last executing test programs:

2m57.893010919s ago: executing program 2 (id=313):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000140)='dctcp\x00', 0x6)
getsockopt$inet6_tcp_buf(r2, 0x6, 0x1a, 0x0, &(0x7f0000000180))
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newqdisc={0x138, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r1, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x108, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "b6dff1615a4c904636ba18584fc205f15025a8f04c4f2b722a27743c27f13eb9334fe81e6e97c6c5d10091a02bc460232c9117ef85b79ed4b464736a0a3dff7d873fa9b79ac3c8b48db59320c03568622d82c308df45cddb5562bbc15be89cf3eb2c104f0c467e27f8f15b8c9089f18433ac2d24d97f824843d395c16390ec6e5b239cd36b8ef09ad4a7e57cefdbd2c7e952c998e76afe54e8cd1e38509bc9e5676c977f3a1cdda32bee7c11fb311584c7d670c6b52dee566cdc8673ccd7129b5d95dd080b06babc13bbb3837930590d85ef7c0b998e77e351fba96b09573a935e3b65eb47c90fe61ef1198c162c3dc9943c735755520be5bcef039461c1c1dc"}]}}]}, 0x138}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)

2m57.813547844s ago: executing program 2 (id=315):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
mknod(0x0, 0x8001420, 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_open_dev$vbi(&(0x7f0000000b80), 0x3, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0x1, &(0x7f0000000140)={0x26da8e97, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r4)
mkdir(&(0x7f0000000100)='./control\x00', 0x0)
rmdir(&(0x7f0000000040)='./control\x00')
openat$cgroup_freezer_state(r4, &(0x7f0000000080), 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000140)=@ethtool_cmd={0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x8, 0x0, 0x0, 0x4, 0x0, 0xfffff7fc, 0x0, 0x0, 0x0, 0x47, [0x4, 0x80]}})

2m56.27062749s ago: executing program 2 (id=319):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000004c0)={'ipvlan1\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000300)={0x11, 0x6, r2}, 0x14)
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r3, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000200)={0x0, 0x1, 0x0, &(0x7f0000000000)=""/24, 0x0, 0x8000000})
ioctl$VHOST_SET_MEM_TABLE(r3, 0x4008af03, &(0x7f0000000680))
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='statm\x00')
dup3(r0, r4, 0x0)
ioctl$VHOST_NET_SET_BACKEND(r3, 0x4008af30, &(0x7f00000000c0)={0x3000000, r4})

2m55.816850476s ago: executing program 2 (id=320):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000140)='ns\x00')
getdents64(r6, &(0x7f0000000000)=""/181, 0xb5)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x0, 0x3, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
syz_open_dev$sndctrl(0x0, 0x1007, 0x10b00)
r7 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x800)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r7, 0x80dc5521, &(0x7f00000001c0)=""/4096)
syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0xf0b, 0x3, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff3, 0x6a9f0eede9332711}, {0x2, 0xffff}, {0xfff3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$qrtr(r1, &(0x7f0000000000)={0x2a, 0x4, 0x1}, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, 0x0, 0x41002, 0x408}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_HELLO_TIME={0x8, 0x2, 0x6}, @IFLA_BR_FORWARD_DELAY={0x8, 0x1, 0x6}]}}}]}, 0x44}}, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$NFNL_MSG_CTHELPER_DEL(r8, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)={0x128, 0x2, 0x9, 0x101, 0x0, 0x0, {0xa, 0x0, 0xa}, [@NFCTH_QUEUE_NUM={0x8, 0x3, 0x1, 0x0, 0xff}, @NFCTH_STATUS={0x8}, @NFCTH_NAME={0x9, 0x1, 'syz0\x00'}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x5}}, @NFCTH_TUPLE={0x18, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @rand_addr=0x64010100}, {0x8, 0x2, @remote}}}]}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x8}}, @NFCTH_TUPLE={0xc8, 0x2, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1}, {0x14, 0x4, @rand_addr=' \x01\x00'}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @remote}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @multicast1}}}]}]}, 0x128}, 0x1, 0x0, 0x0, 0x20000004}, 0x4080004)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000740)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000fdfdfff67a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040000010000400404000001000000b7050000050000006a0a00fe00000000850000000a000000b70000000000000095000000000000009cc6b3fcd62c7d376238975d43a4505f80fc88943c4f0cf08e467b592f868ee30a0e8c1bf176db2a6b2feb4b6fd3d5707bfd2d84aaa3b1d4e984c46ea7e2a447a36f5662403e1b2be4cc7c2683908a0d411a9872061ce618117c56f0979bd10b97163c953ab1abda4589e9cbe8d0d26b5069f8a98f7dc8f76b74635fc9f9de9ca3c00cb9bf4e418d07fa22f0610a70f2bdf4000000000000b0c2940dd8e263aa743f7555193161f45346d2014006000000e1ffff8816326d7d35c32aac1c7d5b5be399f6609876b5887437a172751151b633fbc02a74067529194e533583412dff048f0000000000000000b2728a04816cfb851cd364ff19ffcafe3e64be033c9d2f002cc93c1c13ceec04a347383420336bec88c24a9fb6a6991ddb737d527d6acb15426415b6e8b14fdfa2c6e94bd0339454c13ad30000000000170022626165866c156a25148972700000b515a1000000000000000eb2e9c15b6c8f6198282d0000000000c2ccf3f69cfcf1e15ea7a9e57aee78e1"], &(0x7f0000000340)='GPL\x00'}, 0x94)
open(0x0, 0x48062, 0x0)
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r9, 0x6, 0x21, &(0x7f00000000c0)="00fbff008600000000003271a5bf00", 0x20)

2m53.702776575s ago: executing program 2 (id=328):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, &(0x7f0000002d00)=[{{&(0x7f0000000140)={0xa, 0x4e24, 0x741, @loopback={0x7ffffffb}, 0x401}, 0x1c, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1400000000000000290000000800"], 0x18}}], 0x1, 0x8004)

2m53.444770703s ago: executing program 2 (id=331):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000001c0)=0x2001)
r1 = accept4$netrom(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x0)
r2 = fcntl$dupfd(r1, 0x0, r0)
write$sndseq(r2, &(0x7f0000000180)=[{0xff, 0x0, 0x0, 0x0, @time={0x6, 0xdc}, {}, {0x0, 0x4}, @result={0x1, 0x2}}, {0x33, 0x0, 0xff, 0x3, @tick=0xf27, {0x1, 0x31}, {0x8}, @addr={0x4, 0x5}}], 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x3, 0x5, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000040000000000000000000000185300000900000000000000000600009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x9, 0x0, 0x100000, {}, [{0x48, 0x1, [@m_ct={0x44, 0x19, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffe, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0x5, &(0x7f0000000300)={0x4db, 0x3}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x80010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4b, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x6)
sendmmsg$inet6(r6, &(0x7f0000000840)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000180)="a414c95f", 0x4}, {&(0x7f00000001c0)="9785f6d8652b9c45c99f3b83", 0xc}, {&(0x7f0000000440)="d86d827915027356451c32058cba4d3f51ee229a5818e619603d970ba565e4f16d5dadff31877c793266d2de14e85813886030e1ec71635a89b0158f3493d71de9e26564d35bbad10f996e", 0x4b}, {&(0x7f00000004c0)="c7ea8ee10ed283721ce82e965e5be6561b6a8d9bbae8a293bb3b61f052629afea7c76661a71f46c64a56403e110de9114f41b723cdb1a94c9ee4a3f7c19931fe9e9850786d3e396ec994c08230499a3a2a894a2a542190e4ff36688d27efc78fbf26e13e1a6490a4c91d7785c5625fcb0c71e1887606c6b7352710afa3d11396894316b205047504b7bca8d7e83df317fc592477fbc71a6f", 0x98}, {&(0x7f0000000580)="cc742e8c70b9fc72458579bd4adb0ed9ea79a7b463516f6140f18a8f81e212adf5a894a1eed15169700cec960e5c31bea4d622bd3e187043a3833804312c48644559ab580c02", 0x46}, {&(0x7f0000000600)="16387859b10ab9979743ce367802d33ad9f613cc7ef2eb427601de24800d6557ff869691ca39f32741813fab991358d3465e8cc66e3a95704b6a99697332eb578c8c82d9116a891ac072234d1de3cef777adaa59f9cc57db6554fd39ed0766c22b7105d7012cd0f5d8c062adc16009940160c682405ec06b73ec4bee09063311f72aa7371a2d6226ababe32d4bbe17efc78a81cc2a3aed86a4a694d289956fb5928dafadc965530701c73183636c5d8b2d1984a664bc4d5dcff1100ba7c71370317db43470204a356ff1bddf5b8d9173dd61159b1ea75dd3bff5a2", 0xdb}], 0x6, &(0x7f0000000280)=[@flowinfo={{0x14, 0x29, 0xb, 0x6}}], 0x14}}], 0x2, 0x8045)
r7 = io_uring_setup(0x773d, &(0x7f0000000a40)={0x0, 0x0, 0x1000, 0x2, 0x3bc})
r8 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r8, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r8, 0x4)
close_range(r7, r8, 0x0)
r9 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
ioctl$USBDEVFS_CONTROL(r9, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x5, 0x6, 0x0, 0x5, 0x0})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

2m39.588855065s ago: executing program 3 (id=377):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = socket(0x840000000002, 0x3, 0xff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
socket$inet6_udplite(0xa, 0x2, 0x88)
socket$alg(0x26, 0x5, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000180), 0xfea7)
prctl$PR_GET_SECCOMP(0x15)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$ax25(r0, &(0x7f0000000200)={{0x3, @null, 0x8}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48)
sendmmsg$inet6(r6, &(0x7f000000a040)=[{{&(0x7f0000001200)={0xa, 0x4e20, 0x3, @mcast1, 0x4}, 0x1c, &(0x7f0000002740)=[{&(0x7f0000001240)="6e46b47583112bfab1e288c6e86829ac2f4151bde77ea4f3c34632216b4fee7a85e0d4320418bd68a8353c7bafd1530def01ead2daab16e723be43915c16688c8097021b8ab303d5472a947ba1d94cd63af7166bcfe552a43d86c5a19c0cd0440d622be6675afc04a59c5b0cc385faa26cb20ed7c9c87f9f49396d949f758f477a08f424686aa9a26ae93b5ee6468aa44d029938e3910c18da0ce7dfb49ab48530405e4275cbc5c7880ed973b6e11c8482d75ddc2cd48702330eba423a36999b", 0xc0}, {&(0x7f0000001300)="31d801e86b29d93ca7cc7452c53c062dc59a650b0c6b887ab17f2ee6748585a9252f14c349758cf3a809370d8cfd8e73e47df782129eb7645b1dc65d354374ac778289caa9e6efaf60d28baf942af6be559e4a9f89895d8512363502e19388add4db35ec6c983c70449c99ff334e8c11e6fa448b90", 0x75}, {&(0x7f0000001380)="393c6c9a99d3afeb4f90e42c3b1d9b01beb6c41d2060d7252c452687e31123251346c2fc1d5a73112e379bea322a6e9335261ed51a9671eba236886587b112076d4cd67eddc0549cd50f7dcadc9b66b862fd0f11d80b98611a57a7edf2386c3c9c549bbb7df727ed5cdca0e3ab2e1562d887e0f6f4d0788ab3a2438b7569556f75bab6a41d8f7ec6ee", 0x89}, {&(0x7f0000001440)="08864f3aebf50d0074a088356883696b22d9eef91918dce4adf01c25dbdfe647806e72e4b0392e00f779f9563b4e49ca663b526f444fb25e4e62d1f69ee4c8de73b00af5708ce526af7b98249add91c9ba622f97ad45634c4892306e24d4bd711e8a5be1229b1be73cd0f3a5143acfe87b2fe59b6e6f", 0x76}, {&(0x7f00000014c0)="3c175a370bb8ed87a2efcad96c93c21e9f42374da8f3bfdd7eb8e92442d7848c66154da93d712139c699e90e7b706f2b5eab31f9addc8ead795d90ff8514985bfb6ba4f0baf4f00ebcee8db73fa0e36edeab2677802565ed9bdef71578659b92700db3ebce5a7d351ccce7de76a171f6750e93bc412e452031f4b6fee458250356fb5ff20d9f483011c56232fab45910cf9d558fb617a5bf41f4e3d96084547b7d95ac9ed32d0cd50c154ce060a28132b08a54086cebfe218d5652984aedb33037d73bcc061411527515c526266c37e125c0ad22726bca11826b4c30a72681f804f1cafc", 0xe4}, {&(0x7f00000015c0)="f3939ed663229829894fbff60989dfcadda7050d6050818f6cc17a19d428fd195e07238da4a57df0c072b0fcd72f8dca8c3e074ae89fcac805924cbabad6739ca5cd2d19bbb0f16bae83256aebf4ddfbaa964cac1f437e5202b40c7f0d2e994927eae9a12c988448e7e70c519e35468577874528ca24d93ab61dcafbb75bad6082899d9daed99685fb699539f912553e8e5842df2ea172becc69863cca572c61708fc529dd1db973bc75419d967a7226f9431933af0979921a646c73640c81f44126f957e1e8725d6013deb00445c020444149b1a17b1c2079599de631a950972d36ef2ed97940e283a9c28bde1091897ba8e48a80ddca89c660ebae4528e8745161bc56423da79b218039594e6506e8d6e18db8ef4006451aa5749bd5efd16038508bb5468f5178096518b6671ef36454b07667dd5704cb5391684ee09f0e017b963377d7cdc679449eb6e7974ba02dfed564db5e1ffc3afddff24a3ea966fb8505786e473b2abb22f55920badc1714780c865810905b6884ff42445c5722cd2766521e955ee6f7daf95517a4aa1a8bde3a72c2df855d23ec10b63e776a338f042742515b9f109e1d779a80e9a7e6d9dacd1fc5aff1b6156e271932588a6b81e2e8d0d1724fece771c68be3f48a716e901f1e0ecf468305cd6ec7ca7e5fc2f53d1129282842ed129587ec5a2860ee70c921edee13319f44387f09b4987e58c29b410b17853536da5964b57b645ccea8b5454596b7c7922218b72dd82c7b72dcf5eb2e6d1892c139f5a4fa7c07c1eef2ed8fa224ff344282b0e1a1e5bc7c3046d969769d8e498ee5f0143f8bc14c6a2083e6e3631efe4ebe7d3669b3835d4893c09dabc8fef649", 0x267}], 0x6, &(0x7f00000002c0)=ANY=[@ANYBLOB="1400000000000000290000003e000000010009a354595bd390535fc52a867400180000180000000029000000360000003b0013f44653fdc0c7fd000000000000"], 0x30}}], 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r3, 0x0)
r7 = openat$cgroup_ro(r1, &(0x7f0000000100)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r9, @ANYBLOB="ff830500000700ffffff", @ANYRES8=r2], 0x4}}, 0x24000000)
connect$bt_l2cap(r1, &(0x7f0000000300)={0x1f, 0x7, @any, 0x3, 0x2}, 0xe)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r10, 0x6, 0x2a, 0x0, &(0x7f0000000040))
sendfile(r8, r7, 0x0, 0x100000002)

2m39.436377413s ago: executing program 3 (id=378):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
r2 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = mq_open(&(0x7f00000000c0)='${$\x00', 0x840, 0x0, 0x0)
r5 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r6=>0x0, &(0x7f00000001c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r4, 0x6, &(0x7f0000000380)=[{&(0x7f0000000280)=""/194, 0xc2}], 0x1})
io_uring_enter(r5, 0x847ba, 0x0, 0xe, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000007900)={&(0x7f0000000300)=@newtaction={0x6c, 0x30, 0x216822a75a8bdd29, 0x0, 0x0, {}, [{0x58, 0x1, [@m_simple={0x54, 0x1, 0x0, 0x0, {{0x11}, {0x28, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x3, 0xfffffffa, 0x20000000, 0x9ed, 0x5}}, @TCA_DEF_DATA={0x9, 0x3, ')\x00)+\x80'}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x6c}}, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f0000000240)=[{{&(0x7f00000003c0)=@nfc, 0x80, &(0x7f0000001a80)=[{&(0x7f0000000440)=""/111, 0x6f}, {&(0x7f0000000500)=""/86, 0x56}, {&(0x7f0000000880)=""/230, 0xe6}, {&(0x7f0000000980)=""/204, 0xcc}, {&(0x7f0000000a80)=""/4096, 0x1000}, {&(0x7f0000000580)=""/170, 0xaa}, {&(0x7f0000000700)=""/162, 0xa2}], 0x7, &(0x7f0000000140)=""/60, 0x3c}, 0x8}], 0x1, 0x40000042, 0x0)
mlockall(0x2)
r8 = shmget$private(0x0, 0x400000, 0x8, &(0x7f000000e000/0x400000)=nil)
shmctl$SHM_LOCK(r8, 0xb)
shmat(r8, &(0x7f0000ffd000/0x1000)=nil, 0x7000)
shmctl$SHM_UNLOCK(r8, 0xc)

2m38.097472102s ago: executing program 3 (id=380):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=@delchain={0x24, 0x64, 0xf31, 0xfffffffb, 0xf5ff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r4, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}}, 0x0)
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r5, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58040}, 0x0)

2m37.988990345s ago: executing program 3 (id=381):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x34)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1)
r1 = syz_open_dev$sndctrl(&(0x7f00000000c0), 0xbb9, 0x20200)
ioctl$SNDRV_CTL_IOCTL_POWER_STATE(r1, 0x800455d1, &(0x7f0000000100))
r2 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$nci(r2, &(0x7f0000000040), 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000340)=ANY=[@ANYBLOB="1201100316eadd20b40a1000ac7c010203010902120001260640ce09044b0300a8974634"], &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0})

2m37.703264027s ago: executing program 32 (id=331):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f00000001c0)=0x2001)
r1 = accept4$netrom(0xffffffffffffffff, 0x0, &(0x7f0000000040), 0x0)
r2 = fcntl$dupfd(r1, 0x0, r0)
write$sndseq(r2, &(0x7f0000000180)=[{0xff, 0x0, 0x0, 0x0, @time={0x6, 0xdc}, {}, {0x0, 0x4}, @result={0x1, 0x2}}, {0x33, 0x0, 0xff, 0x3, @tick=0xf27, {0x1, 0x31}, {0x8}, @addr={0x4, 0x5}}], 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x3, 0x5, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000040000000000000000000000185300000900000000000000000600009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x5c, 0x30, 0x9, 0x0, 0x100000, {}, [{0x48, 0x1, [@m_ct={0x44, 0x19, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9, 0x11e41e7a, 0x5, 0xfffffffe, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0x5, &(0x7f0000000300)={0x4db, 0x3}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x80010, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4b4b, 0x0)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet6(0xa, 0x3, 0x6)
sendmmsg$inet6(r6, &(0x7f0000000840)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000180)="a414c95f", 0x4}, {&(0x7f00000001c0)="9785f6d8652b9c45c99f3b83", 0xc}, {&(0x7f0000000440)="d86d827915027356451c32058cba4d3f51ee229a5818e619603d970ba565e4f16d5dadff31877c793266d2de14e85813886030e1ec71635a89b0158f3493d71de9e26564d35bbad10f996e", 0x4b}, {&(0x7f00000004c0)="c7ea8ee10ed283721ce82e965e5be6561b6a8d9bbae8a293bb3b61f052629afea7c76661a71f46c64a56403e110de9114f41b723cdb1a94c9ee4a3f7c19931fe9e9850786d3e396ec994c08230499a3a2a894a2a542190e4ff36688d27efc78fbf26e13e1a6490a4c91d7785c5625fcb0c71e1887606c6b7352710afa3d11396894316b205047504b7bca8d7e83df317fc592477fbc71a6f", 0x98}, {&(0x7f0000000580)="cc742e8c70b9fc72458579bd4adb0ed9ea79a7b463516f6140f18a8f81e212adf5a894a1eed15169700cec960e5c31bea4d622bd3e187043a3833804312c48644559ab580c02", 0x46}, {&(0x7f0000000600)="16387859b10ab9979743ce367802d33ad9f613cc7ef2eb427601de24800d6557ff869691ca39f32741813fab991358d3465e8cc66e3a95704b6a99697332eb578c8c82d9116a891ac072234d1de3cef777adaa59f9cc57db6554fd39ed0766c22b7105d7012cd0f5d8c062adc16009940160c682405ec06b73ec4bee09063311f72aa7371a2d6226ababe32d4bbe17efc78a81cc2a3aed86a4a694d289956fb5928dafadc965530701c73183636c5d8b2d1984a664bc4d5dcff1100ba7c71370317db43470204a356ff1bddf5b8d9173dd61159b1ea75dd3bff5a2", 0xdb}], 0x6, &(0x7f0000000280)=[@flowinfo={{0x14, 0x29, 0xb, 0x6}}], 0x14}}], 0x2, 0x8045)
r7 = io_uring_setup(0x773d, &(0x7f0000000a40)={0x0, 0x0, 0x1000, 0x2, 0x3bc})
r8 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r8, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r8, 0x4)
close_range(r7, r8, 0x0)
r9 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
ioctl$USBDEVFS_CONTROL(r9, 0xc0185500, &(0x7f0000000040)={0x23, 0x3, 0x5, 0x6, 0x0, 0x5, 0x0})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

2m34.448869532s ago: executing program 3 (id=393):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x8604}, 0x10)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="a00000001a00010000000000000000001c14000000000000000000008400130000000000000000000000000000000000000000000000c200"/160], 0xa0}}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
mkdir(&(0x7f0000000240)='./file0\x00', 0x1a3)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102388, 0x18ff4)
add_key(&(0x7f00000018c0)='big_key\x00', &(0x7f0000001900)={'syz', 0x1}, &(0x7f0000001940)='\f', 0xfffff, 0xfffffffffffffffe)
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
modify_ldt$read(0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SPEED(r5, 0xc0045002, &(0x7f0000000040)=0xdfe5)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000280)={0xa00, 0x18, 0xfa00, {0x100000000000004, 0x0, 0x13f}}, 0x20)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
socket$nl_netfilter(0x10, 0x3, 0xc)

2m32.679410224s ago: executing program 3 (id=400):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000380)={0x0, 0x0, @pic={0xc, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xd, 0x4, 0x7, 0x0, 0x3, 0x58, 0x90, 0x5, 0xe3, 0x7d}})
r3 = socket$inet(0x2, 0x4000000000000001, 0x6)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000dc0)=ANY=[@ANYBLOB="180000000100ffff00000000f800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000600000000000000000000008500000007000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000001000080850000000400000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='mm_khugepaged_scan_pmd\x00', r4}, 0x18)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x23, &(0x7f0000000040)=0x100, 0x4)
getsockopt$SO_TIMESTAMP(r3, 0x1, 0x23, 0x0, &(0x7f0000000080)=0x53)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10)
setsockopt$MRT_FLUSH(r3, 0x0, 0xd4, &(0x7f00000000c0)=0x1, 0x4)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000000000000600000000000000048b84b000000000000000f23c00f21f83503000789000f23f8b9a00d00000f32"], 0x60})
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)=ANY=[@ANYBLOB="01000000000000000d"])
r5 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r6, &(0x7f0000001980)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa10100000009b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad7c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af801034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r6, 0x0)
connect$netrom(r6, &(0x7f00000005c0)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x48)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r6, 0xc0189379, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r7=>r2}, './file0\x00'})
fcntl$dupfd(r7, 0x0, r4)
ioctl$USBDEVFS_IOCTL(r5, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
ioctl$USBDEVFS_SETCONFIGURATION(r5, 0x80045505, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0xc, 0x7, 0x0, 0x4000000000180, 0x5, 0x10, 0xf1, 0xffffffffffff18c4, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x5, 0x3, 0xbdb], 0x1, 0x3c4210})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m15.469245173s ago: executing program 33 (id=400):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000380)={0x0, 0x0, @pic={0xc, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xd, 0x4, 0x7, 0x0, 0x3, 0x58, 0x90, 0x5, 0xe3, 0x7d}})
r3 = socket$inet(0x2, 0x4000000000000001, 0x6)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000dc0)=ANY=[@ANYBLOB="180000000100ffff00000000f800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="180000000600000000000000000000008500000007000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000001000080850000000400000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='mm_khugepaged_scan_pmd\x00', r4}, 0x18)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x23, &(0x7f0000000040)=0x100, 0x4)
getsockopt$SO_TIMESTAMP(r3, 0x1, 0x23, 0x0, &(0x7f0000000080)=0x53)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10)
setsockopt$MRT_FLUSH(r3, 0x0, 0xd4, &(0x7f00000000c0)=0x1, 0x4)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0100000000000000600000000000000048b84b000000000000000f23c00f21f83503000789000f23f8b9a00d00000f32"], 0x60})
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000340)=ANY=[@ANYBLOB="01000000000000000d"])
r5 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_INPUT(r6, &(0x7f0000001980)={0x8, {"85f080a4933d55266e07e799aa0cc421388242df2a3c6b631b65b1c061edd2aa10100000009b0bb3a53ab1200f5d01a68a4acdec8fee09648222f908c1fedc3000342e6139de28366c13509306d00ebcc67497181ac916db98af9d366b76e427d9ab5bb68095f0fb246df32b8af0783653136f8a04c03690312125c7ded6a24fda8685340c575ead69519e3583f89d467ec232d6a1ffd0463ba4ea3cbae5dae6654b5547b5458f02ac307729e57b09e134f68be44f88d72517b230b066f6315b5fb80206397bbff8cbc2a36e01c2e7b3aadb32bd3dd5288a69a991d9c674717e3abba7167280b2db3b1b8502afa4f3f296c532510c9d2dd79bb5eeb25adb5edddbdd069c09d14d15c2e7e1e2bd6c108fab3591bb22e97d6992236d2273c8bb95536f7118d007965008b125c7daac2814e6bbe1adbfa3572ad0b7ad7c26c8014118d8374ca9f285779dfee7715a403908146a74de61b3853914c89f444c12e7a38bdd46c4ed36eb806ea598f44d1dec9eff9e2476f43802211f0762b66673b45d236b2391ce322e30fb9c69fe0d514dc1f8b6e3979c1205fd5224b07d18a44fec4f6f1a6f65158bb6adcc295bf2dd7dea107f59d7e03c61fe5822292e45968956b931bdc4d6445ff1631e0b98e4b4448774dd4b9cd53a45896fdb3f03702778741ae2b45a25bf9a23fc02fb97a630f132bf9def6c6d4a7baeb62972f1a814f6f2377bcfc78e2e86368c138510a04cedf7175af801034fae7413e3ace8c71ab9a0af1ca7042011a6ed028e205648535dabf3b2f85196ae18d36b839e3cd54ae4933ad529888fdac7bb8a70c72bc0fc81ba06506f2d5bc7686e219bbe5283959cbef9950e071cb6d9f341fc624a5110341f26cebd7100599a06e61f66fae120c7fc2b34c6221200eba75bd1277114671a3fa8f058b27fd897b052f4a52afcea814df526181c75c4497210a2b8b74e26601561e78735387cf123654b0295d1d60556956b36d96dd038866c4b4db31ebdcddd6929bbc2850cd4901389e6ea6e86041e0efa1158f334e7afda0e11c2fb0e6df6364cb95659f506d5c7e63fb67c8116577d15e4a4b1fc4c27de2e52586cb1f52be9c3601f5066549de8bdc3ec07d1a84caf1961323ec2487a37b751aeabafcd647ce2dae5d9499c0f969467e6cabad198669ac96bd1488954eff0854ee0c83d7b596d273625bdb16270782321071fda5d980ded78ffa9dc2b56037d7cbf942547f48a5131f1991f6c17ae1ed5120ca6878f98e68e7997a9a2b70be640a70a34adb80de286c6692abb5f092e4e3a15a83217e03d02a4054f34af3a65ff6b36f395b76a0579cffafd5d3bb0e704c935caecf3a7ab756c23fd60c9fe3f4fb2be7504f5bae22b116ff1588dcf02b327d31bf0488dba8af5b33ccf2d7d87f43bbc48fcd4f191ad6af9313ad38b8b29674bfabd6651bc1f6ce5abb4a2f1413194f96b26d7d6edc4e013fba549075c97eef508af5ca7873664b058b7bcf455a8a04b591d29fab6366c844bb75576bac2d52323e747303d00a5736c9812922b0e17bcec9135550736b54cf6407d61e22e62d7bb75f62935b665acf33e75f688c36ef416f1b890d0f0c8ad1df00e02ec45967834d5649c8e7143978622fa3704672970b7993a87e97d3d926a14265647bc8b8c9e6f83e29572608d24b42c2635ef4abbd0af83860e99c90d7471cf6e8ce99507f5ec2bc572212fa9ee3f5a9dfa3815fe55f0bbb119acce062ae37f2ff921707abba139bcddf42bfd174d29b540161b4113c4e1a13f3a628c638ec4d3a884dfbc093e23ec0d0671b46b41dc8b42d950c8615ba5ee87f49b5d0910ffa4871207995001920db05a95199967f097ba7b55bbd271d818690c4238406b40a3dfc42fa56a67173b53a96b543326c56738b6d043195934018696f5ab49347e5148a78f2d1369a71afab8330273d46ecfba4ee05802a5385649851db949dbfb39e290941641c50b1ac20fb3102754a760b097f464ddb0b83f8168badfa71db6621dcf22fb081e3403f3bac5c7e65905aca52885c807f8ddab18bb2f12ef952c50483c0e251968bc70ff0d42a638ca744dea4c7ebb4fea777cf663bb4f1505ed79730c45bc86e488a13f924377a8e2ee6670a02ca52874ae1c42a35d55b9765757047b2cc3742aa51fa3e43fb2c113c92ad213bad252c1a82966dd016f12a7f1c3900c0f1ab455035163f31899bdd30f3ff43ad17d9e45bb7438c1c986712736f24be14f71ab1bfe92a25ec07f086ee8c7971b8077a13e58a8e8bea39c8e06b251909f02cb0080abf020f27ca160eb26c082dda1fa54ea4094dfdbcb2fa7bddccb67a844e8075f4cc08dad35757006d051e183dced336bc0c2502f93ffc87dca622286ba174c24e1f53f27dc2777baafe170348b0e8d3e743b3aa906bc0764bbe7da08ff403efe2212627d672250658bb513b7312517d1f88c61c7ba5f9647cd619281c5b390b48606ee39fb4171103df2e09d7cfd56c06c721f7c24ad8cce383623fc2dcb15ac56438ea331820ae59c8c474e36fc73f7b1b3b86df1b42490815513681aafbf7e871b4b9686efae6c45ecfca60a640a6f071dfd31f9437c3d03086164b48c1ed802986864bfe0d49bdd7709662262368dbc3ecc05eb240ecc41904c76d78ab5c52b66af5a720fdd6a92f52be0676427a56e32e5bc5085b25f90add28a76f2fce6f8f0ef74f4659698549646bd63175adf77b5cdcfe676e1b1a9af15102946554ba6136cbc83c6268ee40318f3c9d4718025688b35d2265bf60bf889ff629f7834586ef46eab7a9176337536bb6001e676546b987f36b1fe4b9f6e46a8ce73eb22ebbb9c14d8e2b43ea77ef887e5a26448f4086fa819a25e27725ac10298851c8bc45f2ce4430b07917ade5ea8c434c3f2576effbeb521173736e5c9557450643068b0c0fb132a7e99de6ca292246a9937fa7d7e06e59cf59ce5b9f842629049931146af40a8a1256ba373a88d09dc00cdf4453cc6ba78572bf3e1f2352a978cdbad60220cb8ac37d7f614a306492a4b5eee9244b0ca84b6cf2e23013bfb1cb92bf6d126fe550e58c19f84e7a4081437b75b31b2b9fb658dcd8ba077962e0f3359721a148d4fefe5c97941ca9688cb85adf38fd10f5811cdd8e074a21bbfc9541c71465b08d7321281b68ed52bfab789b9c83849c09d52376d419b1e7ba367603236e119cdf4a7b7cf9d81f2229601deace53cea2f14a05f7fa0ca04b39e31c6453e332f4bd0915c0e09e28f4d1125c390c6ff0833a04b6fc37855e65de90333e505b9eb66e00686a3ed499cfb7b8b215dbdc9787b5baa724cfa71ee6745b41e203de8b7794757ac328ec5567540b951b50530c3d4ee34705ea1c66fd6591e88561083e86d48c45ef3b83a3029319d8f3d8e65ce14c1dc3cb92d0a7dbeb609a8d2793928caa079f0fbbb2bc90b9f058cc048f4032041d14c5bca00e99b3027ec3a50c4957199cf016a4594069af8659df0973f20ffb15dbc265ac5b8a2203e90b114a3e9441e357c60ce0b550a7fe66fc34f5702ac8e8992a22e89194c1df69e81a9b7ad3d2634ea8c0388588192fd47d8e803b10044d558617fb2921b69eb4d85c051f86ef63a2f4382b9becd870fb2ecadca6902712b88680792e2f2ec89591cfebb6db3ad31c2a339af10465fcf7988519d382218df52261234f26a6f66ad0d1859de505d0fe819caf2f8d30aa9fd1228ac91d11ca67f1f8d50c8eefa5c441514321507dff6c6ea3cff6f340a1c11e0c40f419e8e60fc94d8828fa47a96cdf7ee4f61e23f40751b25cf9ca1295041a350f83f0e679515d6b4b46e2c9ce8999e07f835abc1663cefcf728df37831f4e17f8c8a4feaf1fbf44c38c9313284404a50ba4cd8abe835b33bfecb02cd6c9d7f435853b4c8d505ab83cf46512739116694765658bae64b3127152d216055aef9b25c70a8a3b302752d7b1e8791c657b9f3fc9001ef299fd1a349491ae6ee9940149160507fc4130fb825d47d97dc2c243209d2403583ac3ef6ddbedcaa76432255487c0a06e59e043e572ab3aec002af6a6b6a2dc9cfaeefa70557886c4d12924a0388f2f1bc8e89e4cfa69705d1ef3c4658f8616278b588011d9dd914beec0b151d65b6524fba3e3f235d58373e021699b07622a51504eade747e0b2f9cf38bc167cabc8cb18c708d1337e25648707e8c0872876514c7a49c0b2aaee5ed9e9ecfcbcc23e032c4deb63e48e7120188056468fad31448e4b42e7d62fbcfc1c2cfb01fcf0db5e8a162bdb9bd820c763f17b96c23f32db9d1c1d74ddbe657b4f9595a9796982a0742153111b15e484d8ffebe47ce0a78a41e470a341616ec2eb6eef813fb415fab50fa965bec6a5977a0ade4fed67f86fc24e11b0e2f5364079f7c7c35b560cac726dbc80f29dbd248f7ecda0286a23ef172a28c96d9bdb1f598eab31c6baf0321312da23920c074b9d2d2e442717f2c21001142a39c2da6b8bd9d06b05a6a8deae1bd1be4108a636ddbebc682d113e715f2f3ee506abc28b1c654b3d2d28e02f73b171ed0deed71dda90ce4a0b728cc75cb576385e7418b545b992b1dd98e2ee53355f464f9250a2a03b3d1e4d2ac1aa71d01de2573530324e14d15a507883411ddbd37be21dc929db9b11f11010e4d2a04c7325a5ae6d24d19900ff97a8a89438f8676457a78cff05201528f4358fe67f61288bf042a8f3c2e0f8b4997b8fb74996b80d465489b2d7807a945eba72a945e8cf8625dbad6f6f6e30537b29e558ca8a8b0625f578c766d34f2d28d704715f94df1f6318a308042aa494baa295640679f1eab1e6a8308af8ce6441d5ad8a2f3d477eb5307af0dfae6644493f1434030b8361621340ad3dcefa6d8f090ed3929d89ad9c0ba01a6903033428dd8f98619304b1803187d2a6130bf1e009b5eb0e7e21c75594b3b8470f3106c92a9e55bfeb026091ced127a90a1f1247f3c07e36d3572923e0de3f73518d0369a25fcd4e65d243b7eab91063a7bfd8bc8ac9e39fbbb32b5c9517886287a18eacd8dbfda9b91db693cb12e42cba5988280e09e51e72b91a0f360656d8f21cc1eb3248ac345ad51d1a6172b18419277851dab01e028c7e8e2cf34095efd28267852a08fccf61c45b5e46930160daf50282be058274e7ff58c48b60b86d0c8cc886ab8778a2a2b5fa2557ad7bf7f01f2175523ce758871d334c20a9839f7a89fe2867c06289c8a2f6456ac7e4fbadee53ac41aee68214bc76669853baa4f58255b39ba581414f2e8c4b49303f8936a33bae5cbc96b29a5c724d5b50e1614144c2acd03bd90de891c3d36ce040d57543682ecbfcae66c4153c337c3a5d01896524c8e0c27e9a08919821ca27bbfe3fc9ba24a823aeec8d4ad8ef8a65c585bee4dcf1acaa3da501a8c11a23b2e22920c1ad0129a038b31fe16c2abc80589dbf7c37211afc5d1a6db908bc5fe8a692060069fcbcdcba7c523d3c424aa3b0c6556387e0e51bcde9e5f850abf62d2c2101c3a2786a0cb94932877a09cb6b64aa61da8cab3b423e7adc4c4700418a65e87225710e1691f6d9cb2eb63cce5b605ce0a4a89cf519767e00845397c5e381141a0ed8a89b01064b495ec8d1e2da37433bf1597d919a69610d2ad26bdf6fca8de422bb2cb80d0516206e8194ee51445a3dcb5dee33c0c310b4751e68e58bebda2fb586985a5a5b06456756f44e6dbfef4bb99ca732f00fb9ea35775f7419681bfbe6f43dc7c4650c13b63d93c1d490bf0173f287a4309531f13ecb1a775d0bd881a", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r6, 0x0)
connect$netrom(r6, &(0x7f00000005c0)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x2}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x48)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r6, 0xc0189379, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r7=>r2}, './file0\x00'})
fcntl$dupfd(r7, 0x0, r4)
ioctl$USBDEVFS_IOCTL(r5, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
ioctl$USBDEVFS_SETCONFIGURATION(r5, 0x80045505, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0xc, 0x7, 0x0, 0x4000000000180, 0x5, 0x10, 0xf1, 0xffffffffffff18c4, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x5, 0x3, 0xbdb], 0x1, 0x3c4210})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

55.369026731s ago: executing program 5 (id=719):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.current\x00', 0x26e1, 0x0)
r3 = syz_io_uring_setup(0x328, &(0x7f0000000000)={0x0, 0x6fa9, 0x800}, &(0x7f0000000080)=<r4=>0x0, &(0x7f0000000340)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x4000, &(0x7f00000001c0), 0x1, 0x40})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r3, 0x2, 0x10a5, 0x3, 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0x80086601, 0x604000000000000)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
get_mempolicy(&(0x7f00000001c0), &(0x7f0000000200), 0x0, &(0x7f00003e7000/0x1000)=nil, 0x7)
r7 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
syz_usb_control_io$hid(r7, &(0x7f00000001c0)={0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="40080900000009f1a5000000000000"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
syz_usb_control_io$hid(r7, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x1, {[@local=@item_012={0x0, 0x2, 0x3}]}}, 0x0}, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080), &(0x7f00000000c0)={0x0, 0xfb, 0xdc, 0x0, 0x0, "6b85cd257e1b0aa7713a710a3ba505a6", "b6a91cc67b4a81c420d4b8ed3c014002be95759dd8585fedb1c0278c1e18868919650c50f010b8836b9aed2c58c16d1c90300e3fbb49039df806a42a30a99133807aebb1a1c4e933f1c35851438deb1241157d3b629d0eac4773cc1a5d9762a54b9a73c307186be49639a85a1ab9c8a8abafc78e3cf243cabb3cbc3f7ce1b56e0654bbd66a2c31b9e93d754e2ec2ebd69b1a786b77356350a1f04334614f75722708d8194aae7039ca53e08c3b984a8d0c922e72f422743556a7d979a94a6a0fbc79d741ad46aa"}, 0xdc, 0x3)

50.633269127s ago: executing program 5 (id=737):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00'}, 0x10)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@textreal={0x8, 0x0}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x87, 0xc, 0x0, 0x1, 0xb5, 0x7, 0x75, 0xf2, 0x5, 0x2, 0x61, 0x0, 0x40, 0x7, 0x7, 0x8, 0x60, 0xe1, '\x00', 0x1, 0x1})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000680)={"1b4db8646c2c1008d7ca34ff9b7950e52da2b20ae65ee10eb481f3d43d6226cfe7ddebd1863266c895a51468666102f254abf26eefa360008f8c3d51a01c811ec7c3cd307ed1e6595c06461432fee6a0ceef0e98d32679133edf1b3ab58f20d622a2d4ba5f10bf95e2975b75d9f68008630a557264cbf307ca7e416c98493aeed24498ee2f6867fd6a6a91ff3fd03ea383f99c897498896b61bcae75d69b83a4f0a55e63ae9b70eb32ab600af7be63f8762e575bd964de889cc45fc0b5367b8bcb2f44e1a3bf9879b46f589419ba4ebab6e033863c0fd099cf2bb09bd0a8d75af115ea42963b1ec37b04c261db8a41e9bab68d2905b4c98167ec40927b0238835e2a41b48df887791f340d70cbd53a8a700916f91ca7f97a5bc90c9ba9d9d0063e55dcb8a4689eaf20c9fa96d02c7413c0f0d42cc1fa714bea3debfb15ee77b083205e62383f3ae2374c00a88bd2639f9b7c019ac3aa7dd993f2dd17db1b24c89c20e913f08f6015250b0c92143334e98dc29716cdf286a4ecf50d4d0fa74b135966d1295343ec49b527727f30d78faa8aa13a563fc6b4e972255427ce166bb22fd77aa6d57af7c3ef2de986ec610af32df260782b15f2b886135f5794049514cbb48929007f9c5d4f328cc3838b6bc91e2f539597c117e90e64cca839e426c1787bbe20131060c7c9e00344b0ff2fb7ffb1bb6e14596ea905329aa07f4d11d3786048990a0b2e7c9d6b752d4d4248e3a3f128d43ef6752b634fb4e6fa520c8d4959cdb0e7a22f4ebae181a76bb459d98d342010d4c14a87b71a2cbaf3a53ae31ff8d630391d6b8d782b17f7ea63bdb971a675f3fc0466aa88c1b925edbd2d7eec53e06dc6d3b355a3c8f178912b01516b4f2acf72d29e149618e049f53b021bc679941d4934ba1b4a015d73ae1299a0bf4bd4c0ccb3447cd5f278129bb2f6566d57d1b828262010f0b83a8626b4b63aa13d6f4ecd4f8e36a20a689f160c372d9502adbf88ebabd54fe288394d150df81e2126eef4f38766dc909f250cbd7a3e0db61e82feffbf8153a0640b787888a9ba140432b89d7bc1837856dadf33a4205d5d1569098545a155653d925fe2458802d0bc22fee993ca40fc2b2b63c9cd1413e8d3cb93d770299abbe3cea0490dc36e7de009bfb73cff7a6a7c524f430e4bef7876b74bf384c68b797c0745358ef59aad22dbe5029fd279b8bd93fa23e61be4b35b02eb847d86df963285fb28489e87034dfc15bf4e0f1fb0639a52613240a74707ce381082bede91aeb0766a4ec30c9ba65518bb7fa55835fc736226c21cc01dae0d0007967bc9d69b04e5fe5192d36ff19463a600b403cdd015a24a7d535a8b5160dd2e64b441ae9d7dd24af6c4f02d187ab20e9098cb5d2f98e09928665ff04a7a32e13c3c8e4e0fcffd9c6804df470d5d48b3e931a6a8c73222e42bb7"})
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x101)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000200)={0x0, 0xd46, 0x0, 0xffffffff, 0x800000})
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x4058534c, &(0x7f0000000000)={0x80, 0x9, 0x2, 0xe05, 0x20000, 0x28e7})
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r7, &(0x7f00000007c0)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0xd}}], 0x30, 0x8004}, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000180)={'vcan0\x00', &(0x7f0000000100)=@ethtool_rxfh={0x46, 0x1, 0x5, 0x2e, 0x6, "6e63de", 0x9}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
read(r6, 0x0, 0x0)
sendmsg$inet(r4, &(0x7f00000003c0)={&(0x7f0000000040)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)="9a", 0x1}], 0x1}, 0x4008840)
setsockopt(r4, 0x84, 0x7f, &(0x7f0000000140)="0200000009800089", 0x8)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000029000b00ffffffff0000000005"], 0x2c}}, 0x0)

49.217215002s ago: executing program 5 (id=740):
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000580))
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00005cf000/0x4000)=nil, 0x400000, 0x2, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000})
r3 = syz_open_dev$media(&(0x7f0000000100), 0xf, 0x28000)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000300)={0x80000000, &(0x7f0000000140), &(0x7f0000000280)=[{{<r4=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_ENTITIES(r3, 0xc1007c01, &(0x7f0000000340)={r4})
socket(0x29, 0x6, 0xfffffff8)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f000001b700)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

48.076876942s ago: executing program 5 (id=743):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000100)='./file0/file0\x00', &(0x7f00000000c0), 0x1302004, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000100)={0x28, 0x7, r3, 0x0, &(0x7f0000ff0000/0x10000)=nil, 0x10000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, &(0x7f0000000180)={0x48, 0x5, r3, 0x0, <r4=>0xffffffffffffffff})
getpeername$unix(r1, &(0x7f0000000340)=@abs, &(0x7f0000000240)=0x6e)
ioctl$IOMMU_TEST_OP_ACCESS_RW(r2, 0x3ba0, &(0x7f0000000400)={0x48, 0x8, r4, 0x0, 0x0, 0xffca, &(0x7f0000000040)='?', 0x5})
mount$fuse(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$9p_unix(&(0x7f0000000200)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x385010, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f00000002c0)={{0x1, 0x1, 0x18, <r5=>r0, {0x3, 0x2}}, './file0/file0\x00'})
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000003c0)={0xffff, 0x3, 0x0, 0x4, 0x0, 0x6, 0x1, 0xfff, <r6=>0x0}, &(0x7f0000000480)=0x20)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f00000004c0)=@assoc_value={r6}, &(0x7f0000000500)=0x8)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x2a05004, 0x0)

47.534710679s ago: executing program 5 (id=746):
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
lremovexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)=@random={'security.', '^\x00'})
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000005)
write$FUSE_IOCTL(r0, &(0x7f0000000240)={0x20, 0x0, 0x0, {0x400, 0x0, 0x4, 0x6}}, 0x20)

46.259306448s ago: executing program 5 (id=750):
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="05000000001c"], 0x20)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f00000003c0)={0x0, 0x7, 0x0, [0x0, 0x8, 0x9, 0x8, 0x9b0], [0x7fffffffffffffff, 0x0, 0x1f5, 0xf1d4, 0x9, 0x7, 0x0, 0x8, 0x3, 0x8, 0x1, 0x0, 0x6, 0x6, 0x9, 0x4, 0x6, 0x9, 0x9, 0x9, 0x2000000000005, 0xffffffff7fffffff, 0xf, 0x8, 0x9, 0x76f, 0x1fffffffe0, 0x7, 0xa, 0xf, 0x6, 0x1, 0x80000001, 0x0, 0x88, 0x9, 0xdb, 0xfffffffffffffff4, 0xc25c, 0x7, 0x8, 0x8, 0x0, 0x49, 0x1, 0x9, 0x1, 0x9, 0x1, 0x117, 0x5, 0x8000000000000001, 0x101, 0x4, 0x400, 0x3, 0x4, 0xb, 0xf, 0x0, 0x0, 0x8, 0x4, 0x5, 0x4, 0x2, 0xc66c, 0x9, 0x9, 0x10000, 0x8, 0x7, 0xc, 0x2, 0x8, 0x200000000000005, 0xa1, 0x6, 0x9, 0x6, 0x5, 0x2, 0x1, 0xffffffffbfd3f0e9, 0xffffffffd5f54280, 0x2, 0x5, 0x0, 0x0, 0xb7c, 0xffffffffffffff00, 0x96f0, 0x7ff, 0xe91, 0xb, 0x1, 0x8, 0x4, 0x5, 0x7fffffff, 0x1dee, 0x0, 0x8, 0x1, 0x4f48, 0xd, 0x80000000, 0x7fffffff, 0x100, 0x2, 0x3, 0xffff, 0x2, 0x8000000000000001, 0x7ff, 0x7, 0xffffffffffffffff, 0x7, 0x1ac5cf3d, 0x7fffffffffffffff, 0xffffffff]})
pipe(0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getrandom(&(0x7f0000000280)=""/281, 0xffffffffffffff02, 0x2)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x2000000, 0x0, 'queue1\x00'})
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f00000001c0)={0x0, 0x0, 0x9})
close_range(r0, 0xffffffffffffffff, 0x0)

45.255436148s ago: executing program 34 (id=750):
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="05000000001c"], 0x20)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f00000003c0)={0x0, 0x7, 0x0, [0x0, 0x8, 0x9, 0x8, 0x9b0], [0x7fffffffffffffff, 0x0, 0x1f5, 0xf1d4, 0x9, 0x7, 0x0, 0x8, 0x3, 0x8, 0x1, 0x0, 0x6, 0x6, 0x9, 0x4, 0x6, 0x9, 0x9, 0x9, 0x2000000000005, 0xffffffff7fffffff, 0xf, 0x8, 0x9, 0x76f, 0x1fffffffe0, 0x7, 0xa, 0xf, 0x6, 0x1, 0x80000001, 0x0, 0x88, 0x9, 0xdb, 0xfffffffffffffff4, 0xc25c, 0x7, 0x8, 0x8, 0x0, 0x49, 0x1, 0x9, 0x1, 0x9, 0x1, 0x117, 0x5, 0x8000000000000001, 0x101, 0x4, 0x400, 0x3, 0x4, 0xb, 0xf, 0x0, 0x0, 0x8, 0x4, 0x5, 0x4, 0x2, 0xc66c, 0x9, 0x9, 0x10000, 0x8, 0x7, 0xc, 0x2, 0x8, 0x200000000000005, 0xa1, 0x6, 0x9, 0x6, 0x5, 0x2, 0x1, 0xffffffffbfd3f0e9, 0xffffffffd5f54280, 0x2, 0x5, 0x0, 0x0, 0xb7c, 0xffffffffffffff00, 0x96f0, 0x7ff, 0xe91, 0xb, 0x1, 0x8, 0x4, 0x5, 0x7fffffff, 0x1dee, 0x0, 0x8, 0x1, 0x4f48, 0xd, 0x80000000, 0x7fffffff, 0x100, 0x2, 0x3, 0xffff, 0x2, 0x8000000000000001, 0x7ff, 0x7, 0xffffffffffffffff, 0x7, 0x1ac5cf3d, 0x7fffffffffffffff, 0xffffffff]})
pipe(0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getrandom(&(0x7f0000000280)=""/281, 0xffffffffffffff02, 0x2)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000003c0)={0x0, 0x2000000, 0x0, 'queue1\x00'})
write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r3, 0x404c534a, &(0x7f00000001c0)={0x0, 0x0, 0x9})
close_range(r0, 0xffffffffffffffff, 0x0)

18.240527356s ago: executing program 1 (id=835):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
setsockopt$RDS_CONG_MONITOR(r1, 0x114, 0x6, &(0x7f0000000140), 0x4)
userfaultfd(0x80801)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x0, 0x0, 0xfffffffe}, 0x1c)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
syz_open_dev$amidi(&(0x7f0000000480), 0x2, 0x201)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40002021, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r6 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x414c01, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r6, 0xc0403d11, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0)
r7 = openat$cgroup_ro(r1, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
cachestat(r7, &(0x7f0000000040), 0x0, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, 0x0, 0x800)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x8, 0x6, 0x0, 0x4, 'syz0\x00', 0x281d}, 0x0, [0x1, 0x4ea3, 0x9, 0x56cd, 0x5, 0x6, 0x0, 0x80000001, 0x201, 0x3, 0x3fb, 0x1, 0xd, 0x7, 0x4, 0x10000, 0x43, 0x49b5e351, 0xfffffffffffffffc, 0xe8de, 0xfffffffffffffff9, 0x9, 0x1ff, 0x8, 0x1, 0x8, 0x80004000, 0x4, 0x2, 0x8000, 0x1, 0xa36, 0x57bf4b04, 0x4, 0x40000000000001, 0x6, 0x8, 0x100000000, 0x8, 0x7ff, 0x6, 0x401, 0x5, 0x1, 0x203, 0x10000, 0x2, 0xb7, 0x0, 0x5, 0xbe5, 0xa0000000000, 0x0, 0x1, 0x8, 0x8000000000000000, 0xd3d, 0xbbeb, 0x1, 0x3, 0x4, 0x7, 0x8401, 0x3, 0x0, 0xec7, 0x646, 0xc58e, 0x800003, 0x11ad, 0x0, 0x6, 0x8000, 0x100080, 0x7f, 0x9, 0x1, 0x5, 0x8000000000000000, 0x4, 0x7, 0xa5, 0x1b13, 0x4, 0x85, 0x8, 0x4, 0xf75, 0xa, 0x8, 0xffffffffffff66e3, 0xfffffffffffffff9, 0x5, 0x5e997b8e, 0x0, 0x7, 0xffffffffffffffff, 0x3, 0x100, 0x4, 0x3ff, 0x7bae, 0x0, 0xfff7ffffffffff95, 0xa, 0x108000001, 0xcc7e, 0x8, 0x0, 0x6, 0x6, 0xfffffffffffffd93, 0x3ef, 0x1, 0x4, 0x0, 0x7, 0x5, 0x6, 0x1, 0xe1, 0x20000000000ec2, 0x1, 0x5, 0xfff, 0x0, 0x80]})

16.31735125s ago: executing program 1 (id=839):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
setsockopt$RDS_CONG_MONITOR(r1, 0x114, 0x6, &(0x7f0000000140), 0x4)
userfaultfd(0x80801)
r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
setsockopt$packet_rx_ring(r3, 0x107, 0x5, &(0x7f0000000040)=@req3={0x0, 0x0, 0xfffffffe}, 0x1c)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
syz_open_dev$amidi(&(0x7f0000000480), 0x2, 0x201)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40002021, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r6 = openat$ptp0(0xffffffffffffff9c, 0x0, 0x414c01, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r6, 0xc0403d11, 0x0)
socket$inet(0xa, 0x801, 0x84)
r7 = openat$cgroup_ro(r1, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r7, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
cachestat(r7, &(0x7f0000000040), 0x0, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, 0x0, 0x800)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000540)={{0x8, 0x6, 0x0, 0x4, 'syz0\x00', 0x281d}, 0x0, [0x1, 0x4ea3, 0x9, 0x56cd, 0x5, 0x6, 0x0, 0x80000001, 0x201, 0x3, 0x3fb, 0x1, 0xd, 0x7, 0x4, 0x10000, 0x43, 0x49b5e351, 0xfffffffffffffffc, 0xe8de, 0xfffffffffffffff9, 0x9, 0x1ff, 0x8, 0x1, 0x8, 0x80004000, 0x4, 0x2, 0x8000, 0x1, 0xa36, 0x57bf4b04, 0x4, 0x40000000000001, 0x6, 0x8, 0x100000000, 0x8, 0x7ff, 0x6, 0x401, 0x5, 0x1, 0x203, 0x10000, 0x2, 0xb7, 0x0, 0x5, 0xbe5, 0xa0000000000, 0x0, 0x1, 0x8, 0x8000000000000000, 0xd3d, 0xbbeb, 0x1, 0x3, 0x4, 0x7, 0x8401, 0x3, 0x0, 0xec7, 0x646, 0xc58e, 0x800003, 0x11ad, 0x0, 0x6, 0x8000, 0x100080, 0x7f, 0x9, 0x1, 0x5, 0x8000000000000000, 0x4, 0x7, 0xa5, 0x1b13, 0x4, 0x85, 0x8, 0x4, 0xf75, 0xa, 0x8, 0xffffffffffff66e3, 0xfffffffffffffff9, 0x5, 0x5e997b8e, 0x0, 0x7, 0xffffffffffffffff, 0x3, 0x100, 0x4, 0x3ff, 0x7bae, 0x0, 0xfff7ffffffffff95, 0xa, 0x108000001, 0xcc7e, 0x8, 0x0, 0x6, 0x6, 0xfffffffffffffd93, 0x3ef, 0x1, 0x4, 0x0, 0x7, 0x5, 0x6, 0x1, 0xe1, 0x20000000000ec2, 0x1, 0x5, 0xfff, 0x0, 0x80]})

10.952060105s ago: executing program 1 (id=857):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@enum={0x3, 0x0, 0x0, 0xf, 0x4000000}]}, {0x0, [0x0, 0x0, 0x61, 0x25]}}, 0x0, 0x2a, 0x0, 0x1}, 0x28)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) (async)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f000003e000/0x1000)=nil, 0x1000, 0x1000000, 0x307, 0x40)
setresuid(0x0, 0xee01, 0xee00)
madvise(&(0x7f0000000000/0x8000)=nil, 0x8000, 0x15)
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0xe20, 0x95fa, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x1}, 0x1c)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000000c0)={'ip6gre0\x00', 0x0, 0x0, 0x9, 0x5, 0x8, 0x30, @mcast2, @mcast1, 0x20, 0x738, 0x6, 0x7}}) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000000c0)={'ip6gre0\x00', <r1=>0x0, 0x0, 0x9, 0x5, 0x8, 0x30, @mcast2, @mcast1, 0x20, 0x738, 0x6, 0x7}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x15, 0xa, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, [@exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0x6d}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x8}, @generic={0x9, 0x3, 0x4, 0x0, 0x3}]}, &(0x7f0000000280)='GPL\x00', 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x28}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x15, 0xa, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x8}, [@exit, @kfunc={0x85, 0x0, 0x2, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0x6d}, @func={0x85, 0x0, 0x1, 0x0, 0xffffffffffffffff}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x8}, @generic={0x9, 0x3, 0x4, 0x0, 0x3}]}, &(0x7f0000000280)='GPL\x00', 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', r1, 0x28}, 0x94)

10.035369221s ago: executing program 1 (id=860):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x4000880)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = syz_io_uring_setup(0xcaf, &(0x7f0000000100)={0x0, 0xb601, 0x1, 0x5, 0x9c3}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r2, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x1e})
io_uring_enter(r3, 0x847ba, 0x3000000, 0xe, 0x0, 0x0)

9.871574538s ago: executing program 7 (id=863):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00'}, 0x10)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@textreal={0x8, 0x0}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x87, 0xc, 0x0, 0x1, 0xb5, 0x7, 0x75, 0xf2, 0x5, 0x2, 0x61, 0x0, 0x40, 0x7, 0x7, 0x8, 0x60, 0xe1, '\x00', 0x1, 0x1})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000680)={"1b4db8646c2c1008d7ca34ff9b7950e52da2b20ae65ee10eb481f3d43d6226cfe7ddebd1863266c895a51468666102f254abf26eefa360008f8c3d51a01c811ec7c3cd307ed1e6595c06461432fee6a0ceef0e98d32679133edf1b3ab58f20d622a2d4ba5f10bf95e2975b75d9f68008630a557264cbf307ca7e416c98493aeed24498ee2f6867fd6a6a91ff3fd03ea383f99c897498896b61bcae75d69b83a4f0a55e63ae9b70eb32ab600af7be63f8762e575bd964de889cc45fc0b5367b8bcb2f44e1a3bf9879b46f589419ba4ebab6e033863c0fd099cf2bb09bd0a8d75af115ea42963b1ec37b04c261db8a41e9bab68d2905b4c98167ec40927b0238835e2a41b48df887791f340d70cbd53a8a700916f91ca7f97a5bc90c9ba9d9d0063e55dcb8a4689eaf20c9fa96d02c7413c0f0d42cc1fa714bea3debfb15ee77b083205e62383f3ae2374c00a88bd2639f9b7c019ac3aa7dd993f2dd17db1b24c89c20e913f08f6015250b0c92143334e98dc29716cdf286a4ecf50d4d0fa74b135966d1295343ec49b527727f30d78faa8aa13a563fc6b4e972255427ce166bb22fd77aa6d57af7c3ef2de986ec610af32df260782b15f2b886135f5794049514cbb48929007f9c5d4f328cc3838b6bc91e2f539597c117e90e64cca839e426c1787bbe20131060c7c9e00344b0ff2fb7ffb1bb6e14596ea905329aa07f4d11d3786048990a0b2e7c9d6b752d4d4248e3a3f128d43ef6752b634fb4e6fa520c8d4959cdb0e7a22f4ebae181a76bb459d98d342010d4c14a87b71a2cbaf3a53ae31ff8d630391d6b8d782b17f7ea63bdb971a675f3fc0466aa88c1b925edbd2d7eec53e06dc6d3b355a3c8f178912b01516b4f2acf72d29e149618e049f53b021bc679941d4934ba1b4a015d73ae1299a0bf4bd4c0ccb3447cd5f278129bb2f6566d57d1b828262010f0b83a8626b4b63aa13d6f4ecd4f8e36a20a689f160c372d9502adbf88ebabd54fe288394d150df81e2126eef4f38766dc909f250cbd7a3e0db61e82feffbf8153a0640b787888a9ba140432b89d7bc1837856dadf33a4205d5d1569098545a155653d925fe2458802d0bc22fee993ca40fc2b2b63c9cd1413e8d3cb93d770299abbe3cea0490dc36e7de009bfb73cff7a6a7c524f430e4bef7876b74bf384c68b797c0745358ef59aad22dbe5029fd279b8bd93fa23e61be4b35b02eb847d86df963285fb28489e87034dfc15bf4e0f1fb0639a52613240a74707ce381082bede91aeb0766a4ec30c9ba65518bb7fa55835fc736226c21cc01dae0d0007967bc9d69b04e5fe5192d36ff19463a600b403cdd015a24a7d535a8b5160dd2e64b441ae9d7dd24af6c4f02d187ab20e9098cb5d2f98e09928665ff04a7a32e13c3c8e4e0fcffd9c6804df470d5d48b3e931a6a8c73222e42bb7"})
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x101)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000200)={0x0, 0xd46, 0x0, 0xffffffff, 0x800000})
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x4058534c, &(0x7f0000000000)={0x80, 0x9, 0x2, 0xe05, 0x20000, 0x28e7})
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r6, &(0x7f00000007c0)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0xd}}], 0x30, 0x8004}, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000180)={'vcan0\x00', &(0x7f0000000100)=@ethtool_rxfh={0x46, 0x1, 0x5, 0x2e, 0x6, "6e63de", 0x9}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
read(r5, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000040)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)="9a", 0x1}], 0x1}, 0x4008840)
setsockopt(0xffffffffffffffff, 0x84, 0x7f, &(0x7f0000000140)="0200000009800089", 0x8)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000029000b00ffffffff0000000005"], 0x2c}}, 0x0)

8.806087824s ago: executing program 7 (id=864):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00'}, 0x10)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@textreal={0x8, 0x0}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x87, 0xc, 0x0, 0x1, 0xb5, 0x7, 0x75, 0xf2, 0x5, 0x2, 0x61, 0x0, 0x40, 0x7, 0x7, 0x8, 0x60, 0xe1, '\x00', 0x1, 0x1})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000680)={"1b4db8646c2c1008d7ca34ff9b7950e52da2b20ae65ee10eb481f3d43d6226cfe7ddebd1863266c895a51468666102f254abf26eefa360008f8c3d51a01c811ec7c3cd307ed1e6595c06461432fee6a0ceef0e98d32679133edf1b3ab58f20d622a2d4ba5f10bf95e2975b75d9f68008630a557264cbf307ca7e416c98493aeed24498ee2f6867fd6a6a91ff3fd03ea383f99c897498896b61bcae75d69b83a4f0a55e63ae9b70eb32ab600af7be63f8762e575bd964de889cc45fc0b5367b8bcb2f44e1a3bf9879b46f589419ba4ebab6e033863c0fd099cf2bb09bd0a8d75af115ea42963b1ec37b04c261db8a41e9bab68d2905b4c98167ec40927b0238835e2a41b48df887791f340d70cbd53a8a700916f91ca7f97a5bc90c9ba9d9d0063e55dcb8a4689eaf20c9fa96d02c7413c0f0d42cc1fa714bea3debfb15ee77b083205e62383f3ae2374c00a88bd2639f9b7c019ac3aa7dd993f2dd17db1b24c89c20e913f08f6015250b0c92143334e98dc29716cdf286a4ecf50d4d0fa74b135966d1295343ec49b527727f30d78faa8aa13a563fc6b4e972255427ce166bb22fd77aa6d57af7c3ef2de986ec610af32df260782b15f2b886135f5794049514cbb48929007f9c5d4f328cc3838b6bc91e2f539597c117e90e64cca839e426c1787bbe20131060c7c9e00344b0ff2fb7ffb1bb6e14596ea905329aa07f4d11d3786048990a0b2e7c9d6b752d4d4248e3a3f128d43ef6752b634fb4e6fa520c8d4959cdb0e7a22f4ebae181a76bb459d98d342010d4c14a87b71a2cbaf3a53ae31ff8d630391d6b8d782b17f7ea63bdb971a675f3fc0466aa88c1b925edbd2d7eec53e06dc6d3b355a3c8f178912b01516b4f2acf72d29e149618e049f53b021bc679941d4934ba1b4a015d73ae1299a0bf4bd4c0ccb3447cd5f278129bb2f6566d57d1b828262010f0b83a8626b4b63aa13d6f4ecd4f8e36a20a689f160c372d9502adbf88ebabd54fe288394d150df81e2126eef4f38766dc909f250cbd7a3e0db61e82feffbf8153a0640b787888a9ba140432b89d7bc1837856dadf33a4205d5d1569098545a155653d925fe2458802d0bc22fee993ca40fc2b2b63c9cd1413e8d3cb93d770299abbe3cea0490dc36e7de009bfb73cff7a6a7c524f430e4bef7876b74bf384c68b797c0745358ef59aad22dbe5029fd279b8bd93fa23e61be4b35b02eb847d86df963285fb28489e87034dfc15bf4e0f1fb0639a52613240a74707ce381082bede91aeb0766a4ec30c9ba65518bb7fa55835fc736226c21cc01dae0d0007967bc9d69b04e5fe5192d36ff19463a600b403cdd015a24a7d535a8b5160dd2e64b441ae9d7dd24af6c4f02d187ab20e9098cb5d2f98e09928665ff04a7a32e13c3c8e4e0fcffd9c6804df470d5d48b3e931a6a8c73222e42bb7"})
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x101)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000200)={0x0, 0xd46, 0x0, 0xffffffff, 0x800000})
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r6, 0x4058534c, &(0x7f0000000000)={0x80, 0x9, 0x2, 0xe05, 0x20000, 0x28e7})
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r7, &(0x7f00000007c0)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0xd}}], 0x30, 0x8004}, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000180)={'vcan0\x00', &(0x7f0000000100)=@ethtool_rxfh={0x46, 0x1, 0x5, 0x2e, 0x6, "6e63de", 0x9}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
read(r6, 0x0, 0x0)
sendmsg$inet(r4, &(0x7f00000003c0)={&(0x7f0000000040)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)="9a", 0x1}], 0x1}, 0x4008840)
setsockopt(r4, 0x84, 0x7f, &(0x7f0000000140)="0200000009800089", 0x8)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000029000b00ffffffff0000000005"], 0x2c}}, 0x0)

7.77734921s ago: executing program 4 (id=866):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = open(&(0x7f0000000240)='./file0\x00', 0x48000, 0x114)
newfstatat(0xffffffffffffff9c, &(0x7f0000002ac0)='./file0\x00', &(0x7f0000002b00)={0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x4000)
fchown(r1, r2, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
r3 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x1b00, 0x0, 0x3, 0x80}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000040), r6)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000000)=[r3], 0x1})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
r7 = syz_usb_connect(0x0, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x141, 0xf2, 0xc5, 0x96, 0x20, 0x16d0, 0x10b8, 0xde8e, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x0, 0x83, 0xec, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0x2, 0x0, 0xa}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r7, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r8, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003d00000095"], &(0x7f00000000c0)='GPL\x00', 0x1, 0x98, &(0x7f0000000000)=""/152}, 0x80)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000005c0)=ANY=[@ANYRES32=r10, @ANYRES32=r9, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r10, &(0x7f0000000240), &(0x7f00000004c0)=@tcp6=r8}, 0x20)
sendto(r8, &(0x7f0000000280)="109f2e", 0x3, 0x10, 0x0, 0x0)
r11 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a", 0x2, 0xfffffffffffffffe)
keyctl$get_security(0x11, r11, &(0x7f0000000080), 0x0)
syz_usb_control_io(r7, 0x0, &(0x7f00000005c0)={0x44, &(0x7f0000000e40)={0x40, 0x9, 0xc, "00004700000040f400bec073"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r7, 0x0, &(0x7f0000000400)={0x2c, &(0x7f00000001c0)=ANY=[@ANYBLOB="0017280000"], 0x0, 0x0, 0x0, 0x0})

7.369428462s ago: executing program 7 (id=867):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
io_setup(0x0, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r2 = io_uring_setup(0x1530, &(0x7f0000000480)={0x0, 0xe739, 0x1, 0x8000002, 0x1d4})
write$nci(0xffffffffffffffff, 0x0, 0x0)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x800, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$nci(0xffffffffffffffff, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0xc0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r5, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r5, 0x0, <r6=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r4, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r6, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x80000)

6.198308157s ago: executing program 1 (id=872):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00'}, 0x10)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@textreal={0x8, 0x0}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x87, 0xc, 0x0, 0x1, 0xb5, 0x7, 0x75, 0xf2, 0x5, 0x2, 0x61, 0x0, 0x40, 0x7, 0x7, 0x8, 0x60, 0xe1, '\x00', 0x1, 0x1})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000680)={"1b4db8646c2c1008d7ca34ff9b7950e52da2b20ae65ee10eb481f3d43d6226cfe7ddebd1863266c895a51468666102f254abf26eefa360008f8c3d51a01c811ec7c3cd307ed1e6595c06461432fee6a0ceef0e98d32679133edf1b3ab58f20d622a2d4ba5f10bf95e2975b75d9f68008630a557264cbf307ca7e416c98493aeed24498ee2f6867fd6a6a91ff3fd03ea383f99c897498896b61bcae75d69b83a4f0a55e63ae9b70eb32ab600af7be63f8762e575bd964de889cc45fc0b5367b8bcb2f44e1a3bf9879b46f589419ba4ebab6e033863c0fd099cf2bb09bd0a8d75af115ea42963b1ec37b04c261db8a41e9bab68d2905b4c98167ec40927b0238835e2a41b48df887791f340d70cbd53a8a700916f91ca7f97a5bc90c9ba9d9d0063e55dcb8a4689eaf20c9fa96d02c7413c0f0d42cc1fa714bea3debfb15ee77b083205e62383f3ae2374c00a88bd2639f9b7c019ac3aa7dd993f2dd17db1b24c89c20e913f08f6015250b0c92143334e98dc29716cdf286a4ecf50d4d0fa74b135966d1295343ec49b527727f30d78faa8aa13a563fc6b4e972255427ce166bb22fd77aa6d57af7c3ef2de986ec610af32df260782b15f2b886135f5794049514cbb48929007f9c5d4f328cc3838b6bc91e2f539597c117e90e64cca839e426c1787bbe20131060c7c9e00344b0ff2fb7ffb1bb6e14596ea905329aa07f4d11d3786048990a0b2e7c9d6b752d4d4248e3a3f128d43ef6752b634fb4e6fa520c8d4959cdb0e7a22f4ebae181a76bb459d98d342010d4c14a87b71a2cbaf3a53ae31ff8d630391d6b8d782b17f7ea63bdb971a675f3fc0466aa88c1b925edbd2d7eec53e06dc6d3b355a3c8f178912b01516b4f2acf72d29e149618e049f53b021bc679941d4934ba1b4a015d73ae1299a0bf4bd4c0ccb3447cd5f278129bb2f6566d57d1b828262010f0b83a8626b4b63aa13d6f4ecd4f8e36a20a689f160c372d9502adbf88ebabd54fe288394d150df81e2126eef4f38766dc909f250cbd7a3e0db61e82feffbf8153a0640b787888a9ba140432b89d7bc1837856dadf33a4205d5d1569098545a155653d925fe2458802d0bc22fee993ca40fc2b2b63c9cd1413e8d3cb93d770299abbe3cea0490dc36e7de009bfb73cff7a6a7c524f430e4bef7876b74bf384c68b797c0745358ef59aad22dbe5029fd279b8bd93fa23e61be4b35b02eb847d86df963285fb28489e87034dfc15bf4e0f1fb0639a52613240a74707ce381082bede91aeb0766a4ec30c9ba65518bb7fa55835fc736226c21cc01dae0d0007967bc9d69b04e5fe5192d36ff19463a600b403cdd015a24a7d535a8b5160dd2e64b441ae9d7dd24af6c4f02d187ab20e9098cb5d2f98e09928665ff04a7a32e13c3c8e4e0fcffd9c6804df470d5d48b3e931a6a8c73222e42bb7"})
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x101)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000200)={0x0, 0xd46, 0x0, 0xffffffff, 0x800000})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000000)={0x80, 0x9, 0x2, 0xe05, 0x20000, 0x28e7})
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000180)={'vcan0\x00', &(0x7f0000000100)=@ethtool_rxfh={0x46, 0x1, 0x5, 0x2e, 0x6, "6e63de", 0x9}})
sendmsg$inet(r4, &(0x7f00000003c0)={&(0x7f0000000040)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)="9a", 0x1}], 0x1}, 0x4008840)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000029000b00ffffffff0000000005"], 0x2c}}, 0x0)

4.819711083s ago: executing program 6 (id=875):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00'}, 0x10)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@textreal={0x8, 0x0}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x87, 0xc, 0x0, 0x1, 0xb5, 0x7, 0x75, 0xf2, 0x5, 0x2, 0x61, 0x0, 0x40, 0x7, 0x7, 0x8, 0x60, 0xe1, '\x00', 0x1, 0x1})
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000680)={"1b4db8646c2c1008d7ca34ff9b7950e52da2b20ae65ee10eb481f3d43d6226cfe7ddebd1863266c895a51468666102f254abf26eefa360008f8c3d51a01c811ec7c3cd307ed1e6595c06461432fee6a0ceef0e98d32679133edf1b3ab58f20d622a2d4ba5f10bf95e2975b75d9f68008630a557264cbf307ca7e416c98493aeed24498ee2f6867fd6a6a91ff3fd03ea383f99c897498896b61bcae75d69b83a4f0a55e63ae9b70eb32ab600af7be63f8762e575bd964de889cc45fc0b5367b8bcb2f44e1a3bf9879b46f589419ba4ebab6e033863c0fd099cf2bb09bd0a8d75af115ea42963b1ec37b04c261db8a41e9bab68d2905b4c98167ec40927b0238835e2a41b48df887791f340d70cbd53a8a700916f91ca7f97a5bc90c9ba9d9d0063e55dcb8a4689eaf20c9fa96d02c7413c0f0d42cc1fa714bea3debfb15ee77b083205e62383f3ae2374c00a88bd2639f9b7c019ac3aa7dd993f2dd17db1b24c89c20e913f08f6015250b0c92143334e98dc29716cdf286a4ecf50d4d0fa74b135966d1295343ec49b527727f30d78faa8aa13a563fc6b4e972255427ce166bb22fd77aa6d57af7c3ef2de986ec610af32df260782b15f2b886135f5794049514cbb48929007f9c5d4f328cc3838b6bc91e2f539597c117e90e64cca839e426c1787bbe20131060c7c9e00344b0ff2fb7ffb1bb6e14596ea905329aa07f4d11d3786048990a0b2e7c9d6b752d4d4248e3a3f128d43ef6752b634fb4e6fa520c8d4959cdb0e7a22f4ebae181a76bb459d98d342010d4c14a87b71a2cbaf3a53ae31ff8d630391d6b8d782b17f7ea63bdb971a675f3fc0466aa88c1b925edbd2d7eec53e06dc6d3b355a3c8f178912b01516b4f2acf72d29e149618e049f53b021bc679941d4934ba1b4a015d73ae1299a0bf4bd4c0ccb3447cd5f278129bb2f6566d57d1b828262010f0b83a8626b4b63aa13d6f4ecd4f8e36a20a689f160c372d9502adbf88ebabd54fe288394d150df81e2126eef4f38766dc909f250cbd7a3e0db61e82feffbf8153a0640b787888a9ba140432b89d7bc1837856dadf33a4205d5d1569098545a155653d925fe2458802d0bc22fee993ca40fc2b2b63c9cd1413e8d3cb93d770299abbe3cea0490dc36e7de009bfb73cff7a6a7c524f430e4bef7876b74bf384c68b797c0745358ef59aad22dbe5029fd279b8bd93fa23e61be4b35b02eb847d86df963285fb28489e87034dfc15bf4e0f1fb0639a52613240a74707ce381082bede91aeb0766a4ec30c9ba65518bb7fa55835fc736226c21cc01dae0d0007967bc9d69b04e5fe5192d36ff19463a600b403cdd015a24a7d535a8b5160dd2e64b441ae9d7dd24af6c4f02d187ab20e9098cb5d2f98e09928665ff04a7a32e13c3c8e4e0fcffd9c6804df470d5d48b3e931a6a8c73222e42bb7"})
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x101)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000200)={0x0, 0xd46, 0x0, 0xffffffff, 0x800000})
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x4058534c, &(0x7f0000000000)={0x80, 0x9, 0x2, 0xe05, 0x20000, 0x28e7})
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r6, &(0x7f00000007c0)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0xd}}], 0x30, 0x8004}, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000180)={'vcan0\x00', &(0x7f0000000100)=@ethtool_rxfh={0x46, 0x1, 0x5, 0x2e, 0x6, "6e63de", 0x9}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
read(r5, 0x0, 0x0)
sendmsg$inet(r3, &(0x7f00000003c0)={&(0x7f0000000040)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)="9a", 0x1}], 0x1}, 0x4008840)
setsockopt(r3, 0x84, 0x7f, &(0x7f0000000140)="0200000009800089", 0x8)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000029000b00ffffffff0000000005"], 0x2c}}, 0x0)

4.730387616s ago: executing program 7 (id=876):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockname(r1, &(0x7f00000014c0)=@ll={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000001540)=0x80)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000004140)=@newchain={0x24, 0x64, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}}, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, 0x0, 0x0)
accept4(r3, 0x0, 0x0, 0x0)
open_by_handle_at(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="90000000240000000400000000000000ff0100008000bd3299e9045f88a7f2d27f95bb4f641a55b7c17b223af5b2e53982047ef361f7f8aa1a9a893dce86555de4dea3ef109cfbbd953fdcb8bd5e91035a2934a7010e6c48ea268013a1197015d727ad22c54a809bf34fc3ee6ad68414e51f70f679f0c1a6509f1fa0069ee2a04a3936f60800000083e39a3a00"/152], 0x406002)
r4 = openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, 0x0, 0x0, 0x0)
recvmmsg(r5, 0x0, 0x0, 0x2, 0x0)
syz_open_dev$video(&(0x7f0000000100), 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
r7 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x0, 0x40000335}, &(0x7f0000000500)=<r8=>0x0, &(0x7f0000000300)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r7, 0x847ba, 0x0, 0xc, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240), 0xc2882, 0x0)
r10 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r10, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\xfbL:', 0x0)
fsopen(&(0x7f0000000040)='afs\x00', 0x0)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1000003)
write$binfmt_format(r4, &(0x7f0000000100)='-1\x00', 0x2)

4.571850597s ago: executing program 1 (id=877):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000002000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000100)={&(0x7f0000000180)=[<r2=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r1, 0xc02064b6, &(0x7f0000000340)={r2, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r1, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000300)=[0x0, <r4=>0x0], &(0x7f0000000040), 0x2, r3, 0xcccccccc})
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000380)={0x0, 0x1, &(0x7f00000003c0)=[r3], &(0x7f0000000040), &(0x7f0000000600)=[r4], &(0x7f0000000500)})
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ppoll(&(0x7f0000000080)=[{r5, 0x8}], 0x1, 0x0, 0x0, 0x0)
r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r6, 0x40085112, &(0x7f0000000d80)=@e={0xff, 0x9, 0x1, 0x0, @SEQ_CONTROLLER=0xff, 0x51})
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
write$cgroup_int(r0, &(0x7f0000002040)=0x1, 0x12)
syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x181301)

4.338726985s ago: executing program 6 (id=878):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
rseq(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x1, 0x84)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xb}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="5c0000000206050800000000000000000000000005000400000000000900020073797a30000000001400078008001340000000000800064000000000050005000000000005000100060000000d000300686173683a6d6163"], 0x5c}}, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000680)=ANY=[@ANYBLOB="44000000090605000000000000000000010000050900020073797a30000000000500010007000000080009400000000114000880100007800a001100aaaaaaaaaa"], 0x44}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)

4.221140647s ago: executing program 4 (id=879):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
write$tun(r0, &(0x7f0000000100)=ANY=[@ANYBLOB="06000000bbbbbbbbbbbbaaaaaaaaaabb88f5"], 0x72)

3.969505948s ago: executing program 4 (id=880):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newqdisc={0x138, 0x24, 0x4ee4e6a52ff56541, 0x72bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x108, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "63166c1df7b34fbfb80738079e513cbc96f41dc78fa74e4e0986abbfdab10aff4120b481f874999d2081ce3ef05d61f8f51d1891324a9efee8dd4dc590d68667a4d39e9512d3027e7f4dd5c4ecd87e06ba993d0f9e435d4cbc4032e81e3b945c602433a4ab79c98f322781292e90b920ae3cbf013c067bf9be97864a3942c33ecd88817d85b4e90c6113f427fc25e40960b4d841f39c3d1133e4c8323d654199fc06c6dc97c6596ba4668f6292730b3382c2bba099f5689cc89783d2dcd0443915634861d0358e5a5ddbd93b0ecebac4daf48cfa43b168c63038b11be3d6c6f9b07154b839c01799dbd89bf8ea308ae13e04b80b0c5f11609d9ad765f1a550a4"}]}}]}, 0x138}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r6 = userfaultfd(0x801)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
syz_io_uring_setup(0x48ba, &(0x7f00000001c0)={0x0, 0xfffffffc, 0x8000, 0x0, 0x334}, &(0x7f0000000080), &(0x7f0000ff4000))
close_range(r5, 0xffffffffffffffff, 0x0)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
listen(r7, 0xbabc)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r7, 0x84, 0x1e, &(0x7f0000000000)=0x8040801, 0x4)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r7, 0x84, 0x1e, &(0x7f0000000040), 0x4)
close(r4)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r8)
sendmsg$TIPC_CMD_ENABLE_BEARER(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r10)
socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r11)

3.232229181s ago: executing program 6 (id=882):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
execve(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={[&(0x7f0000000080)=']\x00']}, &(0x7f0000000300)={[&(0x7f0000000100)='-%+)@+\xae}]#-,\x00', &(0x7f0000000140)='\x00', &(0x7f0000000180)='\x00', &(0x7f00000001c0)='^\x00', &(0x7f0000000200)='\x00', &(0x7f0000000240)='{\x00', &(0x7f0000000280)='[\'\x00', &(0x7f00000002c0)='.%{-{&D.\x00']})
getsockopt$rose(r0, 0x104, 0x4, 0x0, &(0x7f0000000040))
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000008, 0x10, r1, 0xe2617000)

2.835646526s ago: executing program 6 (id=883):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
syz_emit_ethernet(0x2a, &(0x7f0000000100)={@multicast, @random="8a0a63cdec59", @void, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @remote, @dev, @remote}}}}, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f00000000c0))
sendto$packet(r1, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0xe, 0x0, 0x0, 0x0)

1.748161391s ago: executing program 0 (id=884):
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
syz_clone3(0x0, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000005c0)={@dev={0xfe, 0x80, '\x00', 0x40}, @remote, @remote, 0x3, 0x2, 0x5, 0x400, 0xb7, 0xc20022, r1})
chdir(0x0)
open(&(0x7f0000000180)='./bus\x00', 0x189a7c, 0x113)
mount$cgroup2(0x0, &(0x7f00000001c0)='./bus\x00', &(0x7f0000000240), 0x1000400, &(0x7f0000000280)=ANY=[@ANYBLOB='memory_localevents,me'])
syz_emit_ethernet(0x8a, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa8100000186dd60f53a0400503a00fe8000000000000000000000000000bbfeff33f70d80000000000000000000000000001a0200abfba33976ed18ec023a01c40bea128aaf2a26c890a192e2c99dcead48e08e99217b78000005006000000000000000fc010000000000000000000000000000fc0200000000000000000000000000003a020098e8f646da5c07d000000494bbbfa7cc8309b4fccf033e502093a348dae3ebd21f59db9ad9346c3be1355411f974667baf86d7f39b79c7224485e621a59bfa7edab9fb9d8cb3ed646861732420fecfde0f2af73da774549dc835311ea3347828f3f4fca65557ce698c9502d50d43ec93c7f0d8b2d658f793b7170edeba1ecdce129eed21a576f1b0b680986c449d2ea00cbd52c9c1456df1e98d05dce7750df4c84681a0cc6a4b77ef856e6471705abc62b988ac5ab44917ef76"], 0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r2}})
ioctl$TUNSETLINK(r3, 0x400454cd, 0x33a)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd603000bb00282b00fc020000000000000000000000000000fe8000000000000000000000000000aa"], 0x0)

1.711460654s ago: executing program 4 (id=885):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000840)=ANY=[@ANYRES16=0x0], 0x64}, 0x1, 0x0, 0x0, 0x400c040}, 0x0)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r2, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x200, @ipv4={'\x00', '\xff\xff', @remote}, 0x1}}, 0x24)
sendmsg$inet(r2, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x18, 0x4c00}, 0x0)
r3 = socket$inet6(0xa, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_NODELAY(r3, 0x84, 0x3, &(0x7f00000001c0), &(0x7f0000000280)=0x4)
mkdirat$binderfs(0xffffffffffffff9c, &(0x7f00000019c0)='./binderfs2\x00', 0x1ff)
mount$binderfs(0x0, &(0x7f0000001dc0)='./binderfs2\x00', &(0x7f0000001e00), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="73741f811228676c676248bd7e14"])
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
read$FUSE(r4, &(0x7f0000000980)={0x2020}, 0x160e)
connect$qrtr(r1, &(0x7f0000000280)={0x2a, 0x0, 0x4001}, 0xc)
bind$qrtr(r1, &(0x7f0000000000)={0x2a, 0x1, 0x4000}, 0xc)

1.656411157s ago: executing program 6 (id=886):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000003000)=@file={0x1}, 0x6e)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000000580)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/unix\x00')
pread64(r2, &(0x7f0000000480)=""/177, 0xb1, 0xe0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0xffffffff, 0xfffffffd})
r3 = mq_open(&(0x7f000084dff0)='\x16salm\x1cq8te9\xc8\x00\x00x\x00', 0x6e93ebbbcc0884f2, 0x12e, &(0x7f0000000300)={0x4, 0x1, 0x7, 0x1})
r4 = syz_usb_connect(0x6, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="51bf84cd36424c8cea09a2ac4666dbc70ad8a24ddf87c7b0e375b993610bca249d3046c1f98fb14b9ed826b7270d29016e9ea152c14c9dfb010aac3ee7fabc431b7ceb1127f17655381aaa6a2b972e5abd9e906604279dc3da11121e9e1d1618d55e25bf0979ed4e30e76a85b6e6900f6b5b186859b1a88972ee86", @ANYRESHEX=r2], 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$printer(r4, 0x0, &(0x7f0000000900)={0x34, &(0x7f0000000600)={0x0, 0x18, 0x4, "a7c3ad4c"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r4, 0x0, 0x0)
syz_usb_control_io$uac1(r4, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000340)=ANY=[@ANYBLOB="05000000640b64f53750be36698e2a477d936dcc70908a6d614187ea9bb79c9da531482bbde4fe34fe71d4c972d19ee2569bf7b0349a8ff80c6932b9c207c5f42064f14ca6d1d7ae"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mq_timedsend(r3, 0x0, 0x700, 0x0, 0x0)
syz_io_uring_setup(0x63ab, 0x0, 0x0, &(0x7f0000000400))
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="180000cb848b1f671f30e91800fcff000000950000000000"], &(0x7f0000000300)='syzkaller\x00'}, 0x90)
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x400)
ioprio_set$pid(0x2, 0x0, 0x6000)
setreuid(r6, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmmsg$unix(r8, &(0x7f00000bd000), 0x492492492492846, 0x0)
fcntl$setstatus(r8, 0x4, 0x42000)
ppoll(&(0x7f00000000c0)=[{r8, 0x200}], 0x1, 0x0, 0x0, 0x0)
connect$unix(r7, &(0x7f00000002c0)=@file={0x0, './file0\x00'}, 0x6e)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SWAP(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="340000000606010800000000000000006e0000ee0900030073797a30000000000900020073797a3100000000050001"], 0x34}, 0x1, 0x0, 0x0, 0x20040800}, 0x90)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_SERVICE(r10, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="00002dbd7000fbdbdf25020000000800060001210c00000000000000ffff080004000100000008000400060031000800040001000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4040000}, 0x4040)

1.60092002s ago: executing program 0 (id=887):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100), 0x200002, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000000300)=""/102392, 0x18ff8)
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
add_key(&(0x7f0000000440)='asymmetric\x00', 0x0, &(0x7f0000000000)='0', 0x1, r1)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x5c5, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_PROBE_MESH_LINK(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x2b4, 0x0, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r3}, @val={0xc, 0x99, {0xf, 0x2c}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_FRAME={0x232, 0x33, @data_frame={@a_msdu=@type11={{0x0, 0x2, 0x7, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1}, {0x5}, @device_a, @device_b, @from_mac, {0x2, 0x40}, @device_b, @void, @value=@ver_80211n={0x0, 0x8, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1}}, @a_msdu=[{@device_b, @device_b, 0xfe, "60654ece3ad879efe48fc8635e407723893882f21e6cc02f593d5742decb450789fb6b9d0274867f641c1311254962bbd414344de3f53ede4c7867270baf3cf4ac1e184b1120d2839a2a31ddc51714b2eb23f63a21e167d5d0538571ad42962d10a2eb45e4b5318c7b33240886abb5ae46f962259bfdd5d5abed4e4d6b0d9166135a8e2783d13c6af7896148a7fc9fd5e488bd43c150223d180d2abe1d8ce441e93f1b1ecf5b0f3543bcf0ebd29c8ce24bc3abdff5ecbfa57862011c22b83c191c9d7df8de49011db024eb43cd8f8d20fe9d5bd340c8070f7ea96e7492cc7bad150ad2d681f1df06d5197cc1eecc72a41c0ea668fcc24e74796e0b7c930c"}, {@broadcast, @device_b, 0x88, "fe4b97604cf741400340ae0fb4f423fc853c9e5c9b86bf2c61345a571aa9b569aa431dcf57719c04877218b9a1f8089fff6679cec4799006a8e0b53ef4d7f736e7207b452d83cee0feb35d6dbacd554b8dec1dd360b826c4d8974f5877c7b9bf0620ee44a97cd76695161b38e9327d1eb64c6f1c6f4b1a2e3a906e6111eeaf0e3e2fd85228f7cead"}, {@device_b, @broadcast, 0x59, "8c4360f899e548f13e451e4e044c26f3ff113464e590b818b2902fe9dcaef30e19aab4284d2e87408ed3dbd49b58263aeb5819cd42fa89b9e93120b9f1df70b66f0660fcc1ece8a14e7bfc87f14bf432cedad28ef57c371a79"}]}}, @NL80211_ATTR_FRAME={0x25, 0x33, @mgmt_frame=@action={{{0x0, 0x0, 0xd, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x6}, @device_b, @device_a, @from_mac=@device_b, {0x8, 0x5}}, @addba_resp={0x3, 0x1, {0x1, 0x3d, {0x0, 0x1, 0x1, 0x83}, 0x904f}}}}]}, 0x2b4}, 0x1, 0x0, 0x0, 0x41}, 0x8000)
fcntl$getownex(r2, 0x10, &(0x7f0000000040)={0x0, <r4=>0x0})
ptrace(0x4207, r4)
ioctl$vim2m_VIDIOC_ENUM_FMT(r2, 0xc0405602, &(0x7f0000000240)={0x1a, 0x1, 0x1, "3a8e07ca5de21f0077ab7a4d8601acc620004b5c000000000000002100", 0x3231564e})
r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r5, 0xc0045005, &(0x7f00000000c0))

1.570094787s ago: executing program 4 (id=888):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00'}, 0x10)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@textreal={0x8, 0x0}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x87, 0xc, 0x0, 0x1, 0xb5, 0x7, 0x75, 0xf2, 0x5, 0x2, 0x61, 0x0, 0x40, 0x7, 0x7, 0x8, 0x60, 0xe1, '\x00', 0x1, 0x1})
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000680)={"1b4db8646c2c1008d7ca34ff9b7950e52da2b20ae65ee10eb481f3d43d6226cfe7ddebd1863266c895a51468666102f254abf26eefa360008f8c3d51a01c811ec7c3cd307ed1e6595c06461432fee6a0ceef0e98d32679133edf1b3ab58f20d622a2d4ba5f10bf95e2975b75d9f68008630a557264cbf307ca7e416c98493aeed24498ee2f6867fd6a6a91ff3fd03ea383f99c897498896b61bcae75d69b83a4f0a55e63ae9b70eb32ab600af7be63f8762e575bd964de889cc45fc0b5367b8bcb2f44e1a3bf9879b46f589419ba4ebab6e033863c0fd099cf2bb09bd0a8d75af115ea42963b1ec37b04c261db8a41e9bab68d2905b4c98167ec40927b0238835e2a41b48df887791f340d70cbd53a8a700916f91ca7f97a5bc90c9ba9d9d0063e55dcb8a4689eaf20c9fa96d02c7413c0f0d42cc1fa714bea3debfb15ee77b083205e62383f3ae2374c00a88bd2639f9b7c019ac3aa7dd993f2dd17db1b24c89c20e913f08f6015250b0c92143334e98dc29716cdf286a4ecf50d4d0fa74b135966d1295343ec49b527727f30d78faa8aa13a563fc6b4e972255427ce166bb22fd77aa6d57af7c3ef2de986ec610af32df260782b15f2b886135f5794049514cbb48929007f9c5d4f328cc3838b6bc91e2f539597c117e90e64cca839e426c1787bbe20131060c7c9e00344b0ff2fb7ffb1bb6e14596ea905329aa07f4d11d3786048990a0b2e7c9d6b752d4d4248e3a3f128d43ef6752b634fb4e6fa520c8d4959cdb0e7a22f4ebae181a76bb459d98d342010d4c14a87b71a2cbaf3a53ae31ff8d630391d6b8d782b17f7ea63bdb971a675f3fc0466aa88c1b925edbd2d7eec53e06dc6d3b355a3c8f178912b01516b4f2acf72d29e149618e049f53b021bc679941d4934ba1b4a015d73ae1299a0bf4bd4c0ccb3447cd5f278129bb2f6566d57d1b828262010f0b83a8626b4b63aa13d6f4ecd4f8e36a20a689f160c372d9502adbf88ebabd54fe288394d150df81e2126eef4f38766dc909f250cbd7a3e0db61e82feffbf8153a0640b787888a9ba140432b89d7bc1837856dadf33a4205d5d1569098545a155653d925fe2458802d0bc22fee993ca40fc2b2b63c9cd1413e8d3cb93d770299abbe3cea0490dc36e7de009bfb73cff7a6a7c524f430e4bef7876b74bf384c68b797c0745358ef59aad22dbe5029fd279b8bd93fa23e61be4b35b02eb847d86df963285fb28489e87034dfc15bf4e0f1fb0639a52613240a74707ce381082bede91aeb0766a4ec30c9ba65518bb7fa55835fc736226c21cc01dae0d0007967bc9d69b04e5fe5192d36ff19463a600b403cdd015a24a7d535a8b5160dd2e64b441ae9d7dd24af6c4f02d187ab20e9098cb5d2f98e09928665ff04a7a32e13c3c8e4e0fcffd9c6804df470d5d48b3e931a6a8c73222e42bb7"})
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x101)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f0000000200)={0x0, 0xd46, 0x0, 0xffffffff, 0x800000})
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r5, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r5, 0x4058534c, &(0x7f0000000000)={0x80, 0x9, 0x2, 0xe05, 0x20000, 0x28e7})
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r6, &(0x7f00000007c0)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0xd}}], 0x30, 0x8004}, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000180)={'vcan0\x00', &(0x7f0000000100)=@ethtool_rxfh={0x46, 0x1, 0x5, 0x2e, 0x6, "6e63de", 0x9}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
read(r5, 0x0, 0x0)
sendmsg$inet(r3, &(0x7f00000003c0)={&(0x7f0000000040)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)="9a", 0x1}], 0x1}, 0x4008840)
setsockopt(r3, 0x84, 0x7f, &(0x7f0000000140)="0200000009800089", 0x8)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000029000b00ffffffff0000000005"], 0x2c}}, 0x0)

1.184952371s ago: executing program 7 (id=889):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x141)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r0 = open(&(0x7f0000000100)='./file0\x00', 0x8100, 0x31)
getdents(r0, &(0x7f0000001280)=""/4075, 0xffb)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$X86_IOC_RDMSR_REGS(r0, 0xc02063a0, &(0x7f0000000000)=[0x7f, 0x4, 0x4, 0x19, 0x6, 0xc, 0x3, 0x1c])
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
open_by_handle_at(r3, 0x0, 0x1)

768.724601ms ago: executing program 0 (id=890):
mq_getsetattr(0xffffffffffffffff, 0x0, &(0x7f0000000380))
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x490002, 0x0)
openat$udambuf(0xffffffffffffff9c, &(0x7f0000000440), 0x2)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
r0 = socket(0x10, 0x3, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/consoles\x00', 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@mpls_getroute={0x1c, 0x1a, 0x1}, 0x1c}}, 0x0)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0xfffffffffffffd6b, 0x0, 0x0, &(0x7f00000000c0)=[@ip_tos_int={{0x18, 0x110}}], 0x28, 0x4c00}, 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0xe, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000007e00), r4)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000007e40)={'wpan0\x00', <r6=>0x0})
sendmsg$NL802154_CMD_SET_SEC_PARAMS(r4, &(0x7f0000007f80)={0x0, 0x0, &(0x7f0000007f40)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010029bd7000fbdbdf251500000008000300", @ANYRES32=r6, @ANYBLOB="08002a000000a905"], 0x24}, 0x1, 0x0, 0x0, 0x40040}, 0x40000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x4000084)
fsmount(r2, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x80002, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000440)={0x0, 0x700, &(0x7f0000000580)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x70bd2b, 0x0, {0x0, 0x0, 0x4, 0x0, 0x3ef, 0xf00}, [@IFLA_LINK={0x8, 0x5, r9}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x2}]}}}]}, 0x44}}, 0x4004850)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x4e2a, 0xffffffff, @mcast2, 0x9}, 0x1c)
setrlimit(0xa, &(0x7f00000000c0)={0x10000, 0x4})
sendmmsg$inet6(r7, &(0x7f0000002cc0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x28}}], 0x1, 0x4001c00)

729.33299ms ago: executing program 4 (id=891):
socket$inet6(0xa, 0x3, 0xff)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_usb_connect(0x5, 0x2d, &(0x7f0000000340)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d0009058223"], 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x6, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x28802, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x400802, 0x0)
syz_usb_connect(0x2, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120100002c23b740c71b4010b1b501020301090224000100000000090400000212c71c000905a42e7fbb00000009058202"], 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000020006600000008000300", @ANYRES32=r3, @ANYBLOB="080026006c09000008009f00010000000800b700950000"], 0x34}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180))
r4 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{}, 0x0, &(0x7f0000000200)=r6}, 0x1e)
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r5], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)=[0x7fffffff]})

616.55707ms ago: executing program 7 (id=892):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000280)='/dev/comedi0\x00', 0x5bd283, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000080)={'dt2815\x00', [0xee, 0x80008000, 0x1, 0xa, 0x0, 0x0, 0x9, 0xf, 0x1000, 0x1, 0x8, 0x5, 0x6, 0x4, 0xffff, 0x6, 0xffffffa7, 0x3, 0xfffffffd, 0x65c, 0x3ff, 0x10000, 0x800, 0x400e2df, 0x9, 0x4e, 0x4, 0x3, 0x7, 0x5, 0x5]})
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
ioctl$SIOCX25SFACILITIES(0xffffffffffffffff, 0x89e3, &(0x7f0000000080)={0x37, 0x800000, 0x8, 0x9, 0x8000})
write$bt_hci(r1, &(0x7f0000000080)=ANY=[], 0x6)
ioctl$COMEDI_DEVINFO(r0, 0x80b06401, &(0x7f0000000180))
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x3}, 0x94)
r4 = syz_usb_connect(0x0, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
r5 = syz_open_dev$I2C(&(0x7f0000001e80), 0x1, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000009500"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x63}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
ioctl$I2C_RDWR(r5, 0x707, &(0x7f00000000c0)={&(0x7f0000001600)=[{0xffff, 0x4000, 0x0, 0x0}], 0x1})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="0000080000eae47c651b63927a00000000000000"], 0x14}, 0x1, 0x0, 0x0, 0x48010}, 0x4000000)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syz_tun\x00', 0x112})
r8 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
write$uinput_user_dev(r8, &(0x7f0000000800)={'syz0\x00', {0x6, 0xe, 0x4ca0, 0x7}, 0x30, [0x7, 0x1ff, 0xfffffff7, 0x0, 0xfffffff9, 0xfff, 0xd08f, 0x1ff, 0x401, 0x3, 0xc1a02ca9, 0x6, 0x0, 0x43, 0x1, 0x2, 0x2, 0x9, 0x4000000, 0x1000, 0x6b20, 0x10006, 0x880, 0x4, 0xffffffff, 0x544dc2b2, 0xfffffffe, 0x5, 0x7, 0x0, 0xa, 0x0, 0xffffff00, 0xf4a, 0x8000, 0xd50, 0x4, 0x4, 0xde67, 0x7, 0x8, 0x1fe, 0x7a2, 0x10000, 0x7, 0x4, 0x365e, 0xfff, 0x5, 0x200005, 0x7f, 0x2, 0x1, 0xd54, 0x5, 0xffffffff, 0x4, 0x8, 0xfff, 0xd, 0x85, 0x2, 0x4, 0x6], [0x5, 0x9d21, 0x7, 0x400, 0x1c, 0x9, 0x7fff, 0xfff, 0xbf43, 0x9, 0x7fffffff, 0x6, 0x2, 0xad, 0x10, 0xd7a5, 0xf0e, 0x8, 0x2, 0xd12, 0x5, 0x9, 0x40000000, 0xfffffff9, 0x3, 0x4, 0x1, 0x1, 0xd1, 0x4, 0xdb5, 0x10000, 0x80000001, 0x100, 0x2, 0xffc, 0x4, 0xb57, 0x9, 0x7fff, 0x8, 0xb3ab, 0x4, 0x7f, 0xfffffffa, 0x9, 0xffff6700, 0x1ff, 0x7, 0x9, 0x4, 0x0, 0x200, 0x7, 0x71, 0x3, 0x392, 0xf, 0x6, 0x2, 0x10ffff, 0x6, 0x9, 0x8001], [0x1, 0x26, 0x7, 0x4, 0x400, 0xfff, 0xfffffffe, 0x7, 0xe81a, 0x5, 0x8, 0x95b, 0x2, 0x10000, 0x4, 0x8, 0xef, 0x4, 0x6, 0x0, 0x0, 0x4, 0x36, 0x7, 0x5, 0x2, 0x1000, 0x800, 0x9d0, 0x8, 0x4, 0xffffffff, 0x20001, 0x7fffffff, 0x3, 0x5, 0x888c, 0x4, 0x80, 0x81, 0x4, 0xfffffc01, 0x7, 0x4, 0x7, 0x81, 0x7fffffff, 0x9, 0x2, 0x1, 0x4, 0x1, 0x0, 0x2, 0x6, 0x0, 0x6, 0x1ff, 0x7, 0x0, 0x2d1ebe87, 0x401, 0x600, 0x4], [0xfffffffe, 0xd, 0x5, 0x3, 0x3a, 0x5, 0x8, 0x7, 0x7, 0x7fff, 0x2efe, 0x5, 0x5, 0xd, 0xdd2, 0x0, 0x3, 0x2, 0x8, 0x8, 0x8, 0x800, 0x4, 0x1, 0x2, 0x8001, 0xb, 0x4, 0x1, 0xfe7, 0x4, 0x1, 0x8, 0xb, 0x6, 0x68b1, 0x6, 0x2, 0x9a, 0x7, 0x1, 0x6, 0x24bc, 0x56, 0x6, 0xe5, 0xa751, 0x401, 0x1, 0x6, 0xc9, 0xab3, 0x58, 0xe53d, 0x29915742, 0x1, 0x0, 0x4, 0x9, 0x101, 0x7, 0x8, 0x0, 0x100]}, 0x45c)
r9 = socket$inet_udplite(0x2, 0x2, 0x88)
r10 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r10, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r11=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r10, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r11, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r10, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r11, 0x0, <r12=>0xffffffffffffffff, 0x1})
r13 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x101400, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW$syz(r13, 0x3ba0, &(0x7f0000000640)={0x48, 0x8, r12, 0x0, 0x9, 0x245fd5, 0x1, &(0x7f0000000080)="f4", 0x10000})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})

616.213401ms ago: executing program 0 (id=893):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040), 0x4)

499.806525ms ago: executing program 0 (id=894):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000700)='mm_lru_insertion\x00'}, 0x10)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@textreal={0x8, 0x0}], 0x1, 0x14, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@x86={0x7, 0x87, 0xc, 0x0, 0x1, 0xb5, 0x7, 0x75, 0xf2, 0x5, 0x2, 0x61, 0x0, 0x40, 0x7, 0x7, 0x8, 0x60, 0xe1, '\x00', 0x1, 0x1})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000680)={"1b4db8646c2c1008d7ca34ff9b7950e52da2b20ae65ee10eb481f3d43d6226cfe7ddebd1863266c895a51468666102f254abf26eefa360008f8c3d51a01c811ec7c3cd307ed1e6595c06461432fee6a0ceef0e98d32679133edf1b3ab58f20d622a2d4ba5f10bf95e2975b75d9f68008630a557264cbf307ca7e416c98493aeed24498ee2f6867fd6a6a91ff3fd03ea383f99c897498896b61bcae75d69b83a4f0a55e63ae9b70eb32ab600af7be63f8762e575bd964de889cc45fc0b5367b8bcb2f44e1a3bf9879b46f589419ba4ebab6e033863c0fd099cf2bb09bd0a8d75af115ea42963b1ec37b04c261db8a41e9bab68d2905b4c98167ec40927b0238835e2a41b48df887791f340d70cbd53a8a700916f91ca7f97a5bc90c9ba9d9d0063e55dcb8a4689eaf20c9fa96d02c7413c0f0d42cc1fa714bea3debfb15ee77b083205e62383f3ae2374c00a88bd2639f9b7c019ac3aa7dd993f2dd17db1b24c89c20e913f08f6015250b0c92143334e98dc29716cdf286a4ecf50d4d0fa74b135966d1295343ec49b527727f30d78faa8aa13a563fc6b4e972255427ce166bb22fd77aa6d57af7c3ef2de986ec610af32df260782b15f2b886135f5794049514cbb48929007f9c5d4f328cc3838b6bc91e2f539597c117e90e64cca839e426c1787bbe20131060c7c9e00344b0ff2fb7ffb1bb6e14596ea905329aa07f4d11d3786048990a0b2e7c9d6b752d4d4248e3a3f128d43ef6752b634fb4e6fa520c8d4959cdb0e7a22f4ebae181a76bb459d98d342010d4c14a87b71a2cbaf3a53ae31ff8d630391d6b8d782b17f7ea63bdb971a675f3fc0466aa88c1b925edbd2d7eec53e06dc6d3b355a3c8f178912b01516b4f2acf72d29e149618e049f53b021bc679941d4934ba1b4a015d73ae1299a0bf4bd4c0ccb3447cd5f278129bb2f6566d57d1b828262010f0b83a8626b4b63aa13d6f4ecd4f8e36a20a689f160c372d9502adbf88ebabd54fe288394d150df81e2126eef4f38766dc909f250cbd7a3e0db61e82feffbf8153a0640b787888a9ba140432b89d7bc1837856dadf33a4205d5d1569098545a155653d925fe2458802d0bc22fee993ca40fc2b2b63c9cd1413e8d3cb93d770299abbe3cea0490dc36e7de009bfb73cff7a6a7c524f430e4bef7876b74bf384c68b797c0745358ef59aad22dbe5029fd279b8bd93fa23e61be4b35b02eb847d86df963285fb28489e87034dfc15bf4e0f1fb0639a52613240a74707ce381082bede91aeb0766a4ec30c9ba65518bb7fa55835fc736226c21cc01dae0d0007967bc9d69b04e5fe5192d36ff19463a600b403cdd015a24a7d535a8b5160dd2e64b441ae9d7dd24af6c4f02d187ab20e9098cb5d2f98e09928665ff04a7a32e13c3c8e4e0fcffd9c6804df470d5d48b3e931a6a8c73222e42bb7"})
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x101)
ioctl$FS_IOC_FSSETXATTR(r5, 0x401c5820, &(0x7f0000000200)={0x0, 0xd46, 0x0, 0xffffffff, 0x800000})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f0000000000)={0x80, 0x9, 0x2, 0xe05, 0x20000, 0x28e7})
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r6, &(0x7f00000007c0)={&(0x7f0000000040)={0x2, 0x0, @local}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0xd}}], 0x30, 0x8004}, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000180)={'vcan0\x00', &(0x7f0000000100)=@ethtool_rxfh={0x46, 0x1, 0x5, 0x2e, 0x6, "6e63de", 0x9}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
sendmsg$inet(r4, &(0x7f00000003c0)={&(0x7f0000000040)={0x2, 0x4e22, @rand_addr=0x64010101}, 0x10, &(0x7f0000000000)=[{&(0x7f00000000c0)="9a", 0x1}], 0x1}, 0x4008840)
setsockopt(r4, 0x84, 0x7f, &(0x7f0000000140)="0200000009800089", 0x8)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c00000029000b00ffffffff0000000005"], 0x2c}}, 0x0)

84.993368ms ago: executing program 6 (id=895):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000040)={0x0, @bt={0xa00, 0x28, 0x1, 0x1, 0xd59f7f, 0x19fa, 0x3b, 0x19ef, 0x3, 0x5, 0x2800, 0x2800, 0x3, 0x4ffcf8a9, 0x0, 0x0, {0x8, 0xffffffff}, 0xd1, 0x9}})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setpipe(r1, 0x407, 0x7000000)
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f00000000c0)={0x0, 0x3000, 0x0, 0x0, 0x0, 0x3cd})
pipe2$watch_queue(&(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3})
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r2, 0x5760, 0x5e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r6 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r6, 0x8933, 0x0)
bind$can_j1939(r6, 0x0, 0x0)
r7 = epoll_create(0x2)
setfsgid(0xee00)
syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f0000000040)='syscall\x00')
pread64(r8, &(0x7f0000000500)=""/31, 0x1f, 0x40000000009)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000080)={0x3000200a})
sendto$inet6(r5, &(0x7f00000004c0)="4747135f6fc2e0d41231cb53d9200128da8c2299af14b35b05219d463b6bc7b36d9626a6ff517591f014fb5fee2cd82055aa05a8cf03ef2635ba467a92ac0cbf3dafaffff6008ae6dd78da314d7ec7c3f89a91afc0dd4abfeb5270f4198e5d310ccdae130cccd7314b0065121c375d81ccc78032a86ff9514531e98fbe151254d48a85e2fc5703d1a3bd7328d1bb4a17ef1177a31518c1229a1077cb96f3df95e27f5fc4882b5fb39ad7b9c1201b08513d02dede7eed54511ed663faba48a329490854d2a4ec9db6b96c4e5c7afb9d8236b4a7eb91d3f28b6cdf348c5e344b2076bedc8f3685ede7e260d96fb46bd0f3fc604fdb", 0xf4, 0x408a1, 0x0, 0x0)

0s ago: executing program 0 (id=896):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
mknod(0x0, 0x8001420, 0x0)
openat$comedi(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
socket$netlink(0x10, 0x3, 0x0)
syz_open_dev$vbi(&(0x7f0000000b80), 0x3, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0x1, &(0x7f0000000140)={0x26da8e97, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r5)
mkdir(&(0x7f0000000100)='./control\x00', 0x0)
rmdir(&(0x7f0000000040)='./control\x00')
openat$cgroup_freezer_state(r5, &(0x7f0000000080), 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f00000002c0)={'ip6_vti0\x00', &(0x7f0000000140)=@ethtool_cmd={0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x8, 0x0, 0x0, 0x4, 0x0, 0xfffff7fc, 0x0, 0x0, 0x0, 0x47, [0x4, 0x80]}})

kernel console output (not intermixed with test programs):

ss `syz.3.177'.
[  120.936743][ T6614] netlink: 4 bytes leftover after parsing attributes in process `syz.3.177'.
[  122.262127][ T6623] veth1_macvtap: left promiscuous mode
[  122.267664][ T6623] macsec0: entered promiscuous mode
[  122.272944][ T6623] macsec0: entered allmulticast mode
[  122.281658][ T6624] veth1_macvtap: entered promiscuous mode
[  122.287407][ T6624] veth1_macvtap: entered allmulticast mode
[  122.293444][ T6624] macsec0: left promiscuous mode
[  122.298517][ T6624] macsec0: left allmulticast mode
[  122.303610][ T6624] veth1_macvtap: left allmulticast mode
[  122.626236][   T30] audit: type=1400 audit(1753404298.238:353): avc:  denied  { connect } for  pid=6626 comm="syz.4.182" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  122.695995][ T5837] Bluetooth: hci3: link tx timeout
[  122.712262][ T5837] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  122.736246][ T5831] Bluetooth: hci3: link tx timeout
[  122.741880][ T5831] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  122.777537][ T5831] Bluetooth: hci3: link tx timeout
[  122.833093][ T5831] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  122.870742][ T6636] SELinux:  Context system_u:object_r:bsdpty_device_t:s0 is not valid (left unmapped).
[  123.005645][   T30] audit: type=1400 audit(1753404298.478:354): avc:  denied  { relabelfrom } for  pid=6626 comm="syz.4.182" name="NETLINK" dev="sockfs" ino=10425 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  123.018787][ T6634] netlink: 24 bytes leftover after parsing attributes in process `syz.3.184'.
[  123.051334][ T6629] 9pnet: Could not find request transport: fd0x000000000000000a0xffffffffffffffff
[  123.427094][ T6647] overlayfs: conflicting lowerdir path
[  123.881370][ T6649] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  124.220361][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  124.220379][   T30] audit: type=1400 audit(1753404299.758:360): avc:  denied  { read } for  pid=6651 comm="syz.4.189" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  124.365063][ T6654] netlink: 16 bytes leftover after parsing attributes in process `syz.1.190'.
[  124.409475][ T6657] netlink: 16 bytes leftover after parsing attributes in process `syz.1.190'.
[  124.419982][   T30] audit: type=1400 audit(1753404300.018:361): avc:  denied  { ioctl } for  pid=6653 comm="syz.1.190" path="/dev/sg0" dev="devtmpfs" ino=768 ioctlcmd=0x5393 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  124.672960][   T30] audit: type=1400 audit(1753404300.288:362): avc:  denied  { read write } for  pid=6666 comm="syz.2.193" name="rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  124.716095][   T30] audit: type=1400 audit(1753404300.288:363): avc:  denied  { open } for  pid=6666 comm="syz.2.193" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=1271 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  124.770934][ T5837] Bluetooth: hci3: command 0x0406 tx timeout
[  124.805000][ T6667] ucma_write: process 157 (syz.2.193) changed security contexts after opening file descriptor, this is not allowed.
[  125.286102][   T30] audit: type=1400 audit(1753404300.898:364): avc:  denied  { sys_module } for  pid=6669 comm="syz.3.194" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  125.729440][ T6678] tc_dump_action: action bad kind
[  125.738781][ T6678] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=47 sclass=netlink_route_socket pid=6678 comm=syz.2.195
[  125.798163][   T30] audit: type=1326 audit(1753404301.388:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6633 comm="syz.0.183" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae2558e9a9 code=0x7fc00000
[  126.286375][ T6683] netlink: 20 bytes leftover after parsing attributes in process `syz.2.197'.
[  126.309939][ T6683] netlink: 48 bytes leftover after parsing attributes in process `syz.2.197'.
[  127.000773][   T30] audit: type=1400 audit(1753404302.618:366): avc:  denied  { ioctl } for  pid=6684 comm="syz.3.198" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  127.180008][   T30] audit: type=1400 audit(1753404302.788:367): avc:  denied  { read } for  pid=6689 comm="syz.2.200" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  127.204325][ T6699] netlink: 60 bytes leftover after parsing attributes in process `syz.4.201'.
[  127.217123][ T6699] netlink: 60 bytes leftover after parsing attributes in process `syz.4.201'.
[  127.460526][ T6692] program syz.2.200 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  127.501686][ T6692] program syz.2.200 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  127.511268][ T6692] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  127.660666][   T30] audit: type=1400 audit(1753404302.788:368): avc:  denied  { open } for  pid=6689 comm="syz.2.200" path="/dev/input/mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  127.787845][   T30] audit: type=1400 audit(1753404302.828:369): avc:  denied  { ioctl } for  pid=6689 comm="syz.2.200" path="/dev/input/mice" dev="devtmpfs" ino=916 ioctlcmd=0x5663 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  128.778309][ T6729] netlink: 20 bytes leftover after parsing attributes in process `syz.2.211'.
[  128.801944][ T6729] netlink: 48 bytes leftover after parsing attributes in process `syz.2.211'.
[  128.891078][ T6731] trusted_key: encrypted_key: insufficient parameters specified
[  130.236667][ T6742] netlink: 16 bytes leftover after parsing attributes in process `syz.1.214'.
[  132.240401][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  132.240421][   T30] audit: type=1400 audit(1753404307.828:372): avc:  denied  { create } for  pid=6763 comm="syz.0.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  132.376064][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  132.380250][   T30] audit: type=1400 audit(1753404307.848:373): avc:  denied  { read } for  pid=6763 comm="syz.0.221" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  132.522796][   T30] audit: type=1400 audit(1753404307.908:374): avc:  denied  { getattr } for  pid=6760 comm="syz.4.220" name="/" dev="pidfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  132.604672][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  132.834545][ T6776] netlink: 20 bytes leftover after parsing attributes in process `syz.1.224'.
[  132.869870][ T6776] netlink: 48 bytes leftover after parsing attributes in process `syz.1.224'.
[  133.240380][   T30] audit: type=1400 audit(1753404308.838:375): avc:  denied  { create } for  pid=6770 comm="syz.0.223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  133.692113][   T30] audit: type=1400 audit(1753404308.858:376): avc:  denied  { bind } for  pid=6770 comm="syz.0.223" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  134.016278][ T6786] netlink: 12 bytes leftover after parsing attributes in process `syz.4.226'.
[  135.254054][ T6796] trusted_key: encrypted_key: insufficient parameters specified
[  135.390082][ T6798] netlink: 8 bytes leftover after parsing attributes in process `syz.2.228'.
[  135.432869][   T30] audit: type=1400 audit(1753404311.048:377): avc:  denied  { ioctl } for  pid=6794 comm="syz.2.228" path="socket:[11373]" dev="sockfs" ino=11373 ioctlcmd=0x8929 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  135.704083][   T30] audit: type=1400 audit(1753404311.088:378): avc:  denied  { mount } for  pid=6794 comm="syz.2.228" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  135.956668][   T30] audit: type=1400 audit(1753404311.568:379): avc:  denied  { unmount } for  pid=5830 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  136.372549][ T6810] 8021q: VLANs not supported on ipvlan1
[  136.421037][ T6812] netlink: 'syz.0.231': attribute type 21 has an invalid length.
[  136.428861][    T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  136.437376][ T6812] IPv6: NLM_F_CREATE should be specified when creating new route
[  136.642649][    T9] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  136.683771][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.700101][    T9] usb 5-1: config 0 descriptor??
[  136.716349][    T9] cp210x 5-1:0.0: cp210x converter detected
[  136.930742][    T9] cp210x 5-1:0.0: failed to get vendor val 0x0010 size 3: -71
[  136.931204][   T30] audit: type=1400 audit(1753404312.528:380): avc:  denied  { write } for  pid=6814 comm="syz.3.233" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  137.260205][    T9] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71
[  137.725817][    T9] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  137.756120][    T9] usb 5-1: cp210x converter now attached to ttyUSB0
[  137.785086][   T30] audit: type=1400 audit(1753404312.528:381): avc:  denied  { open } for  pid=6814 comm="syz.3.233" path="/dev/nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  137.850596][    T9] usb 5-1: USB disconnect, device number 14
[  137.880730][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  137.888525][   T30] audit: type=1400 audit(1753404312.848:382): avc:  denied  { write } for  pid=6814 comm="syz.3.233" path="socket:[10747]" dev="sockfs" ino=10747 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  137.991787][    T9] cp210x 5-1:0.0: device disconnected
[  138.829731][ T6835] netlink: 20 bytes leftover after parsing attributes in process `syz.1.236'.
[  138.852315][ T6835] netlink: 48 bytes leftover after parsing attributes in process `syz.1.236'.
[  139.346456][ T6847] netlink: 28 bytes leftover after parsing attributes in process `syz.1.242'.
[  140.719187][   T30] audit: type=1400 audit(1753404316.248:383): avc:  denied  { append } for  pid=6864 comm="syz.3.245" name="ubi_ctrl" dev="devtmpfs" ino=706 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  141.387999][   T30] audit: type=1400 audit(1753404316.998:384): avc:  denied  { name_connect } for  pid=6870 comm="syz.4.247" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[  141.738269][ T5944] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  141.931876][ T5944] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  141.944563][ T5944] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  141.955147][ T5944] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  142.104779][ T6883] tmpfs: Bad value for 'mpol'
[  142.759053][ T6887] mac80211_hwsim hwsim8 »»»»»»: renamed from wlan0 (while UP)
[  142.789550][ T5913] libceph: connect (1)[c::]:6789 error -101
[  142.801897][ T5944] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  142.991595][ T5913] libceph: mon0 (1)[c::]:6789 connect error
[  143.143490][ T6885] ceph: No mds server is up or the cluster is laggy
[  143.248998][ T5944] usb 5-1: SerialNumber: syz
[  143.690837][   T57] libceph: connect (1)[c::]:6789 error -101
[  143.722243][   T57] libceph: mon0 (1)[c::]:6789 connect error
[  143.753796][ T5944] usb 5-1: 0:2 : does not exist
[  143.773415][ T5944] usb 5-1: unit 255 not found!
[  143.778230][ T5944] usb 5-1: unit 6 not found!
[  143.887843][ T5944] usb 5-1: USB disconnect, device number 15
[  143.967479][   T30] audit: type=1400 audit(1753404319.578:385): avc:  denied  { write } for  pid=6894 comm="syz.2.252" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  144.069385][ T6028] udevd[6028]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  144.751772][ T6913] netlink: 128 bytes leftover after parsing attributes in process `syz.0.255'.
[  144.761001][ T6913] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  145.514837][ T6923] xt_hashlimit: max too large, truncated to 1048576
[  145.522596][ T6923] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  145.629777][   T30] audit: type=1400 audit(1753404321.238:386): avc:  denied  { listen } for  pid=6921 comm="syz.4.260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  145.705446][ T6926] netlink: 8 bytes leftover after parsing attributes in process `syz.2.259'.
[  145.746044][   T30] audit: type=1400 audit(1753404321.318:387): avc:  denied  { bind } for  pid=6917 comm="syz.2.259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  145.968177][ T6934] netlink: 204 bytes leftover after parsing attributes in process `syz.0.263'.
[  147.171781][ T6932] autofs: Unknown parameter './file0'
[  147.723555][ T5892] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  147.774286][ T5952] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -2). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  147.788849][ T5885] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -2). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  147.814192][ T5892] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  148.282872][ T5892] usb 4-1: Direct firmware load for dvb-usb-s630.fw failed with error -2
[  148.298246][   T30] audit: type=1400 audit(1753404323.568:388): avc:  denied  { name_bind } for  pid=6946 comm="syz.4.269" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  148.319729][    C0] vkms_vblank_simulate: vblank timer overrun
[  148.366104][ T5952] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  148.376897][ T5885] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  148.397127][ T5892] usb 4-1: Falling back to sysfs fallback for: dvb-usb-s630.fw
[  148.442394][ T6941] lo speed is unknown, defaulting to 1000
[  148.564190][   T30] audit: type=1400 audit(1753404323.588:389): avc:  denied  { read } for  pid=6946 comm="syz.4.269" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  148.587157][    C0] vkms_vblank_simulate: vblank timer overrun
[  148.633629][   T30] audit: type=1400 audit(1753404323.588:390): avc:  denied  { open } for  pid=6946 comm="syz.4.269" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  148.657026][    C0] vkms_vblank_simulate: vblank timer overrun
[  148.749723][   T30] audit: type=1400 audit(1753404323.588:391): avc:  denied  { ioctl } for  pid=6946 comm="syz.4.269" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x9372 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  148.774631][    C0] vkms_vblank_simulate: vblank timer overrun
[  148.876373][   T30] audit: type=1400 audit(1753404324.468:392): avc:  denied  { write } for  pid=6955 comm="syz.4.271" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  149.035679][ T6962] siw: device registration error -23
[  149.804666][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  149.836726][   T30] audit: type=1400 audit(1753404325.448:393): avc:  denied  { mounton } for  pid=6967 comm="syz.4.274" path="/proc/201/task" dev="proc" ino=10968 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  149.897905][   T10] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  150.195883][   T30] audit: type=1326 audit(1753404325.448:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6967 comm="syz.4.274" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8efa58e9a9 code=0x0
[  150.218701][    C0] vkms_vblank_simulate: vblank timer overrun
[  150.460085][   T57] libceph: connect (1)[c::]:6789 error -101
[  150.466624][   T57] libceph: mon0 (1)[c::]:6789 connect error
[  150.546711][   T30] audit: type=1400 audit(1753404326.158:395): avc:  denied  { read } for  pid=6980 comm="syz.3.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  150.736722][ T6971] ceph: No mds server is up or the cluster is laggy
[  150.743759][ T5944] libceph: connect (1)[c::]:6789 error -101
[  150.749733][ T5944] libceph: mon0 (1)[c::]:6789 connect error
[  150.916175][   T30] audit: type=1400 audit(1753404326.508:396): avc:  denied  { create } for  pid=6980 comm="syz.3.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  150.958862][   T30] audit: type=1400 audit(1753404326.508:397): avc:  denied  { connect } for  pid=6980 comm="syz.3.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  151.060454][   T30] audit: type=1400 audit(1753404326.618:398): avc:  denied  { setopt } for  pid=6980 comm="syz.3.277" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  151.620252][ T6995] lo speed is unknown, defaulting to 1000
[  151.790979][ T7000] netlink: 'syz.4.279': attribute type 4 has an invalid length.
[  151.798712][ T7000] netlink: 152 bytes leftover after parsing attributes in process `syz.4.279'.
[  151.834066][ T7000] : renamed from bond0 (while UP)
[  151.985496][   T30] audit: type=1400 audit(1753404327.598:399): avc:  denied  { audit_write } for  pid=6997 comm="syz.4.279" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  152.022216][ T6995] lo speed is unknown, defaulting to 1000
[  152.263568][   T30] audit: type=1400 audit(1753404327.858:400): avc:  denied  { create } for  pid=7004 comm="syz.4.280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  152.350649][   T30] audit: type=1400 audit(1753404327.868:401): avc:  denied  { connect } for  pid=7004 comm="syz.4.280" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  152.369921][    C0] vkms_vblank_simulate: vblank timer overrun
[  153.936943][   T30] audit: type=1400 audit(1753404329.548:402): avc:  denied  { connect } for  pid=7057 comm="syz.2.288" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  154.275877][ T7070] netlink: 10 bytes leftover after parsing attributes in process `syz.2.290'.
[  154.940210][   T30] kauditd_printk_skb: 1 callbacks suppressed
[  154.940225][   T30] audit: type=1400 audit(1753404330.548:404): avc:  denied  { mounton } for  pid=7080 comm="syz.0.294" path="/55/file1" dev="tmpfs" ino=304 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  154.969429][    C0] vkms_vblank_simulate: vblank timer overrun
[  155.096611][ T7079] Driver unsupported XDP return value 0 on prog  (id 65) dev N/A, expect packet loss!
[  155.337319][   T30] audit: type=1400 audit(1753404330.948:405): avc:  denied  { bind } for  pid=7080 comm="syz.0.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  155.683580][ T7081] 9pnet: Could not find request transport: fdö
[  155.739049][   T30] audit: type=1400 audit(1753404330.948:406): avc:  denied  { getopt } for  pid=7080 comm="syz.0.294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  155.804154][ T7088] kvm: vcpu 0: requested 3584 ns lapic timer period limited to 200000 ns
[  156.107187][   T30] audit: type=1400 audit(1753404331.488:407): avc:  denied  { bind } for  pid=7086 comm="syz.2.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  156.159625][   T30] audit: type=1400 audit(1753404331.488:408): avc:  denied  { write } for  pid=7086 comm="syz.2.295" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  156.347885][   T30] audit: type=1400 audit(1753404331.958:409): avc:  denied  { mounton } for  pid=7091 comm="syz.3.296" path="/61/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=file permissive=1
[  156.399290][   T30] audit: type=1400 audit(1753404332.008:410): avc:  denied  { setopt } for  pid=7096 comm="syz.0.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  156.533830][   T30] audit: type=1400 audit(1753404332.128:411): avc:  denied  { getopt } for  pid=7096 comm="syz.0.298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  156.554110][    C0] vkms_vblank_simulate: vblank timer overrun
[  156.915457][   T57] libceph: connect (1)[c::]:6789 error -101
[  156.928045][   T57] libceph: mon0 (1)[c::]:6789 connect error
[  156.979720][   T30] audit: type=1400 audit(1753404332.588:412): avc:  denied  { shutdown } for  pid=7106 comm="syz.3.300" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  157.039405][ T7102] ceph: No mds server is up or the cluster is laggy
[  157.058633][   T30] audit: type=1400 audit(1753404332.618:413): avc:  denied  { read } for  pid=7106 comm="syz.3.300" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  157.200836][   T57] libceph: connect (1)[c::]:6789 error -101
[  157.220641][   T57] libceph: mon0 (1)[c::]:6789 connect error
[  157.860645][ T7115] tipc: Started in network mode
[  157.875957][ T7115] tipc: Node identity ac1414aa, cluster identity 4711
[  157.908784][ T7115] tipc: Enabled bearer <udp:syz2>, priority 10
[  158.804944][ T5944] libceph: connect (1)[c::]:6789 error -101
[  158.820568][ T5944] libceph: mon0 (1)[c::]:6789 connect error
[  158.988092][ T7136] netlink: 8 bytes leftover after parsing attributes in process `syz.3.304'.
[  159.285436][ T7139] netlink: 60 bytes leftover after parsing attributes in process `syz.4.305'.
[  159.294641][ T7139] netlink: 60 bytes leftover after parsing attributes in process `syz.4.305'.
[  159.423437][   T10] tipc: Node number set to 2886997162
[  159.771572][ T7126] ceph: No mds server is up or the cluster is laggy
[  159.966510][ T7152] syz.4.311: attempt to access beyond end of device
[  159.966510][ T7152] nbd4: rw=2048, sector=0, nr_sectors = 8 limit=0
[  160.018406][ T7152] SQUASHFS error: Failed to read block 0x0: -5
[  160.030994][ T7152] unable to read squashfs_super_block
[  161.662386][ T7177] mac80211_hwsim hwsim10 »»»»»»: renamed from wlan0 (while UP)
[  161.749929][ T5944] libceph: connect (1)[c::]:6789 error -101
[  161.819746][ T5944] libceph: mon0 (1)[c::]:6789 connect error
[  162.068986][ T7174] ceph: No mds server is up or the cluster is laggy
[  162.213394][ T7184] netlink: 8 bytes leftover after parsing attributes in process `syz.2.320'.
[  162.222270][ T7184] netlink: 12 bytes leftover after parsing attributes in process `syz.2.320'.
[  162.280225][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  162.280243][   T30] audit: type=1400 audit(1753404337.858:417): avc:  denied  { connect } for  pid=7181 comm="syz.2.320" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  162.553220][   T30] audit: type=1400 audit(1753404338.148:418): avc:  denied  { write } for  pid=7186 comm="syz.4.321" name="mouse0" dev="devtmpfs" ino=987 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  163.108310][ T7192] netlink: 60 bytes leftover after parsing attributes in process `syz.0.322'.
[  163.117896][ T7192] netlink: 60 bytes leftover after parsing attributes in process `syz.0.322'.
[  164.007282][ T7195] netlink: 'syz.0.325': attribute type 10 has an invalid length.
[  164.034753][ T7195] team0: Device ipvlan1 failed to register rx_handler
[  164.918699][   T30] audit: type=1400 audit(1753404340.528:419): avc:  denied  { bind } for  pid=7215 comm="syz.2.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  164.957827][   T30] audit: type=1400 audit(1753404340.558:420): avc:  denied  { listen } for  pid=7215 comm="syz.2.331" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  165.001703][   T30] audit: type=1400 audit(1753404340.558:421): avc:  denied  { append } for  pid=7215 comm="syz.2.331" name="001" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  165.221616][ T7230] netlink: 20 bytes leftover after parsing attributes in process `syz.0.332'.
[  165.260053][ T7230] vlan2: entered promiscuous mode
[  165.265340][ T7230] bridge0: entered promiscuous mode
[  165.274332][ T7230] vlan2: entered allmulticast mode
[  165.280089][ T7230] bridge0: entered allmulticast mode
[  165.752413][ T7238] futex_wake_op: syz.0.334 tries to shift op by 32; fix this program
[  165.768616][ T7241] =======================================================
[  165.768616][ T7241] WARNING: The mand mount option has been deprecated and
[  165.768616][ T7241]          and is ignored by this kernel. Remove the mand
[  165.768616][ T7241]          option from the mount to silence this warning.
[  165.768616][ T7241] =======================================================
[  165.815122][ T7241] cgroup: subsys name conflicts with all
[  165.830012][   T30] audit: type=1400 audit(1753404341.438:422): avc:  denied  { listen } for  pid=7240 comm="syz.4.335" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  165.944578][ T7245] netlink: 60 bytes leftover after parsing attributes in process `syz.3.336'.
[  165.953702][ T7245] netlink: 60 bytes leftover after parsing attributes in process `syz.3.336'.
[  166.709233][ T7254] netlink: 24 bytes leftover after parsing attributes in process `syz.0.339'.
[  166.770086][   T30] audit: type=1400 audit(1753404342.378:423): avc:  denied  { connect } for  pid=7256 comm="syz.3.340" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  167.124406][   T57] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  167.198767][ T7261] 9pnet_fd: Insufficient options for proto=fd
[  167.198766][   T30] audit: type=1400 audit(1753404342.808:424): avc:  denied  { remount } for  pid=7260 comm="syz.3.341" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  167.315594][   T57] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  167.328286][   T57] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 79
[  167.346084][   T57] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  167.361331][   T57] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[  167.428337][   T57] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.660749][   T57] usb 5-1: config 0 descriptor??
[  167.759318][ T7251] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  168.403996][ T7271] MTD: Attempt to mount non-MTD device "/dev/nullb0"
[  168.414270][ T7271] cramfs: wrong magic
[  168.473384][   T30] audit: type=1400 audit(1753404344.088:425): avc:  denied  { read } for  pid=7276 comm="syz.1.345" path="socket:[12275]" dev="sockfs" ino=12275 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  168.514755][   T30] audit: type=1400 audit(1753404344.128:426): avc:  denied  { append } for  pid=7276 comm="syz.1.345" name="sg0" dev="devtmpfs" ino=768 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  168.618660][   T30] audit: type=1400 audit(1753404344.228:427): avc:  denied  { map } for  pid=7281 comm="syz.3.346" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  168.643562][   T30] audit: type=1400 audit(1753404344.228:428): avc:  denied  { execute } for  pid=7281 comm="syz.3.346" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  169.091927][   T57] ath6kl: Failed to submit usb control message: -110
[  169.099238][   T57] ath6kl: unable to send the bmi data to the device: -110
[  169.117677][   T57] ath6kl: Unable to send get target info: -110
[  169.204775][   T57] ath6kl: Failed to init ath6kl core: -110
[  169.354158][   T57] ath6kl_usb 5-1:0.0: probe with driver ath6kl_usb failed with error -110
[  169.504252][   T57] usb 5-1: USB disconnect, device number 16
[  169.671858][ T7296] netlink: 60 bytes leftover after parsing attributes in process `syz.4.350'.
[  169.681143][ T7296] netlink: 60 bytes leftover after parsing attributes in process `syz.4.350'.
[  170.030132][ T5970] kernel read not supported for file /dsp1 (pid: 5970 comm: kworker/0:6)
[  171.307664][   T30] audit: type=1326 audit(1753404346.898:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7307 comm="syz.0.353" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fae2558e9a9 code=0x0
[  171.487462][   T30] audit: type=1400 audit(1753404347.098:430): avc:  denied  { setopt } for  pid=7308 comm="syz.4.354" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  172.701936][ T7325] netlink: 'syz.4.358': attribute type 10 has an invalid length.
[  173.253095][ T7325] team0: Port device wlan1 added
[  173.287028][   T30] audit: type=1400 audit(1753404348.464:431): avc:  denied  { read write } for  pid=7321 comm="syz.0.356" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  173.342150][   T30] audit: type=1400 audit(1753404348.464:432): avc:  denied  { open } for  pid=7321 comm="syz.0.356" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  174.141950][   T30] audit: type=1400 audit(1753404349.577:433): avc:  denied  { read } for  pid=7337 comm="syz.4.361" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  174.422269][ T7350] netlink: 60 bytes leftover after parsing attributes in process `syz.1.364'.
[  174.431367][ T7350] netlink: 60 bytes leftover after parsing attributes in process `syz.1.364'.
[  175.320786][ T7358] syzkaller1: entered promiscuous mode
[  175.326402][   T30] audit: type=1400 audit(1753404350.681:434): avc:  denied  { ioctl } for  pid=7357 comm="syz.4.366" path="socket:[12825]" dev="sockfs" ino=12825 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  175.360542][ T7358] syzkaller1: entered allmulticast mode
[  176.341260][ T7375] netlink: 'syz.1.370': attribute type 1 has an invalid length.
[  176.349636][ T7375] netlink: 136 bytes leftover after parsing attributes in process `syz.1.370'.
[  176.359704][ T7375] netlink: 'syz.1.370': attribute type 2 has an invalid length.
[  176.371896][ T7375] netlink: 'syz.1.370': attribute type 1 has an invalid length.
[  177.772640][ T7386] workqueue: Failed to create a rescuer kthread for wq "ceph-completion": -EINTR
[  177.967815][ T7395] fuse: Unknown parameter 'group
'
[  177.987440][   T30] audit: type=1400 audit(1753404353.179:435): avc:  denied  { connect } for  pid=7393 comm="syz.3.374" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  177.991624][ T7397] netlink: 'syz.3.374': attribute type 1 has an invalid length.
[  178.072532][ T7397] 8021q: adding VLAN 0 to HW filter on device bond1
[  178.122245][ T7401] bond1: (slave geneve2): making interface the new active one
[  178.152714][ T7398] netlink: 'syz.1.373': attribute type 33 has an invalid length.
[  178.160797][ T7398] netlink: 152 bytes leftover after parsing attributes in process `syz.1.373'.
[  178.186766][ T7401] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  178.207698][ T7404] netlink: 4 bytes leftover after parsing attributes in process `syz.1.373'.
[  178.242438][ T7397] netlink: 28 bytes leftover after parsing attributes in process `syz.3.374'.
[  178.264730][ T7401] syz.3.374 (7401) used greatest stack depth: 21144 bytes left
[  178.290251][  T974] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  178.350897][   T30] audit: type=1400 audit(1753404353.515:436): avc:  denied  { create } for  pid=7402 comm="syz.0.376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  178.410121][   T30] audit: type=1400 audit(1753404353.515:437): avc:  denied  { read } for  pid=7402 comm="syz.0.376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  178.436366][   T30] audit: type=1400 audit(1753404353.581:438): avc:  denied  { write } for  pid=7402 comm="syz.0.376" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  178.493366][  T974] usb 5-1: Using ep0 maxpacket: 32
[  178.508040][  T974] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  178.553727][ T7411] netlink: 60 bytes leftover after parsing attributes in process `syz.3.378'.
[  178.562843][ T7411] netlink: 60 bytes leftover after parsing attributes in process `syz.3.378'.
[  178.752373][  T974] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.767190][  T974] usb 5-1: config 0 descriptor??
[  178.780176][  T974] as10x_usb: device has been detected
[  178.788344][  T974] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  178.823809][  T974] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  178.872037][  T974] as10x_usb: error during firmware upload part1
[  178.882403][   T30] audit: type=1400 audit(1753404353.992:439): avc:  denied  { firmware_load } for  pid=974 comm="kworker/0:2" path="/lib/firmware/as102_data1_st.hex" dev="sda1" ino=297 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  178.913087][  T974] Registered device nBox DVB-T Dongle
[  179.360633][    T9] usb 5-1: USB disconnect, device number 17
[  179.426674][    T9] Unregistered device nBox DVB-T Dongle
[  179.431953][    T9] as10x_usb: device has been disconnected
[  179.528876][ T7416] overlayfs: missing 'lowerdir'
[  179.573098][   T30] audit: type=1400 audit(1753404354.610:440): avc:  denied  { create } for  pid=7414 comm="syz.0.379" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  179.801701][ T7419] netlink: 24 bytes leftover after parsing attributes in process `syz.3.380'.
[  181.607158][ T5831] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  181.625926][ T5831] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  181.634435][ T5831] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  181.643382][ T5831] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  181.650805][ T5831] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  181.717472][   T30] audit: type=1400 audit(1753404356.649:441): avc:  denied  { mounton } for  pid=7439 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[  181.781116][ T7439] lo speed is unknown, defaulting to 1000
[  182.084919][   T30] audit: type=1400 audit(1753404356.939:442): avc:  denied  { ioctl } for  pid=7445 comm="syz.1.388" path="socket:[13668]" dev="sockfs" ino=13668 ioctlcmd=0x8946 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  182.217841][ T7450] netlink: 8 bytes leftover after parsing attributes in process `syz.4.389'.
[  183.355849][ T7457] netlink: 60 bytes leftover after parsing attributes in process `syz.4.391'.
[  183.371069][ T7457] netlink: 60 bytes leftover after parsing attributes in process `syz.4.391'.
[  183.404503][   T30] audit: type=1400 audit(1753404358.248:443): avc:  denied  { getopt } for  pid=7462 comm="syz.1.392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  183.607078][ T7439] chnl_net:caif_netlink_parms(): no params data found
[  183.842425][ T7439] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.853780][ T7439] bridge0: port 1(bridge_slave_0) entered disabled state
[  183.865452][ T7439] bridge_slave_0: entered allmulticast mode
[  183.875065][ T7439] bridge_slave_0: entered promiscuous mode
[  183.882345][ T5837] Bluetooth: hci5: command tx timeout
[  183.956314][ T7439] bridge0: port 2(bridge_slave_1) entered blocking state
[  184.111923][ T7493] trusted_key: encrypted_key: insufficient parameters specified
[  184.237846][ T7439] bridge0: port 2(bridge_slave_1) entered disabled state
[  184.251367][ T7439] bridge_slave_1: entered allmulticast mode
[  184.340131][ T7439] bridge_slave_1: entered promiscuous mode
[  185.173048][ T7439] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.198720][ T7439] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.372407][ T7439] team0: Port device team_slave_0 added
[  185.444107][ T7503] netlink: 52 bytes leftover after parsing attributes in process `syz.4.399'.
[  185.847256][ T7439] team0: Port device team_slave_1 added
[  185.986558][ T7439] batman_adv: batadv0: Adding interface: batadv_slave_0
[  186.113257][ T5837] Bluetooth: hci5: command tx timeout
[  186.143278][ T7509] netlink: 20 bytes leftover after parsing attributes in process `syz.0.401'.
[  186.201107][ T7439] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.243028][ T7509] netlink: 48 bytes leftover after parsing attributes in process `syz.0.401'.
[  186.329630][ T7439] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  186.341872][ T7439] batman_adv: batadv0: Adding interface: batadv_slave_1
[  186.349582][ T7439] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  186.502907][ T7439] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  186.534279][ T7510] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  186.776654][   T30] audit: type=1400 audit(1753404361.401:444): avc:  denied  { setopt } for  pid=7516 comm="syz.1.403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  186.777735][ T7519] netlink: 'syz.1.403': attribute type 8 has an invalid length.
[  187.992071][   T30] audit: type=1400 audit(1753404361.550:445): avc:  denied  { create } for  pid=7518 comm="syz.0.404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  188.055471][ T7439] hsr_slave_0: entered promiscuous mode
[  188.066146][ T7439] hsr_slave_1: entered promiscuous mode
[  188.072057][   T30] audit: type=1400 audit(1753404361.550:446): avc:  denied  { ioctl } for  pid=7518 comm="syz.0.404" path="socket:[13231]" dev="sockfs" ino=13231 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  188.103146][ T7439] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  188.117300][ T7439] Cannot create hsr debugfs directory
[  188.328600][ T5837] Bluetooth: hci5: command tx timeout
[  189.504526][ T5828] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[  189.539825][ T7439] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  189.571866][ T7439] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  189.584654][ T7439] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  189.596126][ T7439] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  189.651542][ T7439] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.666358][ T5828] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  189.683697][ T7439] 8021q: adding VLAN 0 to HW filter on device team0
[  189.691269][ T5828] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.701154][ T5828] usb 5-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00
[  189.710349][ T5828] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.716808][ T7038] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.725499][ T7038] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.729615][ T5828] usb 5-1: config 0 descriptor??
[  189.745863][ T7038] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.753057][ T7038] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.784920][ T7439] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  189.930189][ T7439] 8021q: adding VLAN 0 to HW filter on device batadv0
[  190.122523][ T7439] veth0_vlan: entered promiscuous mode
[  190.132093][ T7439] veth1_vlan: entered promiscuous mode
[  190.163290][ T7439] veth0_macvtap: entered promiscuous mode
[  190.177263][ T7439] veth1_macvtap: entered promiscuous mode
[  190.213592][ T7525] syzkaller0: entered promiscuous mode
[  190.219134][ T7525] syzkaller0: entered allmulticast mode
[  190.236994][ T7439] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.249426][ T7439] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.261303][ T7439] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  190.270404][ T7439] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  190.280994][ T7439] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  190.290931][ T7439] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  190.407436][ T7047] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.422083][ T7047] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.524378][ T7045] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.558596][ T5831] Bluetooth: hci5: command tx timeout
[  190.564404][ T7045] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.531072][   T30] audit: type=1400 audit(1753404365.853:447): avc:  denied  { mounton } for  pid=7439 comm="syz-executor" path="/root/syzkaller.cmQ42P/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  191.563277][   T30] audit: type=1400 audit(1753404365.881:448): avc:  denied  { mount } for  pid=7439 comm="syz-executor" name="/" dev="gadgetfs" ino=6122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  191.595862][ T5828] usbhid 5-1:0.0: can't add hid device: -71
[  191.614214][ T5828] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  191.639140][ T5828] usb 5-1: USB disconnect, device number 18
[  192.094687][ T5831] Bluetooth: hci1: command 0x0406 tx timeout
[  192.094747][   T50] Bluetooth: hci2: command 0x0406 tx timeout
[  192.101322][ T5841] Bluetooth: hci4: command 0x0406 tx timeout
[  192.106859][ T5829] Bluetooth: hci0: command 0x0406 tx timeout
[  192.267203][ T3970] Bluetooth: hci6: Frame reassembly failed (-84)
[  192.946987][   T30] audit: type=1400 audit(1753404367.172:449): avc:  denied  { bind } for  pid=7568 comm="syz.5.412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  192.968161][   T30] audit: type=1400 audit(1753404367.172:450): avc:  denied  { setopt } for  pid=7568 comm="syz.5.412" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  193.302724][ T7573] netlink: 8 bytes leftover after parsing attributes in process `syz.0.413'.
[  193.967842][   T30] audit: type=1400 audit(1753404367.743:451): avc:  denied  { write } for  pid=7572 comm="syz.0.413" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  194.475716][  T974] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  194.487279][ T5153] Bluetooth: hci6: command 0x1003 tx timeout
[  194.518745][ T5846] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  194.639946][  T974] usb 6-1: Using ep0 maxpacket: 8
[  194.689033][  T974] usb 6-1: config 6 has an invalid interface number: 171 but max is 0
[  194.701971][  T974] usb 6-1: config 6 has no interface number 0
[  194.708162][  T974] usb 6-1: config 6 interface 171 altsetting 8 endpoint 0x6 has invalid maxpacket 576, setting to 64
[  194.720560][  T974] usb 6-1: config 6 interface 171 altsetting 8 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  194.828110][ T7587] netlink: 20 bytes leftover after parsing attributes in process `syz.4.417'.
[  194.866721][  T974] usb 6-1: config 6 interface 171 altsetting 8 endpoint 0xA has invalid maxpacket 512, setting to 64
[  194.893115][  T974] usb 6-1: config 6 interface 171 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[  195.019227][ T7587] vlan2: entered promiscuous mode
[  195.027440][ T7587] vlan2: entered allmulticast mode
[  195.097493][  T974] usb 6-1: config 6 interface 171 has no altsetting 0
[  195.173885][  T974] usb 6-1: Dual-Role OTG device on HNP port
[  195.180248][  T974] usb 6-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=d1.1e
[  195.189373][  T974] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.217196][  T974] usb 6-1: Product: syz
[  195.228006][  T974] usb 6-1: Manufacturer: syz
[  195.322092][  T974] usb 6-1: SerialNumber: syz
[  195.354728][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  195.361032][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  196.246538][  T974] usb_ehset_test 6-1:6.171: probe with driver usb_ehset_test failed with error -32
[  196.514764][   T30] audit: type=1400 audit(1753404370.511:452): avc:  denied  { connect } for  pid=7577 comm="syz.5.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  196.530058][ T7601] pim6reg: entered allmulticast mode
[  197.038206][   T30] audit: type=1400 audit(1753404370.511:453): avc:  denied  { read } for  pid=7577 comm="syz.5.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  197.068205][   T30] audit: type=1400 audit(1753404370.605:454): avc:  denied  { write } for  pid=7594 comm="syz.1.419" path="socket:[14807]" dev="sockfs" ino=14807 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  197.103764][   T30] audit: type=1400 audit(1753404370.970:455): avc:  denied  { write } for  pid=7577 comm="syz.5.414" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  197.397685][ T7611] netlink: 20 bytes leftover after parsing attributes in process `syz.1.424'.
[  197.476264][ T7611] vlan2: entered promiscuous mode
[  197.481488][ T7611] bridge0: entered promiscuous mode
[  197.487603][ T7611] vlan2: entered allmulticast mode
[  197.492934][ T7611] bridge0: entered allmulticast mode
[  198.118018][ T7623] netlink: 204 bytes leftover after parsing attributes in process `syz.0.427'.
[  198.649504][ T7628] netlink: 60 bytes leftover after parsing attributes in process `syz.1.429'.
[  198.658744][ T7628] netlink: 60 bytes leftover after parsing attributes in process `syz.1.429'.
[  199.613113][ T7630] netlink: 60 bytes leftover after parsing attributes in process `syz.4.430'.
[  199.622275][ T7630] netlink: 60 bytes leftover after parsing attributes in process `syz.4.430'.
[  200.413646][ T7633] netlink: 72 bytes leftover after parsing attributes in process `syz.0.431'.
[  200.424115][ T7633] overlayfs: failed to resolve './file1': -2
[  200.440989][   T30] audit: type=1400 audit(1753404374.160:456): avc:  denied  { write } for  pid=7632 comm="syz.0.431" path="socket:[14128]" dev="sockfs" ino=14128 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  200.681170][ T7641] bridge_slave_0: left allmulticast mode
[  200.687076][ T7641] bridge_slave_0: left promiscuous mode
[  200.694267][ T7641] bridge0: port 1(bridge_slave_0) entered disabled state
[  200.737231][   T30] audit: type=1400 audit(1753404374.459:457): avc:  denied  { write } for  pid=7639 comm="syz.0.434" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  200.765667][ T7641] bridge_slave_1: left allmulticast mode
[  200.771369][ T7641] bridge_slave_1: left promiscuous mode
[  200.777678][ T7641] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.799192][ T7641] bond0: (slave bond_slave_0): Releasing backup interface
[  201.826140][ T7643] random: crng reseeded on system resumption
[  202.425405][   T30] audit: type=1400 audit(1753404375.478:458): avc:  denied  { accept } for  pid=7637 comm="syz.4.433" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  202.537230][ T7641] bond0: (slave bond_slave_1): Releasing backup interface
[  202.557924][   T30] audit: type=1400 audit(1753404375.478:459): avc:  denied  { append } for  pid=7637 comm="syz.4.433" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  202.599700][   T30] audit: type=1400 audit(1753404375.478:460): avc:  denied  { open } for  pid=7637 comm="syz.4.433" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  202.657833][ T7641] team0: Port device team_slave_0 removed
[  202.724124][ T7641] team0: Port device team_slave_1 removed
[  202.763559][ T5153] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  202.772723][ T5153] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  202.786726][ T5153] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  202.798406][ T5153] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  202.806480][ T5153] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  202.923400][ T7641] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  202.931379][ T7641] batman_adv: batadv0: Removing interface: batadv_slave_0
[  203.167976][ T7641] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  203.232164][ T7641] batman_adv: batadv0: Removing interface: batadv_slave_1
[  203.288445][   T30] audit: type=1400 audit(1753404376.854:461): avc:  denied  { create } for  pid=7654 comm="syz.1.438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  203.375750][   T30] audit: type=1400 audit(1753404376.928:462): avc:  denied  { setopt } for  pid=7654 comm="syz.1.438" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  203.432685][ T7650] lo speed is unknown, defaulting to 1000
[  204.792916][ T7663] netlink: 60 bytes leftover after parsing attributes in process `syz.1.441'.
[  204.801796][ T7663] netlink: 60 bytes leftover after parsing attributes in process `syz.1.441'.
[  205.348058][ T5846] Bluetooth: hci6: command tx timeout
[  206.304593][ T7673] netlink: 60 bytes leftover after parsing attributes in process `syz.0.442'.
[  206.315302][ T7673] netlink: 60 bytes leftover after parsing attributes in process `syz.0.442'.
[  206.391916][ T7650] chnl_net:caif_netlink_parms(): no params data found
[  206.714153][ T7650] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.721462][ T7650] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.728827][ T7650] bridge_slave_0: entered allmulticast mode
[  206.736135][ T7650] bridge_slave_0: entered promiscuous mode
[  206.765460][ T7650] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.786168][ T7650] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.796990][ T7650] bridge_slave_1: entered allmulticast mode
[  206.809294][ T7650] bridge_slave_1: entered promiscuous mode
[  206.950726][ T7650] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.028355][ T7650] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  207.242180][ T7650] team0: Port device team_slave_0 added
[  207.252261][ T7650] team0: Port device team_slave_1 added
[  207.282162][ T7650] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.295323][ T7650] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.364320][ T5913] usb 6-1: USB disconnect, device number 2
[  207.433691][ T7650] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.642988][ T7650] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.654333][ T5846] Bluetooth: hci6: command tx timeout
[  207.660925][ T7650] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  207.691632][ T7650] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.119318][ T7705] Set syz0 is full, maxelem 0 reached
[  208.646901][ T7650] hsr_slave_0: entered promiscuous mode
[  208.662716][ T7650] hsr_slave_1: entered promiscuous mode
[  208.711843][ T7650] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  208.735136][ T7650] Cannot create hsr debugfs directory
[  208.883499][   T30] audit: type=1400 audit(1753404382.082:463): avc:  denied  { setattr } for  pid=7707 comm="syz.4.449" name="ptmx" dev="devtmpfs" ino=615 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ptmx_t tclass=chr_file permissive=1
[  209.650925][ T7718] netlink: 8 bytes leftover after parsing attributes in process `syz.4.451'.
[  209.750180][ T5913] libceph: connect (1)[c::]:6789 error -101
[  209.757777][ T5913] libceph: mon0 (1)[c::]:6789 connect error
[  209.800848][ T7725] netlink: 24 bytes leftover after parsing attributes in process `syz.4.453'.
[  209.881541][ T7721] ceph: No mds server is up or the cluster is laggy
[  209.889298][ T5846] Bluetooth: hci6: command tx timeout
[  209.918371][ T7650] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  209.981827][ T7650] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  210.010835][ T7650] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  210.023748][   T30] audit: type=1400 audit(1753404383.149:464): avc:  denied  { map } for  pid=7728 comm="syz.1.454" path="socket:[15345]" dev="sockfs" ino=15345 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  210.060343][ T7650] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  210.083239][   T30] audit: type=1400 audit(1753404383.149:465): avc:  denied  { read accept } for  pid=7728 comm="syz.1.454" path="socket:[15345]" dev="sockfs" ino=15345 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  210.106786][    C1] vkms_vblank_simulate: vblank timer overrun
[  210.151150][   T30] audit: type=1400 audit(1753404383.177:466): avc:  denied  { listen } for  pid=7732 comm="syz.4.455" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  210.306080][ T7650] 8021q: adding VLAN 0 to HW filter on device bond0
[  210.325003][ T7650] 8021q: adding VLAN 0 to HW filter on device team0
[  210.578991][ T5970] libceph: connect (1)[c::]:6789 error -101
[  210.610818][ T5970] libceph: mon0 (1)[c::]:6789 connect error
[  210.852020][ T7037] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.859264][ T7037] bridge0: port 1(bridge_slave_0) entered forwarding state
[  210.887737][ T5970] libceph: connect (1)[c::]:6789 error -101
[  211.025740][ T7752] ceph: No mds server is up or the cluster is laggy
[  211.040499][ T5970] libceph: mon0 (1)[c::]:6789 connect error
[  211.041557][ T7037] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.053575][ T7037] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.065303][ T7755] mac80211_hwsim hwsim5 »»»»»»: renamed from wlan0 (while UP)
[  211.793790][ T5885] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -2). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  211.794761][ T5892] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  211.834241][ T5952] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -2). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  211.838487][ T7769] netlink: 12 bytes leftover after parsing attributes in process `syz.4.459'.
[  211.893860][ T5892] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  211.952944][ T5885] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  211.967026][ T5952] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  212.009073][ T5892] usb 4-1: Direct firmware load for dvb-usb-s630.fw failed with error -2
[  212.028555][ T5892] usb 4-1: Falling back to sysfs fallback for: dvb-usb-s630.fw
[  212.126215][ T5846] Bluetooth: hci6: command tx timeout
[  212.767532][   T30] audit: type=1400 audit(1753404385.085:467): avc:  denied  { create } for  pid=7771 comm="syz.1.462" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  212.924593][ T7771] delete_channel: no stack
[  213.185334][ T7650] 8021q: adding VLAN 0 to HW filter on device batadv0
[  213.538702][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880516de400: rx timeout, send abort
[  213.695124][   T30] audit: type=1400 audit(1753404386.451:468): avc:  denied  { read } for  pid=5184 comm="syslogd" name="log" dev="sda1" ino=2010 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  213.794409][ T7784] lo speed is unknown, defaulting to 1000
[  213.821177][   T30] audit: type=1400 audit(1753404386.451:469): avc:  denied  { search } for  pid=5184 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  213.842719][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.908062][ T7783] lo speed is unknown, defaulting to 1000
[  214.054974][   T30] audit: type=1400 audit(1753404386.460:470): avc:  denied  { search } for  pid=5184 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  214.076464][    C1] vkms_vblank_simulate: vblank timer overrun
[  214.082850][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880516de400: abort rx timeout. Force session deactivation
[  214.097099][   T30] audit: type=1400 audit(1753404386.460:471): avc:  denied  { add_name } for  pid=5184 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  214.125172][   T30] audit: type=1400 audit(1753404386.460:472): avc:  denied  { create } for  pid=5184 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  214.145794][    C1] vkms_vblank_simulate: vblank timer overrun
[  214.235088][   T30] audit: type=1400 audit(1753404386.469:473): avc:  denied  { append open } for  pid=5184 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  214.298305][   T30] audit: type=1400 audit(1753404386.469:474): avc:  denied  { getattr } for  pid=5184 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=5 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  214.946055][ T7650] veth0_vlan: entered promiscuous mode
[  215.010915][ T7650] veth1_vlan: entered promiscuous mode
[  215.539250][ T7650] veth0_macvtap: entered promiscuous mode
[  215.680443][ T7650] veth1_macvtap: entered promiscuous mode
[  215.735555][ T7650] batman_adv: batadv0: Interface activated: batadv_slave_0
[  215.789123][ T7650] batman_adv: batadv0: Interface activated: batadv_slave_1
[  215.813120][ T5944] libceph: connect (1)[c::]:6789 error -101
[  215.826816][ T5944] libceph: mon0 (1)[c::]:6789 connect error
[  215.828803][ T7650] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  215.889408][ T7650] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  215.898139][ T7650] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  215.958308][ T7650] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  216.091884][ T7814] ceph: No mds server is up or the cluster is laggy
[  216.113869][ T5944] libceph: connect (1)[c::]:6789 error -101
[  216.119962][ T5944] libceph: mon0 (1)[c::]:6789 connect error
[  216.328318][   T30] audit: type=1400 audit(1753404389.051:475): avc:  denied  { write } for  pid=7813 comm="syz.4.471" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  216.731559][ T7040] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.761196][ T7040] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.849336][ T7043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  216.871125][ T7043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  216.873739][   T30] audit: type=1400 audit(1753404389.547:476): avc:  denied  { ioctl } for  pid=7834 comm="syz.5.475" path="socket:[15747]" dev="sockfs" ino=15747 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  216.994051][ T5828] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  217.257933][ T5828] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  217.379665][ T5828] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  217.506913][ T5828] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  217.662357][ T5828] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.686230][ T7846] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  217.693732][ T7846] IPv6: NLM_F_CREATE should be set when creating new route
[  217.701172][ T7846] IPv6: NLM_F_CREATE should be set when creating new route
[  217.708506][ T7846] IPv6: NLM_F_CREATE should be set when creating new route
[  217.905107][ T7817] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  217.943181][ T5828] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  218.232666][  T974] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  218.364601][ T5828] usb 5-1: USB disconnect, device number 19
[  218.615313][  T974] usb 7-1: config 0 has an invalid interface number: 76 but max is 0
[  218.635333][  T974] usb 7-1: config 0 has no interface number 0
[  218.659599][  T974] usb 7-1: too many endpoints for config 0 interface 76 altsetting 31: 33, using maximum allowed: 30
[  218.679227][  T974] usb 7-1: config 0 interface 76 altsetting 31 has 0 endpoint descriptors, different from the interface descriptor's value: 33
[  218.725153][  T974] usb 7-1: config 0 interface 76 has no altsetting 0
[  218.753627][  T974] usb 7-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  218.792741][  T974] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.810114][  T974] usb 7-1: Product: syz
[  218.820045][  T974] usb 7-1: Manufacturer: syz
[  218.831570][  T974] usb 7-1: SerialNumber: syz
[  218.844301][  T974] usb 7-1: config 0 descriptor??
[  219.038944][ T7864] netlink: 28 bytes leftover after parsing attributes in process `syz.0.482'.
[  220.111807][   T30] audit: type=1400 audit(1753404391.661:477): avc:  denied  { name_bind } for  pid=7863 comm="syz.0.482" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  220.362227][  T974] i2c-tiny-usb 7-1:0.76: version 6d.cc found at bus 007 address 002
[  220.401043][  T974]  (null): failure setting delay to 10us
[  220.406762][  T974] i2c-tiny-usb 7-1:0.76: probe with driver i2c-tiny-usb failed with error -5
[  220.464859][  T974] usb 7-1: USB disconnect, device number 2
[  220.639482][   T30] audit: type=1400 audit(1753404393.083:478): avc:  denied  { getopt } for  pid=7876 comm="syz.5.485" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  220.670530][ T7879] netlink: 76 bytes leftover after parsing attributes in process `syz.0.486'.
[  221.628691][ T7886] netlink: 256 bytes leftover after parsing attributes in process `syz.4.489'.
[  221.652038][   T30] audit: type=1400 audit(1753404393.999:479): avc:  denied  { read } for  pid=7887 comm="syz.0.490" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  221.675158][    C1] vkms_vblank_simulate: vblank timer overrun
[  221.909488][ T7895] program syz.4.489 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  221.912429][   T30] audit: type=1400 audit(1753404393.999:480): avc:  denied  { open } for  pid=7887 comm="syz.0.490" path="/dev/usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  221.919453][ T7895] program syz.4.489 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  221.942490][    C1] vkms_vblank_simulate: vblank timer overrun
[  221.961545][ T7895] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  223.260249][ T7907] netlink: 4 bytes leftover after parsing attributes in process `syz.0.493'.
[  224.324339][   T30] audit: type=1400 audit(1753404396.516:481): avc:  denied  { mounton } for  pid=7913 comm="syz.1.496" path="/102/file0" dev="tmpfs" ino=555 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  224.347161][    C1] vkms_vblank_simulate: vblank timer overrun
[  224.358239][ T7919] Invalid source name
[  224.362335][ T7919] UBIFS error (pid: 7919): cannot open "./file0", error -22
[  224.598411][ T7920] netlink: 20 bytes leftover after parsing attributes in process `syz.6.498'.
[  224.692911][ T7920] vlan2: entered promiscuous mode
[  224.698382][ T7920] bridge0: entered promiscuous mode
[  224.705203][ T7920] vlan2: entered allmulticast mode
[  224.710550][ T7920] bridge0: entered allmulticast mode
[  225.112364][ T5846] Bluetooth: hci2: unexpected event for opcode 0x2012
[  226.116159][   T30] audit: type=1400 audit(1753404398.199:482): avc:  denied  { map } for  pid=7931 comm="syz.4.504" path="/dev/comedi4" dev="devtmpfs" ino=1280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  226.144486][   T30] audit: type=1400 audit(1753404398.199:483): avc:  denied  { execute } for  pid=7931 comm="syz.4.504" path="/dev/comedi4" dev="devtmpfs" ino=1280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  226.517511][   T30] audit: type=1400 audit(1753404398.573:484): avc:  denied  { setopt } for  pid=7947 comm="syz.4.508" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  228.268940][ T7954] netlink: 12 bytes leftover after parsing attributes in process `syz.4.510'.
[  228.673101][ T7971] netlink: 464 bytes leftover after parsing attributes in process `syz.5.514'.
[  228.788908][ T7957] IPVS: persistence engine module ip_vs_pe_   not found
[  228.924323][   T30] audit: type=1400 audit(1753404400.818:485): avc:  denied  { ioctl } for  pid=7980 comm="syz.4.516" path="socket:[16249]" dev="sockfs" ino=16249 ioctlcmd=0x8917 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  228.962073][   T24] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  229.636629][ T7992] overlayfs: failed to resolve './file0/../file0': -2
[  229.939383][   T24] usb 7-1: New USB device found, idVendor=0582, idProduct=008d, bcdDevice=7a.ac
[  229.948816][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.967262][   T24] usb 7-1: Product: syz
[  229.971757][   T24] usb 7-1: Manufacturer: syz
[  229.983834][   T24] usb 7-1: SerialNumber: syz
[  230.031765][   T24] usb 7-1: config 0 descriptor??
[  230.066275][   T24] usb 7-1: interface 1 not found
[  230.199230][ T7997] netlink: 216 bytes leftover after parsing attributes in process `syz.1.522'.
[  230.255250][ T7997] netlink: 24 bytes leftover after parsing attributes in process `syz.1.522'.
[  230.274490][ T7997] netlink: 16 bytes leftover after parsing attributes in process `syz.1.522'.
[  230.484329][   T30] audit: type=1400 audit(1753404402.287:486): avc:  denied  { bind } for  pid=8005 comm="syz.4.524" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  230.527332][ T8010] trusted_key: encrypted_key: keyword 'updatefaul†' not recognized
[  230.993923][   T57] usb 7-1: USB disconnect, device number 3
[  232.646808][ T8039] netlink: 4 bytes leftover after parsing attributes in process `syz.1.533'.
[  234.336161][   T30] audit: type=1400 audit(1753404405.056:487): avc:  denied  { mount } for  pid=8049 comm="syz.1.535" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  234.567962][   T30] audit: type=1400 audit(1753404406.075:488): avc:  denied  { unmount } for  pid=5838 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  234.994011][ T8062] cgroup: name respecified
[  235.788869][ T8081] netlink: 20 bytes leftover after parsing attributes in process `syz.5.545'.
[  235.882994][ T8081] vlan2: entered promiscuous mode
[  235.888139][ T8081] bridge0: entered promiscuous mode
[  235.895524][ T8081] vlan2: entered allmulticast mode
[  235.900678][ T8081] bridge0: entered allmulticast mode
[  236.108120][ T8082] netlink: 20 bytes leftover after parsing attributes in process `syz.1.544'.
[  237.442721][   T30] audit: type=1400 audit(1753404408.760:489): avc:  denied  { cmd } for  pid=8099 comm="syz.4.552" path="socket:[19162]" dev="sockfs" ino=19162 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  237.877716][   T30] audit: type=1400 audit(1753404409.200:490): avc:  denied  { execute } for  pid=8110 comm="syz.5.555" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  239.352788][ T8134] netlink: 20 bytes leftover after parsing attributes in process `syz.6.561'.
[  239.373629][ T8134] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  239.382589][ T8134] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  239.391285][ T8134] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  239.400149][ T8134] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  239.444478][ T8134] netlink: 20 bytes leftover after parsing attributes in process `syz.6.561'.
[  240.136553][   T30] audit: type=1400 audit(1753404411.323:491): avc:  denied  { search } for  pid=5497 comm="dhcpcd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  240.209674][   T30] audit: type=1400 audit(1753404411.323:492): avc:  denied  { search } for  pid=5497 comm="dhcpcd" name="udev" dev="tmpfs" ino=9 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  240.259404][   T30] audit: type=1400 audit(1753404411.323:493): avc:  denied  { search } for  pid=5497 comm="dhcpcd" name="data" dev="tmpfs" ino=14 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  240.294660][ T8156] netlink: 252 bytes leftover after parsing attributes in process `syz.4.569'.
[  240.314563][   T30] audit: type=1400 audit(1753404411.323:494): avc:  denied  { read } for  pid=5497 comm="dhcpcd" name="n101" dev="tmpfs" ino=3750 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  240.353605][   T30] audit: type=1400 audit(1753404411.323:495): avc:  denied  { open } for  pid=5497 comm="dhcpcd" path="/run/udev/data/n101" dev="tmpfs" ino=3750 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  240.509670][   T30] audit: type=1400 audit(1753404411.323:496): avc:  denied  { getattr } for  pid=5497 comm="dhcpcd" path="/run/udev/data/n101" dev="tmpfs" ino=3750 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  240.710977][   T30] audit: type=1400 audit(1753404411.370:497): avc:  denied  { bind } for  pid=8151 comm="syz.5.567" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  241.001077][   T30] audit: type=1400 audit(1753404412.118:498): avc:  denied  { read open } for  pid=8169 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1844 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  241.029010][ T8168] usb usb9: usbfs: process 8168 (syz.4.574) did not claim interface 6 before use
[  241.365202][   T24] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  241.578737][   T24] usb 6-1: Using ep0 maxpacket: 32
[  241.613454][   T24] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  241.721330][   T24] usb 6-1: config 0 has no interface number 0
[  241.806435][   T24] usb 6-1: config 0 interface 184 has no altsetting 0
[  241.827680][   T30] audit: type=1400 audit(1753404412.118:499): avc:  denied  { getattr } for  pid=8169 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1844 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  242.042339][   T24] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  242.087380][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  242.148714][   T24] usb 6-1: Product: syz
[  242.152928][   T24] usb 6-1: Manufacturer: syz
[  242.201104][   T24] usb 6-1: SerialNumber: syz
[  242.222460][   T24] usb 6-1: config 0 descriptor??
[  242.239166][   T24] smsc75xx v1.0.0
[  243.329117][   T30] audit: type=1400 audit(1753404414.298:500): avc:  denied  { add_name } for  pid=8162 comm="dhcpcd-run-hook" name="resolv.conf.cfptm0.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  243.747520][ T8179] overlay: ./file0 is not a directory
[  243.891484][ T8213] netlink: 216 bytes leftover after parsing attributes in process `syz.6.582'.
[  243.919764][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  243.936368][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  243.979844][ T8213] netlink: 24 bytes leftover after parsing attributes in process `syz.6.582'.
[  244.002244][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  244.037562][ T8213] netlink: 16 bytes leftover after parsing attributes in process `syz.6.582'.
[  244.066479][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  244.126023][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  244.154872][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  244.168665][ T8222] netlink: 20 bytes leftover after parsing attributes in process `syz.4.583'.
[  244.177384][   T24] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71
[  244.182077][ T8222] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  244.194577][ T8222] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  244.203639][ T8222] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  244.212629][   T24] usb 6-1: USB disconnect, device number 3
[  244.212637][ T8222] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  244.232778][ T8222] netlink: 20 bytes leftover after parsing attributes in process `syz.4.583'.
[  244.785048][ T8232] xt_hashlimit: size too large, truncated to 1048576
[  245.521905][ T8252] netlink: 28 bytes leftover after parsing attributes in process `syz.6.591'.
[  246.679858][ T8262] netlink: 72 bytes leftover after parsing attributes in process `syz.6.595'.
[  246.782963][ T8262] /dev/sg0: Can't lookup blockdev
[  247.012547][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  247.012563][   T30] audit: type=1400 audit(1753404417.749:516): avc:  denied  { write } for  pid=8263 comm="syz.5.597" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  247.420797][   T30] audit: type=1400 audit(1753404417.871:517): avc:  denied  { ioctl } for  pid=8263 comm="syz.5.597" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4601 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  247.501561][ T8280] netlink: 24 bytes leftover after parsing attributes in process `syz.6.598'.
[  248.254944][  T974] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  248.328424][   T30] audit: type=1400 audit(1753404418.956:518): avc:  denied  { map } for  pid=8264 comm="syz.1.593" path="socket:[17964]" dev="sockfs" ino=17964 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  248.409507][ T8268] lo speed is unknown, defaulting to 1000
[  248.423659][   T30] audit: type=1400 audit(1753404418.956:519): avc:  denied  { read } for  pid=8264 comm="syz.1.593" path="socket:[17964]" dev="sockfs" ino=17964 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  248.455067][  T974] usb 7-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  248.472181][  T974] usb 7-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  248.482431][  T974] usb 7-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  248.483409][   T30] audit: type=1400 audit(1753404419.115:520): avc:  denied  { shutdown } for  pid=8264 comm="syz.1.593" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  248.495119][  T974] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.620192][ T8279] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  248.646883][  T974] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[  248.921311][    T9] usb 7-1: USB disconnect, device number 4
[  251.510094][   T30] audit: type=1400 audit(1753404421.930:521): avc:  denied  { getopt } for  pid=8322 comm="syz.0.609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  251.543629][ T8323] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  251.550327][ T8323] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  251.582491][ T8323] vhci_hcd vhci_hcd.0: Device attached
[  251.607812][   T30] audit: type=1400 audit(1753404422.043:522): avc:  denied  { getopt } for  pid=8322 comm="syz.0.609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  251.747587][   T30] audit: type=1400 audit(1753404422.089:523): avc:  denied  { read } for  pid=8322 comm="syz.0.609" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  251.767917][ T5944] vhci_hcd: vhci_device speed not set
[  251.870564][ T5944] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[  252.457960][ T5153] Bluetooth: hci3: command 0x0406 tx timeout
[  252.724344][ T8324] vhci_hcd: connection reset by peer
[  252.750120][ T7047] vhci_hcd: stop threads
[  252.782090][ T7047] vhci_hcd: release socket
[  252.953349][ T7047] vhci_hcd: disconnect device
[  253.051642][ T8345] netlink: 4 bytes leftover after parsing attributes in process `syz.5.614'.
[  253.935270][ T8351] input: syz1 as /devices/virtual/input/input7
[  253.947372][   T30] audit: type=1400 audit(1753404424.232:524): avc:  denied  { read } for  pid=5187 comm="acpid" name="event4" dev="devtmpfs" ino=2937 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  254.022414][   T30] audit: type=1400 audit(1753404424.232:525): avc:  denied  { open } for  pid=5187 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2937 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  254.070480][   T30] audit: type=1400 audit(1753404424.232:526): avc:  denied  { ioctl } for  pid=5187 comm="acpid" path="/dev/input/event4" dev="devtmpfs" ino=2937 ioctlcmd=0x4520 scontext=system_u:system_r:acpid_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  254.578824][ T5893] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  254.749632][ T5893] usb 7-1: Using ep0 maxpacket: 16
[  254.757314][ T5893] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  254.790153][ T5893] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  254.811125][ T5893] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  254.860804][ T5893] usb 7-1: New USB device found, idVendor=045e, idProduct=9994, bcdDevice=fc.3c
[  254.870693][ T8368] mkiss: ax0: crc mode is auto.
[  254.886703][ T5893] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.259426][ T5893] usb 7-1: config 0 descriptor??
[  255.336883][ T8376] netlink: 216 bytes leftover after parsing attributes in process `syz.5.626'.
[  255.372953][ T8376] netlink: 24 bytes leftover after parsing attributes in process `syz.5.626'.
[  255.401028][ T8376] netlink: 16 bytes leftover after parsing attributes in process `syz.5.626'.
[  255.426309][   T30] audit: type=1400 audit(1753404425.616:527): avc:  denied  { module_request } for  pid=8378 comm="syz.1.627" kmod="netdev-syzkaller0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  255.476138][   T30] audit: type=1326 audit(1753404425.616:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8375 comm="syz.5.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f278818e9a9 code=0x7ffc0000
[  255.545557][ T5893] hid-multitouch 0003:045E:9994.0004: unknown main item tag 0x2
[  255.584539][   T30] audit: type=1326 audit(1753404425.616:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8375 comm="syz.5.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f278818e9a9 code=0x7ffc0000
[  255.740332][   T30] audit: type=1326 audit(1753404425.616:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8375 comm="syz.5.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f278818e9a9 code=0x7ffc0000
[  255.746004][ T5893] hid-multitouch 0003:045E:9994.0004: unknown main item tag 0x0
[  255.768745][   T30] audit: type=1326 audit(1753404425.616:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8375 comm="syz.5.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f278818e9a9 code=0x7ffc0000
[  255.828176][ T5893] hid-multitouch 0003:045E:9994.0004: unknown main item tag 0x0
[  255.869173][ T5893] hid-multitouch 0003:045E:9994.0004: unknown main item tag 0x0
[  255.975433][ T5893] hid-multitouch 0003:045E:9994.0004: item fetching failed at offset 30/34
[  255.985676][ T5893] hid-multitouch 0003:045E:9994.0004: probe with driver hid-multitouch failed with error -22
[  256.363361][ T8397] Set syz0 is full, maxelem 0 reached
[  257.560952][ T5944] vhci_hcd: vhci_device speed not set
[  257.615882][   T30] audit: type=1326 audit(1753404425.616:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8375 comm="syz.5.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f278818e9a9 code=0x7ffc0000
[  257.634840][ T5893] usb 7-1: USB disconnect, device number 5
[  257.774745][   T30] audit: type=1326 audit(1753404425.616:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8375 comm="syz.5.626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f278818e9a9 code=0x7ffc0000
[  257.868930][ T8408] Set syz0 is full, maxelem 0 reached
[  258.765232][ T8415] netlink: 28 bytes leftover after parsing attributes in process `syz.1.635'.
[  260.403929][ T8421] netlink: 188 bytes leftover after parsing attributes in process `syz.4.636'.
[  260.578503][ T8429] netlink: 'syz.0.638': attribute type 4 has an invalid length.
[  261.045075][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  261.052121][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  262.247377][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  262.247392][   T30] audit: type=1400 audit(1753404431.995:542): avc:  denied  { associate } for  pid=8442 comm="syz.1.642" name="file1" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  263.229512][   T10] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  263.822282][   T10] usb 7-1: Using ep0 maxpacket: 32
[  264.360469][ T8476] netlink: 'syz.4.651': attribute type 3 has an invalid length.
[  264.368209][ T8476] netlink: 'syz.4.651': attribute type 1 has an invalid length.
[  264.375984][ T8476] netlink: 193500 bytes leftover after parsing attributes in process `syz.4.651'.
[  264.507640][   T10] usb 7-1: config 0 has an invalid interface number: 219 but max is 0
[  264.555420][   T10] usb 7-1: config 0 has no interface number 0
[  264.566246][   T10] usb 7-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  264.736880][   T10] usb 7-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  264.937602][   T10] usb 7-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  264.959678][   T10] usb 7-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  265.001846][   T10] usb 7-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[  265.033733][   T10] usb 7-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  265.062527][   T10] usb 7-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  265.074133][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.086955][   T10] usb 7-1: Product: syz
[  265.093766][   T10] usb 7-1: Manufacturer: syz
[  265.102050][   T10] usb 7-1: SerialNumber: syz
[  265.114924][   T10] usb 7-1: config 0 descriptor??
[  265.124525][ T8460] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  265.145728][ T8460] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  265.172762][   T24] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  265.200643][   T30] audit: type=1400 audit(1753404434.764:543): avc:  denied  { create } for  pid=8490 comm="syz.1.657" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=key permissive=1
[  265.343735][   T24] usb 5-1: Using ep0 maxpacket: 16
[  265.356197][ T8502] netlink: 12 bytes leftover after parsing attributes in process `syz.5.661'.
[  265.380862][   T10] etas_es58x 7-1:0.219: Starting syz syz (Serial Number syz)
[  265.388422][   T24] usb 5-1: config 6 has an invalid interface number: 28 but max is 3
[  265.388450][   T24] usb 5-1: config 6 has an invalid interface number: 4 but max is 3
[  265.388468][   T24] usb 5-1: config 6 has an invalid interface number: 86 but max is 3
[  265.388488][   T24] usb 5-1: config 6 has an invalid interface number: 191 but max is 3
[  265.388507][   T24] usb 5-1: config 6 has no interface number 0
[  265.388522][   T24] usb 5-1: config 6 has no interface number 1
[  265.388536][   T24] usb 5-1: config 6 has no interface number 2
[  265.388549][   T24] usb 5-1: config 6 has no interface number 3
[  265.388607][   T24] usb 5-1: config 6 interface 28 altsetting 0 endpoint 0x2 has invalid maxpacket 1576, setting to 64
[  265.388642][   T24] usb 5-1: config 6 interface 4 altsetting 5 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  265.388675][   T24] usb 5-1: config 6 interface 86 altsetting 9 has a duplicate endpoint with address 0x7, skipping
[  265.388700][   T24] usb 5-1: config 6 interface 86 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  265.388719][   T24] usb 5-1: config 6 interface 86 altsetting 9 endpoint 0xD has an invalid bInterval 255, changing to 7
[  265.388742][   T24] usb 5-1: config 6 interface 86 altsetting 9 endpoint 0xD has invalid wMaxPacketSize 0
[  265.388763][   T24] usb 5-1: config 6 interface 86 altsetting 9 endpoint 0xE has invalid wMaxPacketSize 0
[  265.388783][   T24] usb 5-1: config 6 interface 86 altsetting 9 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[  265.388808][   T24] usb 5-1: config 6 interface 86 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  265.388838][   T24] usb 5-1: config 6 interface 191 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  265.388858][   T24] usb 5-1: config 6 interface 191 altsetting 7 has a duplicate endpoint with address 0xD, skipping
[  265.388878][   T24] usb 5-1: config 6 interface 4 has no altsetting 0
[  265.388894][   T24] usb 5-1: config 6 interface 86 has no altsetting 0
[  265.388910][   T24] usb 5-1: config 6 interface 191 has no altsetting 0
[  265.392483][   T24] usb 5-1: New USB device found, idVendor=9022, idProduct=d630, bcdDevice=97.a9
[  265.599897][ T8504] netlink: 28 bytes leftover after parsing attributes in process `syz.1.660'.
[  265.621496][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.792092][   T24] usb 5-1: Product: syz
[  265.816874][   T24] usb 5-1: Manufacturer: syz
[  265.841513][   T24] usb 5-1: SerialNumber: syz
[  266.457185][   T10] etas_es58x 7-1:0.219: could not retrieve the product info string
[  266.514303][   T24] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  266.562372][   T10] usb 7-1: USB disconnect, device number 6
[  266.569651][   T10] etas_es58x 7-1:0.219: Disconnecting syz syz
[  266.741455][   T30] audit: type=1400 audit(1753404436.195:544): avc:  denied  { setattr } for  pid=8509 comm="syz.1.663" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  266.777634][ T8512] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[  266.830783][ T8512] 9pnet: Could not find request transport: fd)bfdno=ùüã=–	
[  267.321015][ T8518] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  267.353206][ T8518] batadv_slave_0: entered promiscuous mode
[  267.606963][ T8526] netlink: 4 bytes leftover after parsing attributes in process `syz.1.668'.
[  268.551001][ T8542] netlink: 12 bytes leftover after parsing attributes in process `syz.4.672'.
[  268.851277][ T8561] netlink: 216 bytes leftover after parsing attributes in process `syz.4.678'.
[  268.876670][ T8561] netlink: 24 bytes leftover after parsing attributes in process `syz.4.678'.
[  268.891080][   T10] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  268.927414][ T8561] netlink: 16 bytes leftover after parsing attributes in process `syz.4.678'.
[  268.940724][   T30] audit: type=1326 audit(1753404438.253:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8efa58e9a9 code=0x7ffc0000
[  269.090184][   T30] audit: type=1326 audit(1753404438.263:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f8efa58e9a9 code=0x7ffc0000
[  269.145662][   T10] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  269.157384][   T10] usb 7-1: config 0 has no interface number 0
[  269.175580][   T10] usb 7-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  269.362533][   T30] audit: type=1326 audit(1753404438.263:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8efa58e9a9 code=0x7ffc0000
[  269.370562][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.425381][   T10] usb 7-1: config 0 descriptor??
[  269.453485][   T10] usb 7-1: selecting invalid altsetting 1
[  269.467015][   T10] dvb_ttusb_budget: ttusb_init_controller: error
[  269.483418][   T10] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  269.694848][   T30] audit: type=1326 audit(1753404438.263:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8efa58e9a9 code=0x7ffc0000
[  269.835035][ T8550] mmap: syz.6.675 (8550): VmData 45780992 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  269.956777][   T30] audit: type=1326 audit(1753404438.291:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f8efa58e9a9 code=0x7ffc0000
[  270.106098][   T30] audit: type=1326 audit(1753404438.291:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8efa58e9a9 code=0x7ffc0000
[  270.135413][   T30] audit: type=1326 audit(1753404438.291:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f8efa58e9a9 code=0x7ffc0000
[  270.163763][   T30] audit: type=1326 audit(1753404438.450:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8efa58e9a9 code=0x7ffc0000
[  270.217928][   T30] audit: type=1326 audit(1753404438.450:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8559 comm="syz.4.678" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8efa58e9a9 code=0x7ffc0000
[  270.246171][ T8580] netlink: 4 bytes leftover after parsing attributes in process `syz.4.679'.
[  270.651514][   T10] DVB: Unable to find symbol cx22700_attach()
[  271.163902][   T10] DVB: Unable to find symbol tda10046_attach()
[  271.193092][   T10] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  271.217986][   T30] audit: type=1400 audit(1753404440.367:554): avc:  denied  { ioctl } for  pid=8587 comm="syz.6.681" path="socket:[21786]" dev="sockfs" ino=21786 ioctlcmd=0xa8d7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  271.266700][   T10] usb 7-1: USB disconnect, device number 7
[  271.330655][ T8589] lo speed is unknown, defaulting to 1000
[  272.045234][ T8614] x_tables: ip_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[  274.265119][ T8642] netlink: 36 bytes leftover after parsing attributes in process `syz.1.693'.
[  274.605099][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  274.605112][   T30] audit: type=1400 audit(1753404443.473:557): avc:  denied  { accept } for  pid=8638 comm="syz.1.693" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  274.983025][ T8654] netlink: 20 bytes leftover after parsing attributes in process `syz.0.696'.
[  276.996601][   T30] audit: type=1400 audit(1753404445.792:558): avc:  denied  { mounton } for  pid=8675 comm="syz.5.702" path="/syzcgroup/unified/syz5" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  277.461686][   T24] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -2). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  277.462602][ T5892] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  277.499140][ T5885] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -2). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  277.514676][ T5952] dvb-usb: did not find the firmware file 'dvb-usb-s630.fw' (status -2). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  277.517179][ T5892] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  277.542476][ T5892] usb 4-1: Direct firmware load for dvb-usb-s630.fw failed with error -2
[  277.551006][ T5892] usb 4-1: Falling back to sysfs fallback for: dvb-usb-s630.fw
[  277.617186][   T24] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  277.720856][ T5952] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  277.734140][ T5949] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  277.748870][ T8684] netlink: 'syz.4.704': attribute type 11 has an invalid length.
[  277.750889][ T5885] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  277.977275][ T5949] usb 6-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  278.018881][ T5949] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.255266][ T5949] usb 6-1: Product: syz
[  278.330077][ T5949] usb 6-1: Manufacturer: syz
[  278.373299][ T5949] usb 6-1: SerialNumber: syz
[  278.547254][ T5949] usb 6-1: config 0 descriptor??
[  278.581364][ T5949] gspca_main: sunplus-2.14.0 probing 055f:c230
[  280.557722][ T8713] netlink: 28 bytes leftover after parsing attributes in process `syz.4.713'.
[  280.632952][   T10] usb 6-1: USB disconnect, device number 4
[  283.345593][ T8747] netlink: 216 bytes leftover after parsing attributes in process `syz.0.721'.
[  283.388127][ T8747] netlink: 24 bytes leftover after parsing attributes in process `syz.0.721'.
[  283.410884][ T8747] netlink: 16 bytes leftover after parsing attributes in process `syz.0.721'.
[  283.485962][ T5949] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  283.742383][ T5949] usb 6-1: Using ep0 maxpacket: 32
[  283.789307][ T5949] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  283.900365][   T30] audit: type=1326 audit(1753404452.219:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8746 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae2558e9a9 code=0x7ffc0000
[  283.910702][ T5949] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  283.941594][ T5949] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  283.951314][ T5949] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  283.966797][   T30] audit: type=1326 audit(1753404452.275:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8746 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7fae2558e9a9 code=0x7ffc0000
[  284.002229][ T5949] usb 6-1: config 0 descriptor??
[  284.028095][ T5949] hub 6-1:0.0: USB hub found
[  284.072476][   T30] audit: type=1326 audit(1753404452.275:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8746 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae2558e9a9 code=0x7ffc0000
[  284.248220][   T30] audit: type=1326 audit(1753404452.275:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8746 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae2558e9a9 code=0x7ffc0000
[  285.305637][ T5949] hub 6-1:0.0: config failed, can't read hub descriptor (err -90)
[  285.785946][ T5949] hid-generic 0003:046D:C31C.0005: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.5-1/input0
[  285.871742][ T8775] netlink: 32 bytes leftover after parsing attributes in process `syz.1.728'.
[  285.880756][ T8775] team_slave_0: entered promiscuous mode
[  285.886640][ T8775] team_slave_1: entered promiscuous mode
[  286.404208][   T10] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  286.465226][ T5949] usb 6-1: USB disconnect, device number 5
[  286.596816][   T10] usb 7-1: Using ep0 maxpacket: 16
[  286.712617][   T10] usb 7-1: config 6 has an invalid interface number: 28 but max is 3
[  286.735669][   T10] usb 7-1: config 6 has an invalid interface number: 4 but max is 3
[  286.884550][   T10] usb 7-1: config 6 has an invalid interface number: 86 but max is 3
[  286.903047][   T10] usb 7-1: config 6 has an invalid interface number: 191 but max is 3
[  286.923542][   T10] usb 7-1: config 6 has no interface number 0
[  286.944727][   T10] usb 7-1: config 6 has no interface number 1
[  286.958692][   T10] usb 7-1: config 6 has no interface number 2
[  286.965284][   T10] usb 7-1: config 6 has no interface number 3
[  286.975801][   T10] usb 7-1: config 6 interface 28 altsetting 0 endpoint 0x2 has invalid maxpacket 1576, setting to 64
[  287.166621][   T10] usb 7-1: config 6 interface 4 altsetting 5 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  287.217682][   T10] usb 7-1: config 6 interface 86 altsetting 9 has a duplicate endpoint with address 0x7, skipping
[  287.520832][   T30] audit: type=1400 audit(1753404455.633:563): avc:  denied  { create } for  pid=8790 comm="syz.1.734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  287.550571][   T10] usb 7-1: config 6 interface 86 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  287.602994][   T10] usb 7-1: config 6 interface 86 altsetting 9 endpoint 0xD has an invalid bInterval 255, changing to 7
[  288.001819][   T10] usb 7-1: config 6 interface 86 altsetting 9 endpoint 0xD has invalid wMaxPacketSize 0
[  288.012148][   T10] usb 7-1: config 6 interface 86 altsetting 9 endpoint 0xE has invalid wMaxPacketSize 0
[  288.029366][   T10] usb 7-1: config 6 interface 86 altsetting 9 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[  288.061459][   T10] usb 7-1: config 6 interface 86 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  288.076216][   T10] usb 7-1: config 6 interface 191 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[  288.087836][   T10] usb 7-1: config 6 interface 191 altsetting 7 has a duplicate endpoint with address 0xD, skipping
[  288.102444][   T10] usb 7-1: config 6 interface 4 has no altsetting 0
[  288.206331][   T10] usb 7-1: config 6 interface 86 has no altsetting 0
[  288.256728][   T10] usb 7-1: config 6 interface 191 has no altsetting 0
[  288.295456][   T10] usb 7-1: New USB device found, idVendor=9022, idProduct=d630, bcdDevice=97.a9
[  288.427943][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.439037][   T10] usb 7-1: Product: syz
[  288.443682][   T10] usb 7-1: Manufacturer: syz
[  288.450832][   T10] usb 7-1: SerialNumber: syz
[  288.680877][   T10] dvb-usb: found a 'TeVii S630 USB' in cold state, will try to load a firmware
[  290.746805][ T8843] netlink: 4 bytes leftover after parsing attributes in process `syz.4.747'.
[  291.944050][ T8855] netlink: 216 bytes leftover after parsing attributes in process `syz.6.752'.
[  292.033406][ T8855] netlink: 24 bytes leftover after parsing attributes in process `syz.6.752'.
[  292.348222][   T30] audit: type=1326 audit(1753404460.153:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8854 comm="syz.6.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0701f8e9a9 code=0x7ffc0000
[  292.412849][ T8855] netlink: 16 bytes leftover after parsing attributes in process `syz.6.752'.
[  292.494106][   T30] audit: type=1326 audit(1753404460.153:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8854 comm="syz.6.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f0701f8e9a9 code=0x7ffc0000
[  292.532723][   T30] audit: type=1326 audit(1753404460.153:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8854 comm="syz.6.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0701f8e9a9 code=0x7ffc0000
[  292.569238][   T30] audit: type=1326 audit(1753404460.172:567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8854 comm="syz.6.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0701f8e9a9 code=0x7ffc0000
[  292.611118][ T7037] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  292.741655][   T30] audit: type=1326 audit(1753404460.172:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8854 comm="syz.6.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0701f8e9a9 code=0x7ffc0000
[  293.075192][   T30] audit: type=1326 audit(1753404460.172:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8854 comm="syz.6.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0701f8e9a9 code=0x7ffc0000
[  293.078966][ T7037] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.474871][   T30] audit: type=1326 audit(1753404460.172:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8854 comm="syz.6.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0701f8e9a9 code=0x7ffc0000
[  293.527863][   T30] audit: type=1326 audit(1753404460.172:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8854 comm="syz.6.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f0701f8e9a9 code=0x7ffc0000
[  293.639423][   T30] audit: type=1326 audit(1753404460.172:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8854 comm="syz.6.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0701f8e9a9 code=0x7ffc0000
[  293.702774][ T7037] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.790520][   T30] audit: type=1326 audit(1753404460.172:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8854 comm="syz.6.752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f0701f8e9a9 code=0x7ffc0000
[  294.558152][ T7037] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.573382][ T5153] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  294.582051][ T5153] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  294.590200][ T5153] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  294.598500][ T5153] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  294.605822][ T5153] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  294.907761][ T8897] lo speed is unknown, defaulting to 1000
[  295.043543][ T7037] bridge_slave_1: left allmulticast mode
[  295.088076][ T7037] bridge_slave_1: left promiscuous mode
[  295.122859][ T7037] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.132847][ T8909] netlink: 'syz.1.761': attribute type 4 has an invalid length.
[  295.167295][ T7037] bridge_slave_0: left allmulticast mode
[  295.175769][ T7037] bridge_slave_0: left promiscuous mode
[  295.193631][ T8910] netlink: 'syz.1.761': attribute type 4 has an invalid length.
[  295.212347][ T7037] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.409612][ T8914] netlink: 4 bytes leftover after parsing attributes in process `syz.6.762'.
[  296.314966][ T8923] netlink: 216 bytes leftover after parsing attributes in process `syz.0.764'.
[  296.324054][ T8923] netlink: 24 bytes leftover after parsing attributes in process `syz.0.764'.
[  296.347510][ T8923] netlink: 16 bytes leftover after parsing attributes in process `syz.0.764'.
[  296.865789][ T5153] Bluetooth: hci5: command tx timeout
[  297.044785][ T7037] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.056649][ T7037] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.071334][ T7037] bond0 (unregistering): Released all slaves
[  298.066118][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  298.066133][   T30] audit: type=1400 audit(1753404465.504:592): avc:  denied  { getopt } for  pid=8950 comm="syz.4.770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  298.244789][   T30] audit: type=1400 audit(1753404465.541:593): avc:  denied  { ioctl } for  pid=8950 comm="syz.4.770" path="/dev/usbmon7" dev="devtmpfs" ino=737 ioctlcmd=0x9204 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  298.303922][   T30] audit: type=1400 audit(1753404465.663:594): avc:  denied  { map } for  pid=8950 comm="syz.4.770" path="/dev/tty3" dev="devtmpfs" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  298.347277][   T30] audit: type=1400 audit(1753404465.663:595): avc:  denied  { execute } for  pid=8950 comm="syz.4.770" path="/dev/tty3" dev="devtmpfs" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tty_device_t tclass=chr_file permissive=1
[  298.560682][ T8897] chnl_net:caif_netlink_parms(): no params data found
[  299.084213][ T5153] Bluetooth: hci5: command tx timeout
[  299.259754][ T8974] netlink: 24 bytes leftover after parsing attributes in process `syz.4.773'.
[  299.295265][ T8978] netlink: 28 bytes leftover after parsing attributes in process `syz.1.775'.
[  299.307369][ T7037] hsr_slave_0: left promiscuous mode
[  299.324630][ T7037] hsr_slave_1: left promiscuous mode
[  299.340744][ T7037] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  299.348363][ T7037] batman_adv: batadv0: Removing interface: batadv_slave_0
[  299.359907][ T7037] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  299.370784][ T7037] batman_adv: batadv0: Removing interface: batadv_slave_1
[  299.531146][ T7037] veth1_macvtap: left promiscuous mode
[  299.537093][ T7037] veth0_macvtap: left promiscuous mode
[  299.543515][ T7037] veth1_vlan: left promiscuous mode
[  299.555169][ T7037] veth0_vlan: left promiscuous mode
[  300.319679][ T7037] team0 (unregistering): Port device team_slave_1 removed
[  300.357960][ T7037] team0 (unregistering): Port device team_slave_0 removed
[  300.810692][ T8897] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.832338][ T8897] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.846926][ T8897] bridge_slave_0: entered allmulticast mode
[  300.899168][ T8897] bridge_slave_0: entered promiscuous mode
[  300.908605][ T8897] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.915960][ T8897] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.923989][ T8897] bridge_slave_1: entered allmulticast mode
[  300.934580][ T8897] bridge_slave_1: entered promiscuous mode
[  301.001733][ T8994] netlink: 4 bytes leftover after parsing attributes in process `syz.1.777'.
[  301.307148][ T5153] Bluetooth: hci5: command tx timeout
[  301.707215][   T30] audit: type=1400 audit(1753404468.881:596): avc:  denied  { ioctl } for  pid=8998 comm="syz.6.779" path="socket:[23657]" dev="sockfs" ino=23657 ioctlcmd=0x940a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  301.766680][   T30] audit: type=1400 audit(1753404468.881:597): avc:  denied  { ioctl } for  pid=8998 comm="syz.6.779" path="socket:[23658]" dev="sockfs" ino=23658 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[  301.853912][ T8897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  301.932209][ T9012] xt_ecn: cannot match TCP bits for non-tcp packets
[  301.976129][ T8897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  302.159028][ T8897] team0: Port device team_slave_0 added
[  302.210257][   T30] audit: type=1400 audit(1753404469.367:598): avc:  denied  { setopt } for  pid=9016 comm="syz.1.783" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  302.253190][ T8897] team0: Port device team_slave_1 added
[  302.787369][ T8897] batman_adv: batadv0: Adding interface: batadv_slave_0
[  302.794978][ T8897] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  302.892271][ T8897] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  302.959369][ T8897] batman_adv: batadv0: Adding interface: batadv_slave_1
[  303.034565][ T8897] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  303.275454][ T8897] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  303.586918][ T5153] Bluetooth: hci5: command tx timeout
[  303.706651][ T9055] netlink: 28 bytes leftover after parsing attributes in process `syz.4.791'.
[  303.994225][ T8897] hsr_slave_0: entered promiscuous mode
[  304.000279][ T8897] hsr_slave_1: entered promiscuous mode
[  304.043025][ T8897] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  304.128620][   T30] audit: type=1400 audit(1753404471.107:599): avc:  denied  { read write } for  pid=9045 comm="syz.0.790" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  304.157862][ T8897] Cannot create hsr debugfs directory
[  304.178623][   T30] audit: type=1400 audit(1753404471.107:600): avc:  denied  { open } for  pid=9045 comm="syz.0.790" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  304.228011][   T30] audit: type=1400 audit(1753404471.107:601): avc:  denied  { map } for  pid=9045 comm="syz.0.790" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  304.676041][   T30] audit: type=1326 audit(1753404471.687:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9064 comm="syz.4.792" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8efa58e9a9 code=0x0
[  304.731576][ T8897] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  304.772130][ T8897] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  304.801739][ T8897] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  304.843467][ T8897] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  305.382234][ T8897] 8021q: adding VLAN 0 to HW filter on device bond0
[  305.424021][ T8897] 8021q: adding VLAN 0 to HW filter on device team0
[  305.439187][ T7038] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.446394][ T7038] bridge0: port 1(bridge_slave_0) entered forwarding state
[  305.463541][ T7037] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.470718][ T7037] bridge0: port 2(bridge_slave_1) entered forwarding state
[  305.693783][ T9094] Cannot find del_set index 2 as target
[  305.996381][ T9100] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[9100]
[  306.058346][ T8897] 8021q: adding VLAN 0 to HW filter on device batadv0
[  306.065644][ T9103] ptrace attach of "./syz-executor exec"[5825] was attempted by "./syz-executor exec"[9103]
[  306.539753][ T8897] veth0_vlan: entered promiscuous mode
[  306.560257][ T8897] veth1_vlan: entered promiscuous mode
[  306.612507][ T8897] veth0_macvtap: entered promiscuous mode
[  306.623257][ T8897] veth1_macvtap: entered promiscuous mode
[  306.645851][ T8897] batman_adv: batadv0: Interface activated: batadv_slave_0
[  306.668818][ T8897] batman_adv: batadv0: Interface activated: batadv_slave_1
[  306.685889][ T8897] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  306.694783][ T8897] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  306.708484][ T8897] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  306.717724][ T8897] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  306.821674][ T7041] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  306.852360][ T7041] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  306.898891][ T7045] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  306.924673][ T7045] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  307.003221][   T30] audit: type=1400 audit(1753404473.857:603): avc:  denied  { mounton } for  pid=8897 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  307.197629][ T9125] netlink: 68 bytes leftover after parsing attributes in process `syz.7.753'.
[  310.282635][ T9171] syzkaller1: entered promiscuous mode
[  310.289739][ T9171] syzkaller1: entered allmulticast mode
[  313.432351][ T9214] evm: overlay not supported
[  314.351130][ T9238] xt_socket: unknown flags 0xc
[  314.506840][   T30] audit: type=1400 audit(1753404480.742:604): avc:  denied  { kexec_image_load } for  pid=9226 comm="syz.0.819" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  318.014670][   T30] audit: type=1400 audit(1753404484.118:605): avc:  denied  { listen } for  pid=9280 comm="syz.1.827" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  318.637814][ T9295] netlink: 'syz.0.832': attribute type 1 has an invalid length.
[  318.667901][ T9295] netlink: 'syz.0.832': attribute type 4 has an invalid length.
[  318.877002][ T9295] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.832'.
[  319.450844][ T9304] netlink: 'syz.0.832': attribute type 1 has an invalid length.
[  319.677710][ T9304] netlink: 'syz.0.832': attribute type 4 has an invalid length.
[  319.745194][ T9304] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.832'.
[  320.190116][   T30] audit: type=1401 audit(1753404486.129:606): op=fscreate invalid_context=2321202E2F6367726F75702F66696C6530616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616161616
[  320.667607][ T5971] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  321.576419][ T5971] usb 8-1: Using ep0 maxpacket: 8
[  321.584303][ T5971] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  321.625714][ T5971] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  321.741873][ T5971] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  321.775462][ T5971] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  321.816787][ T5971] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  321.864771][ T5971] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  321.901094][ T5971] usb 8-1: SerialNumber: syz
[  321.933978][ T9328] raw-gadget.2 gadget.7: fail, usb_ep_enable returned -22
[  321.955114][ T5971] cdc_ether 8-1:1.0: probe with driver cdc_ether failed with error -22
[  322.093704][ T5971] usb-storage 8-1:1.0: USB Mass Storage device detected
[  322.577485][ T5971] usb-storage 8-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  322.595539][ T5971] scsi host1: usb-storage 8-1:1.0
[  323.054603][ T9365] netlink: 'syz.6.841': attribute type 1 has an invalid length.
[  323.169460][ T9365] netlink: 172 bytes leftover after parsing attributes in process `syz.6.841'.
[  323.417457][ T9374] program syz.4.845 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  323.525399][ T9382] netlink: 28 bytes leftover after parsing attributes in process `syz.0.847'.
[  323.565594][ T9329] pim6reg: entered allmulticast mode
[  325.709596][    T9] usb 8-1: USB disconnect, device number 2
[  326.107204][ T9320] pim6reg: left allmulticast mode
[  326.682031][ T9403] tipc: Started in network mode
[  326.728443][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  326.739956][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  326.749807][ T9403] tipc: Node identity ee9e7103c0c4, cluster identity 4711
[  326.844931][ T9403] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  326.898894][ T9408] syzkaller0: entered promiscuous mode
[  326.931101][ T9408] syzkaller0: entered allmulticast mode
[  327.279960][ T9403] syzkaller0: mtu greater than device maximum
[  327.360274][ T9402] tipc: Resetting bearer <eth:syzkaller0>
[  327.765568][ T9402] tipc: Disabling bearer <eth:syzkaller0>
[  327.919660][ T9437] netlink: 4 bytes leftover after parsing attributes in process `syz.4.861'.
[  331.826036][ T9492] netlink: 28 bytes leftover after parsing attributes in process `syz.6.873'.
[  333.582017][ T5971] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  333.800905][ T5971] usb 8-1: device descriptor read/64, error -71
[  334.234625][ T5971] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  334.298940][ T9524] tipc: Started in network mode
[  334.303838][ T9524] tipc: Node identity , cluster identity 4711
[  334.314707][ T9524] tipc: Failed to obtain node identity
[  334.324499][ T9524] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  334.367358][ T9524] syzkaller0: entered promiscuous mode
[  334.373078][ T5971] usb 8-1: device descriptor read/64, error -71
[  334.382512][ T9524] syzkaller0: entered allmulticast mode
[  334.407912][ T5153] Bluetooth: hci6: command 0x0406 tx timeout
[  334.491466][ T5971] usb usb8-port1: attempt power cycle
[  334.760767][   T30] audit: type=1400 audit(1753404499.833:607): avc:  denied  { create } for  pid=9534 comm="syz.6.882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  334.967913][ T5971] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  335.007901][ T5971] usb 8-1: device descriptor read/8, error -71
[  335.016775][   T30] audit: type=1400 audit(1753404499.833:608): avc:  denied  { getopt } for  pid=9534 comm="syz.6.882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  335.037429][   T30] audit: type=1400 audit(1753404499.833:609): avc:  denied  { map } for  pid=9534 comm="syz.6.882" path="socket:[27557]" dev="sockfs" ino=27557 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  335.271018][ T5971] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  335.293664][ T5971] usb 8-1: device descriptor read/8, error -71
[  335.414840][ T5971] usb usb8-port1: unable to enumerate USB device
[  336.165401][ T9542] cgroup2: Unknown parameter 'me'
[  336.190619][ T9542] 9pnet_fd: Insufficient options for proto=fd
[  336.263732][ T9548] binder: Unknown parameter 'st�(glgbH½~'
[  336.280821][   T30] audit: type=1400 audit(1753404501.246:610): avc:  denied  { bind } for  pid=9547 comm="syz.4.885" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  337.181404][ T9565] vlan3: entered promiscuous mode
[  337.186663][ T9565] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  337.194346][ T9565] vlan3: entered allmulticast mode
[  337.200290][ T9565] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  337.229759][   T30] audit: type=1400 audit(1753404502.115:611): avc:  denied  { unmount } for  pid=8897 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  337.736281][ T5971] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  337.965022][ T5971] usb 8-1: Using ep0 maxpacket: 16
[  337.985887][ T5971] usb 8-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  338.009328][ T5971] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.033463][ T5971] usb 8-1: Product: syz
[  338.037666][ T5971] usb 8-1: Manufacturer: syz
[  338.110474][ T5971] usb 8-1: SerialNumber: syz
[  338.128688][ T5971] usb 8-1: config 0 descriptor??
[  338.410966][   T31] INFO: task syz.2.331:7216 blocked for more than 143 seconds.
[  338.484526][   T31]       Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0
[  338.558990][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  338.568723][   T31] task:syz.2.331       state:D stack:25384 pid:7216  tgid:7215  ppid:5830   task_flags:0x400140 flags:0x00024004
[  338.596355][   T31] Call Trace:
[  338.605421][   T31]  <TASK>
[  338.614031][   T31]  __schedule+0x116a/0x5dd0
[  338.629268][   T31]  ? __lock_acquire+0x622/0x1c90
[  338.641481][   T31]  ? __pfx___schedule+0x10/0x10
[  338.656536][   T31]  ? find_held_lock+0x2b/0x80
[  338.665187][   T31]  ? schedule+0x2d7/0x3a0
[  338.669755][   T31]  schedule+0xe7/0x3a0
[  338.674419][   T31]  schedule_preempt_disabled+0x13/0x30
[  338.680105][   T31]  __mutex_lock+0x6c7/0xb90
[  338.688190][   T31]  ? do_raw_spin_unlock+0x172/0x230
[  338.698566][   T31]  ? usbdev_open+0x1b6/0x8b0
[  338.703703][   T31]  ? __pfx___mutex_lock+0x10/0x10
[  338.709054][ T5971] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  338.718658][ T5971] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  338.729538][   T31]  ? kobject_put+0xab/0x5a0
[  338.857139][   T31]  ? __pfx_device_match_devt+0x10/0x10
[  338.863694][ T5971] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  338.872151][ T5971] usb 8-1: media controller created
[  338.880912][   T31]  ? __pfx_bus_find_device+0x10/0x10
[  338.894524][   T31]  ? usbdev_open+0x1b6/0x8b0
[  338.909382][   T31]  usbdev_open+0x1b6/0x8b0
[  338.915870][ T5971] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  338.935513][ T9575] dtv5100: wlen = 0, aborting.
[  338.959519][   T31]  ? do_raw_spin_lock+0x12c/0x2b0
[  338.977800][   T31]  ? __pfx_usbdev_open+0x10/0x10
[  338.999712][   T31]  ? chrdev_open+0x58c/0x6a0
[  339.046966][   T31]  ? __pfx_usbdev_open+0x10/0x10
[  339.067386][   T31]  chrdev_open+0x234/0x6a0
[  339.079814][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  339.085018][ T5971] zl10353_read_register: readreg error (reg=127, ret==0)
[  339.085525][   T31]  ? file_set_fsnotify_mode_from_watchers+0x163/0x640
[  339.105877][   T31]  do_dentry_open+0x744/0x1c10
[  339.111776][   T31]  ? __pfx_chrdev_open+0x10/0x10
[  339.126725][ T5971] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  339.133863][   T31]  vfs_open+0x82/0x3f0
[  339.150821][ T5971] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  339.153976][   T31]  path_openat+0x1de4/0x2cb0
[  339.188112][   T31]  ? __pfx_path_openat+0x10/0x10
[  339.200862][ T5971] usb 8-1: USB disconnect, device number 7
[  339.200992][   T31]  ? __lock_acquire+0xb8a/0x1c90
[  339.244323][   T31]  do_filp_open+0x20b/0x470
[  339.249067][   T31]  ? __pfx_do_filp_open+0x10/0x10
[  339.254139][   T31]  ? alloc_fd+0x471/0x7d0
[  339.264023][ T5971] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  339.269568][   T31]  do_sys_openat2+0x11b/0x1d0
[  339.277925][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[  339.313739][   T31]  ? __pfx___might_resched+0x10/0x10
[  339.323849][   T31]  __x64_sys_openat+0x174/0x210
[  339.329051][   T31]  ? __pfx___x64_sys_openat+0x10/0x10
[  339.341721][   T31]  do_syscall_64+0xcd/0x4c0
[  339.349910][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.357574][   T31] RIP: 0033:0x7f274578d310
[  339.362048][   T31] RSP: 002b:00007f274660eb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  339.373274][   T31] RAX: ffffffffffffffda RBX: 0000000000000402 RCX: 00007f274578d310
[  339.383011][   T31] RDX: 0000000000000402 RSI: 00007f274660ec10 RDI: 00000000ffffff9c
[  339.395884][   T31] RBP: 00007f274660ec10 R08: 0000000000000000 R09: 0000000000000000
[  339.412040][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[  339.420382][   T31] R13: 0000000000000000 R14: 00007f27459b5fa0 R15: 00007ffc3b136c98
[  339.428401][   T31]  </TASK>
[  339.448456][   T31] 
[  339.448456][   T31] Showing all locks held in the system:
[  339.463818][   T31] 5 locks held by kworker/0:1/10:
[  339.468910][   T31]  #0: ffff8881442a7948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  339.480933][   T31]  #1: ffffc900000f7d10 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  339.493432][   T31]  #2: ffff8881443a8198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fe0
[  339.505614][   T31]  #3: ffff88805bfea198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  339.515023][   T31]  #4: ffff888032f32160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  339.524771][   T31] 5 locks held by kworker/1:0/24:
[  339.531008][   T31]  #0: ffff8881442a7948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  339.542370][   T31]  #1: ffffc900001e7d10 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  339.553967][   T31]  #2: ffff888144343198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fe0
[  339.563198][   T31]  #3: ffff8880534e4198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  339.572832][   T31]  #4: ffff888077f2d160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  339.582399][   T31] 1 lock held by khungtaskd/31:
[  339.587335][   T31]  #0: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[  339.627833][   T31] 2 locks held by kworker/u8:8/4541:
[  339.633717][   T31]  #0: ffff88801fbe6948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  339.648669][   T31]  #1: ffffc9000e507d10 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  339.660529][   T31] 2 locks held by getty/5591:
[  339.665627][   T31]  #0: ffff88814ce060a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  339.675703][   T31]  #1: ffffc9000332e2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x14f0
[  339.685928][   T31] 4 locks held by udevd/5826:
[  339.691026][   T31]  #0: ffff888077b7f8b8 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12c0
[  339.700258][   T31]  #1: ffff8880457c9c88 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x4d/0x240
[  339.711356][   T31]  #2: ffff888053c054b8 (kn->active#23){++++}-{0:0}, at: kernfs_seq_start+0x71/0x240
[  339.724782][   T31]  #3: ffff8880534e4198 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[  339.736501][   T31] 4 locks held by udevd/5848:
[  339.742860][   T31]  #0: ffff88807c6e12f0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12c0
[  339.752275][   T31]  #1: ffff8880367d3c88 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x4d/0x240
[  339.762065][   T31]  #2: ffff88805c326698 (kn->active#23){++++}-{0:0}, at: kernfs_seq_start+0x71/0x240
[  339.771918][   T31]  #3: ffff8880258b6198 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[  339.781355][   T31] 5 locks held by kworker/1:4/5885:
[  339.786958][   T31]  #0: ffff8881442a7948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  339.798082][   T31]  #1: ffffc9000436fd10 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  339.809648][   T31]  #2: ffff888029821198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fe0
[  339.818856][   T31]  #3: ffff88805b71b198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  339.829709][   T31]  #4: ffff88805bd4e160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  339.839304][   T31] 6 locks held by kworker/0:3/5892:
[  339.844588][   T31]  #0: ffff8881442a7948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  339.856004][   T31]  #1: ffffc90002e67d10 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  339.868491][   T31]  #2: ffff888144334198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fe0
[  339.877473][   T31]  #3: ffff88805bfef198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  339.887378][   T31]  #4: ffff88805a215160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  339.897190][   T31]  #5: ffffffff8e478bb0 (umhelper_sem){++++}-{4:4}, at: usermodehelper_read_trylock+0xa9/0x250
[  339.907921][   T31] 5 locks held by kworker/1:8/5952:
[  339.913408][   T31]  #0: ffff8881442a7948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x12a2/0x1b70
[  339.924523][   T31]  #1: ffffc900049efd10 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x929/0x1b70
[  339.937264][   T31]  #2: ffff888143bfc198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x4fe0
[  339.946771][   T31]  #3: ffff8880258b6198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  339.956347][   T31]  #4: ffff888028846160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4b0
[  339.965986][   T31] 4 locks held by udevd/5992:
[  339.970740][   T31]  #0: ffff88803356b0a0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12c0
[  339.980067][   T31]  #1: ffff88805a17f088 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x4d/0x240
[  339.989967][   T31]  #2: ffff88805d57bb48 (kn->active#23){++++}-{0:0}, at: kernfs_seq_start+0x71/0x240
[  339.999795][   T31]  #3: ffff88805bfef198 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[  340.009494][   T31] 4 locks held by udevd/6028:
[  340.014434][   T31]  #0: ffff88802b0a10a0 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xe1/0x12c0
[  340.023744][   T31]  #1: ffff88805a60b088 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x4d/0x240
[  340.033546][   T31]  #2: ffff888033273b48 (kn->active#23){++++}-{0:0}, at: kernfs_seq_start+0x71/0x240
[  340.043359][   T31]  #3: ffff88805bfea198 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[  340.058632][   T31] 1 lock held by syz.2.331/7216:
[  340.073406][   T31]  #0: ffff888029821198 (&dev->mutex){....}-{4:4}, at: usbdev_open+0x1b6/0x8b0
[  340.086334][   T31] 1 lock held by syz.3.400/7502:
[  340.091410][   T31]  #0: ffff888029821198 (&dev->mutex){....}-{4:4}, at: usbdev_open+0x1b6/0x8b0
[  340.100639][   T31] 1 lock held by syz.1.877/9513:
[  340.107213][   T31]  #0: ffff888029821198 (&dev->mutex){....}-{4:4}, at: usbdev_open+0x1b6/0x8b0
[  340.116373][   T31] 2 locks held by sed/9629:
[  340.121003][   T31] 
[  340.123382][   T31] =============================================
[  340.123382][   T31] 
[  340.132885][   T31] NMI backtrace for cpu 1
[  340.132900][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[  340.132922][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  340.132932][   T31] Call Trace:
[  340.132938][   T31]  <TASK>
[  340.132945][   T31]  dump_stack_lvl+0x116/0x1f0
[  340.132966][   T31]  nmi_cpu_backtrace+0x27b/0x390
[  340.132991][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  340.133016][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  340.133042][   T31]  watchdog+0xf70/0x12c0
[  340.133066][   T31]  ? __pfx_watchdog+0x10/0x10
[  340.133083][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  340.133110][   T31]  ? __kthread_parkme+0x19e/0x250
[  340.133136][   T31]  ? __pfx_watchdog+0x10/0x10
[  340.133154][   T31]  kthread+0x3c5/0x780
[  340.133171][   T31]  ? __pfx_kthread+0x10/0x10
[  340.133188][   T31]  ? rcu_is_watching+0x12/0xc0
[  340.133210][   T31]  ? __pfx_kthread+0x10/0x10
[  340.133227][   T31]  ret_from_fork+0x5d4/0x6f0
[  340.133251][   T31]  ? __pfx_kthread+0x10/0x10
[  340.133268][   T31]  ret_from_fork_asm+0x1a/0x30
[  340.133298][   T31]  </TASK>
[  340.133305][   T31] Sending NMI from CPU 1 to CPUs 0:
[  340.259086][    C0] NMI backtrace for cpu 0
[  340.259100][    C0] CPU: 0 UID: 0 PID: 9632 Comm: rm Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[  340.259117][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  340.259125][    C0] RIP: 0010:unwind_next_frame+0xa9/0x20a0
[  340.259143][    C0] Code: 45 38 48 89 c2 48 89 04 24 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 24 18 00 00 49 8b 45 38 48 89 44 24 10 <e8> 32 7c 36 00 31 d2 45 31 c9 45 31 c0 48 8d 05 00 00 00 00 50 b9
[  340.259156][    C0] RSP: 0018:ffffc9000b7dea78 EFLAGS: 00000246
[  340.259168][    C0] RAX: ffffc9000b7df830 RBX: 0000000000000001 RCX: ffffc9000b7dea3c
[  340.259177][    C0] RDX: 1ffff920016fbd64 RSI: ffffffff8211e1c7 RDI: ffffc9000b7deae8
[  340.259186][    C0] RBP: ffffc9000b7deb30 R08: 0000000000000001 R09: 0000000000000000
[  340.259194][    C0] R10: 0000000000000000 R11: 0000000000011164 R12: ffffffff81a78cf0
[  340.259203][    C0] R13: ffffc9000b7deae8 R14: 0000000000000000 R15: ffff888036494880
[  340.259212][    C0] FS:  0000000000000000(0000) GS:ffff888124720000(0000) knlGS:0000000000000000
[  340.259226][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  340.259235][    C0] CR2: 00007f1d6d7c9440 CR3: 000000005b2f3000 CR4: 00000000003526f0
[  340.259244][    C0] Call Trace:
[  340.259249][    C0]  <TASK>
[  340.259254][    C0]  ? __mmap_region+0x3c7/0x25e0
[  340.259275][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  340.259294][    C0]  arch_stack_walk+0x94/0x100
[  340.259313][    C0]  ? __mmap_region+0x3c7/0x25e0
[  340.259333][    C0]  stack_trace_save+0x8e/0xc0
[  340.259350][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  340.259370][    C0]  save_stack+0x160/0x1f0
[  340.259389][    C0]  ? __pfx_save_stack+0x10/0x10
[  340.259406][    C0]  ? post_alloc_hook+0x1c0/0x230
[  340.259422][    C0]  ? get_page_from_freelist+0x1321/0x3890
[  340.259441][    C0]  ? __alloc_frozen_pages_noprof+0x261/0x23f0
[  340.259460][    C0]  ? alloc_pages_mpol+0x1fb/0x550
[  340.259473][    C0]  ? new_slab+0x23b/0x330
[  340.259488][    C0]  ? ___slab_alloc+0xd9c/0x1940
[  340.259503][    C0]  ? kmem_cache_alloc_bulk_noprof+0x24e/0xbc0
[  340.259521][    C0]  ? mas_alloc_nodes+0x2f1/0x8b0
[  340.259540][    C0]  ? mas_node_count_gfp+0x105/0x130
[  340.259558][    C0]  ? mas_preallocate+0x7e0/0xde0
[  340.259572][    C0]  ? __split_vma+0x34a/0x1070
[  340.259588][    C0]  ? vms_gather_munmap_vmas+0x392/0x1310
[  340.259605][    C0]  ? __mmap_region+0x3c7/0x25e0
[  340.259624][    C0]  ? __lock_acquire+0x622/0x1c90
[  340.259639][    C0]  __set_page_owner+0x91/0x550
[  340.259659][    C0]  ? __pfx___set_page_owner+0x10/0x10
[  340.259679][    C0]  ? bad_range+0x261/0x4c0
[  340.259692][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[  340.259713][    C0]  post_alloc_hook+0x1c0/0x230
[  340.259732][    C0]  get_page_from_freelist+0x1321/0x3890
[  340.259754][    C0]  ? prepare_alloc_pages+0x3c2/0x610
[  340.259771][    C0]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  340.259790][    C0]  ? is_bpf_text_address+0x8a/0x1a0
[  340.259805][    C0]  ? bpf_ksym_find+0x127/0x1c0
[  340.259823][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  340.259840][    C0]  ? is_bpf_text_address+0x94/0x1a0
[  340.259855][    C0]  ? kernel_text_address+0x8d/0x100
[  340.259869][    C0]  ? __kernel_text_address+0xd/0x40
[  340.259883][    C0]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  340.259907][    C0]  ? stack_trace_save+0x8e/0xc0
[  340.259930][    C0]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  340.259946][    C0]  ? policy_nodemask+0xea/0x4e0
[  340.259959][    C0]  alloc_pages_mpol+0x1fb/0x550
[  340.259972][    C0]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  340.259984][    C0]  ? get_freelist+0x1a8/0x1e0
[  340.259998][    C0]  ? find_held_lock+0x2b/0x80
[  340.260014][    C0]  new_slab+0x23b/0x330
[  340.260030][    C0]  ___slab_alloc+0xd9c/0x1940
[  340.260046][    C0]  ? mas_alloc_nodes+0x2f1/0x8b0
[  340.260064][    C0]  ? ___slab_alloc+0x51/0x1940
[  340.260081][    C0]  ? find_held_lock+0x2b/0x80
[  340.260098][    C0]  ? kmem_cache_alloc_bulk_noprof+0x24e/0xbc0
[  340.260116][    C0]  kmem_cache_alloc_bulk_noprof+0x24e/0xbc0
[  340.260136][    C0]  ? kmem_cache_alloc_noprof+0x21e/0x3b0
[  340.260155][    C0]  ? mas_alloc_nodes+0x18b/0x8b0
[  340.260174][    C0]  ? mas_alloc_nodes+0x2f1/0x8b0
[  340.260192][    C0]  mas_alloc_nodes+0x2f1/0x8b0
[  340.260212][    C0]  mas_node_count_gfp+0x105/0x130
[  340.260231][    C0]  mas_preallocate+0x7e0/0xde0
[  340.260247][    C0]  ? __pfx_mas_preallocate+0x10/0x10
[  340.260264][    C0]  ? anon_vma_name+0x75/0x100
[  340.260280][    C0]  __split_vma+0x34a/0x1070
[  340.260298][    C0]  ? __pfx___split_vma+0x10/0x10
[  340.260314][    C0]  ? mas_next_slot+0x12d3/0x21b0
[  340.260332][    C0]  vms_gather_munmap_vmas+0x392/0x1310
[  340.260352][    C0]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  340.260371][    C0]  ? mas_walk+0x6a6/0x910
[  340.260392][    C0]  __mmap_region+0x3c7/0x25e0
[  340.260410][    C0]  ? mt_validate_nulls+0x1c1/0x9e0
[  340.260423][    C0]  ? __pfx___mmap_region+0x10/0x10
[  340.260444][    C0]  ? __lock_acquire+0x622/0x1c90
[  340.260460][    C0]  ? find_held_lock+0x2b/0x80
[  340.260476][    C0]  ? avc_has_perm_noaudit+0x117/0x3b0
[  340.260503][    C0]  ? mm_get_unmapped_area_vmflags+0x97/0xe0
[  340.260522][    C0]  mmap_region+0x1ab/0x3f0
[  340.260541][    C0]  ? __get_unmapped_area+0x267/0x440
[  340.260556][    C0]  do_mmap+0xa3e/0x1210
[  340.260572][    C0]  ? __pfx_do_mmap+0x10/0x10
[  340.260586][    C0]  ? __pfx_down_write_killable+0x10/0x10
[  340.260604][    C0]  vm_mmap_pgoff+0x281/0x450
[  340.260619][    C0]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  340.260634][    C0]  ? __fget_files+0x20e/0x3c0
[  340.260648][    C0]  ksys_mmap_pgoff+0x32c/0x5c0
[  340.260661][    C0]  ? __pfx_ksys_read+0x10/0x10
[  340.260681][    C0]  __x64_sys_mmap+0x125/0x190
[  340.260702][    C0]  do_syscall_64+0xcd/0x4c0
[  340.260716][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  340.260729][    C0] RIP: 0033:0x7f1d6daab242
[  340.260739][    C0] Code: 08 00 04 00 00 eb e2 90 41 f7 c1 ff 0f 00 00 75 27 55 89 cd 53 48 89 fb 48 85 ff 74 33 41 89 ea 48 89 df b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5e 5b 5d c3 0f 1f 00 c7 05 46 40 01 00 16 00
[  340.260751][    C0] RSP: 002b:00007ffcdc5051e8 EFLAGS: 00000206 ORIG_RAX: 0000000000000009
[  340.260763][    C0] RAX: ffffffffffffffda RBX: 00007f1d6d7c1000 RCX: 00007f1d6daab242
[  340.260772][    C0] RDX: 0000000000000003 RSI: 0000000000002000 RDI: 00007f1d6d7c1000
[  340.260780][    C0] RBP: 0000000000000812 R08: 0000000000000003 R09: 000000000000d000
[  340.260788][    C0] R10: 0000000000000812 R11: 0000000000000206 R12: 00007ffcdc5052a8
[  340.260796][    C0] R13: 00007f1d6da80580 R14: 00007ffcdc505660 R15: 00000fff9b8a0a40
[  340.260809][    C0]  </TASK>
[  340.892966][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  340.899834][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc7-syzkaller-00034-g25fae0b93d1d #0 PREEMPT(full) 
[  340.911658][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  340.921727][   T31] Call Trace:
[  340.925013][   T31]  <TASK>
[  340.927953][   T31]  dump_stack_lvl+0x3d/0x1f0
[  340.932552][   T31]  panic+0x71c/0x800
[  340.936462][   T31]  ? __pfx_panic+0x10/0x10
[  340.940962][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  340.946332][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  340.952308][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  340.957672][   T31]  ? watchdog+0xdda/0x12c0
[  340.962076][   T31]  ? watchdog+0xdcd/0x12c0
[  340.966481][   T31]  watchdog+0xdeb/0x12c0
[  340.970760][   T31]  ? __pfx_watchdog+0x10/0x10
[  340.975423][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[  340.980620][   T31]  ? __kthread_parkme+0x19e/0x250
[  340.985640][   T31]  ? __pfx_watchdog+0x10/0x10
[  340.990308][   T31]  kthread+0x3c5/0x780
[  340.994381][   T31]  ? __pfx_kthread+0x10/0x10
[  340.998957][   T31]  ? rcu_is_watching+0x12/0xc0
[  341.003711][   T31]  ? __pfx_kthread+0x10/0x10
[  341.008286][   T31]  ret_from_fork+0x5d4/0x6f0
[  341.012868][   T31]  ? __pfx_kthread+0x10/0x10
[  341.017442][   T31]  ret_from_fork_asm+0x1a/0x30
[  341.022202][   T31]  </TASK>
[  341.025413][   T31] Kernel Offset: disabled
[  341.029717][   T31] Rebooting in 86400 seconds..