
[ 1875.155120][    C0]  ? find_held_lock+0x2d/0x110
[ 1875.159906][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1875.164942][    C0]  ? lock_acquire+0x2f/0xb0
[ 1875.169458][    C0]  ? copy_process+0x7dc5/0x8df0
[ 1875.174334][    C0]  ? down_write+0x14e/0x200
[ 1875.178878][    C0]  ? up_write+0x1b2/0x520
[ 1875.183228][    C0]  copy_process+0x7e77/0x8df0
[ 1875.187917][    C0]  ? hlock_class+0x4e/0x130
[ 1875.192454][    C0]  ? __pfx_copy_process+0x10/0x10
[ 1875.197517][    C0]  kernel_clone+0xfd/0x960
[ 1875.201949][    C0]  ? __pfx_kernel_clone+0x10/0x10
[ 1875.206995][    C0]  ? find_held_lock+0x59/0x110
[ 1875.211770][    C0]  ? find_held_lock+0x2d/0x110
[ 1875.216550][    C0]  __do_sys_clone+0xba/0x100
[ 1875.221153][    C0]  ? __pfx___do_sys_clone+0x10/0x10
[ 1875.226380][    C0]  ? do_user_addr_fault+0x83d/0x13f0
[ 1875.231677][    C0]  do_syscall_64+0xcd/0x250
[ 1875.236207][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1875.242110][    C0] RIP: 0033:0x7f4911f76793
[ 1875.246527][    C0] RSP: 002b:00007fff07f37d88 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1875.255033][    C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4911f76793
[ 1875.263006][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1875.270981][    C0] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[ 1875.278962][    C0] R10: 00005555921507d0 R11: 0000000000000246 R12: 0000000000000000
[ 1875.286940][    C0] R13: 00000000001afec8 R14: 00000000001afaaa R15: 00007fff07f37f10
[ 1875.294932][    C0]  </TASK>
[ 1875.297954][    C0] rcu: rcu_preempt kthread starved for 10505 jiffies! g97141 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1875.309149][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1875.319114][    C0] rcu: RCU grace-period kthread stack dump:
[ 1875.324997][    C0] task:rcu_preempt     state:R  running task     stack:26016 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 1875.336770][    C0] Call Trace:
[ 1875.340046][    C0]  <TASK>
[ 1875.342982][    C0]  __schedule+0xe58/0x5ad0
[ 1875.347408][    C0]  ? __pfx___lock_acquire+0x10/0x10
[ 1875.352628][    C0]  ? __pfx___schedule+0x10/0x10
[ 1875.357487][    C0]  ? schedule+0x298/0x350
[ 1875.361821][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1875.366857][    C0]  ? lock_acquire+0x2f/0xb0
[ 1875.371374][    C0]  ? schedule+0x1fd/0x350
[ 1875.375712][    C0]  schedule+0xe7/0x350
[ 1875.379786][    C0]  schedule_timeout+0x124/0x280
[ 1875.384652][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1875.390040][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1875.395350][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1875.401165][    C0]  ? prepare_to_swait_event+0xf3/0x470
[ 1875.406636][    C0]  rcu_gp_fqs_loop+0x1eb/0xb00
[ 1875.411411][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1875.416702][    C0]  ? rcu_gp_init+0xc82/0x1630
[ 1875.421392][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1875.426602][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1875.432439][    C0]  rcu_gp_kthread+0x271/0x380
[ 1875.437160][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1875.442390][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1875.447607][    C0]  ? __kthread_parkme+0x148/0x220
[ 1875.452652][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1875.457859][    C0]  kthread+0x2c1/0x3a0
[ 1875.461939][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1875.467145][    C0]  ? __pfx_kthread+0x10/0x10
[ 1875.471750][    C0]  ret_from_fork+0x45/0x80
[ 1875.476173][    C0]  ? __pfx_kthread+0x10/0x10
[ 1875.480777][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1875.485585][    C0]  </TASK>
[ 1875.488615][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1875.494942][    C0] CPU: 0 UID: 0 PID: 3010 Comm: kworker/u8:7 Not tainted 6.13.0-rc2-syzkaller-00031-gf92f4749861b #0
[ 1875.505798][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1875.515861][    C0] Workqueue: events_unbound toggle_allocation_gate
[ 1875.522381][    C0] RIP: 0010:smp_call_function_many_cond+0x451/0x1300
[ 1875.529073][    C0] Code: e5 01 89 ee e8 10 10 0c 00 85 ed 74 4d 48 b8 00 00 00 00 00 fc ff df 4d 89 f4 4c 89 f5 49 c1 ec 03 83 e5 07 49 01 c4 83 c5 03 <e8> aa 0d 0c 00 f3 90 41 0f b6 04 24 40 38 c5 7c 08 84 c0 0f 85 a7
[ 1875.548685][    C0] RSP: 0018:ffffc9000bd67998 EFLAGS: 00000202
[ 1875.554756][    C0] RAX: 0000000000000000 RBX: ffff8880b8744a40 RCX: ffffffff818df5fc
[ 1875.562729][    C0] RDX: ffff888030d7c880 RSI: 0000000000000000 RDI: 0000000000000005
[ 1875.570701][    C0] RBP: 0000000000000003 R08: 0000000000000005 R09: 0000000000000000
[ 1875.578672][    C0] R10: 0000000000000001 R11: 0000000000000006 R12: ffffed10170e8949
[ 1875.586645][    C0] R13: 0000000000000001 R14: ffff8880b8744a48 R15: ffff8880b863fe40
[ 1875.594630][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1875.603572][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1875.610169][    C0] CR2: 00007f49121163f8 CR3: 000000000df7e000 CR4: 00000000003526f0
[ 1875.618152][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1875.626130][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1875.634109][    C0] Call Trace:
[ 1875.637393][    C0]  <IRQ>
[ 1875.640242][    C0]  ? rcu_check_gp_kthread_starvation+0x31b/0x450
[ 1875.646587][    C0]  ? do_raw_spin_unlock+0x172/0x230
[ 1875.651797][    C0]  ? rcu_sched_clock_irq+0x247a/0x3310
[ 1875.657280][    C0]  ? timekeeping_advance+0x72e/0xa90
[ 1875.662573][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[ 1875.668218][    C0]  ? __asan_memcpy+0x3c/0x60
[ 1875.672823][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1875.677603][    C0]  ? update_process_times+0x178/0x2d0
[ 1875.682983][    C0]  ? __pfx_update_process_times+0x10/0x10
[ 1875.688711][    C0]  ? update_wall_time+0x1c/0x40
[ 1875.693570][    C0]  ? tick_nohz_handler+0x376/0x530
[ 1875.698697][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1875.704169][    C0]  ? __hrtimer_run_queues+0x5fb/0xae0
[ 1875.709561][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1875.715290][    C0]  ? read_tsc+0x9/0x20
[ 1875.719378][    C0]  ? hrtimer_interrupt+0x392/0x8e0
[ 1875.724520][    C0]  ? __sysvec_apic_timer_interrupt+0x10f/0x400
[ 1875.730684][    C0]  ? sysvec_apic_timer_interrupt+0x9f/0xc0
[ 1875.736505][    C0]  </IRQ>
[ 1875.739436][    C0]  <TASK>
[ 1875.742368][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1875.748539][    C0]  ? smp_call_function_many_cond+0x47c/0x1300
[ 1875.754619][    C0]  ? smp_call_function_many_cond+0x451/0x1300
[ 1875.760703][    C0]  ? smp_call_function_many_cond+0x47c/0x1300
[ 1875.766783][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 1875.771827][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 1875.776861][    C0]  on_each_cpu_cond_mask+0x40/0x90
[ 1875.781988][    C0]  text_poke_bp_batch+0x22b/0x760
[ 1875.787028][    C0]  ? __pfx_text_poke_bp_batch+0x10/0x10
[ 1875.792584][    C0]  ? __jump_label_patch+0x1db/0x400
[ 1875.797800][    C0]  ? arch_jump_label_transform_queue+0xc0/0x120
[ 1875.804062][    C0]  text_poke_finish+0x30/0x40
[ 1875.808750][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[ 1875.814921][    C0]  jump_label_update+0x1d7/0x400
[ 1875.819879][    C0]  static_key_enable_cpuslocked+0x1b7/0x270
[ 1875.825789][    C0]  static_key_enable+0x1a/0x20
[ 1875.830565][    C0]  toggle_allocation_gate+0xfc/0x260
[ 1875.835860][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 1875.841761][    C0]  ? trace_lock_acquire+0x14e/0x1f0
[ 1875.846974][    C0]  ? process_one_work+0x921/0x1ba0
[ 1875.852094][    C0]  ? lock_acquire+0x2f/0xb0
[ 1875.856601][    C0]  ? process_one_work+0x921/0x1ba0
[ 1875.861723][    C0]  process_one_work+0x9c5/0x1ba0
[ 1875.866676][    C0]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[ 1875.872848][    C0]  ? __pfx_process_one_work+0x10/0x10
[ 1875.878224][    C0]  ? rcu_is_watching+0x12/0xc0
[ 1875.883010][    C0]  ? assign_work+0x1a0/0x250
[ 1875.887608][    C0]  worker_thread+0x6c8/0xf00
[ 1875.892217][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1875.897335][    C0]  kthread+0x2c1/0x3a0
[ 1875.901413][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1875.906618][    C0]  ? __pfx_kthread+0x10/0x10
[ 1875.911220][    C0]  ret_from_fork+0x45/0x80
[ 1875.915640][    C0]  ? __pfx_kthread+0x10/0x10
[ 1875.920240][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1875.925030][    C0]  </TASK>