last executing test programs:

9m39.318133404s ago: executing program 0 (id=1):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/timer\x00', 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x4)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000002c0)='gretIpd', &(0x7f0000000480)='7:\xe8rs\xd2\x8a\x90\xc0&\x84\xdamO(\x1a\xdbu\x1f\x9a\xc2F\xeaH\xd6}&i \x88\xb3\x80\xa5z\xb2\'ne\xa57\xca\f\x00C\xa67\xf0l\xa7\xc4\xaf[\xdby\xce\xf5\xbbv\x01n~^Z \xe3\xdb\xa8\x8ex\xb0\x89\xb2\xa70\xfaa_\n\x9d\x9dXS\x05Ra\x7f\xb0,\xd0\x7f\xc7\xcbI\x06\xab\x93g\xd8\xaeY\x13g\xc6\xceq*\xa9\xfd\x05\xf8a\x8bM\xbc\x1b\re\xac\xb8]0\x0eF99\xe6\x1c\xb5\xe67/\x82A\x80i7\xd8<g\xc2h\xea\x87\x8e\xd9\xea\xfd\xee\x0f\xc1\x81n\xe8\t\xc8\b\xe40TX\xc5\xc9\xd7\f\xa6C\xbb\x02\xe1\xfd\xf0\xd4\x96\xa7\xf7\x8f\f\v\xd6\xd2=\xd2uF~k\xcc\x7f\xa4\xfb|+\x8d(\xbb\x81C\x93\xba\xb8\xed\x9d\xb5\xf2\x85\xc3\x0fp\xff[\x91\xd8)i{ \xbf\x1e\xf8\a\xe1\xa5\x80Ii\xce;H\xe2\x9cp\xb5\xf0\xcd\xe5\x86\x80\x134\xd4\xc6\xd2\xb8\x1fMa\xeb\xdd\n>\xc8\xcd%\fr\xfdx\xf8\xf0\xdb\xe4\x19]\x99\xe2\x8f.\xa7\x1f\xe0P\x00\x00\x00\x00\x00\x00', 0x0)
r3 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, &(0x7f0000000100)={0x28, 0x7, r4, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r3, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r4, 0x0, <r5=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r3, 0x3ba0, &(0x7f0000000240)={0x48, 0x7, r5, 0x0, 0x0, 0x0, 0x0, 0x3, 0x20ffa000})
writev(r2, &(0x7f0000000280)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e204e227f000001925aa80020007b0009008003000000000000000000ff0000f03ac71002000000fffffffffeffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000440))
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101000, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x5)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x240, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x4010, 0xffffffffffffffff, 0x9ad2e000)
r9 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000400), 0x84080, 0x0)
ioctl$FBIO_WAITFORVSYNC(r9, 0x40044620, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
connect$unix(r10, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r11, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r10, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)

9m38.45358764s ago: executing program 0 (id=6):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x20001, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {}, 0x20000, 0x1, {0x0}})
close(r0)
listen(0xffffffffffffffff, 0x66c)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x6, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000001850000000000000000000000800000085000000050000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = io_uring_setup(0x54b3, &(0x7f0000000140)={0x0, 0x46c2, 0x20000, 0x0, 0xac})
r3 = syz_io_uring_setup(0x116, &(0x7f0000000200)={0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x0, r2}, &(0x7f00000007c0)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x44, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000022})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)

9m23.224438347s ago: executing program 32 (id=6):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x20001, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000000)=0x1)
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@multiplanar_mmap={0x0, 0x1, 0x4, 0x0, 0x0, {}, {}, 0x20000, 0x1, {0x0}})
close(r0)
listen(0xffffffffffffffff, 0x66c)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x6, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000001850000000000000000000000800000085000000050000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = io_uring_setup(0x54b3, &(0x7f0000000140)={0x0, 0x46c2, 0x20000, 0x0, 0xac})
r3 = syz_io_uring_setup(0x116, &(0x7f0000000200)={0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x0, r2}, &(0x7f00000007c0)=<r4=>0x0, &(0x7f0000000100)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x44, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000022})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)

9m8.357329484s ago: executing program 3 (id=60):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000100b060a4dcc25e800000109022400010000500009040002800200000009210000000122f804090581090000040000"], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000001c0)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="000706000000ff030902"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000340)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220508"], 0x0}, 0x0)
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f00000000c0))
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="380000003d000900000000000000000001000000040000001800018006002000054700000c002000060000000000000008000200a3f13055242e86ef511819a8c39a735a61412f8505948c55af583c4fd9770de3af356188434c34fd77deb3968340ebe14488c0ce5a6b0ed94dd709f70545adb30651c1fe33c3182f7cc2ae795c9aefa21e98edef822de37a6f7bf785dd87f44d5eb0f13acd798865b642457aa97051065cdd6d3dc0ddbec80a9afc81d0debb512d63a7f9f74d4695174717eeca30fbeecc8a7a255274c6bf6669e02241a872d0def2faffa44c3250cbb0dbfed32e80c58a1ed3708ca741bd206985ff0b446432d5a7d13bffe6833bb203933b09bc450c027afb230a", @ANYRES32, @ANYRES8], 0x38}}, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0x4048ae9b, &(0x7f0000000000)={0x2, 0x0, [0x4, 0x2, 0x559, 0x9, 0x0, 0xf, 0x8, 0x9]})

9m4.803461914s ago: executing program 3 (id=70):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000004c0))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r2, 0x0, 0x40000}, 0x18)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/43, 0x7ffff000}, {&(0x7f0000000480)=""/165, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x2aa, 0x0)
ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffc000/0x4000)=nil, 0x4000})
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
r6 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_SET_EVBIT(r6, 0x40045564, 0x4)
write$uinput_user_dev(r6, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0xf6, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffe, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x180d, 0x0, 0xae4d], [0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0xed0, 0x4000000], [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0e, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffe]}, 0x45c)
ioctl$UI_DEV_SETUP(r6, 0x5501, 0x0)
write$input_event(r6, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
r7 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
r8 = dup(r7)
r9 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r10, &(0x7f0000000880)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000840)={&(0x7f0000000700)={0xa0, 0x1, 0x2, 0x801, 0x0, 0x0, {0x5, 0x0, 0x2}, [@CTA_EXPECT_MASTER={0x4}, @CTA_EXPECT_ZONE={0x6, 0x7, 0x1, 0x0, 0x1}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x7f}, @CTA_EXPECT_HELP_NAME={0xe, 0x6, 'snmp_trap\x00'}, @CTA_EXPECT_HELP_NAME={0x9, 0x6, 'syz0\x00'}, @CTA_EXPECT_MASK={0x5c, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x14, 0x4, @local}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}}, {0x14, 0x4, @mcast1}}}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}})

9m2.144110846s ago: executing program 3 (id=74):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000780)={{}, 0x0, 0x0}, 0x20)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000000000000008000000000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000006c0)=@o_path={0x0}, 0x18)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x3, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x3, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0xc0}]}, &(0x7f0000001680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000001c0)="9e36d449b388dd965f7ade1a96dd", 0x0, 0x10700, 0xe8030000, 0x0, 0x0, 0x0, 0x0}, 0x50)

9m0.603963707s ago: executing program 3 (id=77):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0) (async)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
syz_usb_connect(0x3, 0x3d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000729158086311000292b80000000109022b0001020000000904a9"], 0x0)

8m59.088747826s ago: executing program 3 (id=82):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, 0x0, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd6578ae0b00442ffffc010000000000000000000000000001ff0200000000000000000000000000010421880b000000030800080008"], 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40026)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000240)="edf47c68c61c50ef4f5336f4b3dca3e89fffb4eb07a6ff9a3be58fb3e75de5bf0d52fede483b8dd2992bdb067d027ed9c05d890ebd9885a0f181b175e3e34ed8871aadf601b5284bbeeb209b7cb234458fab644785a5ef44d9dec8d555f12204fd668f1878f774e6fee6ceb8f35f2ad9db6e7e8ba2566728f3df5e6e45857664daefd58ab563274bd839933c8000d74fddbe01ef1fb136eee6d19ceff6477b6a060cdbfec463a991a3f7286ff52c3b8ed4576e2fd706cbb9fc94825396229166dd5a356ca06bfd9b5fd6da1e3f36eec5ad0cc475fe8842", 0xd7}, {&(0x7f0000000340)="973623c6b83fe507f83d96a0114808e3189584ef5763d1c6b9190bbfc67d32e55d81a6e856668f1777225116cc0a857edadd2aed9369a0c9ac4fc3077288bfd02c2359581422539cab4d2590e1bbbc1ec393065f3412a83e45ff0421689e6deef2f41311e46df7881432e5694f1b43a6c3901117ecea613fb8db5f0fa4405e", 0x7f}, {&(0x7f0000000640)="c529ee1bfc30c07bea83105daea18def5f6c5ee5b0c36a70d4103c78c4f190bf2533bc58a6c18527b003df7f0aa14386ddbf8b042b1221e8be2ca9cd8641456a5682416f565c4aa3bcad8aa6c8360e6311dc5847f488071012f4050819038b82f31be5150bc80754ee13e1d63b574871ac5d7bc9401d1bcfa30c2c22bc2c40ad7aac522b0e19050115d832cd819542181e3df2212cf4cd8e29c3d44ef502e8a71431e6fb18d944", 0xa7}, {&(0x7f0000000700)="5f421c02d2c4496d19ceb040c680d8c6e0308601e1a5342012dfe69be84eddb5fd9af19eeec9723fcd4a1a39acd792c51d74de97728472d808796a471f560ab96d41b930d2ea43a73366bc99c353684ae0407de0433695a2efdadedda77ef7affff494948ad78368128e1bb01bc821e91d4c423e54744c452b6c37afa2b3ac61e3d6a4a0f70ec1a40d7cb62fd043bf35a3d100bc16276a2c98121fd909239de67868b9", 0xa3}], 0x4, &(0x7f0000000580)=[@cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {r1, 0xee00}}}], 0x60, 0xa731bb6d440cc94c}}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000004d00)=[{{&(0x7f0000000800)=@ax25={{0x3, @netrom}, [@null, @remote, @netrom, @default, @bcast, @remote, @default, @bcast]}, 0x80, &(0x7f0000000880)}, 0xf3}, {{&(0x7f0000000c00)=@sco, 0x80, &(0x7f0000000f40)=[{&(0x7f0000000c80)=""/90, 0x5a}, {&(0x7f0000000d00)=""/248, 0xf8}, {&(0x7f0000000e00)=""/78, 0x4e}, {&(0x7f0000000e80)=""/175, 0xaf}], 0x4, &(0x7f0000000f80)=""/244, 0xf4}, 0x6b7}, {{&(0x7f0000001080)=@rc={0x1f, @none}, 0x80, &(0x7f0000001480)=[{&(0x7f0000001100)=""/167, 0xa7}, {&(0x7f00000011c0)=""/16, 0x10}, {&(0x7f0000000900)=""/235, 0xeb}, {&(0x7f0000001300)=""/231, 0xe7}, {&(0x7f0000001400)=""/121, 0x79}], 0x5, &(0x7f0000001500)=""/4080, 0xff0}, 0x1000}, {{&(0x7f0000002500)=@in={0x2, 0x0, @loopback}, 0x80, &(0x7f0000003980)=[{&(0x7f0000002580)=""/187, 0xbb}, {&(0x7f0000002640)=""/60, 0x3c}, {&(0x7f0000002680)=""/163, 0xa3}, {&(0x7f0000004f40)=""/4096, 0x1000}, {&(0x7f0000003740)=""/84, 0x54}, {&(0x7f00000037c0)=""/102, 0x66}, {&(0x7f0000003840)=""/132, 0xca}, {&(0x7f0000003900)=""/100, 0x64}], 0x8, &(0x7f0000003a00)=""/4096, 0x1000}, 0xc0}, {{&(0x7f0000004a00)=@isdn, 0x80, &(0x7f0000004c40)=[{&(0x7f0000004a80)=""/170, 0xaa}, {&(0x7f0000004b40)=""/246, 0xf6}], 0x2, &(0x7f0000004c80)=""/73, 0x49}, 0xe09}], 0x5, 0x2, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x1)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000fe3000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000400)=ANY=[@ANYRESOCT=r0])
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r6, 0x4068aea3, &(0x7f0000000000)={0xbe, 0x0, 0x1})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e23, @empty}}, 0x0, 0x2, 0x0, 0x0, 0xa17433da3c5d69a5, 0x2, 0x81}, 0x9c)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r8, 0x4068aea3, &(0x7f0000000040)={0x74, 0x0, 0x44})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r9=>r8, {0xee01, 0xffffffffffffffff}}, './file0\x00'})
r10 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="85000000080000004e00000000000000850000007d00000095000000000000007ab9e683b171b4b09980af6c1ebeda4ac0d3e3aa71a9ab17e14e1b0be949499ca6a5b2c467b6d3d1c0ae1e9820331afd90cc832c761aa3adf9be48c401c7f893694bf8cd19b7173cd4688904f7310af046fd490d3f2cf49b5f68aecf0bc659dc3d53c2"], &(0x7f0000000140)='GPL\x00', 0x0, 0x99, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @flow_dissector, r9, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000440)={r10, 0x0, 0x11, 0x0, &(0x7f00000007c0)="61df712bc884fef053a7a9a26e9b722780", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

8m58.679773459s ago: executing program 3 (id=85):
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x22048854, &(0x7f0000000200)={0x2, 0x4e23, @empty}, 0x10)
syz_emit_ethernet(0x86, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x4, 0x0, @empty, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {}, {}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {}]}]}}}}}}}, 0x0)
sendto$inet(r3, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0x2acf, 0x11, 0x0, 0x27)

8m58.364303665s ago: executing program 33 (id=85):
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x22048854, &(0x7f0000000200)={0x2, 0x4e23, @empty}, 0x10)
syz_emit_ethernet(0x86, &(0x7f00000010c0)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x4, 0x0, @empty, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {}, {}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {}]}]}}}}}}}, 0x0)
sendto$inet(r3, &(0x7f00000012c0)="0c268a927f1f6588b967481241ba78600a34f65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03859bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b037511bf746bec66ba", 0x2acf, 0x11, 0x0, 0x27)

2m0.369862319s ago: executing program 2 (id=1532):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
symlink(&(0x7f0000000440)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
readlink(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000200)=""/62, 0x3e) (fail_nth: 4)

1m59.87996444s ago: executing program 2 (id=1533):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000400)={'wlan0\x00'})
sendmsg$NL80211_CMD_GET_SURVEY(r0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000800}, 0x0)

1m58.977911414s ago: executing program 2 (id=1536):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\a\x00'], 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000240)=@assoc_value, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x1, 0xf6, 0xf0, '\x00', 0x6})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x40000070, 0x0, 0x6}]})

1m58.661123141s ago: executing program 2 (id=1539):
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
syz_init_net_socket$nfc_llcp(0x27, 0x0, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
bind$unix(0xffffffffffffffff, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = socket(0x840000000002, 0x3, 0xff)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0xce24, @remote}, 0x10, 0x0}, 0x2404c854)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r4, &(0x7f0000000180)={0x0, 0x4d, &(0x7f0000000240)=[{&(0x7f0000000280)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f4080003000601000004000200110000", 0x5b}, {&(0x7f0000000680)='\'', 0x1}], 0x2, 0x0, 0x0, 0x1f00c00e}, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="2b3700000000000000f8f675df59eb66da9dd197ba3aeb0f10446c0246dd314a6337445e4b63a3667fbe0d49016df0852a24a306ed40253d3aaa6e711b786abbac797dc8218b810aa78ac4311c906e198ba9761185459a86229a2cb03ed51ed8017af00449de05335a9e194b7c51f1fcc30ce020861cfd57b519607a557651d192b891cd79a3f5a2bae9913054eb66e1f0ef5a83e99e6e797c5c8410f5fe8458909e67bbda13b0e47e05c36db55d71e03b7139b36489b49c3bc13783690188ea2d1e4386b32a68b498a29dff47126d79118bcdc9d6efe96cf6823bea0d1b7d025a4f1660ff3c653379f52fbbf2529e0500868dcbeb27a0c10758000000011409f1000600000000000000070000000500000000020000000000000700000000000000080000000000000004000000000000000010000000000000ffffffffffffff7f0500000000000000ff01000000000000000100c91000000000000000000000000000000001914fbadf3e8c018e75e65ec84a9d9f39d447e02a4f3d26a98478d8387fa904df551abedc8b6afce0a1313c37b2b733332cd6a71f0ef7841e7b2204c2ceccc7238d38b108ca16b507154e153cf05eb45a1f0103000000001f359ade"], 0x1c8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x211)
connect$inet(r2, &(0x7f0000000540)={0x2, 0x0, @dev}, 0x10)
sendmmsg$inet(r2, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x300, 0x401eb94)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TCXONC(r7, 0x5411, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000280))
socket$nl_route(0x10, 0x3, 0x0)

1m56.214289175s ago: executing program 2 (id=1542):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000002c0)=ANY=[@ANYBLOB="280000002100010000000000000000000200000000000000000000000c000c400000000000000004"], 0x28}}, 0x0)
dup(0xffffffffffffffff)
r1 = socket$inet6(0xa, 0x806, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c)
listen(r1, 0x3)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010101}, 0x10)
connect$inet(r2, 0x0, 0x0)
shutdown(r2, 0x1)

1m56.030549097s ago: executing program 2 (id=1543):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="5c000000020601020000000000000000000000000900020073797a31000000000500ee8c019b1d7683010007000000050005000a0000000c00078008001240ffffff2c706f72742c6e65740000000005000400000000f8"], 0x5c}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$alg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
read$alg(r2, &(0x7f0000000000)=""/35, 0x23)
pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1500000065ffff0900000008003950323030306e7523130e007dcc3c3aa7af2b13a09c8d0b31f483bdd077e0d1610c72cfd04613eb2f94d1d4e2dcacdc1e5727060cd72074efe8e4979e40c0a8fb8553a462f5a0754b2c4c6e4e0500b12ac379bc3e8769a5170b0cbddd654361e9c77d16b9e7174fccfc9db45bfceba4de4505b1195de33ee21cc4ffe367d59e76574b5929124c70cd06ce09ebb0370aa65951d7ae81fbf8d462435f7dff4b830560b3609747d24903c945f1c27763f7c3fc6a6fb54ce76182076d34dd2ae1436c8119545536f2d9f8a93711813d0f4589ba042d2102000000beb3a48eba3d77b2557f88292cec397809be69da469bd4fbbf4ee0be48e844dc21ec558aa033ea040580"], 0x15)
sendmsg$SOCK_DIAG_BY_FAMILY(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[], 0x1bc}, 0x1, 0x0, 0x0, 0x8884}, 0x10)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001000000000000000040001100010000000008000000000300000a00000000000000"], 0x28}}, 0x0)
r5 = signalfd(r4, &(0x7f0000000280)={[0x1]}, 0x8)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r4)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r5, &(0x7f0000000e80)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000500)={0x928, r6, 0x200, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_FUNC={0x30, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x5}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x5}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_TYPE={0x5, 0x1, 0x1}]}, @NL80211_ATTR_NAN_FUNC={0x8e4, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SRF={0x310, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF={0x103, 0x2, "b18036c5e0dd7178d290ece260b190403b0d6e8db7908e3e7c67929fc81f1ab038c2e7df5e03ef459ff4ea13a46b0cecc55154f9a301bc84a43e8bbedc7b8b9ca441e335feed215333659aea152f52436c58ac8fd10d9fd8bbf5b0e9b139ac2d0b04edb0059e07c694fae0b0b9789ed3fd3caecae9bf3b644771edef2b849f1cae53b3b1a0f72996b323cb65766debbab1a1cd8fc05f991d2e772adca0c7dce76af92bfb06baa1f7e7730561bf89815ede6a4061d8ac69c786c65e64d8d386413dd9432ad7a6559a2236f86dba79f247d331aa48c17ec82b6eb82826ba3ebd6d09ce3dc905cdeee52ba0d072b3bd9527e43e3bbf30bdb55ad23f7931353897"}, @NL80211_NAN_SRF_BF={0x103, 0x2, "fb77638a66c2338c1e089e66dc32b085bbb77e84a94ac69f93ac043bf1d6625507e58ad591a5ec38ec217f42ad981669aa499777a36c0f9d3f6e3024ce544426061c3704d5d291257f54e195045a98f5b01dbea31be6d176b159b1a035d671157920f20f4ae6dc8b3255651d852bc04a28c2cbc11b771d7c405c86a1cb6808617290e4cf9b19dc65fca8db172df94d75f3e9e594e1134dbb490ca7062c6ec3ab639e9dcf4cedb7de1bf24507c0fc7316322fcafd1f6732af888765d534daa1354444df38b0f886ae52f14ef5c45f5b8002689207de3c4c292355a81caf1b54dc1122dfc7a53a8fb84704a87f49d6d48e54148381b9b6d1ff8dffea79daad82"}, @NL80211_NAN_SRF_BF={0x103, 0x2, "8681f2b360bc70aecf4ec9629f8a31f585e68e7bcf097b7ddc84cb6ed3cd1e73184bc4cb4c8d8116c9c22d025206e8d9f0e7d0bc0d3972ba3c999252dfdb5dd3ecf19bfb6aa5a18666f30d7ac9121f13259d2630d5175ae5380a6e83adaa867c9862b7ed67202eec66ff53f68884af1305f63b6b184dfce42eb090c7b6b5d5c0e22a6906aedb9b6e69c5e616ce6f8e77946701a1eabe4c2be66ec8274e7f7ef6429ffeb5645396fe7b62841f944db9fd27640c27f733b8c69b7bdcc729aaadd9e0d08386c4139f1e99dc9a8bb6cc27dc7d25cb014502a765578417b68b5d6c54a937e4d4f776ac707aeef9409909a346016c9fb2fed37b509076853b8788e3"}]}, @NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa, 0x8, @broadcast}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x5c4, 0xd, 0x0, 0x1, [{0x102, 0x0, "62160cc22f8ca4e6475524e8ec9997f8ec6f782d61ac79513cfba4b03926fbf4d9b1d5b9ce99895787e4b8a759a223799c96860fb5fa49f9a377f2f46591590c930b84dfa5734480629f626a700430d552a043a5c596b14a0b6af4c2ec0857f54c1b2b0fbb2858f690426ee5ddcc192a9c4cf217baadc6e5134dd8f9283e5a21e45d2198992b7d30df9570e21d1aa4421f9d14bce336ee19e521978b87ca6a66506df4f9b0569a290713f583762edf33958859ba72457d5e7811c33da7894522cb55202d09288f7ca8800c6d7f5b51e504417acea61872fbf5da4a6efc4a6d71ba10f2448bdb24e56f1bde8d9610e6f75b251d5fe4babed0ee66c3a55039"}, {0xcc, 0x0, "dac3419d057de89e31eed6df70851169fe1125510441c7578d7bf377d3451693ced67e5b94a6180dc79001cc368491f9da614de35f2c1538cc2bda5cd94a9c2485fa2fd4f67beb8f5b0dff1b9c9314fe374061e4f24fb068c509fb36255b382ebe75cf122f2690356295ba27ca0e98e0f65b49aa6fbf52707038e4b5f21a831cae25f4208122ade02bd9039c2d0ed6f81c033fcc0396d3a2eaab303ab767bdc34491fb91d351f0901b393251e6feb324e160d18487900766eb0bfbdef2398bc4c4d3bf42618d29a1"}, {0x9, 0x0, "04f5bf26db"}, {0x71, 0x0, "66223beeeac97a6b431bb865649ee263a371bd7cc964b3590fa8a8de722261d1a0fd21e4c9e31fbf3145561772856c6a438bcffbe67fd0e5ab4e9ed6e1bc9f59832ae7bafebcedaadc6a4313cdb65cc6df0d18d960cc7d7dfa67c64d2acb0f95114d6199a41237f030acd834c8"}, {0x78, 0x0, "53b3bdd5189efa90ee250a875068fa2c8a85fe7db29fd72dc4e4482b477499545ea1f42395d466906bee214e2acb406f8891ae007ce451ae90e4a1315378fac9135b5d5189a193d1a96eedc3f814a145bc32102f3992b59e9047c02ea2f93e12efdc068d57ab6289db43459c3e45b27c2391279e"}, {0xe, 0x0, "b9c714c9feed44b82526"}, {0x83, 0x0, "729aa556af6622c9ca4f7f4363268e59515815a292564f843ddf310a668e272751a77e4ac07aef2a3c27e21ad2a853bffe430879355655172c00185f6c787aa48ad376eb9630a8ea14151db2d5f013b5762d53893cabc7028639a002fe68798382b60ec290a634db58864a1adc6fc18543eb3299e7ed22a85d47910037554f"}, {0xbb, 0x0, "9bb348ebadfaa4d3fde179bed18c2a8770ef99e9026af5838e1b9ee85315e98af39f011448d675393928a33d0ec683c8673792d07055c7329176beb2fc7444cd468c4425a46f34a8eead268d017e6569af876fae45d7cfa34437caf500753a10df0bbe470e260261c6866ad758ee726b2c74a748364a5b3636e2211d2ab4298767396f25286d1741fe5bdac873921bc7038f91fbcd667c8e195c4391981e5bac753440fbb4789799c72ad3b922e27bd03a5095285c8e0e"}, {0xb8, 0x0, "9182ca98819c4260120af351ea303d4d64cd35031437bb9d48721b21a89417ef9b392b39f6a2ce02f170021a6d428332e8e755f1253318f15821eafe74eb186a64b50d936a87eb448c262bb1c0699aa52dd91c7122de3e18e6947a74b8a92f1795b348c9e1f31a81a40026e32e6b85e1fb20cb4551d2ad1aeda8a3f2b633906a8a3892935d7885f36a1568ff22c22296e7c5a8346fe20098d962444d46e83d15b20b06b6d1aab4f933435581431b658eda48a182"}, {0xed, 0x0, "024997362c16d5c67a3c9c376ce330d9e44bd81a8791b202cbe67cff6103828185bea0e2912d8437605614dba4d54e2ede96b521cefad4d9594dfea5b34730d7bb05ee442ab3aefc677fb916eccdb9b9842c100c8fd7956e589794976ee0fa853985317d8eb0b0e70923e46a360185ecc8b67e4736ed6847b1dcbd8f46260be2227a68a99569d5d96731166b155e54193b3bbca6c8ab16ad6c2f43e9bf9e1744a485972a3a0e2579a3c4b2a1cac9532d03464f64cc5fa645e83c8475a8f6a0ba4403254ba7ee08980ae35bec86ae05a038c3806278b9d455bcd179808020e23afc169f5472d7892ded"}]}]}]}, 0x928}, 0x1, 0x0, 0x0, 0x20044040}, 0x20000000)

1m54.720272942s ago: executing program 34 (id=1543):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="5c000000020601020000000000000000000000000900020073797a31000000000500ee8c019b1d7683010007000000050005000a0000000c00078008001240ffffff2c706f72742c6e65740000000005000400000000f8"], 0x5c}}, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000200)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$alg(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
read$alg(r2, &(0x7f0000000000)=""/35, 0x23)
pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1500000065ffff0900000008003950323030306e7523130e007dcc3c3aa7af2b13a09c8d0b31f483bdd077e0d1610c72cfd04613eb2f94d1d4e2dcacdc1e5727060cd72074efe8e4979e40c0a8fb8553a462f5a0754b2c4c6e4e0500b12ac379bc3e8769a5170b0cbddd654361e9c77d16b9e7174fccfc9db45bfceba4de4505b1195de33ee21cc4ffe367d59e76574b5929124c70cd06ce09ebb0370aa65951d7ae81fbf8d462435f7dff4b830560b3609747d24903c945f1c27763f7c3fc6a6fb54ce76182076d34dd2ae1436c8119545536f2d9f8a93711813d0f4589ba042d2102000000beb3a48eba3d77b2557f88292cec397809be69da469bd4fbbf4ee0be48e844dc21ec558aa033ea040580"], 0x15)
sendmsg$SOCK_DIAG_BY_FAMILY(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[], 0x1bc}, 0x1, 0x0, 0x0, 0x8884}, 0x10)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001000000000000000040001100010000000008000000000300000a00000000000000"], 0x28}}, 0x0)
r5 = signalfd(r4, &(0x7f0000000280)={[0x1]}, 0x8)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r4)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r5, &(0x7f0000000e80)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000e40)={&(0x7f0000000500)={0x928, r6, 0x200, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_NAN_FUNC={0x30, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_PUBLISH_TYPE={0x5, 0x3, 0x5}, @NL80211_NAN_FUNC_FOLLOW_UP_ID={0x5, 0x6, 0x5}, @NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE={0x4}, @NL80211_NAN_FUNC_CLOSE_RANGE={0x4}, @NL80211_NAN_FUNC_TYPE={0x5, 0x1, 0x1}]}, @NL80211_ATTR_NAN_FUNC={0x8e4, 0xf0, 0x0, 0x1, [@NL80211_NAN_FUNC_SRF={0x310, 0xc, 0x0, 0x1, [@NL80211_NAN_SRF_BF={0x103, 0x2, "b18036c5e0dd7178d290ece260b190403b0d6e8db7908e3e7c67929fc81f1ab038c2e7df5e03ef459ff4ea13a46b0cecc55154f9a301bc84a43e8bbedc7b8b9ca441e335feed215333659aea152f52436c58ac8fd10d9fd8bbf5b0e9b139ac2d0b04edb0059e07c694fae0b0b9789ed3fd3caecae9bf3b644771edef2b849f1cae53b3b1a0f72996b323cb65766debbab1a1cd8fc05f991d2e772adca0c7dce76af92bfb06baa1f7e7730561bf89815ede6a4061d8ac69c786c65e64d8d386413dd9432ad7a6559a2236f86dba79f247d331aa48c17ec82b6eb82826ba3ebd6d09ce3dc905cdeee52ba0d072b3bd9527e43e3bbf30bdb55ad23f7931353897"}, @NL80211_NAN_SRF_BF={0x103, 0x2, "fb77638a66c2338c1e089e66dc32b085bbb77e84a94ac69f93ac043bf1d6625507e58ad591a5ec38ec217f42ad981669aa499777a36c0f9d3f6e3024ce544426061c3704d5d291257f54e195045a98f5b01dbea31be6d176b159b1a035d671157920f20f4ae6dc8b3255651d852bc04a28c2cbc11b771d7c405c86a1cb6808617290e4cf9b19dc65fca8db172df94d75f3e9e594e1134dbb490ca7062c6ec3ab639e9dcf4cedb7de1bf24507c0fc7316322fcafd1f6732af888765d534daa1354444df38b0f886ae52f14ef5c45f5b8002689207de3c4c292355a81caf1b54dc1122dfc7a53a8fb84704a87f49d6d48e54148381b9b6d1ff8dffea79daad82"}, @NL80211_NAN_SRF_BF={0x103, 0x2, "8681f2b360bc70aecf4ec9629f8a31f585e68e7bcf097b7ddc84cb6ed3cd1e73184bc4cb4c8d8116c9c22d025206e8d9f0e7d0bc0d3972ba3c999252dfdb5dd3ecf19bfb6aa5a18666f30d7ac9121f13259d2630d5175ae5380a6e83adaa867c9862b7ed67202eec66ff53f68884af1305f63b6b184dfce42eb090c7b6b5d5c0e22a6906aedb9b6e69c5e616ce6f8e77946701a1eabe4c2be66ec8274e7f7ef6429ffeb5645396fe7b62841f944db9fd27640c27f733b8c69b7bdcc729aaadd9e0d08386c4139f1e99dc9a8bb6cc27dc7d25cb014502a765578417b68b5d6c54a937e4d4f776ac707aeef9409909a346016c9fb2fed37b509076853b8788e3"}]}, @NL80211_NAN_FUNC_FOLLOW_UP_DEST={0xa, 0x8, @broadcast}, @NL80211_NAN_FUNC_RX_MATCH_FILTER={0x5c4, 0xd, 0x0, 0x1, [{0x102, 0x0, "62160cc22f8ca4e6475524e8ec9997f8ec6f782d61ac79513cfba4b03926fbf4d9b1d5b9ce99895787e4b8a759a223799c96860fb5fa49f9a377f2f46591590c930b84dfa5734480629f626a700430d552a043a5c596b14a0b6af4c2ec0857f54c1b2b0fbb2858f690426ee5ddcc192a9c4cf217baadc6e5134dd8f9283e5a21e45d2198992b7d30df9570e21d1aa4421f9d14bce336ee19e521978b87ca6a66506df4f9b0569a290713f583762edf33958859ba72457d5e7811c33da7894522cb55202d09288f7ca8800c6d7f5b51e504417acea61872fbf5da4a6efc4a6d71ba10f2448bdb24e56f1bde8d9610e6f75b251d5fe4babed0ee66c3a55039"}, {0xcc, 0x0, "dac3419d057de89e31eed6df70851169fe1125510441c7578d7bf377d3451693ced67e5b94a6180dc79001cc368491f9da614de35f2c1538cc2bda5cd94a9c2485fa2fd4f67beb8f5b0dff1b9c9314fe374061e4f24fb068c509fb36255b382ebe75cf122f2690356295ba27ca0e98e0f65b49aa6fbf52707038e4b5f21a831cae25f4208122ade02bd9039c2d0ed6f81c033fcc0396d3a2eaab303ab767bdc34491fb91d351f0901b393251e6feb324e160d18487900766eb0bfbdef2398bc4c4d3bf42618d29a1"}, {0x9, 0x0, "04f5bf26db"}, {0x71, 0x0, "66223beeeac97a6b431bb865649ee263a371bd7cc964b3590fa8a8de722261d1a0fd21e4c9e31fbf3145561772856c6a438bcffbe67fd0e5ab4e9ed6e1bc9f59832ae7bafebcedaadc6a4313cdb65cc6df0d18d960cc7d7dfa67c64d2acb0f95114d6199a41237f030acd834c8"}, {0x78, 0x0, "53b3bdd5189efa90ee250a875068fa2c8a85fe7db29fd72dc4e4482b477499545ea1f42395d466906bee214e2acb406f8891ae007ce451ae90e4a1315378fac9135b5d5189a193d1a96eedc3f814a145bc32102f3992b59e9047c02ea2f93e12efdc068d57ab6289db43459c3e45b27c2391279e"}, {0xe, 0x0, "b9c714c9feed44b82526"}, {0x83, 0x0, "729aa556af6622c9ca4f7f4363268e59515815a292564f843ddf310a668e272751a77e4ac07aef2a3c27e21ad2a853bffe430879355655172c00185f6c787aa48ad376eb9630a8ea14151db2d5f013b5762d53893cabc7028639a002fe68798382b60ec290a634db58864a1adc6fc18543eb3299e7ed22a85d47910037554f"}, {0xbb, 0x0, "9bb348ebadfaa4d3fde179bed18c2a8770ef99e9026af5838e1b9ee85315e98af39f011448d675393928a33d0ec683c8673792d07055c7329176beb2fc7444cd468c4425a46f34a8eead268d017e6569af876fae45d7cfa34437caf500753a10df0bbe470e260261c6866ad758ee726b2c74a748364a5b3636e2211d2ab4298767396f25286d1741fe5bdac873921bc7038f91fbcd667c8e195c4391981e5bac753440fbb4789799c72ad3b922e27bd03a5095285c8e0e"}, {0xb8, 0x0, "9182ca98819c4260120af351ea303d4d64cd35031437bb9d48721b21a89417ef9b392b39f6a2ce02f170021a6d428332e8e755f1253318f15821eafe74eb186a64b50d936a87eb448c262bb1c0699aa52dd91c7122de3e18e6947a74b8a92f1795b348c9e1f31a81a40026e32e6b85e1fb20cb4551d2ad1aeda8a3f2b633906a8a3892935d7885f36a1568ff22c22296e7c5a8346fe20098d962444d46e83d15b20b06b6d1aab4f933435581431b658eda48a182"}, {0xed, 0x0, "024997362c16d5c67a3c9c376ce330d9e44bd81a8791b202cbe67cff6103828185bea0e2912d8437605614dba4d54e2ede96b521cefad4d9594dfea5b34730d7bb05ee442ab3aefc677fb916eccdb9b9842c100c8fd7956e589794976ee0fa853985317d8eb0b0e70923e46a360185ecc8b67e4736ed6847b1dcbd8f46260be2227a68a99569d5d96731166b155e54193b3bbca6c8ab16ad6c2f43e9bf9e1744a485972a3a0e2579a3c4b2a1cac9532d03464f64cc5fa645e83c8475a8f6a0ba4403254ba7ee08980ae35bec86ae05a038c3806278b9d455bcd179808020e23afc169f5472d7892ded"}]}]}]}, 0x928}, 0x1, 0x0, 0x0, 0x20044040}, 0x20000000)

9.147930361s ago: executing program 1 (id=1954):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)

9.068572336s ago: executing program 1 (id=1956):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r1}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff) (async, rerun: 64)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8) (rerun: 64)
close(r3)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) (async)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x10040) (async, rerun: 64)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0) (async, rerun: 64)
r4 = syz_open_dev$vim2m(0x0, 0x6, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r4, 0xc100565c, 0x0) (async)
r5 = socket(0x10, 0x3, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="120100008dc83140300860002b1301020301090212f801010000000904"], 0x0) (rerun: 64)
syz_usb_control_io$cdc_ecm(r6, 0x0, &(0x7f00000001c0)={0x1c, &(0x7f00000000c0)={0x20, 0x1}, 0x0, 0x0}) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async, rerun: 32)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x8, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (rerun: 32)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f0000000840)={r8, 0x0, 0x0}, 0x10) (async)
syz_emit_vhci(&(0x7f00000005c0)=@HCI_VENDOR_PKT, 0x2)
syz_usb_connect(0x3, 0x4f, &(0x7f0000000d00)=ANY=[@ANYBLOB="12010102fcfc9008b80421054a150102030109023d00010002c00009047abb04930a9607090582ffffff0703060915000000020ae13309050c1020000f6800070595be474b7409050602"], &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0}) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r7}, &(0x7f0000000300), &(0x7f0000000400)=r1}, 0x20) (async)
syz_usb_connect$printer(0x3, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0xff, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xee, 0x80, 0x3, [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x7, 0x1, 0x3, 0x2, "", {{{0x9, 0x5, 0x1, 0x2, 0x400, 0x0, 0x1, 0x5}}, [{{0x9, 0x5, 0x82, 0x2, 0x40, 0x3, 0xb, 0x40}}]}}}]}}]}}, &(0x7f0000000400)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x110, 0x1, 0x5, 0x3, 0x20, 0x3}, 0x108, &(0x7f0000000280)={0x5, 0xf, 0x108, 0x6, [@generic={0x71, 0x10, 0x4, "d6541c0767e3b32c2cc79634dc4e7fb0b83a36811c2e6a60686376e877fede7da2fd6e66adc47f1bb718a6cfaa7a3760c70b3c92c911485949d35b72391694643867b384a094c1711c811e00443281cb47523a3ff7a5343bfa26ee562c46ecb494e1c55cc304bcae73535e770d0d"}, @ss_container_id={0x14, 0x10, 0x4, 0x9, "344f1e610f3b4284e46209fcfabffd9f"}, @ss_container_id={0x14, 0x10, 0x4, 0x3, "aa29f72f3a5ad500d9bc1ba948990f36"}, @ptm_cap={0x3}, @generic={0x5c, 0x10, 0xb, "f6b6176fad33b70f314d528afb4c92a307847e42ad4f374b9e4c05c256de2f9fa68efb3fbc658d8595e0300d1b677674361ab2a18638495f252be99bd632d6f240e64b36f036bd6874059c604e8d5850d724f89fafa28c5d6d"}, @wireless={0xb, 0x10, 0x1, 0xc, 0xca, 0x7f, 0xe1, 0x7, 0x2}]}, 0x2, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x2009}}, {0xfe, &(0x7f00000004c0)=@string={0xfe, 0x3, "08d6f6dfac32c54fed618efd4f554c6556a3cec94b0bb0dc77b6269138b4c162d28c5ddecf622ee71669b6572da7964c247795d4d60572fc481d937c5b4808a52b314ae98c6d02d769f9b9b35a7144e45bf8cb14b029201ad9c97eb8376e421056c47de485054e3a98881db8e093690a220f6467ee2b75c606b1a1249619a2cf65cb37fcf48e85819b29e03034ac2b6f6f6504ab6295206459622cd86386b48a41d9da36cc7f220a757cabfbb4b442b139bfffee29956ffed7d757432df2b3f014e30fe2eaf710b35870acddc193cf5ecea3dcf4a7336d4bb626a6e074e9176f1f57c1de59bf39a6579b7fc52fd38ac6e67603f429e56e1b834d9196"}}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='vm_unmapped_area\x00', r9}, 0x10) (async)
io_setup(0x7, &(0x7f00000001c0))

7.938727782s ago: executing program 6 (id=1959):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x2, 0x922000000001, 0x106)
sendmsg$inet(r1, &(0x7f0000003080)={&(0x7f0000000140)={0x2, 0x4e24, @empty}, 0x10, 0x0}, 0x2404c0c5)
setsockopt$sock_attach_bpf(r1, 0x1, 0x24, &(0x7f0000000000), 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000100)='net/route\x00')
read$FUSE(r5, &(0x7f0000002280)={0x2020}, 0x2020)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000002c0)='veno\x00', 0x5)
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x4e24, 0x18f, @mcast2, 0x110002}, 0x59)
write$binfmt_script(r4, &(0x7f0000000200), 0xfffffd9d)
r6 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000700)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x70, 0x70, 0x4, [@datasec={0x4, 0x1, 0x0, 0xf, 0x3, [{0x0, 0x0, 0x200}], "000420"}, @datasec={0x0, 0x6, 0x0, 0xf, 0x1, [{0x5, 0x5, 0x400}, {0x5, 0x9, 0x5}, {0x2, 0x5, 0x1}, {0x5, 0xfffffffe, 0xfffffffb}, {0x3, 0xfffffffd, 0x101}, {0x3, 0x4b97, 0x8}], "d5"}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x8c, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
syz_emit_ethernet(0x76, &(0x7f00000004c0)=ANY=[@ANYBLOB="fffffffffffb0000000000000800450000680000000000019078ac1e0001ac1414bb0500907800000000ac1414aa832b00e000000164010100ac1414aa00000000ac1e000164010101ac1414aa64010101ffffffff00000000890b0000000000ffffffff0000"], 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b40a000040000900000000000000000002000000040060809c0a01"], 0xab4}}, 0x0)
openat$cgroup_int(r6, &(0x7f0000000040)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0)
open(&(0x7f00000000c0)='./bus\x00', 0x1e5842, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x145542, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349bfd2})
ioctl$TUNSETSNDBUF(r8, 0x400454d4, &(0x7f00000002c0)=0x5)

7.885248996s ago: executing program 7 (id=1961):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000180)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x48000, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000702000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff6d6405000000000065040400010000000404000001000000b7050000400000006a0a80fe000000008500000053000000b7000000000000009500001000000000a80501363034fdb117168bd07ba00af739d1a1ee35fe163a255c33282044b32495ef8ab9adc67ccc945ff15d802f5132143c0a9fc7a84452569957c1002ed7d4d8e17f791f4798c8eb483e9973320d046c3126c6afcfd84de03352c69b3edff5be26765ba5f8f2879021c2ea53ea79acd7fb38dd1abb75aa393cea26d465637d11f79f361879473e7b7c4ae7dd5e4dee88518ddf12dddd4bfc6a4dd3b6beba51074229b0d4b504516c4c3e5d1aa044d8d068f253288e655c6b34e02e90637ef2912ba7de26ff2357ef17f95a25780c3a0578442926ef4e912f01a201e694e3806e8c8fe8b69524cd19f7525d8d66bb766f7f3f918c86a70252236800001897133af94a5a4cfc794d8b9d7c33632152c58eaf302f0b2e0c252b00000000000000006f1bbefbe08de65e3762e194ba4cae8b13535d7d11ee917bca4885bbf597a14ab2458efce78510d86272d88e0c8088f404f011289ebc5623faa1182632161e073af1d69a2e36bed435000025ecd201d2ffb0a7fa4f5d11060cdcf071defd0a8be3b69ce3e4f361aca75827426dde87fdf4617222674280f55e98107450c19b9d86329bd5b4697336112b0b8754ce3574046bf6114d1a88597850b77378fa8edfff8faf8b8ec039bab385cac0535373bb8fab90539b1a65ddff841eb671f7faf37ebdfccea0c002ad2b42047c9ec43193ccf617dbf8a12b4a189edbf9fb7c42b1f435ccd4d96822e6b70100912c92e3943e9c4f45d8bcd528fa8a3ea847f10e9b2506f3bb506f1d7fbdf8010000000000a073d0de5538ab42e170b3baae34c35987b0dda497ac3f5e97e6e6aeea15c6d5ed24310100000003bb6030f84b63aaf8690db0221b1705c501f802ff59b4e683efa4b6e77e042072bd2ac37d413008ec9eb8166f6e28b49a77ed91befc65315878f88a8fb1dd679fb4c5557abae6849917dc51a89d47b728502f7e621cc0e3ba04000000c149ee6601728c750d304165d39fd4afe683b2467c60e5b8eae897c22da8650579475afd96187d881e93b42a5fdfd686d8900c44c67133dad58037fda65885a15a429edfe3027a5ebf95254744f10fd607bc3300b94932b8d9447c4df6e21ee0e54f8be072e0b083bbd86b19cb074577a25ff581d92af08a06f857311a2f14326b0b290205e91a682e00c8762cbc6b904c980eef6e6a1def886c95676dce6a8194479700a02b92bdc8d05eae1f24fdd7b80d1bb404c22f681594de2ebb9687219de8d73ac83823feb402a2415a9850d5f0183ec67be96dc0e4c2d7acf1dfe79d6771903b76e21190c22d641030e1ddacf006c3116e1803af20a5f2b5f7ba58aca5bcabbbab24414a3810788e5503e4be66d683daac5f0001000077339b4200000000108a3c87b19d5b9a00c75d84a92d6dcf00ba96edf35ede0e2b57c26e94801b498924166bde57d5f24258d9fd028096cc15a8b912b494d4bbe609031ea1ca65a548971d5d16296dd08e9efb3e1e7a27310d5d01f8a8a0f5212d7f628f554afea715ccbc66cbb1016490f5d579308cb3188cf2fcaf67e0c16443d526ba4b968f07ae362c2133c168313e84beb871203880dd453c45d0a137d7f5a8b039dbfa62fb2b4214f8e69f967bf1fbd89e"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f0000000640)={@remote, @private0, @empty, 0x40000, 0x40, 0x300, 0x100, 0x0, 0x40180043})
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffffff, 0x0, 0x3)
r5 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r5, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x7, 0x0, 0x6, "75287ad1ee602ec4452a04ea7cdcd151bb2cd9893bc31f80718316d9bd3517076db9ad1f6a120d8be6d7f81cd81ec2757d0386e7d95f0669b740a5418d69d0", 0x10000000000001}, 0x60)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r2, 0xfeffff, 0x113, 0x0, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3fa67258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e1e68d16c2564c85f5556e18784113c493d13253e14d6eb891707fba3c30d07d5ee8619e4426cafec4cf6a3723c455d09b586b248", 0x0, 0xf0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet6(0xa, 0x6, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r1, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000", 0x17}], 0x1}, 0x0)

6.311768098s ago: executing program 1 (id=1964):
set_mempolicy(0x3, &(0x7f00000000c0)=0x7b, 0x8) (async)
r0 = socket(0x10, 0x5, 0x0) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000009500"/25], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$netlink(0x10, 0x3, 0x12)
r4 = socket$inet_tcp(0x2, 0x1, 0x0) (async)
r5 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
timer_create(0xb, &(0x7f0000000200)={0x0, 0x0, 0x1, @thr={0x0, 0x0}}, &(0x7f0000000380)) (async)
timer_gettime(0x0, &(0x7f0000000040)) (async)
ioctl$VIDIOC_S_SELECTION(r5, 0xc040565f, &(0x7f0000000280)={0x1, 0x3, 0xa, {0x7, 0x8, 0x2, 0x90000}})
r6 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r6, &(0x7f0000000ac0)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0, 0x0, 0x0, 0x0, 0xe0}}], 0x1, 0xff00) (async)
close_range(r4, 0xffffffffffffffff, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001280)=@newtaction={0x1678, 0x30, 0x1, 0x3, 0x200, {}, [{0x1664, 0x1, [@m_gact={0x1054, 0x13, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x0, 0x10e7, 0xfffffffffffffffe}}, @TCA_GACT_PARMS={0x18, 0x2, {0xfffffff7, 0xfff, 0x2, 0x1, 0x7}}]}, {0x1004, 0x6, "925deb47e6d79c94575670a75a280cdf37990b7984cf3afb43551285b94762f351bb85b083dc6a15d6deb70c43fca189f5c339e897e401ec5d041680d3ff649ac10787b0760d4ed79dc66e92a368255706cb5909f47d60c59fe55cd3676756cfa2e41d409f655e0428e277bd9359558fcf1a771c8ae0bcf6f4da448cca9f4073598c98647e676283dcc7415ca4f125863daee7bca27f75a3f59c682a5217195d7cefeda57f8f4c8f1c16e345daaadb866edaa37f92997d8e99fadcd44a44f1d324c90f0e8b47a3238cebf19aa81414dc40931fd1ac4391150571258dbd9099b69db44d2cf42c475aa540c883fc24f382e753c687c3a5eb16af888544e107441caa7c082efd2eb16ee792c9dff2006b3f13dee3f98a669f7e0b527702890ddcde2637354466e422968fa52fab7b9b465db4b05f0b6ea47578791150aafa386617568f024fa9a3d04bc12af37ff2e90978bd52ad6e917c283af52093398ea7117f7a544feba053bd69d9f3a670ea87dad986bc9627ae8b6c77ea94ba22eb90cef2ddb716ce7ef3c23a41b57ef0fbeddbc32ab019f7b4e5e0676dabc3115e1837ab6a70a5b41e9d4cc38e06e53fb1f2067541029962c3f43d194c3f7d7600e7d3fb4bd5b794e5df4e0450b8a05187e86207eba1fc73d72007d45b0e5e1e449ee7d2693ef7e6732d63c182a1e2c360617d0f7e499f1ec3dc9a83ac9ba18cd116c36f6a4b37de58c32f3a8088a9b758b3ed9b716bee1c73e2fb7aaa6ab034494faa6a638f86a0d50dabeb38ce3825d73c8be3d470439a7f3c6a38b4ef94e0f8c72c96915cf7f24b0cc1a69e6493d364f68e76d0d6c38da824347b1b094dff2c2d4e9cd5a89993462e10809165c8ed629b86481885cdd3bada4f01beec785fb74c7a2c940c6d190318a14355a1a0fd1f8d19c4b617a0aeb280df1f3f583651ef60879ccab2608f0502bd7d2ddc3e6679836f3e77c4799a317f62eba8ead94ca607c2a9595f4239c721f866fcc3fd11d05577a316c3f24175a1d543de95456bf0c85bbc9383057ada39a4e39c9c6b02106a25248151fb9a66e8d1595deacc34da7abff9fe6bee1eae0f6bb79a8fe17c37ac9c31490dcbca78d652c9355d5cf3fb4a861265817a7a64160687669c0458485e2ceafd836132e36723b15c5d5bf6b570f22998219d38c6c69710797c729104eb4a13ea57e3ba983622712e24a875dba91339f2d805c1bc59921b0ee4e83f00976c617ab9a224fae6ac1bd2086851fb3f79ad804ec933b7dc71dea6ee97f3fafea92edcf417dbbe79901b55a64b9a3685a57053b8674a5183cba04a33d7293bf9d844ef7820f20b2d3db29ec115cc0d8a03ea92c6af19edeee93cdf4e5bc4d381e04965f086f1c53498e3fab6e6e9a19e48555b2d91713437dc16f85c854159cb8b856cad7bb960bba1118f5fadc91b47158f9527051a37b2ab5f5f422a7d27e1ef00fb98ceb113ec29b7f71706e1640ba8e80700a2b0a9c6daa382d6aee4db5d5271b362f4519a6beb6196c4bb49f730319628f46ad4604728a6523e20bc5733807072373f6014614a44ab1a0943a7c85ab45f21363c7ec771a2f9d7db0128c94584a5e1f478a4b7d43d86be18328faa01d0f100597832a5d1e5e90b2d3f8e87224d1ec3e84870221525ce3bce8fbb27943b8bd4e663e77f1f2f7fe87ab091c4fc754617460f6e86ffe6a9983203568995aeed880c67201cadcf1766af786794d31b6f5f9969f43df0a72857ae12114ead7555d20a890a6678ee859bb40577bb62fe6dfbdb44f114571c6e2fae75a1e1685638cd3c80bc1d38cfeecdc6274d8b858d540ec137999a9e544a398fd085ea8a49603ed296d30b52257bf528d637dbaebfabf94217527e09b938c7429fac3619e6f5b8ddcf8b3e4e87fd01c7cbb31c55b3e7238fd0bd31a086911f73fb36172c7fdc6155ed707f19e4d48d9740f043f9a4c22bebae12d191a60056cbd74cafdbab051f5b598eaa3f3ada8a176191bb94fe5452333ddf55562d424501e3af80b0bb6ebbfbaf0f08328ea240ccd37b063b7e926f8f7e990af14e53285e555aa4fdef4d4bd8036901a20eca91d7329bc3eb106790ad064dcd3780d780b8aab7e041536a39925146651b9696c04ba811bb7d8a6a6daec8039b81cd95d136ea8a1c2cb6b7d4462dc8bcb4a14f4558ea6e7a2657ce58c047aefacfd690049ad4b1507518530328af2682d67da2a5fd63526533ef3ae63097ca6cef4cdb61deca757f310aec3d6b774f2f940216be099b6a38bc869370723d8a2d50dee7abcbe312c9aceadaed3ec6836991ffc9bb9d9bdc26182817aa1368d9993710fbda6efb4b992c01a564dc9475ed74137cae3ba6349f218e0dfa71f5c4790bd6ff95d30e92c251bdf3be27948408fca96c6301591630f123f2ae1c0f105a4cdea9ab84739bd6ba9aa0c8ac0d460badeb262e29871e9f29a3d042c47cba3d3f28cce3c467dc9d93dc11c108dfab1eb3218c05bf4631da2e6016538203735c8aead2654f07cfa6f6085e50d0964822ca01b50f81c8ae869173cefee4b4b3c7a35e398149af74032814dfdbc0e1635cc9e73d3f7c0268846ce577ed6d1cec162afed551b80fb100db88c244703afd425a74e890675586d87d9e05c7815d8ba74b0331c533ab7dd28ef454cff12e5ac3fc3eabadd2196f985600f99c24d76021bddb39588c2285666f7867e940e6742cbeb30524b1a5d7fa58d7fae77c2e137ea6acdabe4de7dd4e851647eacafd34130108d7c760862be87538e1828fe4c6248e8dc8df5e387143afcd84489b8c8f293e206b40ec75b7957b7dc58c77beded7b1ad42f1057636f94a2fc32c9b5226fa7819b3e4455522719be72f45fee835014cf5668ee96fc7e1959d1b1202920ba6ea2d2a9e38cb0d0a258878eecf6aa13a711d291465db6cac75dfbfa6014db655d56df011b4e5725f1390a48de10daf9bdda067f5ea33e3aad8d71e0a3fb48108adc0bf20facaca2e8a45f6710d73d67e10ef451e7af171b38e35734cf4491a3f489a4989afa125a4295d4d15179f29299a8d424681836ae4b0a903214b4b59379f608137bbde88b856a95e97810b5263789a14e3ef262409044414665ecc5da881bc6ae45ab8209ad51986b928552a84f1e8b4a3ab7350d7d34f261f49124d57235848657a3b5e896bc77897b17525c6393afbda3c380ee39620e1a221ecac53ea2d5b7d983a1557885829342260cc31d078ae86f3d817732e8fa656d982f031aab85868e8009fb905884b372212ec588594d9af11d4a2c7a5c55124fc15754e25974c539b847b965046218323bc8bf57da251b4789182063c2451ad6d8c2c62bc69a6273c1b0d110aef2aa00db2100cf27f250e27c970c037e996c7085596a080c6ffc7e6297803265c335701a711bd9e821c933823a54eb809380df67bfbf211d7ccbe48e908d7ca2897713d3861833674b13a466dde644119eeced27e4eadd8612b7c3976fea2a80a0c96c3ea73a8abb2819d8fd78baf8e2ae978e8821826c39d9586bd1a0ba6d8ccec4bf6aa340b335db0d48800a2ce01d3b1b97d26a1e47a3f5eac7f143366bb91085ed0346b52ffc5eca96575899a6ecf42f4325673cd3aa8400e0d1ec08dac0f12353b9fa67fbf7398b7a159434f8789d1e7c4b13c2a78f0d5c524c9691d446b51c8e3daec27fb678952c9d17ec6c51372bdd649b6030e318697099a021eee6c6a4f95a28e785823f78f9603fda3ae25012d331959fa391d1d5eda34d49549afd76531a98f07bea9da64a353d6eee2e50335a5b7fde72b8e94d078ab83b8de5d971a1ba616d99378cdb7f22b93e1aee832d625bf410e44f595ab05109c69a9378bfb41a8fd5e9c1e7fa56eab298dd71b5700dfdd29bc43f43c313fb57bb50cdc3f001712acb2b305e3170a27ffbc50dbed389650e1d36bb5946cb310b8f9775f6b32c5d08a1a7f8e234ed2a41d38abd0f7672a2eddec0f6aa9466285105eb4f5896b495cda64b5ef4ceb815ef693ddd22e5c4889f7cad807d913f2ffe2af17ff20825ce978766474ca11fe33acff3e260d73b48f2dd75557e5218ddf29061eef48941da27b867cbcb7796f210e30ad94c343d286d43931b08cdf8f36bc022bf95d243f1f71de8f12cd2f327cfc7a5b9ad3d37aa7f7b59e0bfd75e91ee92634036926f130ad7b897c420d61fab1c0dd300a04a64808d34239a009d2ff3c9dd0d989408935cc348e6a03bd7575d0d35240ff9351d8487d249ce565cfe6ae4fea0b7258a8f19ac83e5f877554e40334bf45e9367c1304bd8a80c42b0013ffc9e5e84d2b70f7d417481df0dad99274f912662e3db1137d627baa0b5cc4d147c542b866bb519dd7889f9008391eed349e889d6d72ed61839e024b7509068d04ce60c91d24067c952a2788dc611394cde382c8b99ea9fecdf2b5c3204a26319a68904685dea720e12d9c41004a97167a98d660e37aeb9070b62fbccbc5982faeba3fc0cafee3780693adc9682e38d386438bfce121d67b49eace64d8f2f99b9941e6ad63b7ae67cef21c285dc74667e4af39a7c13f70a834bcac10134ca86319a02c4780a0a735c061f73ac9360dd0a2ebc3d206bc59e2300551acc8def24a0b19832aa5313ce1df0727fe0188b9a6d59035ee401710a6d8c656d32f0020d89de291565f05dc93ec98365738b65694f4aeb117be73eab206180cddc9f5eb75fb1e319d6170e5ae721a80fa4f7908ed5f1ee099b946987b5a1a7ddbc147ee9aa3417ac89d84849a1437a3e5628031054a55aa4d01b375e75000dfbcf59072cb8d4543edfb7e6e33184c81d812f3ee4369463888adaf0d840cf098468863d0a7742e8d60cc2dd6c6f525a57ba84c238ec38b8d6e1c1288da43de9b86dc5a2d1b829d43ac7f3d0b4ef1ae5e9976d725a59bd768f3201846dc3e23490149eaa6706d029e813cdee2eb2fb079648a836db694c634ef8b52267b6ef211841a596dc9d2cee520f646dccbc1bf181fdcfb5aeec467b457fe20d834967e122474eaa7a2cc0a949e143248bd21614299e090fbd2987b129b5b064de5662ed1d7610ab69332c4873b5848a8b6e69482109a3e6abb494d5e3131b3482e2c97b666601f60b73d492a53f261373343987a0550162cf1ce628764fe199889589fb86811629330ce2f3df77872ab49fe991ecf96ce22e7c5a0ab722bac91eb9694f78d35d6c43609acfe9e43ff4de50dab81a07fa7500546fdcbfbd2b98f5a64f7711b84aeda285c2355ab93238f1d046b6777e8f0effbfe0566fc4a283cd841a7727ee39c09c00d2b1eedd2c838280ada654a4ce0002008446382fc286f52a25e6d442a22b21b71d387ffee6ecb2d0e1cbb7ab2522cf30c5ecbc642ccc225b59024f111d596f430aa15170eac87a727b3a66febbb518c5106b256de84db7c79ce7256e588f41472c5c3923c023c0e465e699b0d6eda597ff5978ef8b22bd9bc38404bee8d8976d5cd7804626e9428365396b7ef19c5354772376a6b02080ff9996ca90671efc9d360b9e76adbad84218ff7f01e68f788de8046fc6a6324b1610b77e7c581441d05f73e0de2115b0405168f47063ec42354ea46b7e4dc7aa7ff8b8743e86d41f347c0c568805754a39108ddd39bb5b4247d0671565f080ae01ee4275d085abc7d4142f3617ab95c5525c3808472d2e0730646b3cc9ddf4d4419a221edad1c88754e96a42fb0d2ee647847d916914db176a7ff42a41276480f0ca9a298d5e06eaf91500a4b044d1bb3d414299ac8377a31cc989e36"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_gact={0xf0, 0x1f, 0x0, 0x0, {{0x9}, {0xa0, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x3, 0x6, 0x7, 0x7, 0x4537}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x1842, 0xffffffffffffffff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x5408, 0xa44a, 0x4, 0xd, 0xec}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0xad1, 0x6}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1bf, 0x8}}, @TCA_GACT_PARMS={0x18, 0x2, {0xfffffff8, 0xfffffffc, 0x6, 0x2, 0x2}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x42a, 0x4}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x259f}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0xcd8, 0xffffffffffffffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x10b4, 0x5}}]}, {0x25, 0x6, "6f450bf32a595a96fa337dbdc669f2dd3dabf8f3a23222abe1c9dd4db864c5f323"}, {0xc}, {0xc, 0x8, {0x1, 0x2}}}}, @m_xt={0x3ac, 0xc, 0x0, 0x0, {{0x7}, {0x240, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8}, @TCA_IPT_TARG={0x71, 0x6, {0x5, 'raw\x00', 0x5, 0x3, "795cfa972f6910aa08786457f3205a5dd466bbc9d34692c4e678de2c0dd6f2698f378212cd3de2be5a39bcfe147990f4140c530addd183b232a1d12ae644421cafa858c60ed095"}}, @TCA_IPT_TARG={0x2b, 0x6, {0xfffd, 'mangle\x00', 0x82, 0x3ff, "ca"}}, @TCA_IPT_TARG={0x93, 0x6, {0x3ff, 'nat\x00', 0x14, 0x3, "55a77544d00095163e2ea6754ace47a7588fa06c0f0a449729d187ab71ac3a923d12f6f1b2b3ff21e167b142835e2d2be16d6a15b8f05d02565e9b94d6c760559f83efff8355df3571c889cf5c85ab9ca476531afd859d80598cc57f80fabf533c1502c5bedc1986f2"}}, @TCA_IPT_TARG={0x2a, 0x6, {0x7, 'filter\x00', 0x0, 0x4}}, @TCA_IPT_HOOK={0x8, 0x2, 0x2}, @TCA_IPT_TARG={0xca, 0x6, {0x2, 'security\x00', 0xe, 0xfffa, "c36ff0ac668568cabde921c8dc129fd5e5e20000000000000080e74838b5fb052aaeea2508cb28f22efafbe3af12f61b142edbfdeee75ffd5428c6600964c6398a94d031e46171273be9026501b308421b5c1e0d62845c6475bda1763421df9e125b74ce5bad543a1158f5dd6c50b185f8e16bb36ecdd3a515dab4906197f56cf5c9082839043f12dcf69455ecf9648801fad9c6145204a5130f2b219d8333ea"}}]}, {0x147, 0x6, "437105965391c6f5783fb27c38a7495e4877b8010926d457ce4c77c3008e364380daa3cf8ead421f2a91a539d00e67b66c83165a0b91ce76e81f748b6a683d3d89c73aa2f950905a96142da91117e6ccdedaf171f65a26966ec7bcdaf610ec5d80630f99821e9e5957ef8bbeaa1d09d14904ca459a35c7af266042597f20e5bfff7e667b4409d1e1efee12609f6e9c7040bd04fcf6cfe35ecbf6cdc884479646d7cbbd7cdbcaa0db8d150fa56f895aaab67a9e6eec4b4543b39e32bcb6efc415f4aa6565519fde5f86dce382db22af6d612d50a77a830319f481e1df95a8a694c47e2cf47d15ffca0579c9fbd2b111da614a5ccb8ed84745cf70ea272b82e58a4b626bca61cedc6f737329cd7cc2ea865d8c1279512e964fb1c583d754f461fb9b4ba999da95a635239e46fc65bb69233fc40917f8298811276aa646673879c7f8ccf5"}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_mpls={0x170, 0x10, 0x0, 0x0, {{0x9}, {0x60, 0x2, 0x0, 0x1, [@TCA_MPLS_TTL={0x5, 0x7, 0x6}, @TCA_MPLS_TTL={0x5, 0x7, 0xfe}, @TCA_MPLS_BOS={0x5, 0x8, 0x1}, @TCA_MPLS_LABEL={0x8, 0x5, 0xa5529}, @TCA_MPLS_TTL={0x5, 0x7, 0x4}, @TCA_MPLS_BOS={0x5, 0x8, 0x1}, @TCA_MPLS_TC={0x5}, @TCA_MPLS_LABEL={0x8, 0x5, 0x9e154}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x6, 0x7, 0x10000000, 0x3, 0xb}}}]}, {0xe8, 0x6, "78bdd277eaeabeb861f7ab03d37920f25d0a1c6d4f1ce389c0c066c08fc4515f98866d695f23e96a9362becf731a066547e6db70a3e36c76a4999a356b4b7ec725eab0eba8c406a0817a807bdb4e6d3ce0d603e90f77c5f4b77a2e4682836512081b7eab0b96778630fa701b83cbef36acc8f38f81c74c7cd7f9815578c66dd2216255b29c01d22727196d6e0adab0fcb647b06bfa58ba103aa60315506825352c623df8ce91d496ca4a3e67bc307a8594f858187280461ea8bfed5b70e7c8f76242e7ab5befa3c894006def4359fbf681ab659e1c2fb73b2747805ea03259e0c3901e84"}, {0xc}, {0xc, 0x8, {0x1, 0x1}}}}]}]}, 0x1678}}, 0x0) (async)
r7 = inotify_init1(0x0) (async)
r8 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$RFKILL_IOCTL_NOINPUT(r8, 0x5201) (async)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) (async)
close_range(r7, 0xffffffffffffffff, 0x0)

6.156050624s ago: executing program 6 (id=1965):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4d9, 0xa055, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0xc4, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x1000, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xd, 0x0, 0x40}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x4e20, @broadcast}], 0x10)
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r5, 0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000240)=0x2, 0x4)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000080)=0x4)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000040)="4dc07f947163300c", 0x8)
r6 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$unix(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000540)="19", 0x1}, {&(0x7f0000000700)="8f", 0xfffffffe}], 0x2}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000100)={0x2c, &(0x7f0000000180)={0x40, 0x9, 0x7, {0x7, 0x31, "9e04000000"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

5.895394262s ago: executing program 5 (id=1966):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000002, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

5.411836309s ago: executing program 1 (id=1967):
syz_usb_connect(0x2, 0x3d, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000019792e20b4070a0102010102030109022b0001000000440904bd00023467c3000905000000000000000705e37e1b82e609050b020000000000df0fb5b9f06957c1b862aab942e232599ee91b230129a449506bfcba07b8d663407298efc04479b7e6034378941ed715eea45419f1bf4a8e69b98e7ea64930eb34c7"], 0x0)
r0 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r0, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x3, 0x0)
read$msr(r2, &(0x7f0000000080)=""/80, 0x50)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01060000000000000000090000002ef4cca6ea1545eade46c2bee7e45a18f54c40a97ae76c816c3afeecb50415f6920bbf435e7a1afb7e668d03e0a7e44ede5041daf6b37745680463e723531c131aecb39ad51f3d5fc6ce432f1252db867a8f7c80d90641f27f83a93a1ccbdd151147f516cdd023dcc1302267f49e326b2407f1697a14e0d322ed37116ab1aa8ac80231a5ce389eb2b709d42a41ffcb6fa29373cc7dd399fafdce9bc8d02b1bfe3204b2b4f1747d14eff3085b8eb2672c17466f1f4684958bbfa20b6a31513cf44708b4c6b704002cc205a1b079336b1d115b75a6fe59dc18662528db37470afa6c45a400c682af1e1bb84af895c87c45b9304435cdceba4cb99c602b5f6bc5a9ff08d57cdfe3cbbbec59e376f604bdec9a2b2ce8eb264e50615332fa0ee1f4c090eb88185989a57305b19f2733c580400022abaa7f5570785497902d48871ee7ca8ed204287c9da4000000002d610420f66176669ddb6d4d83fb89c8757411007e935e8c5e0369d9db6829e1212280d42a191c927183e8850f4a486776e8870d4e"], 0x14}}, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e20, 0x7, @loopback, 0x10000}, 0x1c)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000100)={'mangle\x00', 0x0, [0x7, 0x5, 0xfffff377, 0x2869, 0x6]}, &(0x7f0000000200)=0x54)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000180)=0x80000039f8, 0x4)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
r5 = gettid()
r6 = getpid()
syz_pidfd_open(r6, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000740)={<r7=>0x0}, &(0x7f0000000780)=0xc)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_CONNECT(r8, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000c80)=ANY=[@ANYBLOB="f4010000", @ANYRES16=r9, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r10, @ANYBLOB="0a0034000202020202020000080042000100000030002a008220470b00010400000802110000011000000008021100000107000000050000000026080b027f04ae73be530400d0009b00fc0004e84f38275d6c2bf59399a51e315ec7430dd9d98d3b29a3b3f894ba28689fd17ca2b58ab8e28aa867df648abf8958023fabd34716ef488f615c736f2dfe9ea12e55b5116a60410b9857deeb8f29e7738a7dfe2e3b26be4b784e1dc7f2c3cf7592fe39f0ed77490ba7295b3e8e5b0ba2998c8d813c38de01b878b04cfe1eadba9408e19b38109be2735412df4b397529079484778ab930000600fb00fbf600002400fc007180c2c76611359c61946c7d12779f5b269eaa7ccf5234d398478812cc67aae2c000fc00a56c5d184b5afad95bbab1a6aa6898853108d41c9aaeddf47f90b8ee7c0f88fe7076f09abf3b68b74f53c08ee1ef70b38a04d23079d75ccdc23691161e6614faefcc3b6eea7c01f169d2be103db93255845b1863201c7ebd55a4d0621102c8d9970343031b8fcdb95137dcc42c387936444c3e0d3003090af31fdce82d65de44ccb9e120fe52ce4178e14625e9de9e2e0c10e215c63edc2229a571938b9a4c43ab3a5606e0b95c140193b5003b3f1591d466a5577fbc98851639bc880400930004009300f6382e7bfe9f1c905dad36dc2069fc43125c908acd7b4a798e5cdcf96c5de5e2854140d0af6272899d4dcb67c411b9c9f6e81d952d5ccd6439a9"], 0x1f4}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f00000007c0)=<r11=>0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000024c0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}, 0x2020)
read$FUSE(r0, &(0x7f0000004500)={0x2020, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}, 0x2020)
syz_emit_ethernet(0x4a, &(0x7f0000000a80)=ANY=[@ANYBLOB="aaaaaaaaaaaa00000000000008004500003c0000000000069078ac1414bbac1414aa0000000043d05ad3853a1854640d21e4b341b875fd7548b40919485bbefa370c7beb441b3c667119eabca201677fd622392cbbf3391dbf4eefe1bec343057ce1f740c0c49718d1803aed6d6f0428e772ac2c", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="a4000000907800000007ea7022d662080a00000000fffffffd000000"], 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000800)={0x0, <r14=>0x0})
r15 = getpid()
sched_setscheduler(r15, 0x2, &(0x7f0000000200)=0x7)
r16 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000008c0)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000000900)={0x80880100, &(0x7f0000000580), &(0x7f0000000600), &(0x7f0000000640), {0x2f}, &(0x7f0000000680)=""/11, 0xb, &(0x7f00000006c0)=""/98, &(0x7f0000000880)=[r5, r6, r7, r11, r12, r13, r14, r15], 0x8, {r16}}, 0x58)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r4, &(0x7f0000000300)={&(0x7f0000000000), 0xc, &(0x7f00000002c0)={&(0x7f0000000a40)=ANY=[@ANYBLOB="340000000f1400032dbd7000fcdbdf25080003000200000008000110ffffffff08004500636d61000b00d5d3736d635f69620000"], 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x5)

5.411278278s ago: executing program 7 (id=1968):
r0 = socket(0x10, 0x803, 0x0)
ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f0000000000)={'ipvlan0\x00'})
r1 = syz_open_dev$video(&(0x7f00000010c0), 0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rt_tgsigqueueinfo(0x0, 0x0, 0x1f, &(0x7f0000000300)={0x0, 0x0, 0x4})
r5 = openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, 0x0)
ioctl$KVM_NMI(r8, 0xae9a)
sendmsg$NL80211_CMD_SET_KEY(r5, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4841}, 0x4810)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
socket(0x2, 0x80805, 0x0)
ioctl$VIDIOC_S_SELECTION(r1, 0xc040565f, 0x0)
r9 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r9, 0x0)
connect$rose(r9, &(0x7f0000000040)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x40)

5.214237822s ago: executing program 5 (id=1970):
r0 = getpid()
prlimit64(r0, 0x6, &(0x7f0000000140)={0x4, 0x8b}, 0x0) (async)
prlimit64(r0, 0x6, &(0x7f0000000140)={0x4, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0) (async)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
socket$inet6(0xa, 0x80002, 0x0) (async)
r1 = socket$inet6(0xa, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000280), 0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000200000095bd4eaf5732fc78c6c2ad8d9d3775453bed974654219fe5"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='hugepage_update\x00', r5, 0x0, 0x2a73}, 0x18)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x1000000, @mcast1, 0x5}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000)
ioctl$F2FS_IOC_GET_FEATURES(r2, 0x8004f50c, &(0x7f00000002c0))
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000004c0)={[], [{@euid_eq}, {@obj_role}, {@smackfstransmute={'smackfstransmute', 0x3d, '}'}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@smackfsdef={'smackfsdef', 0x3d, 'hugepage_update\x00'}}, {@smackfshat={'smackfshat', 0x3d, '[-'}}]})
rmdir(&(0x7f0000000240)='./file0\x00') (async)
rmdir(&(0x7f0000000240)='./file0\x00')
chdir(&(0x7f00000000c0)='./bus\x00') (async)
chdir(&(0x7f00000000c0)='./bus\x00')
r6 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
mount$nfs(&(0x7f0000000000)='k\x00', 0x0, &(0x7f0000000380), 0x142880, &(0x7f0000000600)=ANY=[@ANYRES16=r6, @ANYRES16=r1, @ANYBLOB="5037e1c0f61ff5443f33c9f389a854670be393dd60d89aeebe158cf6b45f3f60021b5d92bcfc8e722681588337c1cc8b89709ba7206ca4f98ac134880555ac84ab21865051d8e7e55cfc3cbce2ba91c87a36bf358afcd3f4ac36095e655525ec84bc84ec94c5fb9aff3419cd0e240ff104f14321b9b722d37304d626f411f266a4fb1686282502799df8f72efab55fdd9e16e0a54d6741797622e99df60ba3dba5c18520e7ee04069428d8f4ffeb4aeb0bdda5437db50bcae6da1fe68455052755a2d1dc2e439ba7b78acf94757f6647fe840d4d0aaacc40425876d6b7561576105341d52ddae5bc13fee5e798c183a8610a5e95deea5105ff378c1a"])
open_by_handle_at(r6, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000f800000000000000fb150705e8321f2efe0868327a31a705ec9785e7"], 0x30000) (async)
open_by_handle_at(r6, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000f800000000000000fb150705e8321f2efe0868327a31a705ec9785e7"], 0x30000)
r7 = getpid()
sched_setscheduler(r7, 0x1, &(0x7f0000000240)=0x1)

4.932697635s ago: executing program 4 (id=1971):
getresuid(&(0x7f0000000280), &(0x7f0000000440), &(0x7f00000002c0))
socket$inet_smc(0x2b, 0x1, 0x0)
iopl(0x3)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x6}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_GUEST_MEMFD(0xffffffffffffffff, 0xc040aed4, &(0x7f0000000040)={0x2, 0x10000})
read(r2, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(&(0x7f0000000240), r2)
socket(0x10, 0x3, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r4, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc)
r5 = socket$inet6(0xa, 0x3, 0x7)
poll(&(0x7f0000000000), 0x57, 0x0)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0xfffd, 0x3, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@loopback, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x20}, {0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x4, 0x10}, {}, 0x0, 0x6e6bb9, 0x1, 0x0, 0x2}, {{@in6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x11}}, 0xfffffffc, 0x33}, 0x0, @in=@empty, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x93c}}, 0xe8)
sendmsg$key(r3, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="020100000a0000000600000000000000030006000000000002000000ffffffff0000000000000000030005000000000002000000ac1e00010000000000000000020013"], 0x50}}, 0x0)

4.904243492s ago: executing program 7 (id=1972):
r0 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000c00)=@newtaction={0x74, 0x30, 0x1, 0x8, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_PROTO={0x6, 0x4, 0x9300}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x3a80, 0x5, 0x4, 0x800, 0x68b}, 0x1}}, @TCA_MPLS_TTL={0x5, 0x7, 0xff}]}, {0x4, 0x4}, {0xc}, {0xc}}}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x2400c8c4}, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x2, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="891000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
write$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x14, 0x1f, 0x1, 0x0, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)
read$midi(r0, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x86783, 0x0)

4.423861187s ago: executing program 7 (id=1973):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000180), 0x204803, 0x0)
write$tun(r0, &(0x7f0000000740)=ANY=[@ANYBLOB="603274ff01d00601fc020000000000000000000000000001fe8000000000000000000000000000aa2b0c000000000000c910fe8800000000000000000000000001010738000000010c09fcff0000000000000000050000000000000006d6000000000000020000000000000000800000000000000200000000000000c20400000001c910fc010000000000000000000000000001000000004e214e23", @ANYRES32, @ANYRES32=0x41424344, @ANYBLOB="b080000590780009040213121c99d68cfecbaa9163de305ba23667b70204ee001a0debcc4259d6448c946473eafe06e2d4c3d91e10267f0500000000000000f476000003030305120000000100000080800000000000000303030703030900002879e0a630769d82da033bc588a8cdb574801bf8e1d2ae5245432a979c3c311054d1a163629cfa4f71bfc6a4b7515e97df848d04ff390f98cebf0481adb8b9c45056185eafda4928d0f34c8ab0cfe30c90ce3755d42b556e83d75b10ebecce8d02b0bc087190a0ef876d86a62dde2dd3863e28922fd71db62f0fcb46836e4fd7598d168f747f2568079968df061e47030802ce3c049e191a42c65ccd36b4e476bbf6eda9324e56d1f4fa9bc4e3d40ea3e3a4f40425b2fc2fcd2d9f37718720c2111f4edd1365373544eaa31081fe2185a1e527ab8f08e40ccbf1b08450c2030200e8be6d45f54280a473af010db4a6527e27806cbf695c635244a79585903421a2281f85f291a3f8b399bc93aef42da5b14362d82657e59537ef9a78d4d76237e92550a233d798a0b22309d9345ac124776d6d9231bdfa750a9b284eeb88b286bb95f9949bb51055f613196ccc2a5bd2c577685cc9901680cec372f5be478654d050e180bd5058b0ff991afaab8d29d7a26a0d6426d1bad077e814815a0e8750003876e8875af3b595cacfeb74730e42f7f58bb13251b0ab9109ed1fc070a14219c4c860349174905962302a000000000000"], 0x1f8)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000075f84c1071042703a461000000010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0) (async, rerun: 32)
syz_usb_control_io$hid(r1, 0x0, &(0x7f00000003c0)={0x2c, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0}) (async, rerun: 32)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f00000004c0)={0x44, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000100000011"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$uac1(r1, 0x0, 0x0) (async, rerun: 32)
getpid() (async, rerun: 32)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async, rerun: 64)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 64)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r3, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (async)
connect$unix(0xffffffffffffffff, 0x0, 0x0) (async)
r4 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r4, &(0x7f00000003c0)=ANY=[@ANYBLOB="34020000020000000580000000000000010000000000000000000000000000000000000000000000000000000000000000001b00046e6f6465767b65766f6f7e0539c60005000037d93a8b920000003800704a86cec602007dfa673effeb09b5351f5bde05"], 0x234) (async)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000240), 0x82)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r5, 0x54a3)
sendmsg$SMC_PNETID_DEL(0xffffffffffffffff, 0x0, 0x40004)

4.361767429s ago: executing program 5 (id=1974):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x6, 0xff, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000440), &(0x7f0000000080), 0x619, r4}, 0x38)

4.360743013s ago: executing program 4 (id=1975):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
creat(&(0x7f0000000100)='./file0\x00', 0x42)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x60, 0x30, 0x1, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x4}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x804}, 0x0)
tkill(0x0, 0x35)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r3, 0x541b, &(0x7f0000000000)={0x0, @default, @bpq0, 0x0, 'syz0\x00', @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x0, 0x0, [@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x2c, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x98f}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8}]}, 0x2c}}, 0x4c814)

3.236734896s ago: executing program 4 (id=1976):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket(0x22, 0x2, 0x2)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r1}, 0x10)
r3 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r2}, 0x8)
io_pgetevents(0x0, 0x6, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xfffffffffffffffe})
sendmsg$ETHTOOL_MSG_RINGS_GET(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, 0x0, 0x0)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=<r8=>0x0, &(0x7f0000000280)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0xc, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x49c781})
io_uring_enter(r7, 0x3516, 0x4, 0x0, 0x0, 0x0)
close(r3)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x301, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @flow_offload={{0x11}, @void}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_ID={0x8}]}], {0x14}}, 0x6c}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)

3.198587463s ago: executing program 5 (id=1977):
msgsnd(0xffffffffffffffff, &(0x7f00000000c0)={0x2, "f12cfaa7ad7bca6d48688aa995f7662454b7484b75be5d1fc25adfd34ee6cb7b772972a0677bb20eed29c39dd550bb2ea52fd2b613a9f849659a41a78b99c232648af723d8ea5d93b5d81ba4f4d1f6821c5335c48d975a9d12f3e8c8860add4f4b4ab85ff94b1a94db2c65e5e73e99791e4a1ab86e70e1967828ad092b2ce332eca38f74a236a2e8a5f41f258da87878d110b8c2acb86a19eadb29c0da153897317d2d62722b5ce5067f62dd5a55d85e051034df951c9d86679d748a1d659e1ab60e38913a0949a491d891dcd94d4e961ce1bc2558dfb9bc59526c94cf04ef0215df4d9d99f091663bd787bf604c3030706be92e85efb949ec8eca0a8ce59c9332a6d4777176838777c17034ff87fc3ec10501d5c3a140cd64f9a1edc270019657c891496275daf6f63527b18a4358058a06592f251ab12b06f73665acedafd940a8b810cebb80656faed202c42bbea772d228b75752cb11af14f4ca16986f9ea869aafb69ad3a64021b229076337fca9cfeaea625dd0769695c8bd7195b648c710ef6a78e153bed982ebcd10a85e6088b3d5abccdc63f7fc9f9cb6305377234650c3108e164857dc6679f9040c066caa0996c42f76f564bc8b18718ca87d46009232e8beb4515b28c2f9f5d4c9a0666d58d45c0b7665a65aea2dc899af09c433d7cd7035322449f88863829e737179ccfd63cfb4385c7128781204bd793ae20a47d5176d3bce40d810d0631d7412b2fda41102d0656854d06e89a666fdda5584f2f9cfb7de7e4f900848502c9c3d0ac1d96bc343da07e3f76b61ffed5604ac00be9694df8e58746daf491158d850970d348ddddc6f1b7351bfbf1751938b1afd46c79d63222c0147a39bd89c17cbdc355f0b41fbac7cdfcbee2ef717741aff7f40f9e1522d7ebf4932dfa6028d58909bc43c40a50865ea087d9d6486acdb74a92836033a62a5af557e59dbf35fbba8f879bd0be9f3c019870ae2f269a1e0fb21559f9658d110432782d966e566300f2ab23db9cfbcddb8ddb3a38ca8a30ccf2096502e8f6594f0059cec8693113696e53f53e84bbbe3b2f7bb146123e1fcf491afc39ae27a06acd92e95f7aa1aff2b430d95ce79370434babf5972496765be13e13d34b3650fb162698c573b4bd74c2390c54f5da36a43d4b6d195507b8c6e68b6b345524cf07b917fe76804b0591ba2bf418ee3cb22f74d5a5fe1dfa29183b17a8bf4e534a782ff68b2ff1fc157673b5d6423d7872f0240d1b2680fac212158ce739169495bdc332e59379b4d04639fd4e3ec430d303f2ecc992a64ed8aecab2745393c5d1ecce4f5adc9b732974291cbb3ab885723c090a4cafb458a49a62f831963a6bdaa004b4923fa5591ae8abb0c3001e43957b6d8f0305afcabbf07200a1ca6ab236ba73bc980b434f7038582f6321cfae36d818f92431cda1a447cf7a85fe20e8413b01961b4286d3a5ea6fe2863e311e7eeb337e190129017510fbd75e64482ca823d07a4a52e4bf9cdc316f83d38ab291b5a9b903225f645000b13f110fa8181fd62dc38396008d1e5595bcc86677dbece18e3b38494d13fa2535387d6becab20c0b081dbd6d65f2559f27d28d6c6a5d8987f1890f29ecea26ec5a252d1bf255c6cf1a8931ef044cb6e30ab481b77b712d5347952e469dafe905123679b37aab81adee77dde1f2b574882128f511a847d0607c940d0f5d325d9499696916ddb4587b743c8d570301567ef52ad51500238d75fe6a303b6e60911ddba4fd922f62f8a0e9a89632d8454c5adb5c5ab1bf111d7424d93e0761006bacbdc9097c7f9092b30fd97e467c95b34cf6a4b439e5ce9d9abb0c541dca4e25700c9dbebcc4222b163601488588d0268bc1fb3fa5f150736ff0ab314dc148b8ee696716bc9e301920f77826c5473cebf54a77e96cb66534f51df0996d5205c676f92f6768d1745ba73779ab2eafd06ae560e9564fe5dee6c6ba519ff6d4dba07970650730d17a0efbe18dd04a65c4365a8d2f748acf6ca99b75ec1e925a90ab1fa9bdf9e4046beccec33f0d2306e6bb9bc463b55d8e9d92def83e69bd8494392602bd2dea564fdacfd93f931cc0b4a988e1fd8d30ae0cb6a94d26a49d033432bf3d78cc4e6e5c0fc09457a1db8862c420f2bf9140af6f92177d72d2fb105331e7721095871ecdddf269d292e549f8530d78617481d3a3613367cac4b3c0c63be2d010086ae78fdee8e3eef6b9bf78d8e08c3c9fa2f62be8f406665c452137e74695de91dac96d07bf39715f7644d4ce4be4ab8411affbc198b34a94f0ef9ba9d3ad9a69e7e0ca155e66d2190697a0acb4af5d127950b0379388d79c4b4600e0186b573dd90a781bfe6b6f8febf092aec771bd9da269fcc49a9c13a3d69f75cf5a4b9e19f60ccccf75d3bf5c27644fea06ec20257792c274d07257c3de62a94a1f139b12801f9aa89aeca5abcfafea33610880199847dfc7dc58d8597006f79103ae0f198f9664cbc1228f15a8d9ba274d73cf2047bf9baf5755c29e3f7b7177e6676c730bec210d808f4b64d5b094eb531077323ddeff3e5a8676d1f027978cec76d18842363c1ed56fe521d7c52735211da525189e74f5cd43142a651a4096a48579decf15eedcc2acaca9349a6d82b2a2e09050ebd6d13c886788b076b0718c04ee17f3b242bec17231810186a2d8907861c44fb68e64d06acaefd344bd10b9426e19e6ab7bc67d94d15d151b6c8ca203ab0d3f398de80c99acbd5124a981082e987a3be2731dcc12b2e8eb037b6b19c224fac05b41b1ed667d1cae2d2ac6d3265398f6fbfe69bc4a1d7673becd9ebb0869eb085f065152fc8cac70ab5053b3c60fc0eb0246dbb95a2922bf343d421e232299e8fc300031bd3111703974d9c10b6da334a3ac5a728652f5a526370d4c5a2cca01a97efff5bee908f979f9caee003e61988db9cf079a2993a2a4c1107ee9f412264efcd56c0c0472250bf7e672a9d9e38364ae359a24f4efa2d7ee71896426ba7e2ea7f64a458fa7c997cc4504d33877af2ec9d94b1f2b4cc2b8c9cdf9ed797feba71376169c46f551c7b285a8b070dcbbdf856748bf51749f5c1dadace5e2110012847fdcd3f1268e5d02b31280a575c69c413d218df912f225f2f565a3a2aa2a37b41bd106a7a3d876bd4f18b43c1ceb9a709018bf7f73a44ed9ef762048cce9b73381f283d668bc74aee60a024642e5806af4ccc28c689d034a17d56163b22ad7d6e167dcfe0fb22503979dbc4d2896a5bba5e3f1095875c0237bc5f120e535f7287cdcca5a31684e704620d76cacd99c4219ecab6ab8a8d3ad5ac37e29d6a968558617efe3999a9a45d4ce8e0383a88b1acdf7eb21ad4bef23455a31ca11a31f13f59b6cc3245b145fd4e8f5d722a6af2c388595aa65585e732f557c1576469e5d146fb1e11b645a45b634cb65cba617b5f8d60bbe1eba790ce3935dd5996b20d552ba5ce9c68eefe2c23316b4a126eeef472c798d25b0ebefc5560310f661ad7d8db58906b999b2a77efa53bba65c7ce6858e0287b93a7b5f4db77a888bc379ff410ad3af52c8616f8321d43a2f78658da116d3e0fb84290140f9a50f758c7378678e797fdd8d469442466deb9fa4adf592f41ac5e9032d902d69c2b71d73d857a91c510da785a096f6a2199a27e12460d4c6fa40ddf035ed2b5e9ac274fbdffda5166947db5409375120c33f14d8e0441ee04102a2ddd7ec5407e117ec7fe89b5c7b390c91e6b0c8f440c7d4fec54f79967bfe52684a82219c2f05bfd8cc159f21f77e9e93ef4229613f93ddae04005d54ae894593c0357ac4a038ed9c0aa2ed1204ea7de31aa26f8f8d7d41690e09666f87af4c8c9e7d617c3659d132cfdee5298cbc1156bd8d30e4989e7ab0152b86b89ce0d5d9625370916c73c3a75d7fe30d11c4f7e970ecf1080e3847445b58e138005c483eaee60f0c7903f54a31fce56a8507fa6f4886ec23c19f1ad611cda099f5878c7203803bf9f5f90805c758b9c6a9abce9e6fb06ca8e195dfa2a7f47870689bd4b1e65f800d26fad683df14a66368ad530d529f1be72d94dda80566c4ba6792c1e4eeae110cc2948569fcbfd1abebee40c4d7e16f8a104509be823b9e7f4d749182620a3c8ee561ad0af5edbc5660d63fbab6bad842739ba299750e3f7bcd523747779cacecef696a7716699675349222e03e061a3942a3cc96271560e50d2687c9c24de7b9b1578ee488120ef1cc4ad397a0ee424a720d8c77d1fc077abf371169b530bc8660ae14c15e724fe67a8dfc4a33b819b56cd23f79bf0368c908cfe3a2628dc08455d3c1b26520bb9b84ea22d72e91a832233db51c29214401d4022dbb4b284c3226d2958c838f4b66230c411634baff364da1af6472bdde47d93154f909bf0e24237a11a31c9745735407ee9d2355e2b1e1612a4ee96cb5cd374998d72653d0058c2d0a5a2b7dde5333d7705f2b72e0677abe242a07e242d5c6b1d743e2781ed95cc7628d86e9e4aad04b2c1722f900ee988f899e3f66c28340a1a42fe093d636dd3600ae7962a345e5052d9b40aefdcdb01e7e43675a7876b63744f0c82a5a122a6a904c7eb271dc1e19c87e8a8b32387196565433f1a88ae02eb32e29d28a614031e6489d611dfee95dcb00bbdea1ec2a3e5c18d1bbc6fe6fb011cc8fae7cb9ee4a6e4a1cac256da386b30e54c20d5df1a74ccfcbdb90334ad176c144801dde9bf46074eb0e4ac0bdf568eb387c1ce4d0a192bab80a47e84708d5a379a54c6bba1158fcd465bae01cc11ad5e5fab70c5c7abe6cfbfddf45dfac469d7322525bb5d6ab6c4bdec73ac531b8d16e1277a1a4a6f31c27cc17c3eab05973df677cd65072b3fb72b1a8ec71954037045f20f06f3c6a0a81ff5a4d36a50d1276a2f637d96f0368a2d5da3b20a3aef6bf0c8b03cbbaee16153e2d1ae8a6ea1c3961bbb05235886af338f66464f70c2ce237a47a67241922780d21bf50bf9c2a88b71a279a2ea14c31f05819512fd969d90224fdfcf2cb6b56dcecdb412095329d58bb814584b562826820fb9082a04fc299d7cf6daad0856f7d8132943b40854c4c7bcea5809bc4e1cacd6c8e1e7927af86ca8fec187c3260f28909f7df6f1e1bf5027d82e572f12d07e0b2664353096b936ab93de98b07f03d3ec3bff0737d63b68f1ce01e3d239db799643ff273652f2b6475897ae2d48d8fd0ab4cf2ecf409aa44ae843a3376ab73324ac02bd68e2edeadca87ffd736a95109721dd68e49e60283446a80df86a1c762be45254220685954d7a8f3bdfcd568a30184b97ad55a9f021720d6150993e39150e25906158f29c9266e865f804d460ecd163c4afe94f100f131c9b1900c5ca7f20a7cc6bf138995a2b723bcd0b3047398baf54fca0dbf3902240da134ce0a12d1d07ebbd5e18b166bafc3d81cbd0aeee732e583786a2cbbf22a0de75f47d159af4c5cb9cb108e74fd54fbd4cfc69a45bd8b313c930a39f80ab1d26119a38ee16257c2d01aecbde12cbbdefe44bce3f65072780fd2b7d85d49039c33a7a425aad24a72fed83f610480b42cedf8ff2dfae435a6b3c7e54d0a0079e9efdde2d8509e90a5ee2570168f154026f4eb70e35b8943a5df50337b3a57dbd0fcabac6441164338bc7444ad1edfcf18fddb74710d425a8bb2b552caa51abe445009cb9ca378333d9ae8e7c240b6be13f23cd5aba78c113bccd58cfc0019992271d241e632705266734f5db5e1702dabd4339f66a9eea7079f4d6219c16f11ba9c6fb68d4f943c69fc0ed688b304bd1"}, 0x1008, 0x800)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x5)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$caif_stream(0x25, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x7c9ce320e12d300)
ioctl$TCFLSH(r0, 0x8924, 0xffffffffffff7ffe)

2.926987381s ago: executing program 6 (id=1978):
r0 = socket$inet(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000940)='batadv_slave_1\x00', 0x10)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f0000000100)=0x1, 0x4)
sendmsg$inet(r0, &(0x7f0000000000)={&(0x7f00000000c0)={0x2, 0x0, @private=0xa010100}, 0x10, &(0x7f0000000080)=[{&(0x7f00000002c0)="14", 0x1}], 0x1, 0x0, 0x0, 0xe0000000}, 0x48010)

2.87176578s ago: executing program 7 (id=1979):
socket(0x10, 0x1, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x12c9bc095037d560}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r4, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x4040084)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000140)='./file0\x00')
sched_setscheduler(0x0, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffc}, 0x0, &(0x7f0000000000)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)

2.791626587s ago: executing program 5 (id=1980):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000002, 0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.559802409s ago: executing program 6 (id=1981):
openat(0xffffffffffffff9c, 0x0, 0x42, 0x7f)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$MSR(0x0, 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000200), 0x800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f0000000180)={0x80, 0x2b, 0x3})
close_range(r1, 0xffffffffffffffff, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getpid()
syz_open_dev$ptys(0xc, 0x3, 0x0)

2.559423058s ago: executing program 5 (id=1982):
r0 = socket(0x10, 0x803, 0x0)
ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f0000000000)={'ipvlan0\x00'})
r1 = syz_open_dev$video(&(0x7f00000010c0), 0x8, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rt_tgsigqueueinfo(0x0, 0x0, 0x1f, &(0x7f0000000300)={0x0, 0x0, 0x4})
r4 = openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, 0x0)
ioctl$KVM_NMI(r7, 0xae9a)
sendmsg$NL80211_CMD_SET_KEY(r4, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4841}, 0x4810)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
socket(0x2, 0x80805, 0x0)
ioctl$VIDIOC_S_SELECTION(r1, 0xc040565f, 0x0)
r8 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r8, 0x0)
connect$rose(r8, &(0x7f0000000040)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, 0x0, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast]}, 0x40)

1.648363388s ago: executing program 4 (id=1983):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_netdev_private(r1, 0x8947, &(0x7f0000000580)="704a164305893a")
getsockopt$nfc_llcp(r0, 0x6, 0x11, 0x0, 0x2000e881)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_netdev_private(r1, 0x8947, &(0x7f0000000580)="704a164305893a") (async)
getsockopt$nfc_llcp(r0, 0x6, 0x11, 0x0, 0x2000e881) (async)

1.606886893s ago: executing program 6 (id=1984):
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x20000841, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @empty}, 0x1c) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r2}, 0x18) (async)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(r3, 0x8982, 0x0) (async)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173683a69702c706f7274"], 0x4c}}, 0x2) (async)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x84}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e22}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10008086}, 0x80)
shutdown(0xffffffffffffffff, 0x2) (async)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
open_by_handle_at(r6, &(0x7f0000000080)=@FILEID_BTRFS_WITH_PARENT_ROOT={0x28, 0x4e, {0x5, 0x1, 0xffff8003, 0x6, 0x62, 0x5}}, 0x2e4342)
syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
lseek(r3, 0x7, 0x2)
bind$inet(0xffffffffffffffff, 0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0) (async)
msgget(0x2, 0x217)
r8 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$BTRFS_IOC_INO_PATHS(r8, 0x8915, 0x0)

1.374393748s ago: executing program 1 (id=1985):
r0 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
ioctl$BLKSECTGET(r0, 0x1267, &(0x7f0000000040)) (async)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000000080)=""/224, 0xe0}, {&(0x7f0000000180)=""/97, 0x61}], 0x2) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000280), r0)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r1, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r2, 0x8, 0x70bd28, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x6}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8006}, 0x0) (async, rerun: 64)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), r1) (rerun: 64)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000540)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000400)={0xe0, r3, 0x20, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MEDIA={0xac, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_PRIO={0x8}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffc}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xff}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}]}, @TIPC_NLA_MEDIA={0x20, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x10000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x2}]}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x4080}, 0x4000800) (async)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000700)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000006c0)={&(0x7f00000005c0)={0xdc, 0x1, 0x2, 0x3, 0x0, 0x0, {0x7, 0x0, 0xa}, [@CTA_EXPECT_MASK={0x20, 0x3, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}, @CTA_EXPECT_ID={0x8, 0x5, 0x1, 0x0, 0x9}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x7ff}, @CTA_EXPECT_MASTER={0x88, 0x1, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x11}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @mcast2}}}]}, @CTA_EXPECT_TUPLE={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x10}, 0x40000) (async, rerun: 64)
r4 = dup3(r0, r1, 0x0) (rerun: 64)
sendmsg$NFT_MSG_GETCHAIN(r4, &(0x7f0000000800)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000007c0)={&(0x7f0000000780)={0x24, 0x4, 0xa, 0x5, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x85}, 0x4004040) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000880), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_LIST_KEY(r5, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x14, r6, 0x400, 0x70bd2c, 0x25dfdbfb, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x24064840) (async)
r7 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000980), r5)
ioctl$SCSI_IOCTL_TEST_UNIT_READY(r0, 0x2) (async)
ioctl$SNDCTL_DSP_GETOSPACE(r0, 0x8010500c, &(0x7f00000009c0))
sendmsg$key(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a00)={0x2, 0x12, 0x31, 0x6, 0x17, 0x0, 0x70bd2c, 0x25dfdbfe, [@sadb_key={0xa, 0x8, 0x220, 0x0, "a405b6f69015e7b47439cb9d5f7648254f640ff563ded866d4433e0245e3cd4027f937484f9b79e7be7d1fed419bdcb0481647171cd385115261a1591185de9620e979d3"}, @sadb_ident={0x2, 0xb, 0x3, 0x0, 0xfffffffffffffffd}, @sadb_x_filter={0x5, 0x1a, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @in=@local, 0x25, 0x0, 0x4}, @sadb_sa={0x2, 0x1, 0x1ff, 0xc8, 0x3, 0x65, 0x4, 0x80000000}, @sadb_x_nat_t_type={0x1, 0x14, 0x6}, @sadb_x_nat_t_type={0x1, 0x14, 0xf}]}, 0xb8}}, 0x4000801) (async, rerun: 32)
bind$llc(r0, &(0x7f0000000b40)={0x1a, 0x300, 0x0, 0x2, 0x7, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3a}}, 0x10) (async, rerun: 32)
clock_gettime(0x0, &(0x7f0000009d40)={<r8=>0x0, <r9=>0x0})
recvmmsg(r0, &(0x7f0000009b40)=[{{&(0x7f0000000b80)=@caif=@dgm, 0x80, &(0x7f0000003f00)=[{&(0x7f0000000c00)=""/4096, 0x1000}, {&(0x7f0000001c00)=""/79, 0x4f}, {&(0x7f0000001c80)=""/4096, 0x1000}, {&(0x7f0000002c80)=""/183, 0xb7}, {&(0x7f0000002d40)=""/166, 0xa6}, {&(0x7f0000002e00)=""/122, 0x7a}, {&(0x7f0000002e80)=""/94, 0x5e}, {&(0x7f0000002f00)=""/4096, 0x1000}], 0x8, &(0x7f0000003f80)=""/190, 0xbe}, 0x2}, {{0x0, 0x0, &(0x7f0000006300)=[{&(0x7f0000004040)=""/4096, 0x1000}, {&(0x7f0000005040)=""/223, 0xdf}, {&(0x7f0000005140)=""/223, 0xdf}, {&(0x7f0000005240)=""/145, 0x91}, {&(0x7f0000005300)=""/4096, 0x1000}], 0x5, &(0x7f0000006380)=""/196, 0xc4}}, {{&(0x7f0000006480)=@nfc, 0x80, &(0x7f0000006740)=[{&(0x7f0000006500)=""/6, 0x6}, {&(0x7f0000006540)=""/249, 0xf9}, {&(0x7f0000006640)=""/9, 0x9}, {&(0x7f0000006680)=""/180, 0xb4}], 0x4}, 0x4}, {{&(0x7f0000006780)=@phonet, 0x80, &(0x7f0000006880)=[{&(0x7f0000006800)=""/116, 0x74}], 0x1, &(0x7f00000068c0)=""/225, 0xe1}, 0x539}, {{&(0x7f00000069c0)=@alg, 0x80, &(0x7f0000006b80)=[{&(0x7f0000006a40)=""/158, 0x9e}, {&(0x7f0000006b00)=""/91, 0x5b}], 0x2, &(0x7f0000006bc0)=""/9, 0x9}, 0x4}, {{&(0x7f0000006c00)=@hci, 0x80, &(0x7f0000007f00)=[{&(0x7f0000006c80)}, {&(0x7f0000006cc0)=""/4096, 0x1000}, {&(0x7f0000007cc0)=""/40, 0x28}, {&(0x7f0000007d00)=""/252, 0xfc}, {&(0x7f0000007e00)=""/201, 0xc9}], 0x5, &(0x7f0000007f80)=""/113, 0x71}, 0xffffffd4}, {{&(0x7f0000008000)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000008300)=[{&(0x7f0000008080)=""/236, 0xec}, {&(0x7f0000008180)=""/101, 0x65}, {&(0x7f0000008200)=""/214, 0xd6}], 0x3, &(0x7f0000008340)=""/75, 0x4b}, 0x3}, {{&(0x7f00000083c0)=@generic, 0x80, &(0x7f00000099c0)=[{&(0x7f0000008440)=""/201, 0xc9}, {&(0x7f0000008540)=""/252, 0xfc}, {&(0x7f0000008640)=""/29, 0x1d}, {&(0x7f0000008680)=""/4096, 0x1000}, {&(0x7f0000009680)=""/211, 0xd3}, {&(0x7f0000009780)=""/252, 0xfc}, {&(0x7f0000009880)=""/110, 0x6e}, {&(0x7f0000009900)=""/182, 0xb6}], 0x8, &(0x7f0000009a40)=""/223, 0xdf}, 0x7}], 0x8, 0x0, &(0x7f0000009d80)={r8, r9+60000000}) (async, rerun: 32)
r10 = syz_open_dev$vcsu(&(0x7f0000009dc0), 0x0, 0x0) (rerun: 32)
setsockopt$bt_BT_POWER(r10, 0x112, 0x9, &(0x7f0000009e00)=0xa4, 0x1)
ioctl$EXT4_IOC_MIGRATE(r4, 0x6609) (async)
ioctl$PPPOEIOCSFWD(r4, 0x4008b100, &(0x7f0000009e40)={0x18, 0x0, {0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}, 'veth1_to_team\x00'}})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000009e80)={0x10201, 0x0, 0x3000, 0x1000, &(0x7f0000ffe000/0x1000)=nil}) (async)
sendmsg$NLBL_UNLABEL_C_STATICREMOVEDEF(r5, &(0x7f0000009f80)={&(0x7f0000009ec0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000009f40)={&(0x7f0000009f00)={0x1c, r7, 0x300, 0x70bd26, 0x25dfdbfc, {}, [@NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @local}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x8001) (async)
r11 = syz_genetlink_get_family_id$devlink(&(0x7f000000a000), r0)
sendmsg$DEVLINK_CMD_GET(r1, &(0x7f000000a100)={&(0x7f0000009fc0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f000000a0c0)={&(0x7f000000a040)={0x6c, r11, 0x400, 0x70bd29, 0x25dfdbff, {}, [@pci={{0x8}, {0x11}}, @pci={{0x8}, {0x11}}, @nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x100}, 0x10000000) (async, rerun: 64)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, &(0x7f000000a240)={&(0x7f000000a140)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f000000a200)={&(0x7f000000a180)={0x4c, r11, 0x2, 0x70bd2a, 0x25dfdbfb, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x4}, @DEVLINK_ATTR_RATE_TX_MAX={0xc, 0xa7, 0x2}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}, @DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8800}, 0x40000c4) (rerun: 64)

1.289731636s ago: executing program 7 (id=1986):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0x13, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000080000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000180)='%-010d \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000300)={r2}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c40)='sys_enter\x00', r3}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x48, &(0x7f0000000280)=ANY=[@ANYRES64], 0x8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r7 = socket(0x10, 0x803, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x4, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x70, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r9, {0xc, 0x4}, {}, {0x5}}, [@filter_kind_options=@f_flow={{0x9}, {0x40, 0x2, [@TCA_FLOW_EMATCHES={0x3c, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x18, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x2}, [@TCA_EM_META_HDR={0xc, 0x1, {{0xd, 0x6c}, {0x1, 0x81, 0x1}}}]}}]}]}]}}]}, 0x70}}, 0x20040054)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000005700)={0x0, 0x0, 0x0, 0x0, 0x0, r5}, 0x38)
alarm(0xb95)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000f80), 0xffffffffffffffff)
sendmsg$NL802154_CMD_NEW_INTERFACE(r10, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f00000000c0)={0x28, r11, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x3}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x4080080)
r12 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r12, 0xc0145401, &(0x7f00000001c0)={0xffffffffffffffff, 0x2, 0x1, 0x2})

1.246417719s ago: executing program 4 (id=1987):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x4, 0x6, 0xff, 0x42, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000440), &(0x7f0000000080), 0x619, r4}, 0x38)

102.684346ms ago: executing program 1 (id=1988):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0) (async)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001440), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xa, 0x16, &(0x7f0000000340)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000002d0301000000000095000000000000006926000000000000bf67000000000000150600000fff070067060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff2d53010000000000840400000000000005000000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded25b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1cc0800004537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c767030090a3967093b000e3806f825f1d0da2a304e06543b56d35235d78b7a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664a44e22b72e843e7cf55f394cf75d1cd3ee79a25fb98cc45b3fde43e62e150d4a2fddd9a976774"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
recvmmsg(0xffffffffffffffff, &(0x7f0000001280)=[{{&(0x7f0000001040)=@xdp, 0x80, &(0x7f0000001140)=[{&(0x7f00000010c0)=""/92, 0x5c}], 0x1}, 0x2}, {{&(0x7f0000001180)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000001240)=[{&(0x7f0000001200)=""/16, 0x10}], 0x1, &(0x7f00000014c0)=""/162, 0xba}, 0xc}], 0x2, 0x10041, &(0x7f0000001400)={0x77359400})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, &(0x7f0000000300)="440f20c0350f000000440f22c0b8010000004f0801aab8d9d920c0350f000000440f22c066ba4100b8002c20000000f30f012e430f001fb9bd0a00000f3226d2a4470f01c8", 0x45}], 0xaaaaaaaaaaaad9f, 0x17, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$inet6_udp(0xa, 0x2, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x12, {"a2e3ad21ed0d09f91b5b090987f70906d038e7ff7fc6e5539b0d3d0e8b089b323b6d07060890e0878f0e1ac6e7049b334a959b3e9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0931a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5bcd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39dd0000000039ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00b98e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d877a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
io_setup(0x202, 0x0) (async)
io_setup(0x202, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000001480), 0x48880, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet(0xffffffffffffffff, 0x0, 0x0) (async)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20004000)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r4, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x1}}) (async)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f0000000540)={0x5, 0x6dff, 0x3fb, 0x0, 0x12})

102.125359ms ago: executing program 4 (id=1989):
ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x7005)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000005000000bf0900000000000035090100000000009500000000000000b7020000000000007b9af8ff00000000d60900004ce801007baaf0ff00000000bf2700000000000007080000fffdffffbf940000000000000714aad84cecfd040000f0ffffff640200000800", @ANYRES32=r4, @ANYBLOB="0000000000000000b7050000080000004608f0ff76000000bf9800000000000056080000000000008500000005000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

0s ago: executing program 6 (id=1990):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\a\x00'], 0x50)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000240)=@assoc_value, &(0x7f0000000080)=0x8)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x1, 0xf6, 0xf0, '\x00', 0x6})
socket(0x10, 0x80002, 0x0)
setsockopt$sock_int(r2, 0x1, 0x22, &(0x7f00000000c0)=0xfffffffe, 0x4)
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000032680)=""/102392, 0x18ff8)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r5, 0x5421, &(0x7f00000000c0)=0x10000)
connect$inet(r5, &(0x7f0000001fc0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_int(r5, 0x6, 0x1, &(0x7f00000005c0), 0x4)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioperm(0x83, 0x6, 0x8)
mincore(&(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000000)=""/62)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000004c0)={0x1, 0x0, [{0x40000070, 0x0, 0x6}]})

kernel console output (not intermixed with test programs):

input/input40
[  512.030181][   T29] audit: type=1400 audit(1736172359.810:832): avc:  denied  { setattr } for  pid=12014 comm="syz.4.1500" path="pipe:[38504]" dev="pipefs" ino=38504 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[  512.084308][   T25] usb 3-1: USB disconnect, device number 56
[  512.448151][T12022] program syz.4.1500 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  512.538364][T12032] Process accounting resumed
[  512.580317][T12036] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[  512.642601][T12039] netlink: 'syz.6.1505': attribute type 8 has an invalid length.
[  512.684905][T12039] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1505'.
[  513.451741][ T1885] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  513.521853][ T5868] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  513.544742][T12063] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1515'.
[  513.554877][T12063] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1515'.
[  513.605306][ T1885] usb 3-1: Using ep0 maxpacket: 8
[  513.625546][ T1885] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  513.649580][ T1885] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  513.667796][ T1885] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 239, changing to 11
[  513.685637][ T5868] usb 5-1: config 1 has an invalid descriptor of length 136, skipping remainder of the config
[  513.709695][ T1885] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 9059, setting to 1024
[  513.712235][ T5868] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  513.728466][ T1885] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  513.743050][ T5868] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  513.752922][ T5868] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  513.760932][ T5868] usb 5-1: SerialNumber: syz
[  513.787305][ T1885] usb 3-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  513.797581][ T1885] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.809809][ T1885] usb 3-1: Product: syz
[  513.815135][ T1885] usb 3-1: Manufacturer: syz
[  513.819894][ T1885] usb 3-1: SerialNumber: syz
[  513.830542][ T1885] usb 3-1: config 0 descriptor??
[  513.973425][ T1885] rc_core: IR keymap rc-imon-rsc not found
[  513.979269][ T1885] Registered IR keymap rc-empty
[  513.987811][ T1885] rc rc0: iMON Station as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  514.003145][   T25] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  514.008419][ T1885] input: iMON Station as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input41
[  514.059863][   T47] usb 3-1: USB disconnect, device number 57
[  514.157540][ T5868] usb 5-1: 0:2 : does not exist
[  514.162659][   T25] usb 2-1: Using ep0 maxpacket: 8
[  514.171473][ T5868] usb 5-1: unit 5 not found!
[  514.176366][   T25] usb 2-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  514.193387][ T5868] usb 5-1: USB disconnect, device number 47
[  514.199459][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.220191][   T25] usb 2-1: config 0 descriptor??
[  514.242789][    T8] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  514.403227][    T8] usb 6-1: config 0 has no interfaces?
[  514.408813][    T8] usb 6-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00
[  514.418940][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.429048][    T8] usb 6-1: config 0 descriptor??
[  514.435074][T12070] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  514.444609][T12070] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  514.454582][   T25] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  514.469363][   T25] asix 2-1:0.0: probe with driver asix failed with error -71
[  514.481575][   T25] usb 2-1: USB disconnect, device number 63
[  514.690883][T12077] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  514.699969][T12077] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  514.709738][    T8] usb 6-1: string descriptor 0 read error: -71
[  514.718067][    T8] usb 6-1: USB disconnect, device number 52
[  516.351752][    T8] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[  516.766352][ T1885] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  517.076738][ T1885] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  517.085565][ T1885] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  517.095872][ T1885] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  517.151019][ T1885] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  517.212784][ T1885] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  517.284975][ T1885] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  517.319272][ T1885] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  517.361969][ T1885] usb 2-1: Product: syz
[  517.366786][ T1885] usb 2-1: Manufacturer: syz
[  517.517915][ T1885] cdc_wdm 2-1:1.0: skipping garbage
[  517.528743][ T1885] cdc_wdm 2-1:1.0: skipping garbage
[  517.599079][T12115] FAULT_INJECTION: forcing a failure.
[  517.599079][T12115] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  517.617773][ T1885] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  517.649984][T12115] CPU: 1 UID: 0 PID: 12115 Comm: syz.2.1532 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  517.654209][ T1885] cdc_wdm 2-1:1.0: Unknown control protocol
[  517.660773][T12115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  517.660789][T12115] Call Trace:
[  517.660796][T12115]  <TASK>
[  517.660804][T12115]  dump_stack_lvl+0x16c/0x1f0
[  517.660836][T12115]  should_fail_ex+0x497/0x5b0
[  517.692310][T12115]  _copy_to_user+0x32/0xd0
[  517.696754][T12115]  simple_read_from_buffer+0xd0/0x160
[  517.702154][T12115]  proc_fail_nth_read+0x198/0x270
[  517.707208][T12115]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  517.712786][T12115]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  517.718356][T12115]  vfs_read+0x1df/0xbe0
[  517.722529][T12115]  ? __fget_files+0x1fc/0x3a0
[  517.727260][T12115]  ? __pfx___mutex_lock+0x10/0x10
[  517.732303][T12115]  ? __pfx_vfs_read+0x10/0x10
[  517.736994][T12115]  ? __fget_files+0x206/0x3a0
[  517.741681][T12115]  ksys_read+0x12b/0x250
[  517.745930][T12115]  ? __pfx_ksys_read+0x10/0x10
[  517.750706][T12115]  do_syscall_64+0xcd/0x250
[  517.755214][T12115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  517.761126][T12115] RIP: 0033:0x7f82e558473c
[  517.765535][T12115] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  517.785168][T12115] RSP: 002b:00007f82e639c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  517.793611][T12115] RAX: ffffffffffffffda RBX: 00007f82e5775fa0 RCX: 00007f82e558473c
[  517.801577][T12115] RDX: 000000000000000f RSI: 00007f82e639c0a0 RDI: 0000000000000003
[  517.809541][T12115] RBP: 00007f82e639c090 R08: 0000000000000000 R09: 0000000000000000
[  517.817506][T12115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  517.825471][T12115] R13: 0000000000000000 R14: 00007f82e5775fa0 R15: 00007ffdbbd68e98
[  517.833454][T12115]  </TASK>
[  517.883938][T12094] tmpfs: Invalid uid '0x00000000ffffffff'
[  518.125637][T12124] netdevsim netdevsim5: Direct firmware load for ./file0 failed with error -2
[  518.294970][T12124] netdevsim netdevsim5: Falling back to sysfs fallback for: ./file0
[  518.310072][T12118] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  518.320565][T12118] SELinux: failed to load policy
[  518.427074][   T29] audit: type=1400 audit(1736172366.090:833): avc:  denied  { load_policy } for  pid=12117 comm="syz.5.1531" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  518.447278][    C0] vkms_vblank_simulate: vblank timer overrun
[  518.804770][T12130] No control pipe specified
[  519.091791][ T1885] usb 7-1: new high-speed USB device number 61 using dummy_hcd
[  519.132957][   T25] usb 2-1: USB disconnect, device number 64
[  519.253035][ T1885] usb 7-1: Using ep0 maxpacket: 16
[  519.262390][ T1885] usb 7-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  519.294351][ T1885] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  519.316206][ T1885] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 152, changing to 11
[  519.337584][ T1885] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid maxpacket 8285, setting to 1024
[  519.349344][ T1885] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  519.785812][ T1885] usb 7-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  519.795030][ T1885] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=1
[  519.803652][ T1885] usb 7-1: Product: syz
[  519.807875][ T1885] usb 7-1: Manufacturer: syz
[  519.812692][ T1885] usb 7-1: SerialNumber: syz
[  519.822354][ T1885] usb 7-1: config 0 descriptor??
[  520.812687][ T1885] appledisplay 7-1:0.0: Error while getting initial brightness: -110
[  520.831837][T12130] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  520.832062][ T1885] appledisplay 7-1:0.0: probe with driver appledisplay failed with error -110
[  520.840398][T12130] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  521.739157][ T5868] usb 7-1: USB disconnect, device number 61
[  522.111828][   T29] audit: type=1400 audit(1736172369.890:834): avc:  denied  { write } for  pid=12152 comm="syz.4.1537" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  523.025655][   T29] audit: type=1400 audit(1736172370.680:835): avc:  denied  { ioctl } for  pid=12146 comm="syz.1.1540" path="socket:[37606]" dev="sockfs" ino=37606 ioctlcmd=0x89f0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  523.491913][   T47] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  523.992598][   T47] usb 6-1: Using ep0 maxpacket: 16
[  523.999354][   T47] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  524.013167][   T47] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  524.025046][ T5819] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  524.034213][   T47] usb 6-1: New USB device found, idVendor=02ac, idProduct=8200, bcdDevice= 0.00
[  524.036238][ T5819] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  524.054611][ T5819] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  524.061785][   T47] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.132121][ T5819] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  524.141933][ T5819] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  524.149318][ T5819] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  524.171367][   T47] usb 6-1: config 0 descriptor??
[  524.532129][T12170] chnl_net:caif_netlink_parms(): no params data found
[  524.723603][T12170] bridge0: port 1(bridge_slave_0) entered blocking state
[  524.741927][T12170] bridge0: port 1(bridge_slave_0) entered disabled state
[  524.777513][T12170] bridge_slave_0: entered allmulticast mode
[  524.788059][T12170] bridge_slave_0: entered promiscuous mode
[  524.800506][T12170] bridge0: port 2(bridge_slave_1) entered blocking state
[  524.808212][T12170] bridge0: port 2(bridge_slave_1) entered disabled state
[  524.815550][T12170] bridge_slave_1: entered allmulticast mode
[  524.822372][T12170] bridge_slave_1: entered promiscuous mode
[  524.855159][T12170] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  524.869245][T12170] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  524.907506][T12200] tun0: tun_chr_ioctl cmd 1074025675
[  524.912877][T12200] tun0: persist disabled
[  525.857175][   T47] usb 7-1: new high-speed USB device number 62 using dummy_hcd
[  525.901974][T12199] tun0: tun_chr_ioctl cmd 1074025675
[  525.907306][T12199] tun0: persist enabled
[  526.951927][ T5834] Bluetooth: hci2: command tx timeout
[  526.983589][T12170] team0: Port device team_slave_0 added
[  526.995986][   T47] usb 7-1: Using ep0 maxpacket: 16
[  527.006088][T12170] team0: Port device team_slave_1 added
[  527.023032][   T47] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  527.073651][   T47] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  527.101574][   T47] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  527.126580][   T47] usb 7-1: Product: syz
[  527.134418][T12170] batman_adv: batadv0: Adding interface: batadv_slave_0
[  527.141384][T12170] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  527.143841][   T47] usb 7-1: Manufacturer: syz
[  527.173045][T12170] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  527.184797][T12170] batman_adv: batadv0: Adding interface: batadv_slave_1
[  527.192056][T12170] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  527.218307][T12170] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  527.371048][   T47] usb 7-1: SerialNumber: syz
[  527.702998][   T47] usb 7-1: config 0 descriptor??
[  527.723695][   T47] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  527.733174][   T47] em28xx 7-1:0.0: DVB interface 0 found: bulk
[  527.838158][   T29] audit: type=1404 audit(1736172375.620:836): enforcing=1 old_enforcing=0 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  527.842839][T12170] hsr_slave_0: entered promiscuous mode
[  528.041828][   T29] audit: type=1404 audit(1736172375.810:837): enforcing=0 old_enforcing=1 auid=4294967295 ses=4294967295 enabled=1 old-enabled=1 lsm=selinux res=1
[  528.063120][T12170] hsr_slave_1: entered promiscuous mode
[  528.146545][T12170] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  528.148874][T12196] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  528.155876][T12170] Cannot create hsr debugfs directory
[  528.190556][   T29] audit: type=1400 audit(1736172375.930:838): avc:  denied  { read write } for  pid=12195 comm="syz.6.1553" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  528.227525][T12196] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  528.367826][   T29] audit: type=1400 audit(1736172375.930:839): avc:  denied  { open } for  pid=12195 comm="syz.6.1553" path="/dev/raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  528.414347][   T29] audit: type=1400 audit(1736172375.930:840): avc:  denied  { ioctl } for  pid=12195 comm="syz.6.1553" path="/dev/raw-gadget" dev="devtmpfs" ino=820 ioctlcmd=0x5500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  528.735831][ T5901] usb 6-1: USB disconnect, device number 54
[  528.738811][   T29] audit: type=1400 audit(1736172376.510:841): avc:  denied  { read write } for  pid=6015 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  528.771780][   T29] audit: type=1400 audit(1736172376.510:842): avc:  denied  { open } for  pid=6015 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  528.791703][ T1885] usb 5-1: new full-speed USB device number 48 using dummy_hcd
[  528.796251][   T29] audit: type=1400 audit(1736172376.510:843): avc:  denied  { ioctl } for  pid=6015 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=652 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  528.829253][   T29] audit: type=1400 audit(1736172376.600:844): avc:  denied  { create } for  pid=12217 comm="syz.5.1557" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  528.849900][   T29] audit: type=1400 audit(1736172376.600:845): avc:  denied  { write } for  pid=12217 comm="syz.5.1557" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  528.927501][T12170] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  528.936058][   T47] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[  528.937863][T12170] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  528.957309][ T1885] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  528.969271][ T1885] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  528.985367][ T1885] usb 5-1: New USB device found, idVendor=056a, idProduct=0309, bcdDevice= 0.00
[  528.993766][T12170] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  528.998351][ T1885] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  529.015320][T12170] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  529.017533][ T1885] usb 5-1: config 0 descriptor??
[  529.034785][ T5834] Bluetooth: hci2: command tx timeout
[  529.188791][T12170] 8021q: adding VLAN 0 to HW filter on device bond0
[  529.236965][T12170] 8021q: adding VLAN 0 to HW filter on device team0
[  529.248509][ T8170] bridge0: port 1(bridge_slave_0) entered blocking state
[  529.255667][ T8170] bridge0: port 1(bridge_slave_0) entered forwarding state
[  529.306378][T12170] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  529.317168][T12170] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  529.626590][ T8170] bridge0: port 2(bridge_slave_1) entered blocking state
[  529.633732][ T8170] bridge0: port 2(bridge_slave_1) entered forwarding state
[  529.655339][ T1885] usb 5-1: string descriptor 0 read error: -71
[  529.679111][ T1885] usbhid 5-1:0.0: can't add hid device: -71
[  529.703356][ T1885] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  529.802971][ T1885] usb 5-1: USB disconnect, device number 48
[  529.881709][   T47] em28xx 7-1:0.0: failed to get i2c transfer status from bridge register (error=-5)
[  529.917557][   T47] em28xx 7-1:0.0: board has no eeprom
[  530.085965][T12170] 8021q: adding VLAN 0 to HW filter on device batadv0
[  530.131830][   T47] em28xx 7-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  530.148511][   T47] em28xx 7-1:0.0: dvb set to bulk mode.
[  530.190570][   T25] em28xx 7-1:0.0: Binding DVB extension
[  530.229109][   T47] usb 7-1: USB disconnect, device number 62
[  530.282610][   T47] em28xx 7-1:0.0: Disconnecting em28xx
[  530.414063][   T25] em28xx 7-1:0.0: Registering input extension
[  530.447962][   T47] em28xx 7-1:0.0: Closing input extension
[  530.648027][   T47] em28xx 7-1:0.0: Freeing device
[  530.753932][T12170] veth0_vlan: entered promiscuous mode
[  530.787734][T12170] veth1_vlan: entered promiscuous mode
[  530.830399][T12170] veth0_macvtap: entered promiscuous mode
[  530.846269][T12170] veth1_macvtap: entered promiscuous mode
[  530.924929][T12170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  530.957805][T12170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  531.154026][T12270] syz.5.1570: attempt to access beyond end of device
[  531.154026][T12270] nbd5: rw=0, sector=1, nr_sectors = 1 limit=0
[  531.166956][T12270] qnx4: unable to read the superblock
[  531.174562][ T5834] Bluetooth: hci2: command tx timeout
[  531.994400][T12170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.080934][T12272] overlay: ./file0 is not a directory
[  532.125654][T12170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.241877][T12170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.325602][T12273] overlay: ./file0 is not a directory
[  532.453230][T12170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.463252][T12170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.480167][T12170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.480745][T12271] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  532.490380][T12170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  532.507297][T12170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.519379][T12170] batman_adv: batadv0: Interface activated: batadv_slave_0
[  532.532853][T12170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.543418][T12170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.553425][T12170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.563959][T12170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.574425][T12170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.585269][T12170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.595284][T12170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.605832][T12170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.615934][T12170] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  532.626615][T12170] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  532.639726][T12170] batman_adv: batadv0: Interface activated: batadv_slave_1
[  532.649640][T12170] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  532.658569][T12170] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  532.667403][T12170] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  532.676627][T12170] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  532.914407][ T8172] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  532.931117][ T8172] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  533.158251][   T29] kauditd_printk_skb: 63 callbacks suppressed
[  533.158290][   T29] audit: type=1400 audit(1736172380.790:909): avc:  denied  { create } for  pid=12275 comm="syz.5.1572" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  533.278548][ T5834] Bluetooth: hci2: command tx timeout
[  533.549965][   T29] audit: type=1400 audit(1736172380.790:910): avc:  denied  { map } for  pid=12275 comm="syz.5.1572" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=40187 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  533.599105][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  533.687904][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  533.714095][   T29] audit: type=1400 audit(1736172380.790:911): avc:  denied  { read write } for  pid=12275 comm="syz.5.1572" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=40187 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  533.940593][   T29] audit: type=1400 audit(1736172381.580:912): avc:  denied  { mounton } for  pid=12170 comm="syz-executor" path="/root/syzkaller.orUsZ0/syz-tmp" dev="sda1" ino=1956 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  534.004593][   T29] audit: type=1400 audit(1736172381.580:913): avc:  denied  { mount } for  pid=12170 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  534.027808][   T29] audit: type=1400 audit(1736172381.580:914): avc:  denied  { mount } for  pid=12170 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  534.050308][   T29] audit: type=1400 audit(1736172381.610:915): avc:  denied  { mounton } for  pid=12170 comm="syz-executor" path="/root/syzkaller.orUsZ0/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  534.079200][   T29] audit: type=1400 audit(1736172381.610:916): avc:  denied  { mounton } for  pid=12170 comm="syz-executor" path="/root/syzkaller.orUsZ0/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=40994 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  534.123733][   T29] audit: type=1400 audit(1736172381.650:917): avc:  denied  { unmount } for  pid=12170 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  534.192036][   T29] audit: type=1400 audit(1736172381.660:918): avc:  denied  { mounton } for  pid=12170 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2724 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  535.402426][T12302] netlink: 'syz.5.1574': attribute type 10 has an invalid length.
[  535.411989][T12302] batman_adv: batadv0: Local translation table size (68) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  535.428989][T12302] batman_adv: batadv0: Local translation table size (68) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  535.445041][T12302] 8021q: adding VLAN 0 to HW filter on device batadv0
[  535.456610][T12302] batman_adv: batadv0: Local translation table size (76) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:17
[  535.499538][T12302] batman_adv: batadv0: Local translation table size (68) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  535.544397][T12302] batman_adv: batadv0: Local translation table size (68) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[  535.595138][T12298] syzkaller1: entered promiscuous mode
[  535.600900][T12298] syzkaller1: entered allmulticast mode
[  536.025196][T12319] netlink: 'syz.1.1580': attribute type 10 has an invalid length.
[  536.366578][T12307] x_tables: ip6_tables: DNPT target: used from hooks FORWARD, but only usable from PREROUTING/OUTPUT
[  536.935561][T12334] 9pnet_fd: Insufficient options for proto=fd
[  537.896043][T12344] FAULT_INJECTION: forcing a failure.
[  537.896043][T12344] name failslab, interval 1, probability 0, space 0, times 0
[  537.911214][T12344] CPU: 0 UID: 0 PID: 12344 Comm: syz.1.1588 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  537.922018][T12344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  537.932077][T12344] Call Trace:
[  537.935357][T12344]  <TASK>
[  537.938290][T12344]  dump_stack_lvl+0x16c/0x1f0
[  537.942980][T12344]  should_fail_ex+0x497/0x5b0
[  537.947648][T12344]  ? fs_reclaim_acquire+0xae/0x150
[  537.952757][T12344]  should_failslab+0xc2/0x120
[  537.957459][T12344]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  537.963290][T12344]  ? __alloc_skb+0x2b1/0x380
[  537.967898][T12344]  __alloc_skb+0x2b1/0x380
[  537.972318][T12344]  ? __pfx___alloc_skb+0x10/0x10
[  537.977259][T12344]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  537.983247][T12344]  netlink_alloc_large_skb+0x69/0x130
[  537.988617][T12344]  netlink_sendmsg+0x689/0xd70
[  537.993379][T12344]  ? __pfx_netlink_sendmsg+0x10/0x10
[  537.998672][T12344]  ____sys_sendmsg+0xaaf/0xc90
[  538.003441][T12344]  ? copy_msghdr_from_user+0x10b/0x160
[  538.008897][T12344]  ? __pfx_____sys_sendmsg+0x10/0x10
[  538.014197][T12344]  ___sys_sendmsg+0x135/0x1e0
[  538.018882][T12344]  ? __pfx____sys_sendmsg+0x10/0x10
[  538.024081][T12344]  ? __pfx_lock_release+0x10/0x10
[  538.029099][T12344]  ? trace_lock_acquire+0x14e/0x1f0
[  538.034304][T12344]  ? __fget_files+0x206/0x3a0
[  538.038983][T12344]  __sys_sendmsg+0x16e/0x220
[  538.043567][T12344]  ? __pfx___sys_sendmsg+0x10/0x10
[  538.048685][T12344]  do_syscall_64+0xcd/0x250
[  538.053190][T12344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.059094][T12344] RIP: 0033:0x7f5fa5785d29
[  538.063504][T12344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.083106][T12344] RSP: 002b:00007f5fa6530038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  538.091512][T12344] RAX: ffffffffffffffda RBX: 00007f5fa5975fa0 RCX: 00007f5fa5785d29
[  538.099476][T12344] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  538.107445][T12344] RBP: 00007f5fa6530090 R08: 0000000000000000 R09: 0000000000000000
[  538.115414][T12344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  538.123377][T12344] R13: 0000000000000000 R14: 00007f5fa5975fa0 R15: 00007ffe98af2208
[  538.131351][T12344]  </TASK>
[  538.243793][T12347] syzkaller1: entered promiscuous mode
[  538.244598][   T29] kauditd_printk_skb: 48 callbacks suppressed
[  538.244614][   T29] audit: type=1400 audit(1736172386.030:967): avc:  denied  { ioctl } for  pid=12346 comm="syz.5.1589" path="socket:[40398]" dev="sockfs" ino=40398 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  538.249285][T12347] syzkaller1: entered allmulticast mode
[  538.353457][   T29] audit: type=1400 audit(1736172386.140:968): avc:  denied  { create } for  pid=12345 comm="syz.4.1590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  538.428661][T12350] Cannot find add_set index 0 as target
[  538.447852][   T29] audit: type=1400 audit(1736172386.170:969): avc:  denied  { connect } for  pid=12345 comm="syz.4.1590" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  538.535866][   T29] audit: type=1400 audit(1736172386.210:970): avc:  denied  { write } for  pid=12345 comm="syz.4.1590" path="socket:[41102]" dev="sockfs" ino=41102 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  538.711911][ T5901] usb 7-1: new high-speed USB device number 63 using dummy_hcd
[  538.720106][ T1885] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  538.786962][   T29] audit: type=1400 audit(1736172386.560:971): avc:  denied  { name_bind } for  pid=12359 comm="syz.7.1593" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  538.810173][   T29] audit: type=1400 audit(1736172386.570:972): avc:  denied  { node_bind } for  pid=12359 comm="syz.7.1593" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  538.900008][T12366] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  538.906929][ T5901] usb 7-1: Using ep0 maxpacket: 8
[  538.912162][ T1885] usb 5-1: Using ep0 maxpacket: 16
[  538.919391][ T1885] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  538.930948][ T5901] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  538.942670][ T1885] usb 5-1: New USB device found, idVendor=044f, idProduct=b300, bcdDevice= 0.00
[  538.951888][ T5901] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  538.961412][ T1885] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  538.969683][ T5901] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  538.981207][ T1885] usb 5-1: config 0 descriptor??
[  538.990956][ T5901] usb 7-1: config 0 descriptor??
[  539.147640][T12369] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1595'.
[  539.213878][ T5901] iowarrior 7-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  539.300375][   T29] audit: type=1400 audit(1736172387.080:973): avc:  denied  { setopt } for  pid=12372 comm="syz.5.1597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  539.302123][T12373] No buffer was provided with the request
[  539.339255][   T29] audit: type=1400 audit(1736172387.080:974): avc:  denied  { create } for  pid=12372 comm="syz.5.1597" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  539.404691][   T29] audit: type=1400 audit(1736172387.180:975): avc:  denied  { write } for  pid=12353 comm="syz.6.1591" name="iowarrior0" dev="devtmpfs" ino=3376 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  539.439677][ T1885] thrustmaster 0003:044F:B300.001D: hidraw0: USB HID v0.00 Device [HID 044f:b300] on usb-dummy_hcd.4-1/input0
[  539.476425][ T1885] thrustmaster 0003:044F:B300.001D: no inputs found
[  539.494288][ T5868] usb 2-1: new full-speed USB device number 65 using dummy_hcd
[  539.613174][   T29] audit: type=1400 audit(1736172387.400:976): avc:  denied  { read write } for  pid=12374 comm="syz.5.1598" name="fuse" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  539.646723][ T1885] usb 7-1: USB disconnect, device number 63
[  539.684056][T12348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  539.716199][ T5868] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  539.740251][ T5868] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  539.752060][T12348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  539.765186][ T5868] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 10
[  539.774991][T12348] pim6reg: entered allmulticast mode
[  539.791666][ T5868] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 65535, setting to 64
[  539.798175][T12380] 9pnet_fd: Insufficient options for proto=fd
[  539.811790][ T5868] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  539.834494][ T5868] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  539.837506][ T5901] usb 5-1: USB disconnect, device number 49
[  539.852255][ T5868] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  539.997364][ T5868] usb 2-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  540.006568][ T5868] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.014726][ T5868] usb 2-1: Product: syz
[  540.019043][ T5868] usb 2-1: Manufacturer: syz
[  540.023866][ T5868] usb 2-1: SerialNumber: syz
[  540.030518][ T5868] usb 2-1: config 0 descriptor??
[  540.036250][T12371] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  540.046174][ T5868] ati_remote 2-1:0.0: Initializing ati_remote hardware failed.
[  540.054978][ T5868] ati_remote 2-1:0.0: probe with driver ati_remote failed with error -5
[  540.257746][T12371] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  540.277529][T12371] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  540.445447][T12397] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  541.449939][T12410] batman_adv: batadv0: Adding interface: ip6gretap1
[  541.476251][T12410] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  541.487566][T12414] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1608'.
[  541.505520][T12410] batman_adv: batadv0: Interface activated: ip6gretap1
[  541.522243][T12414] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1608'.
[  541.611935][    T9] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[  541.800278][    T9] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  541.841723][    T9] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  541.884457][    T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  541.929354][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  541.981045][    T9] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  542.008558][    T9] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  542.018845][    T9] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  542.034409][    T9] usb 6-1: Product: syz
[  542.040419][    T9] usb 6-1: Manufacturer: syz
[  542.079937][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  542.214752][    T9] cdc_wdm 6-1:1.0: skipping garbage
[  542.259714][    T9] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  542.283925][   T47] usb 2-1: USB disconnect, device number 65
[  542.455058][    T9] cdc_wdm 6-1:1.0: Unknown control protocol
[  542.583406][T12412] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  542.621790][ T5868] usb 5-1: new high-speed USB device number 50 using dummy_hcd
[  542.643151][T12426] netlink: 'syz.7.1612': attribute type 10 has an invalid length.
[  542.658056][T12412] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  542.686632][T12426] 8021q: adding VLAN 0 to HW filter on device batadv0
[  542.947553][    T9] usb 6-1: USB disconnect, device number 55
[  543.023972][ T5868] usb 5-1: Using ep0 maxpacket: 8
[  543.053009][ T5868] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  543.067808][ T5868] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  543.098593][ T5868] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  543.169254][ T5868] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[  543.197994][ T5868] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  543.212886][ T5868] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  543.231377][ T5868] usb 5-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  543.240841][ T5868] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  543.250640][ T5868] usb 5-1: Product: syz
[  543.255458][ T5868] usb 5-1: Manufacturer: syz
[  543.265242][ T5868] usb 5-1: SerialNumber: syz
[  543.296078][ T5868] usb 5-1: config 0 descriptor??
[  543.307669][T12420] raw-gadget.3 gadget.4: fail, usb_ep_enable returned -22
[  543.339944][T12438] 9pnet_fd: Insufficient options for proto=fd
[  543.392053][T12441] FAULT_INJECTION: forcing a failure.
[  543.392053][T12441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  543.405438][T12441] CPU: 1 UID: 0 PID: 12441 Comm: syz.6.1618 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  543.416225][T12441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  543.426292][T12441] Call Trace:
[  543.429578][T12441]  <TASK>
[  543.432515][T12441]  dump_stack_lvl+0x16c/0x1f0
[  543.437206][T12441]  should_fail_ex+0x497/0x5b0
[  543.441900][T12441]  _copy_from_iter+0x2a1/0x1560
[  543.446769][T12441]  ? trace_lock_acquire+0x14e/0x1f0
[  543.451985][T12441]  ? __pfx__copy_from_iter+0x10/0x10
[  543.457289][T12441]  ? __virt_addr_valid+0x1a4/0x590
[  543.462425][T12441]  ? __virt_addr_valid+0x5e/0x590
[  543.467466][T12441]  ? __phys_addr_symbol+0x30/0x80
[  543.472503][T12441]  ? __check_object_size+0x488/0x710
[  543.477806][T12441]  netlink_sendmsg+0x813/0xd70
[  543.482613][T12441]  ? __pfx_netlink_sendmsg+0x10/0x10
[  543.487931][T12441]  ____sys_sendmsg+0xaaf/0xc90
[  543.492711][T12441]  ? copy_msghdr_from_user+0x10b/0x160
[  543.498176][T12441]  ? __pfx_____sys_sendmsg+0x10/0x10
[  543.503488][T12441]  ___sys_sendmsg+0x135/0x1e0
[  543.508195][T12441]  ? __pfx____sys_sendmsg+0x10/0x10
[  543.513424][T12441]  ? __fget_files+0x206/0x3a0
[  543.518118][T12441]  __sys_sendmsg+0x16e/0x220
[  543.522718][T12441]  ? __pfx___sys_sendmsg+0x10/0x10
[  543.527851][T12441]  do_syscall_64+0xcd/0x250
[  543.532376][T12441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.538283][T12441] RIP: 0033:0x7f15ed985d29
[  543.542707][T12441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.562329][T12441] RSP: 002b:00007f15ee7a0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  543.570753][T12441] RAX: ffffffffffffffda RBX: 00007f15edb75fa0 RCX: 00007f15ed985d29
[  543.578731][T12441] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  543.586728][T12441] RBP: 00007f15ee7a0090 R08: 0000000000000000 R09: 0000000000000000
[  543.594715][T12441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  543.602695][T12441] R13: 0000000000000000 R14: 00007f15edb75fa0 R15: 00007ffe913c7258
[  543.610700][T12441]  </TASK>
[  543.642071][   T29] kauditd_printk_skb: 33 callbacks suppressed
[  543.642091][   T29] audit: type=1400 audit(1736172391.400:1010): avc:  denied  { create } for  pid=12435 comm="syz.7.1616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  543.816724][   T29] audit: type=1400 audit(1736172391.400:1011): avc:  denied  { setopt } for  pid=12435 comm="syz.7.1616" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  543.854207][   T29] audit: type=1400 audit(1736172391.640:1012): avc:  denied  { create } for  pid=12445 comm="syz.6.1619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  543.983838][   T29] audit: type=1400 audit(1736172391.770:1013): avc:  denied  { bind } for  pid=12445 comm="syz.6.1619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  544.052648][   T29] audit: type=1400 audit(1736172391.840:1014): avc:  denied  { create } for  pid=12456 comm="syz.5.1622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  544.269400][   T29] audit: type=1326 audit(1736172392.050:1015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12459 comm="syz.7.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d585d29 code=0x7ffc0000
[  544.292021][T12462] usb usb4: usbfs: process 12462 (syz.1.1624) did not claim interface 0 before use
[  544.292901][    C1] vkms_vblank_simulate: vblank timer overrun
[  544.329188][   T29] audit: type=1326 audit(1736172392.050:1016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12459 comm="syz.7.1623" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdf4d585d29 code=0x7ffc0000
[  544.382359][T12464] netlink: 'syz.1.1624': attribute type 10 has an invalid length.
[  544.583606][T12460] SELinux:  Context system_u:object_r:devicekit_disk_exec_t:s0 is not valid (left unmapped).
[  544.634438][T12459] mmap: syz.7.1623 (12459): VmData 37523456 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  544.861704][   T29] audit: type=1400 audit(1736172392.070:1017): avc:  denied  { bind } for  pid=12461 comm="syz.1.1624" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  544.902119][T12464] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  544.915441][   T29] audit: type=1400 audit(1736172392.150:1018): avc:  denied  { create } for  pid=12456 comm="syz.5.1622" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  544.941856][T12464] team0: Failed to send options change via netlink (err -105)
[  544.972135][T12464] team0: Port device netdevsim0 added
[  544.981970][   T29] audit: type=1400 audit(1736172392.150:1019): avc:  denied  { write } for  pid=12456 comm="syz.5.1622" path="socket:[41408]" dev="sockfs" ino=41408 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  545.043352][ T8170] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  545.340471][T12478] netlink: 830 bytes leftover after parsing attributes in process `syz.6.1626'.
[  545.951912][ T5868] rc_core: IR keymap rc-snapstream-firefly not found
[  545.958668][ T5868] Registered IR keymap rc-empty
[  545.964222][ T5868] rc rc0: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  545.978335][ T5868] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input45
[  546.074852][ T5868] input: syz syz mouse as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input46
[  546.106351][ T5868] usb 5-1: USB disconnect, device number 50
[  546.112350][    C1] ati_remote 5-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19
[  546.163366][T12485] FAULT_INJECTION: forcing a failure.
[  546.163366][T12485] name failslab, interval 1, probability 0, space 0, times 0
[  546.231795][T12485] CPU: 0 UID: 0 PID: 12485 Comm: syz.1.1629 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  546.242605][T12485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  546.252672][T12485] Call Trace:
[  546.255963][T12485]  <TASK>
[  546.258910][T12485]  dump_stack_lvl+0x16c/0x1f0
[  546.263610][T12485]  should_fail_ex+0x497/0x5b0
[  546.268319][T12485]  should_failslab+0xc2/0x120
[  546.273023][T12485]  kmem_cache_alloc_noprof+0x6e/0x3d0
[  546.278416][T12485]  ? skb_clone+0x190/0x3f0
[  546.282856][T12485]  skb_clone+0x190/0x3f0
[  546.287117][T12485]  netlink_deliver_tap+0xabd/0xd30
[  546.292258][T12485]  netlink_unicast+0x5e1/0x7f0
[  546.297063][T12485]  ? __pfx_netlink_unicast+0x10/0x10
[  546.302377][T12485]  netlink_sendmsg+0x8b8/0xd70
[  546.307155][T12485]  ? __pfx_netlink_sendmsg+0x10/0x10
[  546.312447][T12485]  ____sys_sendmsg+0xaaf/0xc90
[  546.317209][T12485]  ? copy_msghdr_from_user+0x10b/0x160
[  546.322663][T12485]  ? __pfx_____sys_sendmsg+0x10/0x10
[  546.327955][T12485]  ___sys_sendmsg+0x135/0x1e0
[  546.332626][T12485]  ? __pfx____sys_sendmsg+0x10/0x10
[  546.337826][T12485]  ? __pfx_lock_release+0x10/0x10
[  546.342847][T12485]  ? trace_lock_acquire+0x14e/0x1f0
[  546.348050][T12485]  ? __fget_files+0x206/0x3a0
[  546.352731][T12485]  __sys_sendmsg+0x16e/0x220
[  546.357320][T12485]  ? __pfx___sys_sendmsg+0x10/0x10
[  546.362443][T12485]  do_syscall_64+0xcd/0x250
[  546.366950][T12485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.372842][T12485] RIP: 0033:0x7f5fa5785d29
[  546.377270][T12485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.396886][T12485] RSP: 002b:00007f5fa6530038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  546.405303][T12485] RAX: ffffffffffffffda RBX: 00007f5fa5975fa0 RCX: 00007f5fa5785d29
[  546.413285][T12485] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  546.421274][T12485] RBP: 00007f5fa6530090 R08: 0000000000000000 R09: 0000000000000000
[  546.429249][T12485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  546.437215][T12485] R13: 0000000000000000 R14: 00007f5fa5975fa0 R15: 00007ffe98af2208
[  546.445202][T12485]  </TASK>
[  547.410018][T12513] netlink: 'syz.5.1636': attribute type 1 has an invalid length.
[  547.459832][T12513] bond2: entered promiscuous mode
[  547.548670][T12513] 8021q: adding VLAN 0 to HW filter on device bond2
[  547.693399][T12516] bond3: entered promiscuous mode
[  547.717221][T12516] 8021q: adding VLAN 0 to HW filter on device bond3
[  547.763522][T12516] bond2: (slave bond3): making interface the new active one
[  547.773018][T12516] bond2: (slave bond3): Enslaving as an active interface with an up link
[  548.343775][T12530] Bluetooth: hci1: Opcode 0x0401 failed: -4
[  548.388224][T12532] netlink: 'syz.4.1638': attribute type 10 has an invalid length.
[  548.541990][ T5901] usb 6-1: new full-speed USB device number 56 using dummy_hcd
[  548.650787][T12531] netlink: 'syz.7.1639': attribute type 10 has an invalid length.
[  548.787746][T12532] 8021q: adding VLAN 0 to HW filter on device batadv0
[  548.825589][T12531] 8021q: adding VLAN 0 to HW filter on device batadv0
[  548.840663][T12531] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  548.959907][ T5901] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  548.991781][ T5901] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  549.037612][ T5901] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  549.073667][ T5901] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  549.091676][ T5901] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  549.116689][   T29] kauditd_printk_skb: 28 callbacks suppressed
[  549.116705][   T29] audit: type=1400 audit(1736172396.900:1048): avc:  denied  { open } for  pid=12540 comm="syz.4.1645" path="/dev/ttyqc" dev="devtmpfs" ino=387 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bsdpty_device_t tclass=chr_file permissive=1
[  549.175806][ T5901] usb 6-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  549.185257][T12544] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.1643'.
[  549.205214][ T5901] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  549.205335][T12539] netlink: 16402 bytes leftover after parsing attributes in process `syz.6.1643'.
[  549.225379][ T5901] usb 6-1: Product: syz
[  549.244123][ T5901] usb 6-1: Manufacturer: syz
[  549.248765][ T5901] usb 6-1: SerialNumber: syz
[  549.272613][ T5901] usb 6-1: config 0 descriptor??
[  549.439495][   T29] audit: type=1400 audit(1736172397.220:1049): avc:  denied  { unlink } for  pid=12545 comm="syz.4.1646" name="#2a" dev="tmpfs" ino=177 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  549.462428][   T29] audit: type=1400 audit(1736172397.220:1050): avc:  denied  { mount } for  pid=12545 comm="syz.4.1646" name="/" dev="overlay" ino=172 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  549.504360][ T5901] radio-si470x 6-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  549.511180][ T5901] radio-si470x 6-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  549.513214][   T29] audit: type=1400 audit(1736172397.290:1051): avc:  denied  { write } for  pid=12548 comm="syz.7.1647" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  549.546564][   T29] audit: type=1400 audit(1736172397.330:1052): avc:  denied  { shutdown } for  pid=12548 comm="syz.7.1647" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  549.689718][ T5901] radio-si470x 6-1:0.0: software version 0, hardware version 0
[  549.697380][ T5901] radio-si470x 6-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  549.709809][ T5901] radio-si470x 6-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  549.725148][ T5901] radio-si470x 6-1:0.0: submitting int urb failed (-90)
[  549.985511][   T29] audit: type=1400 audit(1736172397.770:1053): avc:  denied  { unmount } for  pid=5822 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[  550.391763][ T5834] Bluetooth: hci1: command 0x0401 tx timeout
[  550.441865][   T29] audit: type=1400 audit(1736172398.220:1054): avc:  denied  { read write } for  pid=12527 comm="syz.5.1640" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  550.465589][   T29] audit: type=1400 audit(1736172398.220:1055): avc:  denied  { open } for  pid=12527 comm="syz.5.1640" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  550.525372][T12565] No control pipe specified
[  550.537865][ T5834] Bluetooth: hci1: unexpected event for opcode 0x0803
[  550.733746][ T5901] radio-si470x 6-1:0.0: si470x_get_report: usb_control_msg returned -32
[  550.750425][ T5901] radio-si470x 6-1:0.0: probe with driver radio-si470x failed with error -22
[  551.179104][ T5901] usb 6-1: USB disconnect, device number 56
[  551.463952][ T1885] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  551.633302][T12580] netlink: 'syz.7.1655': attribute type 10 has an invalid length.
[  551.776384][ T1885] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  551.926932][ T1885] usb 5-1: Dual-Role OTG device on HNP port
[  551.933737][ T1885] usb 5-1: New USB device found, idVendor=1a0a, idProduct=0102, bcdDevice=7a.b1
[  551.943732][ T1885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  551.952258][T12581] netlink: 'syz.6.1654': attribute type 10 has an invalid length.
[  551.981742][ T1885] usb 5-1: Product: syz
[  551.992484][T12581] mac80211_hwsim hwsim15 wlan1: entered promiscuous mode
[  552.009476][ T1885] usb 5-1: Manufacturer: syz
[  552.012571][T12579] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  552.033312][ T1885] usb 5-1: SerialNumber: syz
[  552.040129][ T1885] usb 5-1: config 0 descriptor??
[  552.047346][ T1885] usb_ehset_test 5-1:0.0: probe with driver usb_ehset_test failed with error -32
[  552.152441][   T29] audit: type=1400 audit(1736172399.940:1056): avc:  denied  { create } for  pid=12587 comm="syz.1.1658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  552.153204][T12588] netlink: 'syz.1.1658': attribute type 1 has an invalid length.
[  552.206853][   T29] audit: type=1400 audit(1736172399.990:1057): avc:  denied  { write } for  pid=12587 comm="syz.1.1658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  552.259157][T12573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  552.295705][T12573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  552.304849][T12588] 8021q: adding VLAN 0 to HW filter on device bond2
[  552.328947][T12573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  552.383794][T12573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  552.422740][T12573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  552.435682][T12573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  552.487716][T12573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  552.554419][T12573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  552.650736][T12573] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  552.682324][T12573] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  552.739819][ T1885] usb 5-1: USB disconnect, device number 51
[  552.930030][T12606] No control pipe specified
[  553.053776][T12608] FAULT_INJECTION: forcing a failure.
[  553.053776][T12608] name failslab, interval 1, probability 0, space 0, times 0
[  553.074838][T12608] CPU: 0 UID: 0 PID: 12608 Comm: syz.1.1663 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  553.085818][T12608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  553.095879][T12608] Call Trace:
[  553.099145][T12608]  <TASK>
[  553.102063][T12608]  dump_stack_lvl+0x16c/0x1f0
[  553.106742][T12608]  should_fail_ex+0x497/0x5b0
[  553.111407][T12608]  ? fs_reclaim_acquire+0xae/0x150
[  553.116503][T12608]  should_failslab+0xc2/0x120
[  553.121167][T12608]  kmem_cache_alloc_node_noprof+0x72/0x3c0
[  553.122472][T12611] libceph: resolve 'c' (ret=-3): failed
[  553.126960][T12608]  ? kasan_save_stack+0x42/0x60
[  553.137814][T12608]  ? __alloc_skb+0x2b1/0x380
[  553.142429][T12608]  __alloc_skb+0x2b1/0x380
[  553.146875][T12608]  ? __pfx___alloc_skb+0x10/0x10
[  553.151831][T12608]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.157940][T12608]  netlink_dump+0x699/0xd00
[  553.162524][T12608]  ? __pfx_netlink_dump+0x10/0x10
[  553.167584][T12608]  ? __asan_memset+0x23/0x50
[  553.172184][T12608]  ? genl_start+0x67d/0x960
[  553.176698][T12608]  __netlink_dump_start+0x6ca/0x970
[  553.181913][T12608]  genl_family_rcv_msg_dumpit+0x1e1/0x2e0
[  553.187630][T12608]  ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10
[  553.193869][T12608]  ? genl_op_from_small+0x25/0x440
[  553.198983][T12608]  ? __pfx_genl_get_cmd+0x10/0x10
[  553.204004][T12608]  ? __pfx_genl_start+0x10/0x10
[  553.208854][T12608]  ? __pfx_genl_dumpit+0x10/0x10
[  553.213791][T12608]  ? __pfx_genl_done+0x10/0x10
[  553.218562][T12608]  ? __radix_tree_lookup+0x21f/0x2c0
[  553.223856][T12608]  genl_rcv_msg+0x470/0x800
[  553.228357][T12608]  ? __pfx_genl_rcv_msg+0x10/0x10
[  553.233379][T12608]  ? __pfx_nl80211_dump_survey+0x10/0x10
[  553.239016][T12608]  netlink_rcv_skb+0x16b/0x440
[  553.243785][T12608]  ? __pfx_genl_rcv_msg+0x10/0x10
[  553.248804][T12608]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  553.254097][T12608]  ? down_read+0xc9/0x330
[  553.258427][T12608]  ? __pfx_down_read+0x10/0x10
[  553.263196][T12608]  ? netlink_deliver_tap+0x1ae/0xd30
[  553.268482][T12608]  genl_rcv+0x28/0x40
[  553.272468][T12608]  netlink_unicast+0x53c/0x7f0
[  553.277233][T12608]  ? __pfx_netlink_unicast+0x10/0x10
[  553.282525][T12608]  netlink_sendmsg+0x8b8/0xd70
[  553.287291][T12608]  ? __pfx_netlink_sendmsg+0x10/0x10
[  553.292590][T12608]  ____sys_sendmsg+0xaaf/0xc90
[  553.297354][T12608]  ? copy_msghdr_from_user+0x10b/0x160
[  553.302807][T12608]  ? __pfx_____sys_sendmsg+0x10/0x10
[  553.308115][T12608]  ___sys_sendmsg+0x135/0x1e0
[  553.312791][T12608]  ? __pfx____sys_sendmsg+0x10/0x10
[  553.317994][T12608]  ? __pfx_lock_release+0x10/0x10
[  553.323018][T12608]  ? trace_lock_acquire+0x14e/0x1f0
[  553.328221][T12608]  ? __fget_files+0x206/0x3a0
[  553.332903][T12608]  __sys_sendmsg+0x16e/0x220
[  553.337491][T12608]  ? __pfx___sys_sendmsg+0x10/0x10
[  553.342610][T12608]  do_syscall_64+0xcd/0x250
[  553.347114][T12608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.353006][T12608] RIP: 0033:0x7f5fa5785d29
[  553.357419][T12608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.377026][T12608] RSP: 002b:00007f5fa6530038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  553.385432][T12608] RAX: ffffffffffffffda RBX: 00007f5fa5975fa0 RCX: 00007f5fa5785d29
[  553.393394][T12608] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000003
[  553.401789][T12608] RBP: 00007f5fa6530090 R08: 0000000000000000 R09: 0000000000000000
[  553.409754][T12608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.417719][T12608] R13: 0000000000000000 R14: 00007f5fa5975fa0 R15: 00007ffe98af2208
[  553.425700][T12608]  </TASK>
[  554.143257][   T29] kauditd_printk_skb: 58 callbacks suppressed
[  554.143303][   T29] audit: type=1400 audit(1736172401.600:1116): avc:  denied  { write } for  pid=12620 comm="syz.5.1668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  555.260150][   T29] audit: type=1400 audit(1736172403.040:1117): avc:  denied  { bind } for  pid=12634 comm="syz.5.1673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  555.410903][   T29] audit: type=1400 audit(1736172403.070:1118): avc:  denied  { getopt } for  pid=12634 comm="syz.5.1673" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  555.550272][   T29] audit: type=1400 audit(1736172403.330:1119): avc:  denied  { create } for  pid=12640 comm="syz.1.1676" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  555.587562][T12637] syzkaller0: entered promiscuous mode
[  555.591677][   T29] audit: type=1400 audit(1736172403.370:1120): avc:  denied  { write } for  pid=12639 comm="syz.6.1674" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  555.622019][T12637] syzkaller0: entered allmulticast mode
[  555.654453][   T29] audit: type=1400 audit(1736172403.430:1121): avc:  denied  { connect } for  pid=12639 comm="syz.6.1674" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  555.752612][   T29] audit: type=1400 audit(1736172403.440:1122): avc:  denied  { ioctl } for  pid=12641 comm="syz.4.1675" path="anon_inode:[userfaultfd]" dev="anon_inodefs" ino=43089 ioctlcmd=0xaa3f scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  555.932014][   T29] audit: type=1400 audit(1736172403.650:1123): avc:  denied  { create } for  pid=12641 comm="syz.4.1675" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  556.595718][T12425] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  556.751816][T12425] usb 8-1: Using ep0 maxpacket: 8
[  556.765135][T12425] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  556.821854][T12425] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  556.940125][T12425] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  556.997776][T12425] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[  557.009460][T12425] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  557.051708][T12425] usb 8-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  557.077148][T12425] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  557.098397][T12425] usb 8-1: config 0 descriptor??
[  557.104579][T12658] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  557.382748][T12425] usb 8-1: USB disconnect, device number 2
[  557.391542][ T5834] Bluetooth: hci4: Opcode 0x0c03 failed: -71
[  558.415185][   T29] audit: type=1400 audit(1736172406.200:1124): avc:  denied  { watch } for  pid=12688 comm="syz.4.1687" path="/35" dev="tmpfs" ino=217 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  559.501782][ T5868] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  559.671741][ T5868] usb 8-1: Using ep0 maxpacket: 32
[  559.679276][ T5868] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  559.701321][ T5868] usb 8-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  559.725287][ T5868] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.733604][ T5868] usb 8-1: Product: syz
[  559.737880][ T5868] usb 8-1: Manufacturer: syz
[  559.747718][ T5868] usb 8-1: SerialNumber: syz
[  559.764275][ T5868] usb 8-1: config 0 descriptor??
[  559.770382][T12692] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  559.789843][ T5868] hub 8-1:0.0: bad descriptor, ignoring hub
[  559.798006][ T5868] hub 8-1:0.0: probe with driver hub failed with error -5
[  559.809252][ T5868] input: syz syz as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input47
[  560.003324][ T5868] usb 8-1: USB disconnect, device number 3
[  560.009160][    C1] usbtouchscreen 8-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  561.067902][   T29] audit: type=1400 audit(1736172408.850:1125): avc:  denied  { create } for  pid=12698 comm="syz.7.1690" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  561.751803][   T29] audit: type=1400 audit(1736172409.530:1126): avc:  denied  { read write } for  pid=12705 comm="syz.1.1692" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  561.802619][   T29] audit: type=1400 audit(1736172409.530:1127): avc:  denied  { open } for  pid=12705 comm="syz.1.1692" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  561.861707][   T29] audit: type=1400 audit(1736172409.530:1128): avc:  denied  { ioctl } for  pid=12705 comm="syz.1.1692" path="/dev/cachefiles" dev="devtmpfs" ino=4 ioctlcmd=0x4b4d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  562.458554][   T29] audit: type=1400 audit(1736172410.240:1129): avc:  denied  { setopt } for  pid=12724 comm="syz.7.1699" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  562.513486][ T1885] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  562.794730][    T9] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[  562.802729][ T1885] usb 2-1: device descriptor read/64, error -71
[  562.962908][T12733] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1700'.
[  563.230264][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  563.284328][    T9] usb 8-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  563.306494][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  563.314674][ T1885] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  563.337986][    T9] usb 8-1: Product: syz
[  563.405575][    T9] usb 8-1: Manufacturer: syz
[  563.520304][ T1885] usb 2-1: device descriptor read/64, error -71
[  563.537869][    T9] usb 8-1: SerialNumber: syz
[  563.554445][    T9] usb 8-1: config 0 descriptor??
[  563.689606][ T1885] usb usb2-port1: attempt power cycle
[  563.820739][T12737] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1701'.
[  564.540297][    T9] peak_usb 8-1:0.0: PEAK-System PCAN-USB FD v0 fw v0.0.0 (1 channels)
[  564.869489][    T9] peak_usb 8-1:0.0 can0: sending command failure: -22
[  564.886815][    T9] peak_usb 8-1:0.0 can0: sending command failure: -22
[  564.919306][    T9] peak_usb 8-1:0.0 can0: sending command failure: -22
[  564.968939][ T1885] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  565.119483][   T29] audit: type=1400 audit(1736172412.900:1130): avc:  denied  { execute } for  pid=12743 comm="syz.1.1704" path="/341/cpu.stat" dev="tmpfs" ino=1869 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  565.231667][ T1885] usb 2-1: device not accepting address 68, error -71
[  565.253661][    T9] peak_usb 8-1:0.0: probe with driver peak_usb failed with error -22
[  565.414276][    T9] usb 8-1: USB disconnect, device number 4
[  566.712906][   T29] audit: type=1400 audit(1736172414.190:1131): avc:  denied  { map } for  pid=12761 comm="syz.1.1710" path="/dev/video7" dev="devtmpfs" ino=949 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  566.822166][   T29] audit: type=1400 audit(1736172414.200:1132): avc:  denied  { connect } for  pid=12761 comm="syz.1.1710" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  567.021980][   T29] audit: type=1400 audit(1736172414.800:1133): avc:  denied  { read } for  pid=12771 comm="syz.4.1713" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  568.374840][   T29] audit: type=1400 audit(1736172414.800:1134): avc:  denied  { open } for  pid=12771 comm="syz.4.1713" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  568.417170][   T29] audit: type=1400 audit(1736172414.800:1135): avc:  denied  { ioctl } for  pid=12771 comm="syz.4.1713" path="/dev/rtc0" dev="devtmpfs" ino=921 ioctlcmd=0x7005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  568.638458][   T29] audit: type=1400 audit(1736172414.800:1136): avc:  denied  { name_bind } for  pid=12771 comm="syz.4.1713" src=516 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hi_reserved_port_t tclass=tcp_socket permissive=1
[  568.681731][   T29] audit: type=1400 audit(1736172415.430:1137): avc:  denied  { mount } for  pid=12777 comm="syz.1.1715" name="/" dev="pstore" ino=1992 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  568.704298][   T29] audit: type=1400 audit(1736172415.470:1138): avc:  denied  { read } for  pid=12777 comm="syz.1.1715" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  568.728073][   T29] audit: type=1400 audit(1736172415.470:1139): avc:  denied  { open } for  pid=12777 comm="syz.1.1715" path="/dev/fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  568.752091][   T29] audit: type=1400 audit(1736172416.140:1140): avc:  denied  { unmount } for  pid=5822 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  568.798913][T12784] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  568.831711][    T9] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  569.214167][    T9] usb 5-1: Using ep0 maxpacket: 32
[  569.273625][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  569.349139][    T9] usb 5-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=bf.99
[  569.379107][    T9] usb 5-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  569.556353][    T9] usb 5-1: Product: syz
[  569.562201][    T9] usb 5-1: SerialNumber: syz
[  569.815321][    T9] usb 5-1: config 0 descriptor??
[  570.049668][T12425] usb 5-1: USB disconnect, device number 52
[  570.479604][T12818] netlink: 830 bytes leftover after parsing attributes in process `syz.7.1726'.
[  570.994043][T12820] openvswitch: netlink: Unknown nsh attribute 0
[  571.002546][T12820] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  571.308848][T12831] netlink: 341 bytes leftover after parsing attributes in process `syz.7.1730'.
[  572.347917][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  572.347938][   T29] audit: type=1400 audit(1736172420.130:1153): avc:  denied  { ioctl } for  pid=12844 comm="syz.4.1734" path="socket:[42545]" dev="sockfs" ino=42545 ioctlcmd=0x937a scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  572.478431][   T29] audit: type=1400 audit(1736172420.260:1154): avc:  denied  { setopt } for  pid=12844 comm="syz.4.1734" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  572.648841][T12853] tipc: Started in network mode
[  572.654347][T12853] tipc: Node identity 7f000001, cluster identity 4711
[  572.666843][T12853] tipc: Enabled bearer <udp:syz2>, priority 10
[  573.022233][   T29] audit: type=1400 audit(1736172420.750:1155): avc:  denied  { read write } for  pid=12844 comm="syz.4.1734" dev="sockfs" ino=42544 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  573.783627][    T9] tipc: Node number set to 2130706433
[  573.991719][ T5868] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  574.053754][T12864] netlink: 830 bytes leftover after parsing attributes in process `syz.5.1740'.
[  574.733071][ T5868] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  574.744169][ T5868] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  574.754024][ T5868] usb 8-1: New USB device found, idVendor=046d, idProduct=c71b, bcdDevice= 0.00
[  574.773096][ T5868] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.801899][ T5868] usb 8-1: config 0 descriptor??
[  574.866572][   T29] audit: type=1400 audit(1736172422.650:1156): avc:  denied  { create } for  pid=12868 comm="syz.5.1742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  574.917925][   T29] audit: type=1400 audit(1736172422.700:1157): avc:  denied  { read write } for  pid=12868 comm="syz.5.1742" name="vhost-net" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  574.964530][   T29] audit: type=1400 audit(1736172422.700:1158): avc:  denied  { open } for  pid=12868 comm="syz.5.1742" path="/dev/vhost-net" dev="devtmpfs" ino=1274 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  574.990115][   T29] audit: type=1400 audit(1736172422.770:1159): avc:  denied  { ioctl } for  pid=12868 comm="syz.5.1742" path="/dev/vhost-net" dev="devtmpfs" ino=1274 ioctlcmd=0xaf30 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:vhost_device_t tclass=chr_file permissive=1
[  575.024967][   T29] audit: type=1400 audit(1736172422.790:1160): avc:  denied  { nlmsg_read } for  pid=12871 comm="syz.1.1743" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  575.238419][   T29] audit: type=1400 audit(1736172423.020:1161): avc:  denied  { create } for  pid=12857 comm="syz.7.1737" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  575.264468][ T5868] logitech-djreceiver 0003:046D:C71B.001E: collection stack underflow
[  575.273322][ T5868] logitech-djreceiver 0003:046D:C71B.001E: item 0 1 0 12 parsing failed
[  575.868144][ T5868] logitech-djreceiver 0003:046D:C71B.001E: logi_dj_probe: parse failed
[  575.877412][ T5868] logitech-djreceiver 0003:046D:C71B.001E: probe with driver logitech-djreceiver failed with error -22
[  576.034798][T12884] FAULT_INJECTION: forcing a failure.
[  576.034798][T12884] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  576.064662][T12884] CPU: 0 UID: 0 PID: 12884 Comm: syz.1.1747 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  576.075504][T12884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  576.085572][T12884] Call Trace:
[  576.088852][T12884]  <TASK>
[  576.091790][T12884]  dump_stack_lvl+0x16c/0x1f0
[  576.096485][T12884]  should_fail_ex+0x497/0x5b0
[  576.101182][T12884]  ? fs_reclaim_acquire+0xae/0x150
[  576.106313][T12884]  should_fail_alloc_page+0xe7/0x130
[  576.111616][T12884]  prepare_alloc_pages.constprop.0+0x16f/0x560
[  576.117800][T12884]  __alloc_pages_noprof+0x190/0x25b0
[  576.123133][T12884]  ? hlock_class+0x4e/0x130
[  576.127625][T12884]  ? mark_lock+0xb5/0xc60
[  576.131952][T12884]  ? hlock_class+0x4e/0x130
[  576.136436][T12884]  ? __pfx_mark_lock+0x10/0x10
[  576.141616][T12884]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  576.147333][T12884]  ? __lock_acquire+0x15a9/0x3c40
[  576.152338][T12884]  ? mark_lock+0xb5/0xc60
[  576.156649][T12884]  ? hlock_class+0x4e/0x130
[  576.161134][T12884]  ? __lock_acquire+0xcc5/0x3c40
[  576.166058][T12884]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  576.171934][T12884]  ? policy_nodemask+0xea/0x4e0
[  576.176767][T12884]  alloc_pages_mpol_noprof+0x2c9/0x610
[  576.182210][T12884]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  576.188174][T12884]  ? __lock_acquire+0xcc5/0x3c40
[  576.193092][T12884]  folio_alloc_mpol_noprof+0x36/0xd0
[  576.198367][T12884]  vma_alloc_folio_noprof+0xee/0x1b0
[  576.203640][T12884]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  576.209511][T12884]  ? find_held_lock+0x2d/0x110
[  576.214263][T12884]  do_pte_missing+0x2017/0x3e00
[  576.219110][T12884]  __handle_mm_fault+0x103c/0x2a40
[  576.224216][T12884]  ? lock_vma_under_rcu+0x6b9/0x980
[  576.229405][T12884]  ? __pfx___handle_mm_fault+0x10/0x10
[  576.234875][T12884]  handle_mm_fault+0x3fa/0xaa0
[  576.239638][T12884]  do_user_addr_fault+0x60d/0x13f0
[  576.244738][T12884]  exc_page_fault+0x5c/0xc0
[  576.249223][T12884]  asm_exc_page_fault+0x26/0x30
[  576.254072][T12884] RIP: 0033:0x7f5fa5651b1b
[  576.258465][T12884] Code: 00 00 00 48 8d 3d fd 33 19 00 48 89 c1 31 c0 e8 6b 44 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d 31 34 19 00 48 89 34 24 48 8b 14 24 48 8b
[  576.278052][T12884] RSP: 002b:00007f5fa650dfb0 EFLAGS: 00010202
[  576.284098][T12884] RAX: 0000000000000000 RBX: 00007f5fa5976080 RCX: 0000000000000000
[  576.292048][T12884] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000020000000
[  576.300027][T12884] RBP: 00007f5fa650f090 R08: 0000000000000000 R09: 0000000000000000
[  576.307980][T12884] R10: 0000000020000000 R11: 0000000000000000 R12: 0000000000000001
[  576.315931][T12884] R13: 0000000000000001 R14: 00007f5fa5976080 R15: 00007ffe98af2208
[  576.323909][T12884]  </TASK>
[  576.526306][T12884] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  576.679129][ T1885] usb 8-1: USB disconnect, device number 5
[  578.709134][T12917] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1757'.
[  578.785764][   T29] audit: type=1400 audit(1736172426.570:1162): avc:  denied  { create } for  pid=12916 comm="syz.7.1757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  579.440575][   T29] audit: type=1400 audit(1736172427.220:1163): avc:  denied  { connect } for  pid=12916 comm="syz.7.1757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  579.508146][   T29] audit: type=1400 audit(1736172427.250:1164): avc:  denied  { setopt } for  pid=12916 comm="syz.7.1757" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  579.672244][ T1885] usb 7-1: new high-speed USB device number 64 using dummy_hcd
[  579.873374][   T29] audit: type=1400 audit(1736172427.290:1165): avc:  denied  { mounton } for  pid=12928 comm="syz.1.1760" path="/356/file0" dev="tmpfs" ino=1949 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  579.963376][T12931] 9pnet_fd: Insufficient options for proto=fd
[  579.964178][   T29] audit: type=1400 audit(1736172427.520:1166): avc:  denied  { connect } for  pid=12928 comm="syz.1.1760" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  580.020186][   T29] audit: type=1400 audit(1736172427.730:1167): avc:  denied  { read } for  pid=12930 comm="syz.5.1761" dev="sockfs" ino=42755 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  580.074675][ T1885] usb 7-1: device descriptor read/64, error -71
[  581.022496][ T1885] usb 7-1: new high-speed USB device number 65 using dummy_hcd
[  581.401514][   T29] audit: type=1400 audit(1736172429.180:1168): avc:  denied  { unmount } for  pid=5822 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  581.448580][   T29] audit: type=1400 audit(1736172429.230:1169): avc:  denied  { getopt } for  pid=12948 comm="syz.7.1765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  581.457078][T12950] FAULT_INJECTION: forcing a failure.
[  581.457078][T12950] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  581.502253][ T1885] usb 7-1: device descriptor read/64, error -71
[  581.529533][   T29] audit: type=1400 audit(1736172429.270:1170): avc:  denied  { setopt } for  pid=12948 comm="syz.7.1765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  581.553784][   T29] audit: type=1400 audit(1736172429.270:1171): avc:  denied  { bind } for  pid=12948 comm="syz.7.1765" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  581.579694][T12950] CPU: 0 UID: 0 PID: 12950 Comm: syz.5.1764 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  581.590497][T12950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  581.600550][T12950] Call Trace:
[  581.603817][T12950]  <TASK>
[  581.606735][T12950]  dump_stack_lvl+0x16c/0x1f0
[  581.611405][T12950]  should_fail_ex+0x497/0x5b0
[  581.616095][T12950]  _copy_from_user+0x2e/0xd0
[  581.620673][T12950]  move_addr_to_kernel+0x68/0x160
[  581.625687][T12950]  __sys_sendto+0x1ba/0x4f0
[  581.630176][T12950]  ? __pfx___sys_sendto+0x10/0x10
[  581.635194][T12950]  ? reacquire_held_locks+0x20b/0x4c0
[  581.640563][T12950]  ? do_user_addr_fault+0xdc7/0x13f0
[  581.645865][T12950]  __x64_sys_sendto+0xe0/0x1c0
[  581.650632][T12950]  ? do_syscall_64+0x91/0x250
[  581.655307][T12950]  ? lockdep_hardirqs_on+0x7c/0x110
[  581.660500][T12950]  do_syscall_64+0xcd/0x250
[  581.665002][T12950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  581.670894][T12950] RIP: 0033:0x7f8474d87bbc
[  581.675299][T12950] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b
[  581.694905][T12950] RSP: 002b:00007f8475b7dec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[  581.703311][T12950] RAX: ffffffffffffffda RBX: 00007f8475b7dfc0 RCX: 00007f8474d87bbc
[  581.711271][T12950] RDX: 0000000000000020 RSI: 00007f8475b7e010 RDI: 0000000000000004
[  581.719230][T12950] RBP: 0000000000000000 R08: 00007f8475b7df14 R09: 000000000000000c
[  581.727191][T12950] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000004
[  581.735156][T12950] R13: 00007f8475b7df68 R14: 00007f8475b7e010 R15: 0000000000000000
[  581.743138][T12950]  </TASK>
[  581.758435][ T1885] usb usb7-port1: attempt power cycle
[  582.106505][T12958] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1767'.
[  582.772607][ T1885] usb 7-1: new high-speed USB device number 66 using dummy_hcd
[  582.992402][ T1885] usb 7-1: device not accepting address 66, error -71
[  583.351635][ T1885] usb 7-1: new high-speed USB device number 67 using dummy_hcd
[  583.382585][ T1885] usb 7-1: device descriptor read/8, error -71
[  583.494364][ T1885] usb usb7-port1: unable to enumerate USB device
[  584.636991][T12425] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  585.711680][T12425] usb 8-1: device descriptor read/64, error -71
[  586.009743][T12425] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  586.141719][T12425] usb 8-1: device descriptor read/64, error -71
[  586.213263][T13003] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1783'.
[  586.311167][T13009] 9pnet_fd: Insufficient options for proto=fd
[  586.386687][T12425] usb usb8-port1: attempt power cycle
[  586.512406][T13013] netlink: 830 bytes leftover after parsing attributes in process `syz.1.1782'.
[  586.981824][   T29] kauditd_printk_skb: 13 callbacks suppressed
[  586.981836][   T29] audit: type=1400 audit(1736172434.750:1185): avc:  denied  { read write } for  pid=13014 comm="syz.6.1784" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  587.109293][   T29] audit: type=1400 audit(1736172434.750:1186): avc:  denied  { ioctl open } for  pid=13014 comm="syz.6.1784" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  587.133734][   T29] audit: type=1400 audit(1736172434.880:1187): avc:  denied  { wake_alarm } for  pid=13002 comm="syz.4.1783" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  587.373297][   T29] audit: type=1400 audit(1736172435.050:1188): avc:  denied  { map } for  pid=13021 comm="syz.1.1786" path="socket:[45079]" dev="sockfs" ino=45079 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  588.571987][   T29] audit: type=1400 audit(1736172436.320:1189): avc:  denied  { bind } for  pid=13036 comm="syz.7.1789" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  589.015948][T13051] input: syz0 as /devices/virtual/input/input48
[  589.022366][T13051] input: failed to attach handler leds to device input48, error: -6
[  589.618566][ T5825] libceph: connect (1)[c::]:6789 error -101
[  589.626433][ T5825] libceph: mon0 (1)[c::]:6789 connect error
[  589.678245][T13052] ceph: No mds server is up or the cluster is laggy
[  590.144826][T13068] netlink: 830 bytes leftover after parsing attributes in process `syz.1.1796'.
[  590.810941][   T29] audit: type=1400 audit(1736172438.080:1190): avc:  denied  { create } for  pid=13061 comm="syz.6.1797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  590.869861][   T29] audit: type=1400 audit(1736172438.080:1191): avc:  denied  { bind } for  pid=13061 comm="syz.6.1797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  591.581752][   T29] audit: type=1400 audit(1736172438.090:1192): avc:  denied  { write } for  pid=13061 comm="syz.6.1797" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  591.661715][   T29] audit: type=1400 audit(1736172439.420:1193): avc:  denied  { setopt } for  pid=13084 comm="syz.6.1802" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  591.701804][   T29] audit: type=1400 audit(1736172439.480:1194): avc:  denied  { append } for  pid=13084 comm="syz.6.1802" name="virtual_nci" dev="devtmpfs" ino=698 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  591.732479][T13085] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  592.170932][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  592.170949][   T29] audit: type=1400 audit(1736172439.950:1196): avc:  denied  { mount } for  pid=13117 comm="syz.5.1813" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  592.208582][T12425] usb 7-1: new full-speed USB device number 68 using dummy_hcd
[  592.277752][   T29] audit: type=1400 audit(1736172440.060:1197): avc:  denied  { ioctl } for  pid=13126 comm="syz.5.1816" path="socket:[45401]" dev="sockfs" ino=45401 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  592.361684][ T5868] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  592.383440][T12425] usb 7-1: config 0 has an invalid interface number: 12 but max is 0
[  592.392557][T12425] usb 7-1: config 0 has no interface number 0
[  592.398678][T12425] usb 7-1: config 0 interface 12 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  592.427465][T12425] usb 7-1: config 0 interface 12 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  592.438459][T12425] usb 7-1: config 0 interface 12 has no altsetting 0
[  592.448283][T12425] usb 7-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  592.457573][T12425] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  592.465700][T12425] usb 7-1: Product: syz
[  592.472822][T12425] usb 7-1: Manufacturer: syz
[  592.658005][T12425] usb 7-1: SerialNumber: syz
[  592.664736][T12425] usb 7-1: config 0 descriptor??
[  592.670633][T13100] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  592.679517][ T5868] usb 8-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af
[  592.689441][ T5868] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  592.698505][T12425] f81534 7-1:0.12: unsupported endpoint max packet size
[  592.707293][ T5868] usb 8-1: config 0 descriptor??
[  592.715174][ T5868] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  593.366024][ T5868] gspca_sonixj: reg_w1 err -110
[  593.369208][T13113] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1812'.
[  593.370939][ T5868] sonixj 8-1:0.0: probe with driver sonixj failed with error -110
[  593.380724][T13100] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  593.405267][T13113] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1812'.
[  593.415166][T13100] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  593.443484][T13113] gretap0: entered promiscuous mode
[  593.449499][    T8] usb 7-1: USB disconnect, device number 68
[  593.458750][T13113] batadv_slave_1: entered promiscuous mode
[  593.467570][T13113] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  593.488198][T13113] Cannot create hsr debugfs directory
[  593.551811][ T5901] usb 8-1: USB disconnect, device number 9
[  595.612572][   T29] audit: type=1400 audit(1736172443.390:1198): avc:  denied  { append } for  pid=13161 comm="syz.4.1824" name="event0" dev="devtmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  595.914192][T13180] hugetlbfs: Bad value 'g' for mount option 'nr_inodes'
[  595.914192][T13180] 
[  596.062422][ T5834] Bluetooth: hci2: Malformed Event: 0x13
[  596.141752][   T29] audit: type=1400 audit(1736172443.690:1199): avc:  denied  { mount } for  pid=13168 comm="syz.7.1827" name="/" dev="hugetlbfs" ino=45454 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  596.168868][   T29] audit: type=1400 audit(1736172443.700:1200): avc:  denied  { remount } for  pid=13168 comm="syz.7.1827" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  596.192050][   T29] audit: type=1326 audit(1736172443.920:1201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13170 comm="syz.1.1828" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5fa5785d29 code=0x0
[  596.337182][   T29] audit: type=1400 audit(1736172444.120:1202): avc:  denied  { unmount } for  pid=12170 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  596.492042][   T29] audit: type=1400 audit(1736172444.280:1203): avc:  denied  { getopt } for  pid=13185 comm="syz.6.1831" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  597.710512][T13197] netlink: 830 bytes leftover after parsing attributes in process `syz.7.1832'.
[  597.759186][T13164] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  597.826487][   T29] audit: type=1400 audit(1736172445.590:1204): avc:  denied  { create } for  pid=13198 comm="syz.6.1833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  597.867069][   T29] audit: type=1400 audit(1736172445.600:1205): avc:  denied  { setopt } for  pid=13198 comm="syz.6.1833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  598.199321][   T29] audit: type=1400 audit(1736172445.710:1206): avc:  denied  { ioctl } for  pid=13198 comm="syz.6.1833" path="socket:[44718]" dev="sockfs" ino=44718 ioctlcmd=0x89b0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  598.323649][   T29] audit: type=1400 audit(1736172445.710:1207): avc:  denied  { getopt } for  pid=13198 comm="syz.6.1833" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  598.961715][ T1885] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  599.151685][ T1885] usb 5-1: Using ep0 maxpacket: 16
[  599.169404][   T29] audit: type=1400 audit(1736172446.800:1208): avc:  denied  { read } for  pid=13227 comm="syz.1.1843" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  599.337417][ T1885] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  599.492521][ T5868] usb 7-1: new high-speed USB device number 69 using dummy_hcd
[  599.513877][ T1885] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  599.531733][   T29] audit: type=1400 audit(1736172446.800:1209): avc:  denied  { open } for  pid=13227 comm="syz.1.1843" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  599.540498][ T1885] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  599.580567][ T1885] usb 5-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  599.589763][ T1885] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.611499][ T1885] usb 5-1: config 0 descriptor??
[  599.653676][ T5868] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  599.689088][ T5868] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  599.910998][ T5868] usb 7-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  599.920760][ T5868] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  599.931561][ T5868] usb 7-1: config 0 descriptor??
[  600.034972][T13247] netlink: 830 bytes leftover after parsing attributes in process `syz.5.1845'.
[  600.133566][ T1885] hid-u2fzero 0003:10C4:8ACF.001F: unknown main item tag 0x0
[  600.141479][ T1885] hid-u2fzero 0003:10C4:8ACF.001F: unknown main item tag 0x0
[  600.215262][T13229] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  600.297045][ T1885] hid-u2fzero 0003:10C4:8ACF.001F: item fetching failed at offset 2/5
[  600.343031][T13229] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  600.416425][ T1885] hid-u2fzero 0003:10C4:8ACF.001F: probe with driver hid-u2fzero failed with error -22
[  600.584977][ T1885] usb 5-1: USB disconnect, device number 53
[  600.741666][ T5868] corsair-cpro 0003:1B1C:0C10.0020: item fetching failed at offset 10/13
[  600.750976][ T5868] corsair-cpro 0003:1B1C:0C10.0020: probe with driver corsair-cpro failed with error -22
[  600.834195][   T29] audit: type=1400 audit(1736172448.620:1210): avc:  denied  { create } for  pid=13252 comm="syz.1.1848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  600.944054][ T1885] usb 7-1: USB disconnect, device number 69
[  601.153945][T13263] FAULT_INJECTION: forcing a failure.
[  601.153945][T13263] name failslab, interval 1, probability 0, space 0, times 0
[  601.183935][T13263] CPU: 0 UID: 0 PID: 13263 Comm: syz.4.1850 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  601.194840][T13263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  601.204907][T13263] Call Trace:
[  601.208181][T13263]  <TASK>
[  601.211103][T13263]  dump_stack_lvl+0x16c/0x1f0
[  601.215785][T13263]  should_fail_ex+0x497/0x5b0
[  601.220465][T13263]  ? fs_reclaim_acquire+0xae/0x150
[  601.225832][T13263]  should_failslab+0xc2/0x120
[  601.230505][T13263]  __kmalloc_noprof+0xcb/0x510
[  601.235266][T13263]  ? skcipher_recvmsg+0xb5/0x1020
[  601.240293][T13263]  sock_kmalloc+0x111/0x170
[  601.244798][T13263]  af_alg_alloc_areq+0xbc/0x2e0
[  601.249645][T13263]  skcipher_recvmsg+0x326/0x1020
[  601.254592][T13263]  ? lock_acquire+0x2f/0xb0
[  601.259088][T13263]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  601.264465][T13263]  sock_recvmsg+0x1f6/0x250
[  601.268968][T13263]  __sys_recvfrom+0x204/0x310
[  601.273645][T13263]  ? __pfx___sys_recvfrom+0x10/0x10
[  601.278840][T13263]  ? reacquire_held_locks+0x20b/0x4c0
[  601.284208][T13263]  ? do_user_addr_fault+0xdc7/0x13f0
[  601.289519][T13263]  __x64_sys_recvfrom+0xe0/0x1c0
[  601.294457][T13263]  ? do_syscall_64+0x91/0x250
[  601.299133][T13263]  ? lockdep_hardirqs_on+0x7c/0x110
[  601.304328][T13263]  do_syscall_64+0xcd/0x250
[  601.308831][T13263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.314721][T13263] RIP: 0033:0x7f5163787af4
[  601.319127][T13263] Code: 89 4c 24 1c e8 ed 5f 02 00 44 8b 54 24 1c 8b 3c 24 45 31 c9 89 c5 48 8b 54 24 10 48 8b 74 24 08 45 31 c0 b8 2d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 04 24 e8 39 60 02 00 48 8b 04
[  601.338724][T13263] RSP: 002b:00007f516459eed0 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
[  601.347132][T13263] RAX: ffffffffffffffda RBX: 00007f516459efc0 RCX: 00007f5163787af4
[  601.355096][T13263] RDX: 0000000000001000 RSI: 00007f516459f010 RDI: 0000000000000004
[  601.363056][T13263] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  601.371018][T13263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004
[  601.378977][T13263] R13: 00007f516459ef68 R14: 00007f516459f010 R15: 0000000000000000
[  601.386952][T13263]  </TASK>
[  601.445575][   T29] audit: type=1400 audit(1736172449.230:1211): avc:  denied  { write } for  pid=13258 comm="syz.1.1849" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  601.488723][   T29] audit: type=1400 audit(1736172449.260:1212): avc:  denied  { ioctl } for  pid=13258 comm="syz.1.1849" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  601.624342][T13267] overlayfs: failed to resolve './file1': -2
[  602.686650][   T29] audit: type=1400 audit(1736172450.470:1213): avc:  denied  { getopt } for  pid=13275 comm="syz.6.1852" lport=2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  602.707929][T13279] syz_tun: entered allmulticast mode
[  602.716504][T13280] syz_tun: left allmulticast mode
[  603.268982][T13296] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1856'.
[  603.320631][   T29] audit: type=1400 audit(1736172451.040:1214): avc:  denied  { execute_no_trans } for  pid=13283 comm="syz.6.1856" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  603.501721][ T5901] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  603.679913][ T5901] usb 5-1: Using ep0 maxpacket: 8
[  603.771927][ T5901] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  603.797998][ T5901] usb 5-1: config 0 has no interface number 0
[  603.946071][ T5901] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  603.957180][ T5901] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  603.970048][ T5901] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  603.981170][ T5901] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  603.995442][ T5901] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  604.004549][ T5901] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.022339][ T5901] usb 5-1: config 0 descriptor??
[  604.437493][   T29] audit: type=1400 audit(1736172452.220:1215): avc:  denied  { create } for  pid=13288 comm="syz.4.1855" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=appletalk_socket permissive=1
[  604.467253][ T5901] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  604.688812][ T1885] usb 5-1: USB disconnect, device number 54
[  604.696472][ T1885] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  604.954895][ T5825] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  604.962667][ T5868] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  605.132535][ T5868] usb 8-1: Using ep0 maxpacket: 16
[  605.161823][ T5868] usb 8-1: config 1 interface 0 has no altsetting 0
[  605.171672][ T5825] usb 2-1: config index 0 descriptor too short (expected 44892, got 92)
[  605.180183][ T5825] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  605.195556][T13338] netlink: 'syz.5.1869': attribute type 13 has an invalid length.
[  605.256286][ T5825] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  605.265650][ T5868] usb 8-1: New USB device found, idVendor=046d, idProduct=b309, bcdDevice= 0.40
[  605.275704][ T5825] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  605.284208][ T5868] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  605.292977][ T5868] usb 8-1: Product: syz
[  605.297261][ T5868] usb 8-1: Manufacturer: syz
[  605.302101][ T5825] usb 2-1: Product: syz
[  605.306500][ T5825] usb 2-1: Manufacturer: syz
[  605.311107][ T5825] usb 2-1: SerialNumber: syz
[  605.315768][ T5868] usb 8-1: SerialNumber: syz
[  605.412833][T12675] Bluetooth: hci2: command 0x0405 tx timeout
[  605.501666][   T29] audit: type=1400 audit(1736172453.260:1216): avc:  denied  { bind } for  pid=13342 comm="syz.5.1871" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  605.701853][T13344] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  605.803475][ T5868] usbhid 8-1:1.0: can't add hid device: -71
[  605.809510][ T5868] usbhid 8-1:1.0: probe with driver usbhid failed with error -71
[  605.823418][ T5868] usb 8-1: USB disconnect, device number 10
[  607.009571][T13367] FAULT_INJECTION: forcing a failure.
[  607.009571][T13367] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  607.540796][T13313] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input49
[  607.551849][   T29] audit: type=1400 audit(1736172455.250:1217): avc:  denied  { connect } for  pid=13311 comm="syz.1.1861" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  607.642103][T13367] CPU: 0 UID: 0 PID: 13367 Comm: syz.4.1876 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  607.652940][T13367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  607.662999][T13367] Call Trace:
[  607.666279][T13367]  <TASK>
[  607.669212][T13367]  dump_stack_lvl+0x16c/0x1f0
[  607.673905][T13367]  should_fail_ex+0x497/0x5b0
[  607.678598][T13367]  _copy_to_user+0x32/0xd0
[  607.683033][T13367]  simple_read_from_buffer+0xd0/0x160
[  607.688421][T13367]  proc_fail_nth_read+0x198/0x270
[  607.693463][T13367]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  607.699028][T13367]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  607.704608][T13367]  vfs_read+0x1df/0xbe0
[  607.708792][T13367]  ? __pfx___mutex_lock+0x10/0x10
[  607.713837][T13367]  ? __pfx_vfs_read+0x10/0x10
[  607.718520][T13367]  ? rcu_is_watching+0x12/0xc0
[  607.723304][T13367]  ? __rcu_read_unlock+0x2b4/0x580
[  607.728422][T13367]  ? __fget_files+0x206/0x3a0
[  607.733115][T13367]  ksys_read+0x12b/0x250
[  607.737364][T13367]  ? __pfx_ksys_read+0x10/0x10
[  607.742147][T13367]  do_syscall_64+0xcd/0x250
[  607.746663][T13367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  607.752568][T13367] RIP: 0033:0x7f516378473c
[  607.756989][T13367] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  607.776603][T13367] RSP: 002b:00007f51645a0030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  607.785021][T13367] RAX: ffffffffffffffda RBX: 00007f5163976080 RCX: 00007f516378473c
[  607.792997][T13367] RDX: 000000000000000f RSI: 00007f51645a00a0 RDI: 0000000000000005
[  607.801016][T13367] RBP: 00007f51645a0090 R08: 0000000000000000 R09: 0000000000000000
[  607.808993][T13367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  607.816965][T13367] R13: 0000000000000001 R14: 00007f5163976080 R15: 00007ffc5d2bdb28
[  607.824955][T13367]  </TASK>
[  607.954729][T13370] 9pnet_fd: Insufficient options for proto=fd
[  607.961067][ T5825] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[  607.967574][ T5825] cdc_ncm 2-1:1.0: setting rx_max = 16384
[  608.320185][ T5825] cdc_ncm 2-1:1.0: setting tx_max = 88
[  608.343041][ T5825] cdc_ncm 2-1:1.0 eth9: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  608.362709][ T5825] usb 2-1: USB disconnect, device number 70
[  608.369394][ T5825] cdc_ncm 2-1:1.0 eth9: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[  609.351618][ T1885] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  610.423393][ T1885] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  610.434586][ T1885] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  610.444454][ T1885] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  610.663052][ T1885] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  610.672205][ T1885] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  610.724248][ T1885] usb 8-1: config 0 descriptor??
[  610.999615][ T1885] usbhid 8-1:0.0: can't add hid device: -71
[  611.010680][ T1885] usbhid 8-1:0.0: probe with driver usbhid failed with error -71
[  611.062413][ T1885] usb 8-1: USB disconnect, device number 11
[  611.394057][   T29] audit: type=1400 audit(1736172459.180:1218): avc:  denied  { getopt } for  pid=13396 comm="syz.5.1885" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  611.394132][T13397] netlink: 596 bytes leftover after parsing attributes in process `syz.5.1885'.
[  612.089662][T13413] bridge0: port 2(bridge_slave_1) entered disabled state
[  612.096942][T13413] bridge0: port 1(bridge_slave_0) entered disabled state
[  612.106383][T13413] bridge0: entered allmulticast mode
[  614.104047][   T29] audit: type=1400 audit(1736172461.890:1219): avc:  denied  { listen } for  pid=13437 comm="syz.4.1897" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  614.129777][   T29] audit: type=1400 audit(1736172461.890:1220): avc:  denied  { connect } for  pid=13437 comm="syz.4.1897" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  614.215586][   T29] audit: type=1400 audit(1736172461.920:1221): avc:  denied  { connect } for  pid=13440 comm="syz.6.1896" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  614.390063][   T29] audit: type=1400 audit(1736172461.940:1222): avc:  denied  { listen } for  pid=13440 comm="syz.6.1896" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  614.822527][T13468] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1901'.
[  614.854361][T13468] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1901'.
[  615.662557][   T29] audit: type=1400 audit(1736172463.370:1223): avc:  denied  { map } for  pid=13473 comm="syz.1.1903" path="socket:[45968]" dev="sockfs" ino=45968 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  615.862812][T13462] block nbd5: shutting down sockets
[  617.772424][   T29] audit: type=1400 audit(1736172465.560:1224): avc:  denied  { getopt } for  pid=13513 comm="syz.6.1913" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  617.792434][ T1885] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  617.968430][   T29] audit: type=1400 audit(1736172465.750:1225): avc:  denied  { write } for  pid=13519 comm="syz.5.1915" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  618.078737][ T1885] usb 8-1: New USB device found, idVendor=0f11, idProduct=1000, bcdDevice= 0.7f
[  618.106013][ T1885] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  618.138172][ T1885] usb 8-1: config 0 descriptor??
[  618.261721][   T25] usb 7-1: new high-speed USB device number 70 using dummy_hcd
[  618.352465][T13527] No control pipe specified
[  618.359240][T13510] 9pnet_fd: Insufficient options for proto=fd
[  618.366016][   T29] audit: type=1400 audit(1736172466.150:1226): avc:  denied  { create } for  pid=13509 comm="syz.7.1911" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmsvc_socket permissive=1
[  618.422206][ T1885] usb 8-1: string descriptor 0 read error: -71
[  618.441590][   T25] usb 7-1: Using ep0 maxpacket: 16
[  618.450306][   T25] usb 7-1: config 0 has an invalid interface number: 249 but max is 0
[  618.460976][   T25] usb 7-1: config 0 has no interface number 0
[  618.467247][   T25] usb 7-1: config 0 interface 249 altsetting 0 endpoint 0x6 has invalid maxpacket 851, setting to 64
[  618.471175][ T1885] ldusb 8-1:0.0: Interrupt in endpoint not found
[  618.488560][   T29] audit: type=1400 audit(1736172466.270:1227): avc:  denied  { connect } for  pid=13526 comm="syz.4.1916" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  618.536163][   T25] usb 7-1: New USB device found, idVendor=0424, idProduct=7800, bcdDevice=17.a2
[  618.537197][ T1885] usb 8-1: USB disconnect, device number 12
[  618.552009][   T25] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  618.560025][   T25] usb 7-1: Product: syz
[  618.690452][   T25] usb 7-1: Manufacturer: syz
[  618.711781][   T25] usb 7-1: SerialNumber: syz
[  618.734893][   T25] usb 7-1: config 0 descriptor??
[  618.962792][    T8] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[  619.157377][T13525] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2067 sclass=netlink_route_socket pid=13525 comm=syz.6.1913
[  619.184978][    T8] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  619.274649][T13553] netlink: 'syz.1.1922': attribute type 29 has an invalid length.
[  619.293865][T13553] netlink: 'syz.1.1922': attribute type 29 has an invalid length.
[  619.315213][T13553] netlink: 'syz.1.1922': attribute type 29 has an invalid length.
[  619.324910][T13553] netlink: 'syz.1.1922': attribute type 29 has an invalid length.
[  619.334512][T13553] netlink: 'syz.1.1922': attribute type 29 has an invalid length.
[  619.344025][T13553] netlink: 'syz.1.1922': attribute type 29 has an invalid length.
[  619.354015][T13553] netlink: 'syz.1.1922': attribute type 29 has an invalid length.
[  619.363448][T13553] netlink: 'syz.1.1922': attribute type 29 has an invalid length.
[  619.612508][   T25] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  620.166478][    T8] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  620.179585][    T8] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  620.189008][    T8] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  620.197085][    T8] usb 6-1: SerialNumber: syz
[  620.233181][   T25] usb 8-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  620.242787][   T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  620.650523][ T1885] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  620.676101][    T9] usb 7-1: USB disconnect, device number 70
[  620.713795][   T25] usb 8-1: config 0 descriptor??
[  620.732601][   T25] cp210x 8-1:0.0: cp210x converter detected
[  620.995835][    T8] usb 6-1: 0:2 : does not exist
[  621.000909][    T8] usb 6-1: unit 5: unexpected type 0x0a
[  621.007103][ T1885] usb 5-1: too many configurations: 18, using maximum allowed: 8
[  621.579193][T13559] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1924'.
[  621.603285][ T5834] Bluetooth: hci1: command 0x0401 tx timeout
[  621.625805][ T1885] usb 5-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a
[  621.641345][   T29] audit: type=1400 audit(1736172469.360:1228): avc:  denied  { ioctl } for  pid=13554 comm="syz.1.1924" path="socket:[46678]" dev="sockfs" ino=46678 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  621.682310][   T25] cp210x 8-1:0.0: failed to get vendor val 0x000e size 3: -71
[  621.701410][   T25] cp210x 8-1:0.0: failed to get vendor val 0x370c size 73: -71
[  621.702173][ T1885] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.719396][ T1885] usb 5-1: config 0 descriptor??
[  621.729855][ T1885] gspca_main: 0c45:8001 too many config
[  621.759671][   T29] audit: type=1400 audit(1736172469.540:1229): avc:  denied  { read } for  pid=13567 comm="syz.6.1926" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  621.861588][   T25] cp210x 8-1:0.0: GPIO initialisation failed: -71
[  621.884449][   T25] usb 8-1: cp210x converter now attached to ttyUSB0
[  621.884583][ T1885] usb 6-1: USB disconnect, device number 57
[  621.922454][   T25] usb 8-1: USB disconnect, device number 13
[  621.945938][   T25] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  621.963750][   T25] cp210x 8-1:0.0: device disconnected
[  622.029929][T13549] Invalid ELF header magic: != ELF
[  622.035752][   T29] audit: type=1400 audit(1736172469.810:1230): avc:  denied  { module_load } for  pid=13548 comm="syz.4.1921" path="/sys/kernel/notes" dev="sysfs" ino=1382 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=system permissive=1
[  622.127802][   T29] audit: type=1400 audit(1736172469.830:1231): avc:  denied  { setopt } for  pid=13581 comm="syz.5.1930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  622.253122][   T29] audit: type=1400 audit(1736172470.040:1232): avc:  denied  { bind } for  pid=13548 comm="syz.4.1921" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  623.319644][   T29] audit: type=1400 audit(1736172471.100:1233): avc:  denied  { bind } for  pid=13587 comm="syz.7.1933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  623.498612][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  623.668923][   T29] audit: type=1400 audit(1736172471.160:1234): avc:  denied  { accept } for  pid=13587 comm="syz.7.1933" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  623.865016][T13603] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1935'.
[  623.874204][   T29] audit: type=1400 audit(1736172471.650:1235): avc:  denied  { ioctl } for  pid=13602 comm="syz.6.1935" path="socket:[47291]" dev="sockfs" ino=47291 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  623.913286][T13603] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1935'.
[  623.923034][T13604] 9pnet_fd: Insufficient options for proto=fd
[  624.125936][    T9] usb 5-1: USB disconnect, device number 55
[  624.491477][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  625.777960][T13639] dns_resolver: Unsupported content type (246)
[  625.805976][   T29] audit: type=1400 audit(1736172473.590:1236): avc:  denied  { write } for  pid=13643 comm="syz.6.1943" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  625.853615][   T29] audit: type=1400 audit(1736172473.610:1237): avc:  denied  { read } for  pid=13643 comm="syz.6.1943" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  625.930867][T13648] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1945'.
[  625.954223][T13648] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1945'.
[  625.972737][   T29] audit: type=1400 audit(1736172473.620:1238): avc:  denied  { read } for  pid=13643 comm="syz.6.1943" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  626.069043][   T29] audit: type=1400 audit(1736172473.850:1239): avc:  denied  { write } for  pid=13649 comm="syz.6.1946" name="sg0" dev="devtmpfs" ino=735 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  626.887453][T13654] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1947'.
[  627.276864][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1949'.
[  627.416227][T13655] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  627.518727][T13662] netlink: 830 bytes leftover after parsing attributes in process `syz.4.1948'.
[  628.132984][T13664] fuse: Unknown parameter 'rootmod;00000060000'
[  628.474704][    T9] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[  628.731658][    T9] usb 6-1: device descriptor read/64, error -71
[  628.983058][    T9] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[  629.340345][ T1885] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  629.411607][    T9] usb 6-1: device descriptor read/64, error -71
[  629.537222][    T9] usb usb6-port1: attempt power cycle
[  629.572967][ T1885] usb 2-1: config index 0 descriptor too short (expected 63506, got 18)
[  629.714417][ T1885] usb 2-1: New USB device found, idVendor=0830, idProduct=0060, bcdDevice=13.2b
[  629.724121][ T1885] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  629.751754][ T1885] usb 2-1: Product: syz
[  629.755960][ T1885] usb 2-1: Manufacturer: syz
[  629.770965][ T1885] usb 2-1: SerialNumber: syz
[  630.072454][T13675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  630.081039][T13675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  630.122638][    T9] usb 6-1: new high-speed USB device number 60 using dummy_hcd
[  630.131758][ T1885] usb 2-1: palm_os_4_probe - error -110 getting connection info
[  630.144025][    T9] usb 6-1: device descriptor read/8, error -71
[  630.167756][ T1885] visor 2-1:1.0: Handspring Visor / Palm OS converter detected
[  630.372348][T13692] netlink: zone id is out of range
[  630.377603][T13692] netlink: zone id is out of range
[  630.382877][T13692] netlink: zone id is out of range
[  630.388127][T13692] netlink: zone id is out of range
[  630.393352][T13692] netlink: zone id is out of range
[  630.398506][T13692] netlink: zone id is out of range
[  630.403690][T13692] netlink: zone id is out of range
[  630.408837][T13692] netlink: zone id is out of range
[  630.414055][T13692] netlink: zone id is out of range
[  630.419265][T13692] netlink: zone id is out of range
[  631.068071][T13675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  631.077266][T13675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  631.087853][T13675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  631.108383][T13675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  631.177033][ T1885] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  631.229376][ T1885] usb 2-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  631.239573][T13675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  631.297608][T13675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  631.307734][    T9] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[  631.342749][T13675] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  631.351297][T13675] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  631.472187][ T5825] usb 2-1: USB disconnect, device number 71
[  631.603369][    T9] usb 6-1: device not accepting address 61, error -71
[  631.761031][ T5825] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  631.802511][    T9] usb usb6-port1: unable to enumerate USB device
[  631.999475][ T5825] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  632.063206][T13703] netlink: 'syz.4.1963': attribute type 5 has an invalid length.
[  632.406480][ T5825] visor 2-1:1.0: device disconnected
[  632.438874][T13703] : entered promiscuous mode
[  632.561693][  T969] usb 7-1: new high-speed USB device number 71 using dummy_hcd
[  632.763364][  T969] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30
[  632.903380][  T969] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  632.924626][  T969] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196
[  633.111628][ T5825] usb 2-1: new full-speed USB device number 72 using dummy_hcd
[  633.141585][  T969] usb 7-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  633.161760][  T969] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.163585][  T969] usb 7-1: config 0 descriptor??
[  633.383332][ T5825] usb 2-1: config 0 has an invalid interface number: 189 but max is 0
[  633.396957][ T5825] usb 2-1: config 0 has no interface number 0
[  633.493467][ T5825] usb 2-1: config 0 interface 189 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  633.541374][ T5825] usb 2-1: config 0 interface 189 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  633.576241][ T5825] usb 2-1: config 0 interface 189 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 64
[  633.709945][  T969] usbhid 7-1:0.0: can't add hid device: -71
[  633.718613][  T969] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  633.727227][ T5825] usb 2-1: config 0 interface 189 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  633.728769][  T969] usb 7-1: USB disconnect, device number 71
[  633.737586][ T5825] usb 2-1: config 0 interface 189 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  633.915978][ T5825] usb 2-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 1.02
[  633.930281][ T5825] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  633.938542][ T5825] usb 2-1: Product: syz
[  633.943831][ T5825] usb 2-1: Manufacturer: syz
[  633.966813][ T5825] usb 2-1: SerialNumber: syz
[  633.971749][   T47] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  634.004069][ T5825] usb 2-1: config 0 descriptor??
[  634.018268][T13714] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  634.035815][ T5825] ums-alauda 2-1:0.189: USB Mass Storage device detected
[  634.486706][ T5825] scsi host1: usb-storage 2-1:0.189
[  634.504811][   T47] usb 8-1: Using ep0 maxpacket: 16
[  634.525232][   T47] usb 8-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  634.561597][   T47] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  634.732533][   T47] usb 8-1: config 0 descriptor??
[  634.744574][   T29] audit: type=1400 audit(1736172482.530:1240): avc:  denied  { getopt } for  pid=13713 comm="syz.1.1967" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[  634.768863][   T47] gspca_main: sonixj-2.14.0 probing 0471:0327
[  634.836178][T13749] mkiss: ax0: crc mode is auto.
[  634.855927][   T29] audit: type=1400 audit(1736172482.640:1241): avc:  denied  { write } for  pid=13748 comm="syz.5.1977" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  634.961641][   T47] gspca_sonixj: reg_r err -32
[  634.966761][   T47] sonixj 8-1:0.0: probe with driver sonixj failed with error -32
[  635.233880][   T47] usb 8-1: USB disconnect, device number 14
[  635.534176][ T8172] scsi 1:0:0:0: Direct-Access     Olympus  MAUSB-10 (Alauda 0102 PQ: 0 ANSI: 0 CCS
[  636.208968][ T8172] scsi 1:0:0:1: Direct-Access     Olympus  MAUSB-10 (Alauda 0102 PQ: 0 ANSI: 0 CCS
[  636.436925][   T47] usb 2-1: USB disconnect, device number 72
[  636.451892][ T8172] sd 1:0:0:0: Attached scsi generic sg1 type 0
[  636.486819][ T8170] sd 1:0:0:0: [sdb] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK
[  636.494337][   T35] sd 1:0:0:1: [sdc] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK
[  636.512381][ T8172] sd 1:0:0:1: Attached scsi generic sg2 type 0
[  636.650242][ T8170] sd 1:0:0:0: [sdb] Read Capacity(10) failed: Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK
[  636.652406][   T35] sd 1:0:0:1: [sdc] Read Capacity(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK
[  636.717322][ T8170] sd 1:0:0:0: [sdb] Sense not available.
[  636.746590][   T35] sd 1:0:0:1: [sdc] Sense not available.
[  636.760084][ T8170] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[  636.801276][   T35] sd 1:0:0:1: [sdc] 0 512-byte logical blocks: (0 B/0 B)
[  636.916144][ T8170] sd 1:0:0:0: [sdb] 0-byte physical blocks
[  636.948675][   T35] sd 1:0:0:1: [sdc] 0-byte physical blocks
[  636.955042][ T8170] sd 1:0:0:0: [sdb] Write Protect is off
[  637.132080][   T35] sd 1:0:0:1: [sdc] Test WP failed, assume Write Enabled
[  637.139547][   T35] sd 1:0:0:1: [sdc] Asking for cache data failed
[  637.415604][ T8170] sd 1:0:0:0: [sdb] Asking for cache data failed
[  637.436855][ T8170] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[  637.843391][   T35] sd 1:0:0:1: [sdc] Assuming drive cache: write through
[  637.861563][ T8170] 
[  637.863910][ T8170] ======================================================
[  637.870922][ T8170] WARNING: possible circular locking dependency detected
[  637.877934][ T8170] 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0 Not tainted
[  637.885038][ T8170] ------------------------------------------------------
[  637.892061][ T8170] kworker/u8:17/8170 is trying to acquire lock:
[  637.898304][ T8170] ffff88802945eae8 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_mq_init_sched+0x42b/0x640
[  637.907883][ T8170] 
[  637.907883][ T8170] but task is already holding lock:
[  637.915235][ T8170] ffff88802945e2b0 (&q->q_usage_counter(queue)#53){++++}-{0:0}, at: add_disk_fwnode+0x113/0x1300
[  637.925765][ T8170] 
[  637.925765][ T8170] which lock already depends on the new lock.
[  637.925765][ T8170] 
[  637.936146][ T8170] 
[  637.936146][ T8170] the existing dependency chain (in reverse order) is:
[  637.945140][ T8170] 
[  637.945140][ T8170] -> #5 (&q->q_usage_counter(queue)#53){++++}-{0:0}:
[  637.953996][ T8170]        blk_queue_enter+0x50f/0x640
[  637.959280][ T8170]        blk_mq_alloc_request+0x59b/0x950
[  637.964993][ T8170]        scsi_execute_cmd+0x1eb/0xf40
[  637.970354][ T8170]        read_capacity_10+0x1d4/0x6d0
[  637.975720][ T8170]        sd_revalidate_disk.isra.0+0x3145/0xa8d0
[  637.982042][ T8170]        sd_probe+0x904/0x1000
[  637.986804][ T8170]        really_probe+0x23e/0xa90
[  637.991817][ T8170]        __driver_probe_device+0x1de/0x440
[  637.997611][ T8170]        driver_probe_device+0x4c/0x1b0
[  638.003161][ T8170]        __device_attach_driver+0x1df/0x310
[  638.009044][ T8170]        bus_for_each_drv+0x157/0x1e0
[  638.014402][ T8170]        __device_attach_async_helper+0x1d3/0x290
[  638.020803][ T8170]        async_run_entry_fn+0x9c/0x530
[  638.026251][ T8170]        process_one_work+0x9c5/0x1ba0
[  638.031702][ T8170]        worker_thread+0x6c8/0xf00
[  638.036800][ T8170]        kthread+0x2c1/0x3a0
[  638.041378][ T8170]        ret_from_fork+0x45/0x80
[  638.046307][ T8170]        ret_from_fork_asm+0x1a/0x30
[  638.051590][ T8170] 
[  638.051590][ T8170] -> #4 (&q->limits_lock){+.+.}-{4:4}:
[  638.059224][ T8170]        __mutex_lock+0x19b/0xa60
[  638.064243][ T8170]        __nbd_set_size+0x2c0/0x730
[  638.069439][ T8170]        nbd_start_device+0x8fd/0xd70
[  638.074809][ T8170]        nbd_ioctl+0x21a/0xfd0
[  638.079562][ T8170]        blkdev_ioctl+0x276/0x6d0
[  638.084578][ T8170]        __x64_sys_ioctl+0x190/0x200
[  638.089854][ T8170]        do_syscall_64+0xcd/0x250
[  638.094867][ T8170]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.101277][ T8170] 
[  638.101277][ T8170] -> #3 (&q->q_usage_counter(io)#55){++++}-{0:0}:
[  638.109870][ T8170]        blk_mq_submit_bio+0x1fb6/0x24c0
[  638.115488][ T8170]        __submit_bio+0x384/0x540
[  638.120501][ T8170]        submit_bio_noacct_nocheck+0x698/0xd70
[  638.126638][ T8170]        submit_bio_noacct+0x93a/0x1e20
[  638.132174][ T8170]        block_read_full_folio+0x812/0xa50
[  638.137972][ T8170]        filemap_read_folio+0xc6/0x2a0
[  638.143416][ T8170]        filemap_get_pages+0x155f/0x1be0
[  638.149038][ T8170]        filemap_read+0x3ca/0xd70
[  638.154052][ T8170]        blkdev_read_iter+0x187/0x480
[  638.159411][ T8170]        vfs_read+0x87f/0xbe0
[  638.164073][ T8170]        ksys_read+0x12b/0x250
[  638.168827][ T8170]        do_syscall_64+0xcd/0x250
[  638.173850][ T8170]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.180258][ T8170] 
[  638.180258][ T8170] -> #2 (mapping.invalidate_lock#2){++++}-{4:4}:
[  638.188775][ T8170]        down_read+0x9a/0x330
[  638.193444][ T8170]        filemap_fault+0x62c/0x2820
[  638.198629][ T8170]        __do_fault+0x10a/0x490
[  638.203472][ T8170]        do_pte_missing+0xebd/0x3e00
[  638.208743][ T8170]        __handle_mm_fault+0x103c/0x2a40
[  638.214363][ T8170]        handle_mm_fault+0x3fa/0xaa0
[  638.219660][ T8170]        __get_user_pages+0x8d9/0x3b50
[  638.225106][ T8170]        populate_vma_page_range+0x27f/0x3a0
[  638.231077][ T8170]        __mm_populate+0x1d6/0x380
[  638.236179][ T8170]        do_mlock+0x40a/0x7d0
[  638.240846][ T8170]        __x64_sys_mlock+0x59/0x80
[  638.245946][ T8170]        do_syscall_64+0xcd/0x250
[  638.250963][ T8170]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.257373][ T8170] 
[  638.257373][ T8170] -> #1 (&mm->mmap_lock){++++}-{4:4}:
[  638.264918][ T8170]        __might_fault+0x11b/0x190
[  638.270020][ T8170]        _copy_from_user+0x29/0xd0
[  638.275124][ T8170]        __blk_trace_setup+0xa8/0x180
[  638.280488][ T8170]        blk_trace_ioctl+0x163/0x290
[  638.285755][ T8170]        blkdev_ioctl+0x109/0x6d0
[  638.290771][ T8170]        __x64_sys_ioctl+0x190/0x200
[  638.296050][ T8170]        do_syscall_64+0xcd/0x250
[  638.301065][ T8170]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  638.307471][ T8170] 
[  638.307471][ T8170] -> #0 (&q->debugfs_mutex){+.+.}-{4:4}:
[  638.315278][ T8170]        __lock_acquire+0x249e/0x3c40
[  638.320640][ T8170]        lock_acquire.part.0+0x11b/0x380
[  638.326260][ T8170]        __mutex_lock+0x19b/0xa60
[  638.331274][ T8170]        blk_mq_init_sched+0x42b/0x640
[  638.336724][ T8170]        elevator_init_mq+0x2cd/0x420
[  638.342080][ T8170]        add_disk_fwnode+0x113/0x1300
[  638.347436][ T8170]        sd_probe+0xa86/0x1000
[  638.352203][ T8170]        really_probe+0x23e/0xa90
[  638.357223][ T8170]        __driver_probe_device+0x1de/0x440
[  638.363042][ T8170]        driver_probe_device+0x4c/0x1b0
[  638.368579][ T8170]        __device_attach_driver+0x1df/0x310
[  638.374461][ T8170]        bus_for_each_drv+0x157/0x1e0
[  638.379818][ T8170]        __device_attach_async_helper+0x1d3/0x290
[  638.386221][ T8170]        async_run_entry_fn+0x9c/0x530
[  638.391679][ T8170]        process_one_work+0x9c5/0x1ba0
[  638.397126][ T8170]        worker_thread+0x6c8/0xf00
[  638.402227][ T8170]        kthread+0x2c1/0x3a0
[  638.406836][ T8170]        ret_from_fork+0x45/0x80
[  638.411760][ T8170]        ret_from_fork_asm+0x1a/0x30
[  638.417037][ T8170] 
[  638.417037][ T8170] other info that might help us debug this:
[  638.417037][ T8170] 
[  638.427249][ T8170] Chain exists of:
[  638.427249][ T8170]   &q->debugfs_mutex --> &q->limits_lock --> &q->q_usage_counter(queue)#53
[  638.427249][ T8170] 
[  638.441667][ T8170]  Possible unsafe locking scenario:
[  638.441667][ T8170] 
[  638.449103][ T8170]        CPU0                    CPU1
[  638.454449][ T8170]        ----                    ----
[  638.459795][ T8170]   lock(&q->q_usage_counter(queue)#53);
[  638.465419][ T8170]                                lock(&q->limits_lock);
[  638.472338][ T8170]                                lock(&q->q_usage_counter(queue)#53);
[  638.480484][ T8170]   lock(&q->debugfs_mutex);
[  638.485075][ T8170] 
[  638.485075][ T8170]  *** DEADLOCK ***
[  638.485075][ T8170] 
[  638.493208][ T8170] 4 locks held by kworker/u8:17/8170:
[  638.498568][ T8170]  #0: ffff88801beee948 ((wq_completion)async){+.+.}-{0:0}, at: process_one_work+0x1293/0x1ba0
[  638.508927][ T8170]  #1: ffffc900044f7d80 ((work_completion)(&entry->work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  638.520160][ T8170]  #2: ffff88803573c378 (&dev->mutex){....}-{4:4}, at: __device_attach_async_helper+0x84/0x290
[  638.530522][ T8170]  #3: ffff88802945e2b0 (&q->q_usage_counter(queue)#53){++++}-{0:0}, at: add_disk_fwnode+0x113/0x1300
[  638.541484][ T8170] 
[  638.541484][ T8170] stack backtrace:
[  638.547357][ T8170] CPU: 0 UID: 0 PID: 8170 Comm: kworker/u8:17 Not tainted 6.13.0-rc5-syzkaller-00163-gab75170520d4 #0
[  638.558280][ T8170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  638.568324][ T8170] Workqueue: async async_run_entry_fn
[  638.573725][ T8170] Call Trace:
[  638.576992][ T8170]  <TASK>
[  638.579910][ T8170]  dump_stack_lvl+0x116/0x1f0
[  638.584581][ T8170]  print_circular_bug+0x419/0x5d0
[  638.589595][ T8170]  check_noncircular+0x31a/0x400
[  638.594529][ T8170]  ? __pfx_check_noncircular+0x10/0x10
[  638.599977][ T8170]  ? lockdep_lock+0xc6/0x200
[  638.604561][ T8170]  ? __pfx_lockdep_lock+0x10/0x10
[  638.609595][ T8170]  __lock_acquire+0x249e/0x3c40
[  638.614457][ T8170]  ? __pfx___lock_acquire+0x10/0x10
[  638.619659][ T8170]  lock_acquire.part.0+0x11b/0x380
[  638.624764][ T8170]  ? blk_mq_init_sched+0x42b/0x640
[  638.629883][ T8170]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  638.635514][ T8170]  ? rcu_is_watching+0x12/0xc0
[  638.640275][ T8170]  ? trace_lock_acquire+0x14e/0x1f0
[  638.645473][ T8170]  ? blk_mq_init_sched+0x42b/0x640
[  638.650585][ T8170]  ? lock_acquire+0x2f/0xb0
[  638.655094][ T8170]  ? blk_mq_init_sched+0x42b/0x640
[  638.660212][ T8170]  __mutex_lock+0x19b/0xa60
[  638.664717][ T8170]  ? blk_mq_init_sched+0x42b/0x640
[  638.669834][ T8170]  ? blk_mq_init_sched+0x42b/0x640
[  638.674946][ T8170]  ? __pfx___mutex_lock+0x10/0x10
[  638.679975][ T8170]  ? blk_queue_flag_set+0x29/0x40
[  638.685000][ T8170]  ? blk_mq_init_sched+0x42b/0x640
[  638.690111][ T8170]  blk_mq_init_sched+0x42b/0x640
[  638.695045][ T8170]  ? __pfx_blk_mq_init_sched+0x10/0x10
[  638.700496][ T8170]  ? __pfx_blk_mq_cancel_work_sync+0x10/0x10
[  638.706464][ T8170]  ? lock_acquire+0x2f/0xb0
[  638.710955][ T8170]  ? add_disk_fwnode+0x113/0x1300
[  638.715967][ T8170]  elevator_init_mq+0x2cd/0x420
[  638.720803][ T8170]  ? add_disk_fwnode+0x113/0x1300
[  638.725813][ T8170]  add_disk_fwnode+0x113/0x1300
[  638.730651][ T8170]  ? _raw_spin_unlock_irq+0x23/0x50
[  638.735839][ T8170]  sd_probe+0xa86/0x1000
[  638.740078][ T8170]  ? __pfx_sd_probe+0x10/0x10
[  638.744749][ T8170]  really_probe+0x23e/0xa90
[  638.749418][ T8170]  __driver_probe_device+0x1de/0x440
[  638.754693][ T8170]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  638.760493][ T8170]  driver_probe_device+0x4c/0x1b0
[  638.765517][ T8170]  __device_attach_driver+0x1df/0x310
[  638.770885][ T8170]  ? __pfx___device_attach_driver+0x10/0x10
[  638.776768][ T8170]  bus_for_each_drv+0x157/0x1e0
[  638.781607][ T8170]  ? __pfx_bus_for_each_drv+0x10/0x10
[  638.786966][ T8170]  ? lockdep_hardirqs_on+0x7c/0x110
[  638.792155][ T8170]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  638.797951][ T8170]  ? __pfx___device_attach_async_helper+0x10/0x10
[  638.804355][ T8170]  __device_attach_async_helper+0x1d3/0x290
[  638.810240][ T8170]  ? __pfx___device_attach_async_helper+0x10/0x10
[  638.816643][ T8170]  ? ktime_get+0x206/0x300
[  638.821048][ T8170]  ? read_tsc+0x9/0x20
[  638.825111][ T8170]  ? ktime_get+0x1ac/0x300
[  638.829514][ T8170]  async_run_entry_fn+0x9c/0x530
[  638.834451][ T8170]  process_one_work+0x9c5/0x1ba0
[  638.839381][ T8170]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  638.845004][ T8170]  ? __pfx_process_one_work+0x10/0x10
[  638.850365][ T8170]  ? rcu_is_watching+0x12/0xc0
[  638.855126][ T8170]  ? assign_work+0x1a0/0x250
[  638.859705][ T8170]  worker_thread+0x6c8/0xf00
[  638.864289][ T8170]  ? __pfx_worker_thread+0x10/0x10
[  638.869389][ T8170]  kthread+0x2c1/0x3a0
[  638.873454][ T8170]  ? _raw_spin_unlock_irq+0x23/0x50
[  638.878647][ T8170]  ? __pfx_kthread+0x10/0x10
[  638.883231][ T8170]  ret_from_fork+0x45/0x80
[  638.887635][ T8170]  ? __pfx_kthread+0x10/0x10
[  638.892219][ T8170]  ret_from_fork_asm+0x1a/0x30
[  638.896980][ T8170]  </TASK>
[  638.909218][   T35] sd 1:0:0:1: [sdc] Attached SCSI removable disk
[  638.926437][ T8170] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[  639.686906][ T5826] udevd[5826]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory
[  639.688545][ T6522] udevd[6522]: inotify_add_watch(7, /dev/sdc, 10) failed: No such file or directory
[  639.726661][ T5824] udevd[5824]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory
[  639.786745][ T5824] udevd[5824]: inotify_add_watch(7, /dev/sdc, 10) failed: No such file or directory