last executing test programs:

27m11.281317313s ago: executing program 1 (id=1533):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000005400000008000100ffff690011000200303030303a30303a31302e3000"], 0x30}}, 0x0)

27m10.30549289s ago: executing program 1 (id=1537):
r0 = timerfd_create(0x0, 0x0)
timerfd_settime(r0, 0x3, 0x0, 0x0)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x6, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000017000000bca30000000000002403000040feffff6b0af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000061140800000000001d430000000000007a0a00fe0000001f6114100000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4fffe2158dfb8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb3fa3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5973acc706db6b861b8c10a7cbd0b723906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff6194732827a58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f1000000006eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f3a6da2819d2f9e77c7c64affa555ec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f37382000000000000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23577949a50f2d0455cf799b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115553f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5f07918e6fddcd821da67a0785585a4443440dc65600e64a6a274000000000000000000000000000000000000000000000009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa61071799e1acb3928143be1c1023a375e528285544d0064b91f00f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aa3f999ce700ffe794e27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac987fd637c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fd52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812fc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a2271d96c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795d35f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7eddd12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b0200780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca78fa04d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b78825d5ed789711b77d40dc31e0b8fc651b45559da463f00000000000000005bae7859839f856e7a397913eec7977f6231c5f11849b3deabc60c5ccf240d16924eb760a969813be02a229c674045b88915518a17b683268f10358e1c0b20cfc2bd105e5e1db7fed951b8faf126267bb38b8d356f63d3433d3dee643503a8ba4968adf6673f720c474ecf324d989235f1b52aacfe52e4519af87b7e1594728d6d6fff1248e72d5b1b1b692b2b732f0f2ac0714079fd7bf97bf2b5687d1db91daa5210d09ebe66d00ff4f35143be01585e629d408f2d00a0a290db76adc5f57e160b2c188bb1ecc4e7d2948788e4f9c1bcaf91dac53a2f525f7385d5d82728b5217908748f4c22b6d79700"/4153], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x5, &(0x7f00000000c0), 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

27m9.117378095s ago: executing program 1 (id=1540):
socket$tipc(0x1e, 0x2, 0x0)
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
capset(0x0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})

27m2.590691652s ago: executing program 1 (id=1556):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x24, 0x24, 0x800, 0x70bd26, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff1, 0xfff2}, {0x1, 0xc}, {0xfff3, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
syz_io_uring_setup(0x49f, 0x0, &(0x7f0000000340), &(0x7f0000000040))
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = userfaultfd(0x801)
r4 = socket$inet6(0xa, 0x5, 0x0)
getsockopt$inet_sctp6_SCTP_NODELAY(r4, 0x84, 0x3, 0x0, &(0x7f0000000280))
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r3, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
read$msr(r1, 0x0, 0x0)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)={0x60, 0x4, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0x1}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x60}, 0x1, 0x0, 0x0, 0x40018}, 0x800)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r6 = landlock_create_ruleset(&(0x7f00000000c0)={0x100}, 0x18, 0x0)
landlock_restrict_self(r6, 0x0)
r7 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)

26m57.921639719s ago: executing program 1 (id=1565):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x2)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000200)={0x8e, "00005c02ac56f967e45706449300004ed82ff400"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x1, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x4, 0x400000000, 0x4, 0x7fffffff}, 0x0, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_sack\x00', 0x2, 0x0)
sendfile(r3, r3, 0x0, 0x3)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/asound/card0/oss_mixer\x00', 0x232582, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x46)
mknodat$loop(r0, &(0x7f0000000000)='./file0\x00', 0x4, 0x0)

26m56.388001278s ago: executing program 1 (id=1568):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008"], 0xa8}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
unshare(0x2c020400)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xf, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000000168e000000000000000018110000", @ANYBLOB="90351295e2ba0a51f0c71c78833fc1f69dea545de457f627c7b3687f280e774ca12697efd41a23044317cc5833c3269b5591ba5edd61baabd77f13dddc0ba85530b99a7ad813cfffc95bb0405064be4ea3ac0ab054ef79ad85e09626451451a22e05c2d001ab336064c5af06c5f76ebb386b5cac9c0d03d71a33f5b28c8f450c41ab8a1e193602e0b525102ea770e3b8a9d31f2c6e4cb6dffce3e286d3d0e3aaf434a8ddb9a661bd57a3f2572b873a76ce3c81a5b5247e790deaaf1b5a833b8f58383fd7c88d5dd2557fab04a81724aa7a1d26fbd9bb6329fcab27363c6544f86ae4d3275a", @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT=r2], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe4a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000300)='kfree\x00', r5}, 0x18)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)
ioctl$BTRFS_IOC_FS_INFO(r4, 0x8400941f, &(0x7f0000000380))
r7 = msgget$private(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x2000, 0x0)
msgrcv(r7, &(0x7f0000001080)={0x0, ""/1}, 0x9, 0x0, 0x3000)

26m40.097165745s ago: executing program 32 (id=1568):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014"], 0x7c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008"], 0xa8}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
unshare(0x2c020400)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xf, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000000168e000000000000000018110000", @ANYBLOB="90351295e2ba0a51f0c71c78833fc1f69dea545de457f627c7b3687f280e774ca12697efd41a23044317cc5833c3269b5591ba5edd61baabd77f13dddc0ba85530b99a7ad813cfffc95bb0405064be4ea3ac0ab054ef79ad85e09626451451a22e05c2d001ab336064c5af06c5f76ebb386b5cac9c0d03d71a33f5b28c8f450c41ab8a1e193602e0b525102ea770e3b8a9d31f2c6e4cb6dffce3e286d3d0e3aaf434a8ddb9a661bd57a3f2572b873a76ce3c81a5b5247e790deaaf1b5a833b8f58383fd7c88d5dd2557fab04a81724aa7a1d26fbd9bb6329fcab27363c6544f86ae4d3275a", @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYRESOCT=r2], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe4a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000300)='kfree\x00', r5}, 0x18)
r6 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}}, 0x0)
ioctl$BTRFS_IOC_FS_INFO(r4, 0x8400941f, &(0x7f0000000380))
r7 = msgget$private(0x0, 0x0)
msgsnd(0x0, &(0x7f0000000180)=ANY=[], 0x2000, 0x0)
msgrcv(r7, &(0x7f0000001080)={0x0, ""/1}, 0x9, 0x0, 0x3000)

10.975645959s ago: executing program 3 (id=6331):
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@empty, 0x0, 0x1, 0x1, 0x4, 0x4}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000140))
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00'}, 0x58)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x28, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r4, 0x4080aebf, &(0x7f0000003680)={{0x0, 0x0, 0x80, {0xf000}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c0f000000c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf97a8b7b53058b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bf762c94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b99d5376cd928c431fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029ec7c33830a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576648eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af095a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0714b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf87b55ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f3147414eff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b5fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22470812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb6ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b40867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa3181b74ec7dae2e42c9caab43e49ae1d922a1a1eb3682de026323d0400000000000000a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae3a8aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c0e7faf2ea7d3f5271028fc558a44799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db632ec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880beca5f330c626774ab5cb6967fb0ea8e14efce120947092c3b6f8a22f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6f9338183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f710100ab8d0b545c334014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b57fe072d3218983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c6df4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b76de44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd5828b0218ffe40f375d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156ee4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c2371371b77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d4738d5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95d3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03fbb0fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641baf9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33205f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49e8fcda3c322b738ed2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a343133158364a9fe3bb4b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc2456a72fabb16b47da71624d2e9081de748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b893dae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33d0d9ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc3016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e7e8f67b8be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c08518bdc6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e4b1760f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e516"})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(r4, 0xc080aebe, 0x0)
r5 = socket$inet6(0xa, 0x1, 0x8010000000000084)
r6 = openat$cgroup_devices(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$rfkill(0xffffffffffffffff, &(0x7f0000000180)={0x3, 0x2, 0x3}, 0x8)
write$cgroup_devices(r6, &(0x7f0000000140)=ANY=[@ANYBLOB], 0xa)
bind$inet6(r5, &(0x7f00000000c0)={0xa, 0x4e24, 0x0, @remote, 0x7fff}, 0x1c)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
socket$unix(0x1, 0x1, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x18, 0x0, @empty}}, 0x0, 0x0, 0x318, 0x1, 0x24}, 0x9c)

9.645397475s ago: executing program 3 (id=6337):
syz_usb_connect(0x2, 0x24, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000011620140480b05101e8c00000001090212000100000000090401"], 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_X86_SET_MCE(r2, 0x4040ae9e, &(0x7f0000000000)={0xf800000000000000, 0x2000, 0x4, 0x0, 0x17})
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x80, 0x80, 0xc, [@type_tag={0x4, 0x0, 0x0, 0x12, 0x2}, @decl_tag={0x10, 0x0, 0x0, 0x11, 0x1, 0xa}, @struct={0x10, 0x5, 0x0, 0x4, 0x0, 0x1, [{0xc, 0x2, 0x6}, {0x3, 0x3, 0x4}, {0x5, 0x4, 0xbb49}, {0xd, 0x0, 0x9}, {0x10, 0x5}]}, @var={0x7, 0x0, 0x0, 0xe, 0x1, 0x2}, @fwd={0x6}]}, {0x0, [0x5f, 0x61, 0x61, 0x5f, 0x0, 0x5f, 0x0, 0x2e, 0x2e, 0x2e]}}, &(0x7f0000000500)=""/177, 0xa4, 0xb1, 0x0, 0x1, 0x10000, @value}, 0x28)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x19, 0x1e, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x101}, {}, {}, [@map_idx_val={0x18, 0xa, 0x6, 0x0, 0xd, 0x0, 0x0, 0x0, 0x823}, @snprintf], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000040)='GPL\x00', 0x40, 0xd5, &(0x7f0000000240)=""/213, 0x40f00, 0x1e, '\x00', 0x0, @cgroup_sockopt=0x16, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000080)={0x5, 0x8, 0x3bb2, 0xa}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, &(0x7f00000000c0)=[0xffffffffffffffff], &(0x7f0000000340)=[{0x0, 0x4, 0xb, 0x9}, {0x0, 0x3, 0x0, 0xb}], 0x10, 0x171, @void, @value}, 0x94)
close_range(r3, r5, 0x2)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r7, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan1\x00'})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r10=>0x0})
r11 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000600), 0x80040, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000640)={0xc, 0x0, <r12=>0x0})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f0000000680)={0xc, 0x0, <r13=>0x0})
ioctl$IOMMU_IOAS_COPY$syz(r11, 0x3b83, &(0x7f00000006c0)={0x28, 0x10000, r12, r13, 0x338b52, 0xffffffff, 0x7, 0xd6297})
sendmsg$NL80211_CMD_SET_INTERFACE(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x24, r9, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0xb}]}, 0x24}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r14 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r14, &(0x7f0000019680)=""/102392, 0x18ff8)

7.099999751s ago: executing program 3 (id=6348):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249276dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec422346f9696f4bb3226b0ca75d135ebd8cae46fb83b71c103e1fdcb1934fd1d28b4916abe2c44e26ea72be426c27052e816212096000155788943b846746ccb492175fc9e01", 0xf4}, {&(0x7f00000003c0)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60f56130f82b327f5fe900e3e107bc6b783d1d23a056426d6502133386b51e657046c1c43a2a2c4a7611ee6592a5ee08700d24d832163b3def1f", 0xe9}, {&(0x7f0000000640)="d48c8225ddfdf2c06c27763617468581389d34126760ba3dd0fe077a7c2ce378dd62cafeeb4ba1493766d09fd561d69a5bf8109ffcd3e43d8c16b9c3fa92d4439c5af1fa4775d01dcf0748a24ab51b52fbe75287a4b9aaa18fd479bdd154b4efe531a242d90a1ca2799c242bfd4ddd8271448d3415bd3a907ad340dc2fa2471393212d02eb25242808cffdc4e7a646211c18ac8602f5fc1e4f82b72871a8d42f37988365ff226c1523bf01617976641421438e16378094c94f2e55a44150d9a358d92606afb12f21a63daadbb143d6ccdae88d53521b9fe51ffabb08ff67cb98266eeb1fbf81ec1e", 0xe8}, {&(0x7f0000000040)="f96be6c391f1f8b23ae44a70a75f4a5ed0e013f80882907ab089ee65d16a6c6f5c666dad31257fb48b66d940a3819d0809971ea8274a6590", 0x38}, {&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff1f0e5a1d9b32cef2b6e0a61af7968dc1759c4d901867d7d6e9f2521f6a1578e1cc2fbf58837a2633c0b8299192718c61227412dafd01e899723b33735bbec3e1429117362acc4139fc3565f183bd5568f47f4bc416adb360fdd9c497c2ad2ffe1ad738f4c073f1378d2b455e61844076a4a97ac1e13e2fb300ae69d55c501f96dcc39bf7ed835cc866f0fbd8e936e8374a484f111919dc610e0a36a0ee3df2ab1dc34cea42a4292e2fba", 0xe9}, {&(0x7f0000000200)="057322e18609ed78266492c2a2ae3f0c0f3f6394c53de2727898d209dcb274efec9fc9995189ead7bf00148d091675fa045479985e4f644d258d0aa4a696", 0x3e}], 0x6}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b7", 0x66}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b3929", 0x54}], 0x2}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

6.723467599s ago: executing program 3 (id=6350):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x5)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x88402)
r3 = socket(0x2000000000000021, 0x2, 0x2)
getpeername$packet(r3, 0x0, &(0x7f0000000680))

5.017837562s ago: executing program 4 (id=6361):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
sendmmsg$inet(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="68377863ac6ea61666eaa696435a75f1626fe3a3acedcaf71527ff51d446daac757559d2d6fc2b90952355ec6c61d718c91784312b1b4771888a0811895b02ffb658934b0bbd6466c9cc04cc7252f1f1deea5a8b9c6797c8f1263db526cf88899f7ecab544662eb34743cefb660a78cb9468d2900b3cda4cca9d89ab6d341d145acf249276dda272407bc98d9e5431316d468b9e4750f2316589dc4de3157592d27fd723a512c85b08035842b75ec422346f9696f4bb3226b0ca75d135ebd8cae46fb83b71c103e1fdcb1934fd1d28b4916abe2c44e26ea72be426c27052e816212096000155788943b846746ccb492175fc9e01", 0xf4}, {&(0x7f00000003c0)="5453b4b759f9d4f4f33bda880b70e0dadde06223919f4585429ef69078a4956f646ea03bfd4c090a003c01f32b1a175baf38c1eb4572c8b372a4cf9128062e58ff575546876a2804144c3aea98c4a3533396f87e860de8c66bceb0e6b387ec853b7e91c57587d38436637e702ae18eeccefdcd7a3cdd7bfc327b5d619b57d56afe1628b65e2948af5ee0e3f52746a5aff58bb7c6d253a58bf745584d1bc19fe5e42b5534eab9e9d2587b413e81f68b60f56130f82b327f5fe900e3e107bc6b783d1d23a056426d6502133386b51e657046c1c43a2a2c4a7611ee6592a5ee08700d24d832163b3def1f", 0xe9}, {&(0x7f0000000640)="d48c8225ddfdf2c06c27763617468581389d34126760ba3dd0fe077a7c2ce378dd62cafeeb4ba1493766d09fd561d69a5bf8109ffcd3e43d8c16b9c3fa92d4439c5af1fa4775d01dcf0748a24ab51b52fbe75287a4b9aaa18fd479bdd154b4efe531a242d90a1ca2799c242bfd4ddd8271448d3415bd3a907ad340dc2fa2471393212d02eb25242808cffdc4e7a646211c18ac8602f5fc1e4f82b72871a8d42f37988365ff226c1523bf01617976641421438e16378094c94f2e55a44150d9a358d92606afb12f21a63daadbb143d6ccdae88d53521b9fe51ffabb08ff67cb98266eeb1fbf81ec1e", 0xe8}, {&(0x7f0000000040)="f96be6c391f1f8b23ae44a70a75f4a5ed0e013f80882907ab089ee65d16a6c6f5c666dad31257fb48b66d940a3819d0809971ea8274a6590", 0x38}, {&(0x7f0000000740)="f52ec22aafecc37a6d9995f1afb5c1727f223f9b84451a110b1dfbf19cc7ed183ba93f6d55645001887fc999262b9c938e22ef5ec46b4b1b535060dcca5cff1f0e5a1d9b32cef2b6e0a61af7968dc1759c4d901867d7d6e9f2521f6a1578e1cc2fbf58837a2633c0b8299192718c61227412dafd01e899723b33735bbec3e1429117362acc4139fc3565f183bd5568f47f4bc416adb360fdd9c497c2ad2ffe1ad738f4c073f1378d2b455e61844076a4a97ac1e13e2fb300ae69d55c501f96dcc39bf7ed835cc866f0fbd8e936e8374a484f111919dc610e0a36a0ee3df2ab1dc34cea42a4292e2fba", 0xe9}, {&(0x7f0000000200)="057322e18609ed78266492c2a2ae3f0c0f3f6394c53de2727898d209dcb274efec9fc9995189ead7bf00148d091675fa045479985e4f644d258d0aa4a696", 0x3e}], 0x6}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000840)="b1f56ee29c433328d3b2a83bd97e37007087acae7568edff43ed556d76770122635aea1dc48755381c71590cd542e796cc2669e2af442a03760c5cdfc691b3da35ad6a8d2ef9c2baa53a8dec36a2e434d46e643a1277b1dd932f3ef2cf46c257d6a19523b8b7", 0x66}, {&(0x7f0000000e80)="5be3b011e12323e4ab88c0472f0700000000000000e71ba6231f303d2db97401439932cfd4855c4cc243dae723789d8a9a16be3135c5f82691837c90ab19545f7a1dcf1449fd59eecae5f52fba1e89d6d34b3929", 0x54}], 0x2}}], 0x2, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

4.876213338s ago: executing program 5 (id=6362):
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x9}, 0x8)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000d40)={0x48, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x44, &(0x7f0000000100)="0000000000000000000051229dc9", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r6 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r6, &(0x7f00000005c0)={&(0x7f0000000000), 0x10, 0x0}, 0x0)
syz_80211_inject_frame(0x0, &(0x7f0000000340)=@mgmt_frame=@reassoc_resp={{{0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1}, {0x1}, @broadcast, @device_b, @from_mac=@broadcast, {0x9, 0x3}}, 0x8, 0x22, @random, @void, @void, [{0xdd, 0x55, "d0be83cafbae48cfc332213ea70d3158464bc9b59e441ce1fdf4c80ada0ed04002597917345a8d5a63aa5f9b80539c4542b63d1a1d0581bd276dd75c7c6f40036c2c7048fd2c452b276c65b9a17e9247cef3e870e1"}]}, 0x75)
r7 = syz_init_net_socket$ax25(0x3, 0x2, 0xcd)
setsockopt$ax25_SO_BINDTODEVICE(r7, 0x101, 0x19, &(0x7f0000000040)=@bpq0, 0x10)
r8 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
pread64(r8, &(0x7f0000000140)=""/15, 0xf, 0x4)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r9, r10, 0x4, 0x0, @void}, 0x10)

4.824398739s ago: executing program 3 (id=6363):
r0 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000500)={0x0, 0xfffd}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='mm_khugepaged_scan_pmd\x00', r1, 0x0, 0x800}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
keyctl$KEYCTL_MOVE(0x4, 0x0, 0x0, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r2, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYRES64, @ANYRES16=r3, @ANYRES32=r1, @ANYRES32=r4, @ANYBLOB="f4e9b2c5be0ac48520db68a38eaeefe76e3e3c8e19150f4d9aabd7585ecac8d980df16f24c581ac2b5ed5e7d831f03bd426fd8aaf86b1a1b1cc531ee39428c8dfce5bc70a86d8bc9cf30dbd3f57d2bc49e2eff0f40d0a00b121088a970e4d67a17eaa161633b8331c7ec2e4231c07cb5f7c2036f75196a7e9e200c0b3fb4bf746df6c05a22373a20796c5793e8abf3be9d0af6e219c63eef54e70ba20fc42b8ea6be8376a2682c", @ANYRES32], 0x24}}, 0x4000000)
r5 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="1201000000000040ef17476000000000000109022400010000000009040000010300020009210000000122050009058103"], 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, &(0x7f00000003c0)={0x2c, &(0x7f0000000300)=ANY=[@ANYBLOB='\x00\x00W'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac1(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_connect$printer(0x6, 0x2d, &(0x7f00000000c0)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0xb7, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x0, 0x20, 0x1b, [{{0x9, 0x4, 0x0, 0x3, 0x1, 0x7, 0x1, 0x3, 0x8d, "", {{{0x9, 0x5, 0x1, 0x2, 0x3ff, 0x4, 0x5, 0xea}}}}}]}}]}}, &(0x7f0000000700)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x310, 0x2, 0x8, 0x7, 0x10, 0xe}, 0xc9, &(0x7f0000000540)={0x5, 0xf, 0xc9, 0x6, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x8, 0x2, 0xa, 0x8}, @ss_container_id={0x14, 0x10, 0x4, 0xf, "45ecb09f67e17850b45b5a0550ab994c"}, @generic={0x84, 0x10, 0xb, "2c9e5ee89827cc2a0b8b1dc0df2715c5b7ef15571b29bed6b0da02c275c7a764011b574b439e378176dc9096dfcb0e399c8e1501db8b29422cc77239e98475baa42d345fccfcb46f64c34a583193cf44e10bf528f29581f725bc273363fd7beb34ee52d58a77bfb0f2339baf17a4daf9a131e32a0c89e99d36a1d9509061e52124"}, @ext_cap={0x7, 0x10, 0x2, 0x10, 0xc, 0x5, 0x3}, @ext_cap={0x7, 0x10, 0x2, 0x827b62e5ad5d4056, 0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x9, "fcb294f912e7f3b56c08523f03549325"}]}, 0x4, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x1404}}, {0xa0, &(0x7f0000000640)=@string={0xa0, 0x3, "565814f490d235484f8934af5c8b7c422904f0857a17c80bb45ca95151faadc775206c70ca3bb07ebeb201e6a005d50beab16758a8fd010949847d5514d4f7bfb6622d3a467f20bed93c8db149c56557db7c0a8b66c4a79c0c4cd68d11a811a780807aac354d4c7c31ae577b3514c6656f8046690b034d6f3e16ce9ec526fad13317467c8c99358052c10abcff61d6577f23dd6fe548d7ea020baf2d4939"}}, {0x23, &(0x7f0000000340)=@string={0x23, 0x3, "4c46da368607ec1fcad74d48d8e6945c33474e62ed7c5df333d164d2d1cc39cfaf"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x440a}}]})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
syz_clone(0x1000000, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x0)
mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
rseq(&(0x7f0000000400)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
unshare(0x38000600)
listen(0xffffffffffffffff, 0x4)
syz_usb_control_io(r5, 0x0, 0x0)
syz_usb_control_io(r5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)

4.823577611s ago: executing program 4 (id=6364):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0)
getsockopt$bt_hci(r0, 0x84, 0x84, &(0x7f00000020c0)=""/4055, &(0x7f0000001080)=0xfd7) (fail_nth: 1)

4.792106678s ago: executing program 2 (id=6365):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r1)
writev(r1, &(0x7f0000000340)=[{&(0x7f00000001c0)="dbcb0a19ad6ba922bc2e703f0fa3c7d7dc353a265eb5103be5ee84595f55e20da43618acf9bdec18565cdd6d01e76485e5de9050702238d082dd2b6665335599f19b65c8f52efb03e789e8687ae6d7e71902345a5e83b047e857933ed3f7c3a46ed1504a774ca265cf2ee7d30c311d9c000092995513b47ad737641d662976e19639f0ea05d271cb0d1cf148a716874bc0abb07e306aca6b01ac859328c4ce05a4d2cceefe834e3df0cccb5f591f09f5654b02737606aed7d6bc97270e7f37316353c454845eeb4681d120f789800de68edc072373efbfa0590a5fdf3a305aed", 0xe0}, {0x0}], 0x2)

4.482673443s ago: executing program 4 (id=6366):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000040000000000000910000ddb97e0000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000002340)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4509c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a900d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a3c0db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05fea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848022e8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0000000000000000000000000001545f0ec539c3b58facd2f62dc3307a6c91d6b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r0, r0, 0x2f, 0x2000, 0x4, @value}, 0x20)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$xdp(0x2c, 0x3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r4, &(0x7f0000000800)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000680)={&(0x7f0000000780)={0x44, 0x4, 0x6, 0x401, 0x0, 0x0, {0x7, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0xc080}, 0xe821651e0a1b45fc)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000340)=0x1200442, 0x4)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0xfc, 0x1b, 0x1, 0x0, 0x0, {{@in=@multicast1, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xf, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x2, 0x2}, 0x2, 0x8}, [@tmpl={0x44, 0x8, [{{@in6=@loopback={0x800000000000000}, 0x4d4}, 0x0, @in=@broadcast}]}]}, 0xfc}}, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'veth0_to_batadv\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000200)=@newqdisc={0x40, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_FLOWS={0x8, 0x5, 0x1}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x800, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0x2}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x58, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x28, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_XOR={0x8, 0x7, 0x1ff}, @TCA_FLOW_KEYS={0x8, 0x1, 0x681e}, @TCA_FLOW_ACT={0x4}, @TCA_FLOW_MASK={0x8, 0x6, 0x4}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x20, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0xfffffff7}]}}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}}, 0x0)

4.024280391s ago: executing program 4 (id=6367):
socket$isdn(0x22, 0x3, 0x10)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000200)={{0x80, 0x5}, 'port1\x00', 0xbf04, 0x1040, 0x7, 0x0, 0xffffffff, 0x5, 0x0, 0x0, 0xd, 0x2})
creat(&(0x7f0000000380)='./file0\x00', 0xecf86c37d53049e1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_set$uid(0x3, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe(0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f00000001c0)=0x7f, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)

3.553609367s ago: executing program 2 (id=6368):
socket$isdn(0x22, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000200)={{0x80, 0x5}, 'port1\x00', 0xbf04, 0x1040, 0x7, 0x0, 0xffffffff, 0x5, 0x0, 0x0, 0xd, 0x2})
creat(&(0x7f0000000380)='./file0\x00', 0xecf86c37d53049e1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_set$uid(0x3, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe(0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f00000001c0)=0x7f, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x406f413, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8042, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0)

3.306467739s ago: executing program 5 (id=6369):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x40000)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000840), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000", @ANYRES32=r1], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$bt_hci(r0, 0x0, 0x3, &(0x7f0000000540)=""/71, &(0x7f0000000300)=0x47)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[], 0xb8}}, 0x4004)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x11}, 0x80)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r7, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r8, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.188586512s ago: executing program 0 (id=6370):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x40000)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000840), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x11, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff000000000000000085000000a8000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008", @ANYRES32=r1], &(0x7f0000000b00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockopt$bt_hci(r0, 0x0, 0x3, &(0x7f0000000540)=""/71, &(0x7f0000000300)=0x47)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'team0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef91", 0x12)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[], 0xb8}}, 0x4004)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x1, 0x11}, 0x80)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00', @ANYBLOB="010000000000000000004400000008000300", @ANYRES32], 0x4c}}, 0x4000804)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r7, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r8, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.016121816s ago: executing program 5 (id=6371):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x5}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}}, 0x2000c004)

3.011031718s ago: executing program 4 (id=6372):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000001a00)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @multicast1}, 0x10)
setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000640)=0x48b5, 0x4)
sendto$inet(r0, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49", 0xa1, 0x0, 0x0, 0x0)

2.931540022s ago: executing program 4 (id=6373):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x5)
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x88402)
r3 = socket(0x2000000000000021, 0x2, 0x2)
getpeername$packet(r3, 0x0, &(0x7f0000000680))

2.874910758s ago: executing program 0 (id=6374):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
r0 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0)
write$rfkill(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
gettid()
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xb, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x70}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [], {{0x5, 0x1, 0x4, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000040)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0xa0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.684449217s ago: executing program 0 (id=6375):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, 0x0, 0x0, 0xc0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

2.650200797s ago: executing program 2 (id=6376):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x2, 0x4, 0x4, 0x8, 0x800, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r2, 0x3ba0, &(0x7f00000003c0)={0x48, 0xc, r3, 0x0, 0x0, 0x200000000})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000000)={0x28, 0x6, r3, 0x0, &(0x7f0000ffb000/0x4000)=nil, 0x4000})
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x2}, 0x1c)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x2b, 0x1, 0x1)
bind$inet6(r5, 0x0, 0x0)
listen(r5, 0x5)
openat$adsp1(0xffffffffffffff9c, 0x0, 0xa0201, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(0xffffffffffffffff, 0x5760, 0x5e)

2.491983106s ago: executing program 0 (id=6377):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$IMGETCOUNT(0xffffffffffffffff, 0x80044944, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$video4linux(&(0x7f0000000000), 0xffffffff, 0x88a03)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32], 0x34}}, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000240)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f0000000480)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x20}, 0x5000)

2.204993369s ago: executing program 5 (id=6378):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
syz_genetlink_get_family_id$fou(&(0x7f0000000040), r1)
writev(r1, &(0x7f0000000340)=[{&(0x7f00000001c0)="dbcb0a19ad6ba922bc2e703f0fa3c7d7dc353a265eb5103be5ee84595f55e20da43618acf9bdec18565cdd6d01e76485e5de9050702238d082dd2b6665335599f19b65c8f52efb03e789e8687ae6d7e71902345a5e83b047e857933ed3f7c3a46ed1504a774ca265cf2ee7d30c311d9c000092995513b47ad737641d662976e19639f0ea05d271cb0d1cf148a716874bc0abb07e306aca6b01ac859328c4ce05a4d2cceefe834e3df0cccb5f591f09f5654b02737606aed7d6bc97270e7f37316353c454845eeb4681d120f789800de68edc072373efbfa0590a5fdf3a305aed", 0xe0}, {0x0}], 0x2)

1.492398662s ago: executing program 2 (id=6379):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='ns\x00')
setsockopt$inet6_mreq(r0, 0x29, 0x1c, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r2 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r2, &(0x7f0000002700)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x4000084)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
write$dsp(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r1, 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000280)=ANY=[@ANYBLOB="2b72646d6120accf1dbe7909239f8eb702133329b4239b6c52836d6a0434b2c9d7a6a3d2f93e0e737163ea1b0951b7c06ae8638e16c47f3fa9721aa2e0eeff16a1eb014e4c3cca9c4154fcb56b3b1362c9ff60b349b145c44957f6f75698"], 0x6)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
socket$inet6(0xa, 0x800000000000002, 0x0)

1.263225144s ago: executing program 0 (id=6380):
syz_open_dev$vim2m(&(0x7f0000000340), 0x0, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r3, 0x0)
ftruncate(r3, 0x72a)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0xffffffffffffffff, r0, 0x1, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r4, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
writev(r4, &(0x7f0000000100)=[{&(0x7f0000000140)="1e", 0x1}], 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r4)
shutdown(r4, 0x1)

1.012054285s ago: executing program 5 (id=6381):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000003c0)={0x4000001, 0x0, 0x6})
pread64(r0, 0x0, 0x0, 0xce2)
r1 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r2 = add_key$keyring(&(0x7f0000000280), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r1, 0xffffffffffffffff, r2, 0x1)

766.625127ms ago: executing program 5 (id=6382):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
syz_emit_vhci(0x0, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000000c0)={0xe, 0x18, 0xfa00, @id_tos={0x0, 0xffffffffffffffff, 0x0, 0x3}}, 0x20)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
r1 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, 0x0)
userfaultfd(0x80001)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000340)={0x4, 0xfe})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800"/16], 0x0, 0x96, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000300), 0x6)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000dc0)={0xb, {'syz0\x00', 'syz1\x00', 'syz0\x00', 0x1, 0x3, 0xffffffff, 0x4, 0x1, 0x7fffffff, "a9"}}, 0x119)
write$UHID_CREATE(r2, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x4, 0x0, 0x0, 0xc08}}, 0x120)
r3 = syz_open_dev$video(&(0x7f0000000000), 0x3, 0x1340)
ioctl$VIDIOC_TRY_FMT(r3, 0xc0d05640, 0x0)
clock_settime(0x0, &(0x7f0000000040)={0x77359400})
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x16d)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]})

766.021892ms ago: executing program 2 (id=6383):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000001a00)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x11}}, 0x10)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e24, @multicast1}, 0x10)
setsockopt$inet_udp_int(r0, 0x11, 0x67, &(0x7f0000000640)=0x48b5, 0x4)
sendto$inet(r0, &(0x7f00000000c0)="8689d46205a34100bf2bbe11a5ce7839edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9ecda75e2a7d49d5cbcb370c4d789390a328ba42c9c60cf2154d1b659aa709e8980a522cfb72f23ad87fb7019706ccae98cfe7c4fd23e8297b8cabc46ede1ac3da78f1b488c6357e7edfcd417df6660af20a54ecdcb02f689ae15ee655d4b7b1ea733e88ee9f53669388dff487c1c49953f3bc142112bd4b582b29b35d43962ed245c2cd5d5df40a3e0ed6beaf3b641e84b0f0dfa121a9efe05269f9f4a0e9bcbf43c7a90a711f453668c730c3badedca687b71a9c27bab9e724cc4a491871303", 0xf2, 0x0, 0x0, 0x0)

678.789273ms ago: executing program 3 (id=6384):
syz_io_uring_setup(0x3665, &(0x7f0000000100)={0x0, 0x0, 0x2, 0xfe, 0xfffffffd}, 0x0, 0x0)

15.009363ms ago: executing program 0 (id=6385):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$BTRFS_IOC_START_SYNC(r0, 0x80089418, &(0x7f0000000440))
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, &(0x7f0000000400)=0x2, 0x4)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan1\x00', <r2=>0x0})
bind$can_raw(r1, &(0x7f0000000480)={0x1d, r2}, 0x10)
close(r1)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f00000190c0)='./file0\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000019080)='./file0\x00', 0x0, 0x23010, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='cgroup.stat\x00', 0x275a, 0x0)
statx(r3, 0x0, 0x48e0cdf8471afff4, 0x54663aafb2d54055, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_clone3(&(0x7f0000000140)={0x80, 0x0, 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)=@generic={&(0x7f0000000040)='./file0\x00', r3}, 0x18)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r6, &(0x7f0000000080)="b3019c28", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2}, 0x1c)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
accept$unix(r3, 0x0, &(0x7f0000000380))
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000540)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r8, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000780)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010828bd70ecff0000000b00000008000300", @ANYRES32=r9, @ANYBLOB="28005080110001004abee339084eeef16f162471f400000005000200000000000800030005ac0f00"], 0x44}, 0x1, 0x0, 0x0, 0x44151}, 0x0)
ioctl$SIOCGSTAMP(r6, 0x8906, 0x0)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r3, &(0x7f0000000300)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x28, r7, 0x400, 0x70bd27, 0x25dfdbfe, {{}, {@void, @val={0x8, 0x3, r9}, @val={0xc, 0x99, {0x5, 0x73}}}}, ["", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x4800}, 0x48040)
recvmmsg(r6, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x10162, 0x0)
execve(&(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000100)={[&(0x7f0000000580)=' wO\xd5\xce\x82\x89r\xa0\r\xc4Z\x15\xfds\x17g\n\xee\x9f\a0\xc3\x80\xbf\x80j$\xe6Z\xde\xf1pc\x96\x8f\xb5\x9d\xe3\x11m\x88~\xe3\xc7\xe3\t\xab\xbb@\xd9\xf8\xa2N\x03\xcf\xe4\xd6\x0ew\x10\xc2\xaa\x84bC\xc8\xd0\xe07\xa1\rIa\xb1^\xc5WG\xccV\xd3\x91\x84x\x9d\x8eg\x84\xeb\x9e;\x8f\xa1\xa3\xcf]@\x82\xcf\x01$;\xd5\xc0\xa8\xc8r\x0e_\xac\xef\xf5\r\xd5Q\v\b#E\xcf@a\xa2\xaa#\x13S\x04\x12$\xcb\xbeV!\x1d\xc7\x84_\\ \xc7oh$\xc9\x06m', &(0x7f00000004c0)='\x00']})

0s ago: executing program 2 (id=6386):
socket$isdn(0x22, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000200)={{0x80, 0x5}, 'port1\x00', 0xbf04, 0x1040, 0x7, 0x0, 0xffffffff, 0x5, 0x0, 0x0, 0xd, 0x2})
creat(&(0x7f0000000380)='./file0\x00', 0xecf86c37d53049e1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioprio_set$uid(0x3, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pipe(0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2, &(0x7f00000001c0)=0x7f, 0x4)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r2, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x406f413, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x8042, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r3, 0x0)

kernel console output (not intermixed with test programs):

z.4.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e738e969 code=0x7ffc0000
[ 1743.223721][T24366] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1743.285335][   T30] audit: type=1326 audit(1748665425.298:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24356 comm="syz.4.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fc7e738e969 code=0x7ffc0000
[ 1743.368432][   T30] audit: type=1326 audit(1748665425.308:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24356 comm="syz.4.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e738e969 code=0x7ffc0000
[ 1743.396074][   T30] audit: type=1326 audit(1748665425.308:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24356 comm="syz.4.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7e738e969 code=0x7ffc0000
[ 1743.423920][   T30] audit: type=1326 audit(1748665425.308:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24356 comm="syz.4.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e738e969 code=0x7ffc0000
[ 1743.451508][   T30] audit: type=1326 audit(1748665425.308:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24356 comm="syz.4.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc7e738e969 code=0x7ffc0000
[ 1743.483607][   T30] audit: type=1326 audit(1748665425.308:1122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24356 comm="syz.4.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e738e969 code=0x7ffc0000
[ 1743.636537][   T30] audit: type=1326 audit(1748665425.308:1123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24356 comm="syz.4.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7e738e969 code=0x7ffc0000
[ 1743.670050][   T30] audit: type=1326 audit(1748665425.308:1124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24356 comm="syz.4.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc7e738e969 code=0x7ffc0000
[ 1744.973755][T24390] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1750.373702][T24433] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4815'.
[ 1751.382443][T18421] Bluetooth: hci3: unexpected event for opcode 0x0c20
[ 1751.859680][T18421] Bluetooth: hci1: unexpected event for opcode 0x0c20
[ 1753.933520][T24483] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4829'.
[ 1754.999621][T14400] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[ 1755.172860][T14400] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1755.182213][T14400] usb 4-1: config 6 has an invalid interface number: 96 but max is 0
[ 1755.197739][T14400] usb 4-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[ 1755.208144][T14400] usb 4-1: config 6 has no interface number 0
[ 1755.214432][T14400] usb 4-1: config 6 interface 96 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1755.225369][T14400] usb 4-1: config 6 interface 96 has no altsetting 0
[ 1755.237927][T14400] usb 4-1: New USB device found, idVendor=10b8, idProduct=1e6e, bcdDevice=4f.2b
[ 1755.267651][T14400] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1755.277224][T14400] usb 4-1: Product: syz
[ 1755.318100][T14400] usb 4-1: Manufacturer: syz
[ 1755.328187][T14400] usb 4-1: SerialNumber: syz
[ 1755.683348][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[ 1756.206402][T14400] dvb-usb: found a 'DiBcom TFE7790P reference design' in cold state, will try to load a firmware
[ 1756.221811][T14400] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1756.241636][T14400] dib0700: firmware download failed at 7 with -22
[ 1756.256238][T14400] usb 4-1: USB disconnect, device number 64
[ 1763.197147][T24586] fuse: Bad value for 'fd'
[ 1763.717748][T24590] netlink: 83 bytes leftover after parsing attributes in process `syz.4.4860'.
[ 1768.197060][T24633] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.4873'.
[ 1770.637047][T24653] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4878'.
[ 1775.547925][T24689] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4889'.
[ 1777.433431][T24709] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.4894'.
[ 1780.109624][T24729] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4898'.
[ 1781.700431][T24740] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4901'.
[ 1782.591229][T24754] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.4904'.
[ 1786.880539][T24781] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1786.888457][T24781] team0: Device ipvlan2 is already an upper device of the team interface
[ 1788.720273][T24795] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4916'.
[ 1788.771768][T18421] Bluetooth: hci2: unknown advertising packet type: 0x70
[ 1790.043988][ T5900] usb 6-1: new low-speed USB device number 28 using dummy_hcd
[ 1791.031696][T18421] Bluetooth: hci0: unexpected event for opcode 0x0c20
[ 1791.031789][ T5900] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[ 1791.102393][ T5900] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1791.113561][ T5900] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1791.137688][ T5900] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1791.207813][ T5900] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1791.222740][ T5900] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[ 1791.231402][ T5900] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1791.271503][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1791.279929][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1791.357880][ T5900] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1791.374348][ T5900] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1791.386703][ T5900] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1791.399501][ T5900] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[ 1791.406946][ T5900] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1791.419275][ T5900] usb 6-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1791.431486][ T5900] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1791.479530][ T5900] usb 6-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1791.494099][ T5900] usb 6-1: string descriptor 0 read error: -22
[ 1791.501357][ T5900] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1791.510526][ T5900] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1791.547014][ T5900] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1792.767485][T24840] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4928'.
[ 1793.588517][T24846] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1793.598472][T24846] team0: Device ipvlan2 is already an upper device of the team interface
[ 1794.470925][T24855] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4931'.
[ 1794.480440][T24855] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4931'.
[ 1795.175680][T24863] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.4932'.
[ 1796.464505][T20990] bridge_slave_1: left allmulticast mode
[ 1796.517572][T20990] bridge_slave_1: left promiscuous mode
[ 1796.589330][ T5900] usb 6-1: USB disconnect, device number 28
[ 1796.615629][T20990] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1796.688844][T20990] bridge_slave_0: left allmulticast mode
[ 1796.695119][T20990] bridge_slave_0: left promiscuous mode
[ 1796.700982][T20990] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1796.851773][T24881] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.4936'.
[ 1799.676020][T24894] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4941'.
[ 1801.247136][T20990] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1801.281873][T20990] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1801.300657][T20990] bond0 (unregistering): (slave batadv0): Releasing backup interface
[ 1801.309644][T20990] bond0 (unregistering): Released all slaves
[ 1801.339356][T24903] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1801.371302][T24903] team0: Device ipvlan2 is already an upper device of the team interface
[ 1806.789181][T20990] hsr_slave_0: left promiscuous mode
[ 1806.835185][T20990] hsr_slave_1: left promiscuous mode
[ 1806.842410][T20990] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1806.853032][T20990] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1806.884296][T20990] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1806.902825][T20990] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1806.943967][T20990] veth0_macvtap: left promiscuous mode
[ 1806.950214][T20990] veth1_vlan: left promiscuous mode
[ 1807.015113][T20990] veth0_vlan: left promiscuous mode
[ 1807.510530][T18421] Bluetooth: hci4: unexpected event for opcode 0x0c20
[ 1808.337609][T24961] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4955'.
[ 1809.071716][T24971] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4958'.
[ 1809.394820][T20990] team0 (unregistering): Port device team_slave_1 removed
[ 1809.428253][T20990] team0 (unregistering): Port device team_slave_0 removed
[ 1809.716625][T24964] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1809.733847][T24964] team0: Device ipvlan2 is already an upper device of the team interface
[ 1809.799214][T24974] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.4959'.
[ 1811.019450][ T5900] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[ 1811.095867][T24986] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4961'.
[ 1811.240939][T24988] usb usb8: usbfs: process 24988 (syz.5.4962) did not claim interface 0 before use
[ 1811.484646][ T5900] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1811.816939][ T5900] usb 5-1: config 6 has an invalid interface number: 96 but max is 0
[ 1811.841687][ T5900] usb 5-1: config 6 has an invalid descriptor of length 68, skipping remainder of the config
[ 1811.854077][ T5900] usb 5-1: config 6 has no interface number 0
[ 1811.864058][ T5900] usb 5-1: config 6 interface 96 has no altsetting 0
[ 1812.050256][ T5900] usb 5-1: New USB device found, idVendor=10b8, idProduct=1e6e, bcdDevice=4f.2b
[ 1812.062240][ T5900] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1812.107687][ T5900] usb 5-1: Product: syz
[ 1812.585075][T20990] IPVS: stop unused estimator thread 0...
[ 1812.591868][ T5900] usb 5-1: Manufacturer: syz
[ 1812.601828][ T5900] usb 5-1: SerialNumber: syz
[ 1812.912893][ T5900] dvb-usb: found a 'DiBcom TFE7790P reference design' in cold state, will try to load a firmware
[ 1812.940291][ T5900] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1812.956764][ T5900] dib0700: firmware download failed at 7 with -71
[ 1813.026613][ T5900] usb 5-1: USB disconnect, device number 58
[ 1814.415314][T25016] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4970'.
[ 1814.815761][T25022] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1816.573408][T25033] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.4973'.
[ 1817.817422][T25039] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.4975'.
[ 1819.314088][T25050] usb usb8: usbfs: process 25050 (syz.5.4980) did not claim interface 0 before use
[ 1819.686750][T25055] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4982'.
[ 1820.788856][T25072] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1821.866594][T25074] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.4988'.
[ 1821.982217][T21639] Bluetooth: hci2: command 0x0405 tx timeout
[ 1822.184339][T25081] netlink: 52 bytes leftover after parsing attributes in process `syz.3.4990'.
[ 1824.132012][T21639] Bluetooth: hci2: command 0x0405 tx timeout
[ 1824.310230][T25100] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4995'.
[ 1824.413878][T25103] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1825.118992][T25115] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.4999'.
[ 1826.491466][T18421] Bluetooth: hci1: unexpected event for opcode 0x0c20
[ 1827.088459][T25143] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5008'.
[ 1827.236492][T25148] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5010'.
[ 1831.576613][T25173] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5016'.
[ 1832.836187][T25188] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5020'.
[ 1833.491399][T18421] Bluetooth: hci4: unexpected event for opcode 0x0c20
[ 1833.798852][T25201] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5022'.
[ 1836.249443][ T5900] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 1840.253952][T25241] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5033'.
[ 1841.301364][T25253] usb usb8: usbfs: process 25253 (syz.4.5035) did not claim interface 0 before use
[ 1844.080800][T25282] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5043'.
[ 1847.640916][T18421] Bluetooth: hci3: unexpected event for opcode 0x0c20
[ 1848.222323][T25302] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5049'.
[ 1852.652292][T25339] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5055'.
[ 1852.662228][T25338] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5056'.
[ 1852.696118][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1852.704228][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1855.916860][T25348] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5061'.
[ 1856.450164][T18421] Bluetooth: hci0: unexpected event for opcode 0x0c20
[ 1857.319954][T18421] Bluetooth: hci2: unexpected event for opcode 0x0c20
[ 1857.862135][T25389] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1858.377475][T25393] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5074'.
[ 1859.175780][T25396] usb usb8: usbfs: process 25396 (syz.0.5073) did not claim interface 0 before use
[ 1859.822452][T25408] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5077'.
[ 1860.765180][T25412] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5076'.
[ 1861.297914][T25420] kernel read not supported for file /z� (pid: 25420 comm: syz.5.5078)
[ 1861.389046][   T30] kauditd_printk_skb: 22 callbacks suppressed
[ 1861.389056][   T30] audit: type=1800 audit(1748665543.928:1147): pid=25420 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.5078" name=7ABF17 dev="mqueue" ino=99917 res=0 errno=0
[ 1861.819989][T25433] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1862.602464][T25444] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5085'.
[ 1864.062064][T25452] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5087'.
[ 1867.164984][T25484] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5096'.
[ 1868.338002][T25491] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5099'.
[ 1870.263683][T25502] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1873.065943][T25540] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5111'.
[ 1873.974639][T18421] Bluetooth: hci2: command 0x0405 tx timeout
[ 1877.614067][T25578] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1880.075924][T25590] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5122'.
[ 1885.480032][T25633] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5133'.
[ 1889.682953][T25673] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1892.739794][T25708] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1897.479999][T25751] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5163'.
[ 1898.119522][T14400] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[ 1898.351004][T14400] usb 1-1: config 0 has no interfaces?
[ 1898.356673][T14400] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1898.368729][T14400] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1898.457566][T14400] usb 1-1: config 0 descriptor??
[ 1899.151462][T25761] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5165'.
[ 1899.391618][T25766] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5166'.
[ 1899.459965][T25767] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5167'.
[ 1901.409445][    T9] usb 1-1: USB disconnect, device number 61
[ 1901.561562][T25416] Bluetooth: hci2: unexpected event for opcode 0x0c20
[ 1904.168487][T25811] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5176'.
[ 1911.632151][T25862] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5188'.
[ 1912.014189][T25872] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5189'.
[ 1912.110576][T25876] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5191'.
[ 1913.649398][T18453] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[ 1913.961628][T25906] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5201'.
[ 1914.132599][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1914.138966][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1916.156738][T18453] usb 1-1: config 0 has no interfaces?
[ 1916.173205][T18453] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1916.199689][T18453] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1916.271119][T18453] usb 1-1: config 0 descriptor??
[ 1918.342805][T18453] usb 1-1: can't set config #0, error -71
[ 1918.410629][T18453] usb 1-1: USB disconnect, device number 62
[ 1921.136926][T25963] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5215'.
[ 1922.156031][T25977] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5218'.
[ 1923.805147][T25996] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5222'.
[ 1926.873689][T26033] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5233'.
[ 1927.910289][T26049] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5236'.
[ 1932.177659][T26100] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1935.973744][T26137] fuseblk: Bad value for 'fd'
[ 1937.599616][T26150] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1938.180561][T26161] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5267'.
[ 1940.900000][T26200] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5276'.
[ 1941.164067][T26206] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5278'.
[ 1941.726892][T26211] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5279'.
[ 1942.406385][T26219] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1948.554206][T25416] Bluetooth: hci0: unexpected event for opcode 0x0c20
[ 1953.668531][T26331] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5307'.
[ 1959.421158][T26392] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5326'.
[ 1959.567380][T26397] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5327'.
[ 1963.371044][T26426] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1965.032157][T26444] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5339'.
[ 1965.064253][T26445] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5337'.
[ 1967.499004][T26470] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1968.282425][T26486] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5350'.
[ 1968.365213][T26489] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5352'.
[ 1969.715204][T26504] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1970.003789][T26506] 9pnet_fd: Insufficient options for proto=fd
[ 1970.625927][T26515] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1971.170979][T26519] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1972.831687][T26537] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5365'.
[ 1972.974389][T26543] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5367'.
[ 1974.282885][T26556] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1974.544623][T26558] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1975.580111][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1975.586457][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1977.810123][T26598] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5379'.
[ 1977.980028][T26599] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5380'.
[ 1978.635361][T26608] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1980.435803][T26625] netlink: 'syz.4.5387': attribute type 10 has an invalid length.
[ 1980.522597][T26628] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1981.604483][T26640] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1984.220890][T26662] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5398'.
[ 1984.927085][T26673] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1985.741702][T26686] fuseblk: Bad value for 'fd'
[ 1986.260296][T26687] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1986.643394][T26691] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5407'.
[ 1988.251412][T26708] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1988.441996][T26710] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1989.219834][T26719] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5414'.
[ 1989.676889][T26720] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5412'.
[ 1990.212821][T26732] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5416'.
[ 1991.582780][T26750] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1992.235240][T26761] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1996.490865][T26788] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1996.541980][T26788] team0: Device ipvlan2 is already an upper device of the team interface
[ 1999.241290][T26830] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2001.794381][T26859] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2005.651557][T26906] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2007.703999][T26926] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2010.975555][T26956] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2011.707621][T26963] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2012.593373][T26973] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2013.660834][T26987] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2014.024257][T26989] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 2014.495480][T26994] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2014.952159][T27005] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5492'.
[ 2016.847542][T27028] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2016.907251][T27029] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5499'.
[ 2017.749219][T27041] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2020.991671][T27083] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5512'.
[ 2021.325313][T27087] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2022.436174][T27099] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2022.817154][T27101] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5518'.
[ 2023.161516][T27111] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2023.476430][T25416] Bluetooth: hci0: unknown advertising packet type: 0x70
[ 2024.157812][T27116] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5523'.
[ 2026.226339][T27155] netlink: 1624 bytes leftover after parsing attributes in process `syz.2.5534'.
[ 2026.517384][T27161] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2026.776697][T27166] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2029.830839][T27210] 9pnet: Could not find request transport: fd0x0000000000000003
[ 2030.374106][T27227] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2031.381647][T27239] netlink: 5364 bytes leftover after parsing attributes in process `syz.5.5556'.
[ 2034.361373][T27280] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5567'.
[ 2034.608739][T27286] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2035.134377][T27288] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2037.017151][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 2037.023495][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 2037.506056][T27317] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2038.003255][T27330] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5579'.
[ 2039.908273][T27346] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2039.969469][T18421] Bluetooth: hci2: command 0x0405 tx timeout
[ 2040.480022][T27349] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2042.920800][T25416] Bluetooth: hci3: unknown advertising packet type: 0x70
[ 2045.418873][T27410] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2046.285486][T27417] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2046.760772][T27420] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2047.684297][T27433] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5606'.
[ 2049.078201][T27450] netlink: 5364 bytes leftover after parsing attributes in process `syz.4.5611'.
[ 2049.260719][T25416] Bluetooth: hci2: unknown advertising packet type: 0x70
[ 2050.791746][T27466] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2051.980806][T27480] netlink: 5364 bytes leftover after parsing attributes in process `syz.0.5617'.
[ 2052.924417][T27484] netlink: 5364 bytes leftover after parsing attributes in process `syz.4.5619'.
[ 2053.775702][T27500] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2054.019049][T27508] netlink: 5364 bytes leftover after parsing attributes in process `syz.0.5624'.
[ 2055.519064][T27525] netlink: 5364 bytes leftover after parsing attributes in process `syz.4.5629'.
[ 2055.626085][T27526] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2056.525653][T27535] netlink: 5364 bytes leftover after parsing attributes in process `syz.0.5632'.
[ 2056.621259][T27536] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2060.801034][T27585] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2062.680562][T27603] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5652'.
[ 2064.540954][T27630] netlink: 5364 bytes leftover after parsing attributes in process `syz.3.5658'.
[ 2064.830605][T27638] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2065.515556][T27644] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2066.056427][T27652] netlink: 5364 bytes leftover after parsing attributes in process `syz.3.5665'.
[ 2066.186544][T27655] netlink: 5364 bytes leftover after parsing attributes in process `syz.0.5666'.
[ 2069.162732][T27691] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2069.171001][T27691] team0: Device ipvlan2 is already an upper device of the team interface
[ 2069.645243][T27696] netlink: 5364 bytes leftover after parsing attributes in process `syz.5.5679'.
[ 2070.378705][T27711] netlink: 5364 bytes leftover after parsing attributes in process `syz.0.5682'.
[ 2070.437965][T27712] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2073.855806][T27750] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2074.231493][T27750] team0: Device ipvlan2 is already an upper device of the team interface
[ 2074.586482][T27762] netlink: 'syz.2.5696': attribute type 10 has an invalid length.
[ 2078.336471][T27808] netlink: 'syz.5.5711': attribute type 10 has an invalid length.
[ 2078.772482][T27808] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2078.781058][T27808] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 2081.688024][T27832] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2082.417891][T27843] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2082.784605][T27848] netlink: 'syz.5.5723': attribute type 10 has an invalid length.
[ 2083.936378][T27861] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5727'.
[ 2084.391481][T27870] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5729'.
[ 2084.412956][T27871] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5731'.
[ 2084.446370][T27867] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2085.349420][T27892] netlink: 'syz.0.5737': attribute type 10 has an invalid length.
[ 2085.370964][T27892] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2085.385757][T27892] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 2087.591807][T27918] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5743'.
[ 2088.003548][T27928] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2088.790045][T27936] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5749'.
[ 2089.026150][T27941] netlink: 'syz.0.5750': attribute type 10 has an invalid length.
[ 2090.198382][T27952] netlink: 5364 bytes leftover after parsing attributes in process `syz.0.5753'.
[ 2090.519636][T27955] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2092.150147][T27978] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5759'.
[ 2092.175126][T27975] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2092.190623][T27975] team0: Device ipvlan2 is already an upper device of the team interface
[ 2092.402059][T27983] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2093.127269][T27991] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5765'.
[ 2093.720206][T27999] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2094.251369][T28009] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5769'.
[ 2094.752358][T28013] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2095.041047][T28016] netlink: 5364 bytes leftover after parsing attributes in process `syz.5.5771'.
[ 2095.415231][T28024] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5773'.
[ 2095.923774][T28030] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2095.933678][T28030] team0: Device ipvlan2 is already an upper device of the team interface
[ 2096.495187][T28039] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5777'.
[ 2096.643244][T28043] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2098.703938][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 2098.712053][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 2098.737898][T28071] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5786'.
[ 2098.890955][T28074] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2100.069509][T28092] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2102.034796][T28114] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5800'.
[ 2102.350532][T28118] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2103.215042][T28128] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5804'.
[ 2103.540212][T28139] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2103.763307][T28141] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5805'.
[ 2104.076976][T28144] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2104.505413][T28148] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5809'.
[ 2105.205443][T28162] netlink: 5364 bytes leftover after parsing attributes in process `syz.5.5811'.
[ 2105.235722][T28163] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2106.079075][T28173] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2106.722700][T28178] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2107.323782][T28189] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2107.914464][T28198] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 2108.283496][T28204] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5826'.
[ 2108.409334][T28205] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2108.750726][T28214] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5828'.
[ 2112.629718][T28247] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5837'.
[ 2113.324119][T28252] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5840'.
[ 2113.652101][T28259] netlink: 'syz.2.5842': attribute type 10 has an invalid length.
[ 2114.094542][T28260] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2114.666317][T28269] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5843'.
[ 2117.052934][T28290] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5848'.
[ 2117.579631][T28293] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2118.392233][T28303] netlink: 'syz.5.5853': attribute type 10 has an invalid length.
[ 2122.283499][T28341] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2122.480632][T28342] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5865'.
[ 2123.011330][T25416] Bluetooth: hci0: unknown advertising packet type: 0x70
[ 2123.550575][T28355] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2123.975619][T28362] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5869'.
[ 2125.235455][T28379] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5874'.
[ 2125.611534][T28385] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2126.969819][T28400] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5879'.
[ 2127.515822][T28405] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5880'.
[ 2127.621270][T28409] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.5882'.
[ 2128.471551][T28428] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2128.649537][T28436] netlink: 5280 bytes leftover after parsing attributes in process `syz.4.5889'.
[ 2128.878678][T28442] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2129.241554][T28447] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5892'.
[ 2130.638475][T28463] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5895'.
[ 2130.918264][T28469] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2132.452456][T28488] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2132.469993][T28488] team0: Device ipvlan2 is already an upper device of the team interface
[ 2132.559080][T28493] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2133.095708][T28500] netlink: 5280 bytes leftover after parsing attributes in process `syz.0.5908'.
[ 2134.346645][T28511] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2134.813223][T18421] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2134.822419][T18421] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2134.830139][T18421] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2134.838355][T18421] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2134.845695][T18421] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2134.867015][T28519] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 2135.075705][T28526] netlink: 5280 bytes leftover after parsing attributes in process `syz.2.5913'.
[ 2136.991515][T25416] Bluetooth: hci5: command tx timeout
[ 2137.484291][T28518] chnl_net:caif_netlink_parms(): no params data found
[ 2137.558694][T28554] netlink: 4 bytes leftover after parsing attributes in process `syz.2.5918'.
[ 2138.497064][T28518] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2138.504283][T28518] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2138.513870][T28518] bridge_slave_0: entered allmulticast mode
[ 2138.521371][T28518] bridge_slave_0: entered promiscuous mode
[ 2138.540631][T28518] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2138.547849][T28518] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2138.555722][T28518] bridge_slave_1: entered allmulticast mode
[ 2138.563266][T28518] bridge_slave_1: entered promiscuous mode
[ 2138.576394][T28563] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2138.590352][T28563] team0: Device ipvlan2 is already an upper device of the team interface
[ 2138.722677][T28518] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2138.742060][T28518] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2139.002502][T28576] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2139.478680][T28578] netlink: 'syz.2.5927': attribute type 10 has an invalid length.
[ 2139.492780][T25416] Bluetooth: hci5: command tx timeout
[ 2139.827745][T28518] team0: Port device team_slave_0 added
[ 2139.864782][T28518] team0: Port device team_slave_1 added
[ 2139.919718][T28518] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2139.941924][T28518] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2140.004673][T28518] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2140.034494][T28518] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2140.063385][T28518] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2140.240569][T28518] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2141.163649][T28518] hsr_slave_0: entered promiscuous mode
[ 2141.184932][T28518] hsr_slave_1: entered promiscuous mode
[ 2141.218610][T28518] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2141.255609][T28518] Cannot create hsr debugfs directory
[ 2141.569471][T18421] Bluetooth: hci5: command tx timeout
[ 2142.953330][T28622] netlink: 'syz.5.5939': attribute type 10 has an invalid length.
[ 2143.627292][   T30] audit: type=1400 audit(1748665826.228:1148): avc:  denied  { recv } for  pid=17419 comm="syz-executor" saddr=10.128.0.169 src=30006 daddr=10.128.0.191 dest=53166 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[ 2143.653015][T18421] Bluetooth: hci5: command tx timeout
[ 2143.685534][T28518] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2144.112692][T28518] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2145.057095][T28518] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2145.600956][T28648] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 2145.700783][T28656] netlink: 'syz.5.5952': attribute type 10 has an invalid length.
[ 2146.937512][T28518] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2148.018139][T28518] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2148.068061][T28518] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2148.101744][T28518] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2148.120609][T28518] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2148.348753][T28692] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2148.460263][T28695] netlink: 'syz.5.5966': attribute type 10 has an invalid length.
[ 2149.023982][T28518] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2149.093001][T28697] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2149.186081][T28518] 8021q: adding VLAN 0 to HW filter on device team0
[ 2149.223100][T25456] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2149.230227][T25456] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2150.529217][T25456] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2150.536389][T25456] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2150.570894][T28712] netlink: 5280 bytes leftover after parsing attributes in process `syz.3.5970'.
[ 2150.746084][   T30] audit: type=1400 audit(1748665833.318:1149): avc:  denied  { egress } for  pid=18453 comm="kworker/1:0" daddr=ff02::16 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:netif_t tclass=netif permissive=1
[ 2150.978841][   T30] audit: type=1400 audit(1748665833.318:1150): avc:  denied  { sendto } for  pid=18453 comm="kworker/1:0" daddr=ff02::16 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[ 2152.047459][T28725] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2152.128017][T28518] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2153.867089][T28518] veth0_vlan: entered promiscuous mode
[ 2153.919540][T28518] veth1_vlan: entered promiscuous mode
[ 2153.961970][T28750] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2154.089100][T28518] veth0_macvtap: entered promiscuous mode
[ 2154.119771][T28518] veth1_macvtap: entered promiscuous mode
[ 2154.409072][T28518] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2154.445344][T28518] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2154.475478][T28518] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2154.512748][T28518] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2154.526150][T28518] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2154.538693][T28518] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2154.689848][ T3555] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2154.708952][ T3555] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2154.761262][T26516] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2154.788364][T26516] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2154.842238][   T30] audit: type=1400 audit(1748665837.448:1151): avc:  denied  { mounton } for  pid=28518 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[ 2155.657293][T28792] netlink: 32 bytes leftover after parsing attributes in process `syz.0.5996'.
[ 2156.496687][T17820] IPVS: starting estimator thread 0...
[ 2156.751032][T28805] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2156.768626][T28805] team0: Device ipvlan2 is already an upper device of the team interface
[ 2156.819438][T28807] IPVS: using max 38 ests per chain, 91200 per kthread
[ 2159.258386][T25416] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2159.267059][T25416] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2159.275001][T25416] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2159.282683][T25416] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2159.290334][T25416] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2159.363140][T28852] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.6015'.
[ 2160.012295][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 2160.024188][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 2160.489105][   T30] audit: type=1400 audit(1748665843.008:1152): avc:  denied  { recv } for  pid=10508 comm="kworker/u8:6" saddr=10.128.0.169 src=40866 daddr=10.128.0.191 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[ 2161.695650][T28865] netlink: 'syz.0.6017': attribute type 10 has an invalid length.
[ 2162.644278][T25416] Bluetooth: hci1: command tx timeout
[ 2162.738770][T26516] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2162.978167][T26516] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2163.081898][T26516] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2163.597297][T28893] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.6027'.
[ 2164.461460][T26516] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2164.541379][T28847] chnl_net:caif_netlink_parms(): no params data found
[ 2164.689622][T25416] Bluetooth: hci1: command tx timeout
[ 2166.769306][T25416] Bluetooth: hci1: command tx timeout
[ 2166.798042][T28847] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2166.805793][T28847] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2166.814684][T28847] bridge_slave_0: entered allmulticast mode
[ 2166.829334][T28847] bridge_slave_0: entered promiscuous mode
[ 2166.857326][T28847] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2166.876870][T28847] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2166.892161][T28847] bridge_slave_1: entered allmulticast mode
[ 2166.908788][T28847] bridge_slave_1: entered promiscuous mode
[ 2166.994812][T28847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2167.024081][T28847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2167.282123][T26516] bridge_slave_1: left allmulticast mode
[ 2167.288497][T26516] bridge_slave_1: left promiscuous mode
[ 2167.376801][T26516] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2167.400520][T26516] bridge_slave_0: left allmulticast mode
[ 2167.414599][T26516] bridge_slave_0: left promiscuous mode
[ 2167.433296][T26516] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2168.309899][T17820] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 2168.342696][T26516] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2168.353899][T26516] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2168.365191][T26516] bond0 (unregistering): (slave batadv0): Releasing backup interface
[ 2168.374770][T26516] bond0 (unregistering): Released all slaves
[ 2168.399407][T28961] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2168.406629][T28961] team0: Device ipvlan2 is already an upper device of the team interface
[ 2168.456655][T28847] team0: Port device team_slave_0 added
[ 2168.465485][T28847] team0: Port device team_slave_1 added
[ 2168.476941][T17820] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2168.488814][T17820] usb 1-1: config 0 has no interfaces?
[ 2168.494609][T17820] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2168.503928][T17820] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2168.527762][T17820] usb 1-1: config 0 descriptor??
[ 2168.582603][T28847] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2168.595930][T28847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2168.626574][T28847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2168.656786][T28847] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2168.669115][T28847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2168.700551][T28847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2168.850200][T25416] Bluetooth: hci1: command tx timeout
[ 2169.911658][T28847] hsr_slave_0: entered promiscuous mode
[ 2169.932913][T28847] hsr_slave_1: entered promiscuous mode
[ 2169.960937][T28847] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2170.008748][T28847] Cannot create hsr debugfs directory
[ 2170.022014][T28984] netlink: 5280 bytes leftover after parsing attributes in process `syz.5.6052'.
[ 2171.180441][ T5900] usb 1-1: USB disconnect, device number 63
[ 2171.358856][T28996] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2172.261036][T26516] hsr_slave_0: left promiscuous mode
[ 2172.272777][T26516] hsr_slave_1: left promiscuous mode
[ 2172.278840][T26516] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2172.379583][T26516] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2172.564811][T26516] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2172.704488][T26516] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2172.739207][T26516] veth0_macvtap: left promiscuous mode
[ 2172.776826][T26516] veth1_vlan: left promiscuous mode
[ 2172.795485][T26516] veth0_vlan: left promiscuous mode
[ 2174.928726][T29042] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2175.119456][T18453] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[ 2175.253116][T29044] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2175.291122][T18453] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2175.308771][T18453] usb 3-1: config 0 has no interfaces?
[ 2175.314792][T18453] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2175.332939][T18453] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2175.430038][T18453] usb 3-1: config 0 descriptor??
[ 2175.545423][T26516] team0 (unregistering): Port device team_slave_1 removed
[ 2175.594861][T26516] team0 (unregistering): Port device team_slave_0 removed
[ 2176.359985][T29049] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2177.029722][T17820] IPVS: starting estimator thread 0...
[ 2177.139508][T29055] IPVS: using max 43 ests per chain, 103200 per kthread
[ 2177.336208][T26516] IPVS: stop unused estimator thread 0...
[ 2177.380225][T25416] Bluetooth: hci2: unknown advertising packet type: 0x70
[ 2177.537239][T26516] bridge_slave_1: left allmulticast mode
[ 2177.566782][T26516] bridge_slave_1: left promiscuous mode
[ 2177.576556][T26516] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2177.598778][T26516] bridge_slave_0: left allmulticast mode
[ 2177.613215][T26516] bridge_slave_0: left promiscuous mode
[ 2177.626331][T26516] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2177.825003][  T973] usb 3-1: USB disconnect, device number 63
[ 2178.191437][T26516] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2178.202442][T26516] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2178.213970][T26516] bond0 (unregistering): (slave batadv0): Releasing backup interface
[ 2178.223103][T26516] bond0 (unregistering): Released all slaves
[ 2178.240834][T29073] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2178.248044][T29073] team0: Device ipvlan2 is already an upper device of the team interface
[ 2178.276475][T29086] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2178.290798][T29086] team0: Device ipvlan2 is already an upper device of the team interface
[ 2178.937643][T29102] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2178.948334][T28847] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2179.018790][T28847] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2179.052329][T28847] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2179.071593][T28847] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2179.348406][T26516] hsr_slave_0: left promiscuous mode
[ 2179.371416][T26516] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2179.398307][T26516] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2179.420985][T26516] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2179.441216][T26516] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2179.480858][T26516] veth0_macvtap: left promiscuous mode
[ 2179.494884][T26516] veth1_vlan: left promiscuous mode
[ 2179.514186][T26516] veth0_vlan: left promiscuous mode
[ 2181.191852][T29157] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6090'.
[ 2181.705065][T26516] team0 (unregistering): Port device team_slave_1 removed
[ 2181.788873][T26516] team0 (unregistering): Port device team_slave_0 removed
[ 2182.753465][T29149] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2182.763902][T29149] team0: Device ipvlan2 is already an upper device of the team interface
[ 2182.923087][T28847] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2183.088970][T28847] 8021q: adding VLAN 0 to HW filter on device team0
[ 2183.107465][T25456] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2183.114612][T25456] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2183.222613][T29189] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6094'.
[ 2183.724733][T25456] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2183.731893][T25456] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2183.753967][T29187] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2184.044606][T28847] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 2184.055298][T28847] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 2184.108234][T26516] IPVS: stop unused estimator thread 0...
[ 2184.178842][T29200] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2184.931761][T29202] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2185.149474][  T973] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[ 2185.412919][  T973] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2185.513264][  T973] usb 1-1: config 0 has no interfaces?
[ 2185.520551][  T973] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2185.531456][  T973] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2185.547275][  T973] usb 1-1: config 0 descriptor??
[ 2185.555887][T28847] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2185.607586][T28847] veth0_vlan: entered promiscuous mode
[ 2185.618915][T28847] veth1_vlan: entered promiscuous mode
[ 2185.665958][T28847] veth0_macvtap: entered promiscuous mode
[ 2185.685740][T28847] veth1_macvtap: entered promiscuous mode
[ 2185.724739][T28847] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2185.756443][T28847] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2185.779222][T29222] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2185.810182][T29222] team0: Device ipvlan2 is already an upper device of the team interface
[ 2185.932658][T29225] netlink: 'syz.5.6101': attribute type 10 has an invalid length.
[ 2186.330243][T28847] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2186.339183][T28847] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2186.348191][T28847] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2186.357102][T28847] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2186.607980][ T3555] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2186.622858][T29229] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2186.744312][ T3555] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2187.193921][ T3506] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2187.215060][T29231] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 2187.224890][ T3506] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2188.063720][T29226] usb 1-1: USB disconnect, device number 64
[ 2188.175993][T29240] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2188.750127][T29264] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2189.427186][ T5900] IPVS: starting estimator thread 0...
[ 2189.613046][T29267] IPVS: using max 74 ests per chain, 177600 per kthread
[ 2190.259460][T29286] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2190.768693][T29291] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2191.273607][T29297] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2191.281223][T29297] team0: Device ipvlan2 is already an upper device of the team interface
[ 2192.147161][T29303] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2193.672626][T29321] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2199.759424][T29394] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6155'.
[ 2200.496761][T29413] netlink: 'syz.2.6160': attribute type 10 has an invalid length.
[ 2200.939392][T29226] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 2201.202179][T29226] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2201.260505][T29226] usb 5-1: config 0 has no interfaces?
[ 2201.266029][T29226] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2201.571430][T29432] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2202.219294][T29226] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2202.310519][T29226] usb 5-1: config 0 descriptor??
[ 2202.346399][T29438] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2202.461068][T29438] team0: Device ipvlan2 is already an upper device of the team interface
[ 2205.065811][T29434] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[ 2205.346845][   T30] audit: type=1400 audit(1748665887.938:1153): avc:  denied  { create } for  pid=29479 comm="syz.2.6184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 2205.705133][T29434] usb 4-1: Using ep0 maxpacket: 32
[ 2205.750414][T29434] usb 4-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 2205.828830][T29434] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2205.844225][   T30] audit: type=1400 audit(1748665887.948:1154): avc:  denied  { bind } for  pid=29479 comm="syz.2.6184" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 2206.256255][T29434] usb 4-1: config 0 descriptor??
[ 2206.275147][T29226] usb 5-1: USB disconnect, device number 59
[ 2206.706941][T29434] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 2207.075433][T29434] gspca_vc032x: reg_w err -71
[ 2207.095031][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.102559][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.107935][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.133829][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.147185][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.175348][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.290265][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.295898][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.309380][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.316147][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.421462][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.429171][T29501] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2207.436524][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.441901][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.447599][T29501] team0: Device ipvlan2 is already an upper device of the team interface
[ 2207.456165][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.467224][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.521900][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.527309][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.555825][T29434] gspca_vc032x: I2c Bus Busy Wait 00
[ 2207.595183][T29434] gspca_vc032x: Unknown sensor...
[ 2207.730107][T29434] vc032x 4-1:0.0: probe with driver vc032x failed with error -22
[ 2207.799736][T29434] usb 4-1: USB disconnect, device number 65
[ 2209.047816][T29522] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2209.501458][T29531] FAULT_INJECTION: forcing a failure.
[ 2209.501458][T29531] name failslab, interval 1, probability 0, space 0, times 1
[ 2209.609500][T29531] CPU: 0 UID: 0 PID: 29531 Comm: syz.2.6199 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2209.609529][T29531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2209.609540][T29531] Call Trace:
[ 2209.609546][T29531]  <TASK>
[ 2209.609554][T29531]  dump_stack_lvl+0x16c/0x1f0
[ 2209.609579][T29531]  should_fail_ex+0x512/0x640
[ 2209.609602][T29531]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 2209.609625][T29531]  should_failslab+0xc2/0x120
[ 2209.609645][T29531]  kmem_cache_alloc_noprof+0x6d/0x3b0
[ 2209.609664][T29531]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2209.609682][T29531]  ? alloc_empty_file+0x55/0x1e0
[ 2209.609710][T29531]  alloc_empty_file+0x55/0x1e0
[ 2209.609733][T29531]  path_openat+0xda/0x2cb0
[ 2209.609762][T29531]  ? __pfx_path_openat+0x10/0x10
[ 2209.609778][T29531]  ? stack_trace_save+0x8e/0xc0
[ 2209.609796][T29531]  ? __pfx_stack_trace_save+0x10/0x10
[ 2209.609813][T29531]  ? stack_depot_save_flags+0x28/0xa40
[ 2209.609842][T29531]  do_filp_open+0x20b/0x470
[ 2209.609861][T29531]  ? __pfx_do_filp_open+0x10/0x10
[ 2209.609877][T29531]  ? __kasan_slab_alloc+0x89/0x90
[ 2209.609895][T29531]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 2209.609911][T29531]  ? getname_flags.part.0+0x4c/0x550
[ 2209.609967][T29531]  do_open_execat+0xf9/0x450
[ 2209.609994][T29531]  ? __pfx_do_open_execat+0x10/0x10
[ 2209.610018][T29531]  ? find_held_lock+0x2b/0x80
[ 2209.610045][T29531]  ? __might_fault+0xe3/0x190
[ 2209.610061][T29531]  ? __might_fault+0x13b/0x190
[ 2209.610090][T29531]  alloc_bprm+0x2d/0xde0
[ 2209.610116][T29531]  ? strncpy_from_user+0x203/0x2e0
[ 2209.610141][T29531]  do_execveat_common.isra.0+0x1ce/0x610
[ 2209.610173][T29531]  __x64_sys_execve+0x8e/0xb0
[ 2209.610191][T29531]  do_syscall_64+0xcd/0x4c0
[ 2209.610218][T29531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2209.610236][T29531] RIP: 0033:0x7f53e458e969
[ 2209.610251][T29531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2209.610268][T29531] RSP: 002b:00007f53e5484038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[ 2209.610286][T29531] RAX: ffffffffffffffda RBX: 00007f53e47b5fa0 RCX: 00007f53e458e969
[ 2209.610298][T29531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000190c0
[ 2209.610309][T29531] RBP: 00007f53e5484090 R08: 0000000000000000 R09: 0000000000000000
[ 2209.610319][T29531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2209.610329][T29531] R13: 0000000000000000 R14: 00007f53e47b5fa0 R15: 00007ffd454b43f8
[ 2209.610352][T29531]  </TASK>
[ 2209.945117][T29539] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2210.091405][T29541] netlink: 'syz.0.6201': attribute type 10 has an invalid length.
[ 2210.515301][T29539] team0: Device ipvlan2 is already an upper device of the team interface
[ 2210.579829][T29544] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2212.638799][T29561] FAULT_INJECTION: forcing a failure.
[ 2212.638799][T29561] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 2212.771310][   T30] audit: type=1400 audit(1748665895.328:1155): avc:  denied  { create } for  pid=29555 comm="syz.4.6208" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 2212.806508][T29561] CPU: 0 UID: 0 PID: 29561 Comm: syz.0.6211 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2212.806536][T29561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2212.806546][T29561] Call Trace:
[ 2212.806554][T29561]  <TASK>
[ 2212.806561][T29561]  dump_stack_lvl+0x16c/0x1f0
[ 2212.806587][T29561]  should_fail_ex+0x512/0x640
[ 2212.806614][T29561]  strncpy_from_user+0x3b/0x2e0
[ 2212.806639][T29561]  getname_flags.part.0+0x8f/0x550
[ 2212.806667][T29561]  getname_flags+0x93/0xf0
[ 2212.806684][T29561]  do_sys_openat2+0xb8/0x1d0
[ 2212.806707][T29561]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2212.806739][T29561]  __x64_sys_openat+0x174/0x210
[ 2212.806761][T29561]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2212.806785][T29561]  ? do_user_addr_fault+0x843/0x1370
[ 2212.806814][T29561]  do_syscall_64+0xcd/0x4c0
[ 2212.806836][T29561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2212.806854][T29561] RIP: 0033:0x7f37e3f8d2d0
[ 2212.806869][T29561] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 2212.806886][T29561] RSP: 002b:00007f37e4dffef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 2212.806903][T29561] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f37e3f8d2d0
[ 2212.806915][T29561] RDX: 0000000000000002 RSI: 00007f37e401078c RDI: 00000000ffffff9c
[ 2212.806926][T29561] RBP: 00007f37e401078c R08: 0000000000000000 R09: 0000000000000000
[ 2212.806936][T29561] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 2212.806947][T29561] R13: 000000000000002d R14: 0000200000000080 R15: 00007ffff94aadc8
[ 2212.806970][T29561]  </TASK>
[ 2213.014762][   T30] audit: type=1400 audit(1748665895.338:1156): avc:  denied  { setopt } for  pid=29555 comm="syz.4.6208" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[ 2213.077850][   T30] audit: type=1400 audit(1748665895.678:1157): avc:  denied  { connect } for  pid=29568 comm="syz.2.6213" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 2213.409849][T29580] FAULT_INJECTION: forcing a failure.
[ 2213.409849][T29580] name failslab, interval 1, probability 0, space 0, times 0
[ 2213.423592][T29580] CPU: 1 UID: 0 PID: 29580 Comm: syz.4.6214 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2213.423617][T29580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2213.423628][T29580] Call Trace:
[ 2213.423634][T29580]  <TASK>
[ 2213.423641][T29580]  dump_stack_lvl+0x16c/0x1f0
[ 2213.423666][T29580]  should_fail_ex+0x512/0x640
[ 2213.423689][T29580]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 2213.423718][T29580]  should_failslab+0xc2/0x120
[ 2213.423738][T29580]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 2213.423763][T29580]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2213.423783][T29580]  ? virtio_transport_do_socket_init+0x4a/0x350
[ 2213.423816][T29580]  virtio_transport_do_socket_init+0x4a/0x350
[ 2213.423845][T29580]  vsock_assign_transport+0x4de/0x830
[ 2213.423868][T29580]  vsock_connect+0x201/0xee0
[ 2213.423886][T29580]  ? release_sock+0x21/0x220
[ 2213.423907][T29580]  ? do_raw_spin_lock+0x12c/0x2b0
[ 2213.423934][T29580]  ? __pfx_vsock_connect+0x10/0x10
[ 2213.423952][T29580]  ? find_held_lock+0x2b/0x80
[ 2213.423980][T29580]  ? selinux_netlbl_socket_connect+0x30/0x40
[ 2213.424003][T29580]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 2213.424023][T29580]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2213.424040][T29580]  ? selinux_netlbl_socket_connect+0x30/0x40
[ 2213.424068][T29580]  ? __local_bh_enable_ip+0xa4/0x120
[ 2213.424086][T29580]  ? selinux_netlbl_socket_connect+0x30/0x40
[ 2213.424108][T29580]  ? selinux_socket_connect+0x6b/0x80
[ 2213.424133][T29580]  ? __pfx_vsock_connect+0x10/0x10
[ 2213.424154][T29580]  __sys_connect_file+0x13e/0x1a0
[ 2213.424183][T29580]  __sys_connect+0x13b/0x160
[ 2213.424209][T29580]  ? __pfx___sys_connect+0x10/0x10
[ 2213.424252][T29580]  __x64_sys_connect+0x72/0xb0
[ 2213.424278][T29580]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2213.424296][T29580]  do_syscall_64+0xcd/0x4c0
[ 2213.424317][T29580]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2213.424334][T29580] RIP: 0033:0x7fc8eb58e969
[ 2213.424349][T29580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2213.424366][T29580] RSP: 002b:00007fc8ec329038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 2213.424384][T29580] RAX: ffffffffffffffda RBX: 00007fc8eb7b6160 RCX: 00007fc8eb58e969
[ 2213.424395][T29580] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000007
[ 2213.424406][T29580] RBP: 00007fc8ec329090 R08: 0000000000000000 R09: 0000000000000000
[ 2213.424417][T29580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2213.424427][T29580] R13: 0000000000000000 R14: 00007fc8eb7b6160 R15: 00007ffd7f08bbc8
[ 2213.424451][T29580]  </TASK>
[ 2213.639306][T27469] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[ 2214.049638][T27469] usb 3-1: Using ep0 maxpacket: 16
[ 2214.350589][T27469] usb 3-1: config index 0 descriptor too short (expected 8192, got 68)
[ 2214.445450][T27469] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2214.536645][T27469] usb 3-1: config 0 has no interfaces?
[ 2214.572297][T27469] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2214.603926][T27469] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 2214.615233][T29589] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6219'.
[ 2214.665865][T27469] usb 3-1: SerialNumber: syz
[ 2214.720253][T27469] usb 3-1: config 0 descriptor??
[ 2215.187195][T24936] tipc: Subscription rejected, illegal request
[ 2215.237803][T27469] usb 3-1: USB disconnect, device number 64
[ 2216.095412][   T30] audit: type=1400 audit(1748665898.698:1158): avc:  denied  { mount } for  pid=29611 comm="syz.3.6226" name="/" dev="autofs" ino=122153 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[ 2216.132156][   T30] audit: type=1400 audit(1748665898.738:1159): avc:  denied  { execmem } for  pid=29616 comm="syz.4.6227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[ 2216.343636][T29620] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6227'.
[ 2216.782944][   T30] audit: type=1400 audit(1748665899.388:1160): avc:  denied  { unmount } for  pid=28847 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_t tclass=filesystem permissive=1
[ 2217.108941][   T30] audit: type=1400 audit(1748665899.708:1161): avc:  denied  { create } for  pid=29629 comm="syz.0.6232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 2217.146340][   T30] audit: type=1400 audit(1748665899.738:1162): avc:  denied  { setopt } for  pid=29629 comm="syz.0.6232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 2218.399074][   T30] audit: type=1400 audit(1748665900.998:1163): avc:  denied  { read } for  pid=29644 comm="syz.2.6236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 2218.464031][   T30] audit: type=1400 audit(1748665901.058:1164): avc:  denied  { ioctl } for  pid=29644 comm="syz.2.6236" path="socket:[121271]" dev="sockfs" ino=121271 ioctlcmd=0x890b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 2218.494890][   T30] audit: type=1400 audit(1748665901.058:1165): avc:  denied  { connect } for  pid=29644 comm="syz.2.6236" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 2218.627112][T29653] FAULT_INJECTION: forcing a failure.
[ 2218.627112][T29653] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2218.641207][T29653] CPU: 0 UID: 0 PID: 29653 Comm: syz.0.6238 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2218.641228][T29653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2218.641237][T29653] Call Trace:
[ 2218.641242][T29653]  <TASK>
[ 2218.641248][T29653]  dump_stack_lvl+0x16c/0x1f0
[ 2218.641268][T29653]  should_fail_ex+0x512/0x640
[ 2218.641294][T29653]  _copy_from_user+0x2e/0xd0
[ 2218.641315][T29653]  memdup_user+0x6b/0xe0
[ 2218.641330][T29653]  do_vfs_ioctl+0x10d8/0x1a60
[ 2218.641350][T29653]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 2218.641374][T29653]  ? ioctl_has_perm.constprop.0.isra.0+0x379/0x540
[ 2218.641394][T29653]  ? ioctl_has_perm.constprop.0.isra.0+0x383/0x540
[ 2218.641413][T29653]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 2218.641439][T29653]  ? hook_file_ioctl_common+0x145/0x410
[ 2218.641465][T29653]  ? selinux_file_ioctl+0x180/0x270
[ 2218.641482][T29653]  ? selinux_file_ioctl+0xb4/0x270
[ 2218.641503][T29653]  __x64_sys_ioctl+0x114/0x210
[ 2218.641524][T29653]  do_syscall_64+0xcd/0x4c0
[ 2218.641541][T29653]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2218.641555][T29653] RIP: 0033:0x7f37e3f8e969
[ 2218.641566][T29653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2218.641579][T29653] RSP: 002b:00007f37e4e02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2218.641593][T29653] RAX: ffffffffffffffda RBX: 00007f37e41b5fa0 RCX: 00007f37e3f8e969
[ 2218.641602][T29653] RDX: 0000200000000180 RSI: 00000000c0189436 RDI: 0000000000000003
[ 2218.641610][T29653] RBP: 00007f37e4e02090 R08: 0000000000000000 R09: 0000000000000000
[ 2218.641618][T29653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2218.641626][T29653] R13: 0000000000000000 R14: 00007f37e41b5fa0 R15: 00007ffff94aadc8
[ 2218.641645][T29653]  </TASK>
[ 2218.689431][   T30] audit: type=1400 audit(1748665901.248:1166): avc:  denied  { read write } for  pid=29650 comm="syz.5.6239" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 2219.175727][T29669] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6241'.
[ 2219.359476][T10165] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[ 2219.593905][   T30] audit: type=1400 audit(1748665901.248:1167): avc:  denied  { open } for  pid=29650 comm="syz.5.6239" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 2219.630280][T29434] usb 5-1: new low-speed USB device number 60 using dummy_hcd
[ 2219.689404][T10165] usb 6-1: device descriptor read/64, error -71
[ 2219.790893][T29434] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[ 2220.022395][T29434] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[ 2220.069357][T10165] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[ 2220.077110][T29434] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 2220.203769][   T30] audit: type=1400 audit(1748665902.808:1168): avc:  denied  { setopt } for  pid=29680 comm="syz.0.6246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[ 2220.313576][T29434] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[ 2220.357070][T10165] usb 6-1: device descriptor read/64, error -71
[ 2220.585445][T29679] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2220.608255][T29434] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[ 2220.641639][T10165] usb usb6-port1: attempt power cycle
[ 2220.755748][T29434] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 2220.766241][T29434] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[ 2220.785783][T29434] usb 5-1: language id specifier not provided by device, defaulting to English
[ 2220.808648][T29434] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[ 2220.817987][T29434] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2220.826298][T29434] usb 5-1: Product: 吮
[ 2220.877966][T29434] usb 5-1: config 0 descriptor??
[ 2220.908208][T29434] hub 5-1:0.0: bad descriptor, ignoring hub
[ 2220.914664][T29434] hub 5-1:0.0: probe with driver hub failed with error -5
[ 2220.958311][T29434] input: 吮 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input29
[ 2221.000054][T29688] netlink: 64977 bytes leftover after parsing attributes in process `syz.0.6248'.
[ 2221.021620][T10165] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[ 2221.333048][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 2221.339753][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 2221.381480][T10165] usb 6-1: device descriptor read/8, error -71
[ 2221.678427][T29692] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 2221.772879][T27469] usb 5-1: USB disconnect, device number 60
[ 2221.801611][   T30] audit: type=1400 audit(1748665904.408:1169): avc:  denied  { map } for  pid=29691 comm="syz.0.6249" path="socket:[121349]" dev="sockfs" ino=121349 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2221.825924][T10165] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[ 2221.964184][   T30] audit: type=1400 audit(1748665904.408:1170): avc:  denied  { read } for  pid=29691 comm="syz.0.6249" path="socket:[121349]" dev="sockfs" ino=121349 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 2221.990867][T10165] usb 6-1: device descriptor read/8, error -71
[ 2222.104281][T10165] usb usb6-port1: unable to enumerate USB device
[ 2222.274680][T29706] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2222.604079][   T30] audit: type=1400 audit(1748665905.198:1171): avc:  denied  { unmount } for  pid=28518 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 2222.811505][T29718] FAULT_INJECTION: forcing a failure.
[ 2222.811505][T29718] name failslab, interval 1, probability 0, space 0, times 0
[ 2222.830941][T29718] CPU: 0 UID: 0 PID: 29718 Comm: syz.3.6257 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2222.830964][T29718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2222.830974][T29718] Call Trace:
[ 2222.830981][T29718]  <TASK>
[ 2222.830987][T29718]  dump_stack_lvl+0x16c/0x1f0
[ 2222.831010][T29718]  should_fail_ex+0x512/0x640
[ 2222.831033][T29718]  ? fs_reclaim_acquire+0xae/0x150
[ 2222.831058][T29718]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 2222.831083][T29718]  should_failslab+0xc2/0x120
[ 2222.831102][T29718]  __kmalloc_noprof+0xd2/0x510
[ 2222.831127][T29718]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 2222.831152][T29718]  ? tomoyo_profile+0x47/0x60
[ 2222.831181][T29718]  tomoyo_path_number_perm+0x245/0x580
[ 2222.831200][T29718]  ? tomoyo_path_number_perm+0x237/0x580
[ 2222.831222][T29718]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2222.831244][T29718]  ? find_held_lock+0x2b/0x80
[ 2222.831299][T29718]  ? find_held_lock+0x2b/0x80
[ 2222.831330][T29718]  ? hook_file_ioctl_common+0x145/0x410
[ 2222.831362][T29718]  ? __fget_files+0x20e/0x3c0
[ 2222.831384][T29718]  security_file_ioctl+0x9b/0x240
[ 2222.831408][T29718]  __x64_sys_ioctl+0xb7/0x210
[ 2222.831434][T29718]  do_syscall_64+0xcd/0x4c0
[ 2222.831456][T29718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2222.831473][T29718] RIP: 0033:0x7f9d3738e969
[ 2222.831488][T29718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2222.831505][T29718] RSP: 002b:00007f9d381ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2222.831522][T29718] RAX: ffffffffffffffda RBX: 00007f9d375b5fa0 RCX: 00007f9d3738e969
[ 2222.831533][T29718] RDX: 00002000000000c0 RSI: 0000000040505412 RDI: 0000000000000003
[ 2222.831543][T29718] RBP: 00007f9d381ca090 R08: 0000000000000000 R09: 0000000000000000
[ 2222.831553][T29718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2222.831563][T29718] R13: 0000000000000000 R14: 00007f9d375b5fa0 R15: 00007fff187ee358
[ 2222.831587][T29718]  </TASK>
[ 2222.837869][T29718] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2222.938050][T29719] Bluetooth: MGMT ver 1.23
[ 2223.054560][T29717] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6255'.
[ 2223.242601][T29725] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6256'.
[ 2224.375363][T29749] capability: warning: `syz.3.6265' uses 32-bit capabilities (legacy support in use)
[ 2224.581060][T29752] Can't find a SQUASHFS superblock on nullb0
[ 2224.672673][   T30] audit: type=1400 audit(1748665907.148:1172): avc:  denied  { accept } for  pid=29744 comm="syz.0.6264" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 2225.010491][   T30] audit: type=1800 audit(1748665907.168:1173): pid=29752 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.0.6264" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 2225.032042][   T30] audit: type=1400 audit(1748665907.178:1174): avc:  denied  { mounton } for  pid=29744 comm="syz.0.6264" path="/syzcgroup/unified/syz0" dev="cgroup2" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[ 2225.089726][T25416] Bluetooth: hci0: command 0x0406 tx timeout
[ 2225.192093][T29756] FAULT_INJECTION: forcing a failure.
[ 2225.192093][T29756] name failslab, interval 1, probability 0, space 0, times 0
[ 2225.207612][T29756] CPU: 0 UID: 0 PID: 29756 Comm: syz.4.6267 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2225.207634][T29756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2225.207645][T29756] Call Trace:
[ 2225.207651][T29756]  <TASK>
[ 2225.207657][T29756]  dump_stack_lvl+0x16c/0x1f0
[ 2225.207679][T29756]  should_fail_ex+0x512/0x640
[ 2225.207700][T29756]  ? fs_reclaim_acquire+0xae/0x150
[ 2225.207724][T29756]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 2225.207744][T29756]  should_failslab+0xc2/0x120
[ 2225.207761][T29756]  __kmalloc_noprof+0xd2/0x510
[ 2225.207781][T29756]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 2225.207807][T29756]  ? tomoyo_profile+0x47/0x60
[ 2225.207834][T29756]  tomoyo_path_number_perm+0x245/0x580
[ 2225.207852][T29756]  ? tomoyo_path_number_perm+0x237/0x580
[ 2225.207874][T29756]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2225.207896][T29756]  ? find_held_lock+0x2b/0x80
[ 2225.207947][T29756]  ? find_held_lock+0x2b/0x80
[ 2225.207973][T29756]  ? hook_file_ioctl_common+0x145/0x410
[ 2225.208013][T29756]  ? __fget_files+0x20e/0x3c0
[ 2225.208036][T29756]  security_file_ioctl+0x9b/0x240
[ 2225.208060][T29756]  __x64_sys_ioctl+0xb7/0x210
[ 2225.208087][T29756]  do_syscall_64+0xcd/0x4c0
[ 2225.208109][T29756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2225.208128][T29756] RIP: 0033:0x7fc8eb58e969
[ 2225.208142][T29756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2225.208159][T29756] RSP: 002b:00007fc8ec36b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2225.208176][T29756] RAX: ffffffffffffffda RBX: 00007fc8eb7b5fa0 RCX: 00007fc8eb58e969
[ 2225.208187][T29756] RDX: 0000200000002340 RSI: 0000000000005411 RDI: 0000000000000003
[ 2225.208198][T29756] RBP: 00007fc8ec36b090 R08: 0000000000000000 R09: 0000000000000000
[ 2225.208208][T29756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2225.208219][T29756] R13: 0000000000000000 R14: 00007fc8eb7b5fa0 R15: 00007ffd7f08bbc8
[ 2225.208243][T29756]  </TASK>
[ 2225.208251][T29756] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2225.447592][T29766] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2225.511267][T29766] team0: Device ipvlan2 is already an upper device of the team interface
[ 2225.667547][T29773] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2225.716526][T29771] loop7: detected capacity change from 0 to 7
[ 2225.866192][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2225.875413][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[ 2225.889864][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2225.899062][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 2225.928122][T29767] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6265'.
[ 2225.937166][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2225.937199][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 2225.939677][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2225.963720][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 2226.056812][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2226.066046][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[ 2226.107171][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2226.116399][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 2226.134574][T29771] ldm_validate_partition_table(): Disk read failed.
[ 2226.144930][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2226.154081][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[ 2226.183091][T29780] FAULT_INJECTION: forcing a failure.
[ 2226.183091][T29780] name failslab, interval 1, probability 0, space 0, times 0
[ 2226.192364][T29777] netlink: 68 bytes leftover after parsing attributes in process `syz.2.6272'.
[ 2226.205885][T29777] netlink: 68 bytes leftover after parsing attributes in process `syz.2.6272'.
[ 2226.219309][T29780] CPU: 0 UID: 0 PID: 29780 Comm: syz.4.6273 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2226.219325][T29780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2226.219332][T29780] Call Trace:
[ 2226.219337][T29780]  <TASK>
[ 2226.219341][T29780]  dump_stack_lvl+0x16c/0x1f0
[ 2226.219358][T29780]  should_fail_ex+0x512/0x640
[ 2226.219373][T29780]  ? fs_reclaim_acquire+0xae/0x150
[ 2226.219389][T29780]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 2226.219404][T29780]  should_failslab+0xc2/0x120
[ 2226.219416][T29780]  __kmalloc_noprof+0xd2/0x510
[ 2226.219429][T29780]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 2226.219445][T29780]  ? tomoyo_profile+0x47/0x60
[ 2226.219462][T29780]  tomoyo_path_number_perm+0x245/0x580
[ 2226.219473][T29780]  ? tomoyo_path_number_perm+0x237/0x580
[ 2226.219486][T29780]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2226.219499][T29780]  ? find_held_lock+0x2b/0x80
[ 2226.219542][T29780]  ? find_held_lock+0x2b/0x80
[ 2226.219559][T29780]  ? hook_file_ioctl_common+0x145/0x410
[ 2226.219578][T29780]  ? __fget_files+0x20e/0x3c0
[ 2226.219591][T29780]  security_file_ioctl+0x9b/0x240
[ 2226.219607][T29780]  __x64_sys_ioctl+0xb7/0x210
[ 2226.219623][T29780]  do_syscall_64+0xcd/0x4c0
[ 2226.219637][T29780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2226.219648][T29780] RIP: 0033:0x7fc8eb58e969
[ 2226.219657][T29780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2226.219668][T29780] RSP: 002b:00007fc8ec36b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2226.219678][T29780] RAX: ffffffffffffffda RBX: 00007fc8eb7b5fa0 RCX: 00007fc8eb58e969
[ 2226.219685][T29780] RDX: 00002000000001c0 RSI: 000000004008ae6a RDI: 0000000000000004
[ 2226.219692][T29780] RBP: 00007fc8ec36b090 R08: 0000000000000000 R09: 0000000000000000
[ 2226.219698][T29780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2226.219704][T29780] R13: 0000000000000000 R14: 00007fc8eb7b5fa0 R15: 00007ffd7f08bbc8
[ 2226.219717][T29780]  </TASK>
[ 2226.219722][T29780] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2226.380387][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2226.436049][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 2226.465252][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2226.474497][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 2226.484868][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 2226.494090][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[ 2226.504016][T29771] Dev loop7: unable to read RDB block 0
[ 2226.524736][T29771]  loop7: unable to read partition table
[ 2226.597290][T29771] loop7: partition table beyond EOD, truncated
[ 2226.749191][T29784] FAULT_INJECTION: forcing a failure.
[ 2226.749191][T29784] name failslab, interval 1, probability 0, space 0, times 0
[ 2226.769502][T29771] loop_reread_partitions: partition scan of loop7 (�被x������ ) failed (rc=-5)
[ 2226.871030][T29786] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6274'.
[ 2226.899528][T29784] CPU: 0 UID: 0 PID: 29784 Comm: syz.5.6275 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2226.899555][T29784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2226.899566][T29784] Call Trace:
[ 2226.899573][T29784]  <TASK>
[ 2226.899580][T29784]  dump_stack_lvl+0x16c/0x1f0
[ 2226.899605][T29784]  should_fail_ex+0x512/0x640
[ 2226.899628][T29784]  ? fs_reclaim_acquire+0xae/0x150
[ 2226.899658][T29784]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 2226.899682][T29784]  should_failslab+0xc2/0x120
[ 2226.899702][T29784]  __kmalloc_noprof+0xd2/0x510
[ 2226.899725][T29784]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 2226.899750][T29784]  ? tomoyo_profile+0x47/0x60
[ 2226.899779][T29784]  tomoyo_path_number_perm+0x245/0x580
[ 2226.899797][T29784]  ? tomoyo_path_number_perm+0x237/0x580
[ 2226.899820][T29784]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2226.899841][T29784]  ? find_held_lock+0x2b/0x80
[ 2226.899891][T29784]  ? find_held_lock+0x2b/0x80
[ 2226.899917][T29784]  ? hook_file_ioctl_common+0x145/0x410
[ 2226.899949][T29784]  ? __fget_files+0x20e/0x3c0
[ 2226.899971][T29784]  security_file_ioctl+0x9b/0x240
[ 2226.899995][T29784]  __x64_sys_ioctl+0xb7/0x210
[ 2226.900062][T29784]  do_syscall_64+0xcd/0x4c0
[ 2226.900086][T29784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2226.900104][T29784] RIP: 0033:0x7f664ad8e969
[ 2226.900119][T29784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2226.900136][T29784] RSP: 002b:00007f6648bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2226.900153][T29784] RAX: ffffffffffffffda RBX: 00007f664afb5fa0 RCX: 00007f664ad8e969
[ 2226.900164][T29784] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 2226.900173][T29784] RBP: 00007f6648bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 2226.900184][T29784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2226.900195][T29784] R13: 0000000000000000 R14: 00007f664afb5fa0 R15: 00007ffcc91f5ed8
[ 2226.900219][T29784]  </TASK>
[ 2226.900336][T29784] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2227.263201][   T30] audit: type=1400 audit(1748665909.868:1175): avc:  denied  { ioctl } for  pid=29787 comm="syz.4.6276" path="socket:[121554]" dev="sockfs" ino=121554 ioctlcmd=0x89eb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[ 2227.708884][T29801] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2227.716077][T29801] team0: Device ipvlan2 is already an upper device of the team interface
[ 2227.734726][T29799] block device autoloading is deprecated and will be removed.
[ 2227.753152][T29799] syz.4.6280: attempt to access beyond end of device
[ 2227.753152][T29799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2227.784528][T29799] syz.4.6280: attempt to access beyond end of device
[ 2227.784528][T29799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2227.808703][T29799] syz.4.6280: attempt to access beyond end of device
[ 2227.808703][T29799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2227.831056][T29799] syz.4.6280: attempt to access beyond end of device
[ 2227.831056][T29799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2227.844806][T29799] syz.4.6280: attempt to access beyond end of device
[ 2227.844806][T29799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2227.863316][T29799] syz.4.6280: attempt to access beyond end of device
[ 2227.863316][T29799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2227.878670][T29799] syz.4.6280: attempt to access beyond end of device
[ 2227.878670][T29799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2227.893005][T29799] syz.4.6280: attempt to access beyond end of device
[ 2227.893005][T29799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2227.913123][T29799] syz.4.6280: attempt to access beyond end of device
[ 2227.913123][T29799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2227.933679][T29806] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2227.941040][T29806] team0: Device ipvlan2 is already an upper device of the team interface
[ 2227.952174][T29799] syz.4.6280: attempt to access beyond end of device
[ 2227.952174][T29799] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 2228.040528][T14400] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[ 2228.298640][T14400] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2228.353839][T14400] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 2228.385640][T14400] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 2228.396913][T14400] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 2228.444243][T14400] usb 4-1: SerialNumber: syz
[ 2228.594444][T29814] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2228.811663][   T30] audit: type=1400 audit(1748665911.418:1176): avc:  denied  { setopt } for  pid=29802 comm="syz.3.6282" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[ 2228.854244][T29817] FAULT_INJECTION: forcing a failure.
[ 2228.854244][T29817] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2228.867553][T29817] CPU: 0 UID: 0 PID: 29817 Comm: syz.0.6286 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2228.867577][T29817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2228.867587][T29817] Call Trace:
[ 2228.867593][T29817]  <TASK>
[ 2228.867600][T29817]  dump_stack_lvl+0x16c/0x1f0
[ 2228.867629][T29817]  should_fail_ex+0x512/0x640
[ 2228.867656][T29817]  _copy_from_user+0x2e/0xd0
[ 2228.867681][T29817]  move_addr_to_kernel+0x65/0x170
[ 2228.867707][T29817]  __sys_sendto+0x1be/0x520
[ 2228.867724][T29817]  ? __pfx___sys_sendto+0x10/0x10
[ 2228.867761][T29817]  ? ksys_write+0x1ac/0x250
[ 2228.867778][T29817]  ? __pfx_ksys_write+0x10/0x10
[ 2228.867797][T29817]  __x64_sys_sendto+0xe0/0x1c0
[ 2228.867813][T29817]  ? do_syscall_64+0x91/0x4c0
[ 2228.867831][T29817]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2228.867850][T29817]  do_syscall_64+0xcd/0x4c0
[ 2228.867870][T29817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2228.867887][T29817] RIP: 0033:0x7f37e3f8e969
[ 2228.867901][T29817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2228.867918][T29817] RSP: 002b:00007f37e4e02038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 2228.867935][T29817] RAX: ffffffffffffffda RBX: 00007f37e41b5fa0 RCX: 00007f37e3f8e969
[ 2228.867946][T29817] RDX: 000000000000ffe0 RSI: 0000200000000100 RDI: 0000000000000003
[ 2228.867956][T29817] RBP: 00007f37e4e02090 R08: 0000200000000140 R09: 000000000000001c
[ 2228.867967][T29817] R10: 000000002000c851 R11: 0000000000000246 R12: 0000000000000001
[ 2228.867977][T29817] R13: 0000000000000000 R14: 00007f37e41b5fa0 R15: 00007ffff94aadc8
[ 2228.868000][T29817]  </TASK>
[ 2229.148184][   T30] audit: type=1400 audit(1748665911.648:1177): avc:  denied  { ioctl } for  pid=29802 comm="syz.3.6282" path="socket:[121621]" dev="sockfs" ino=121621 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 2229.498350][T29830] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6288'.
[ 2230.059905][   T30] audit: type=1400 audit(1748665912.628:1178): avc:  denied  { create } for  pid=29827 comm="syz.0.6289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 2230.359529][   T30] audit: type=1400 audit(1748665912.698:1179): avc:  denied  { write } for  pid=29827 comm="syz.0.6289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 2230.479403][   T30] audit: type=1400 audit(1748665912.698:1180): avc:  denied  { nlmsg_write } for  pid=29827 comm="syz.0.6289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[ 2230.715293][   T30] audit: type=1400 audit(1748665913.208:1181): avc:  denied  { write } for  pid=29836 comm="syz.2.6291" name="usbmon8" dev="devtmpfs" ino=740 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 2230.898528][T29844] usb usb8: usbfs: process 29844 (syz.2.6291) did not claim interface 0 before use
[ 2231.032442][T29849] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6294'.
[ 2231.149339][T27469] usb 1-1: new full-speed USB device number 65 using dummy_hcd
[ 2231.201974][T29855] Scaler: =================  START STATUS  =================
[ 2231.209597][T29855] Scaler: ==================  END STATUS  ==================
[ 2232.447323][T29864] FAULT_INJECTION: forcing a failure.
[ 2232.447323][T29864] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2232.476499][T29864] CPU: 1 UID: 0 PID: 29864 Comm: syz.4.6298 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2232.476526][T29864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2232.476535][T29864] Call Trace:
[ 2232.476541][T29864]  <TASK>
[ 2232.476548][T29864]  dump_stack_lvl+0x16c/0x1f0
[ 2232.476578][T29864]  should_fail_ex+0x512/0x640
[ 2232.476604][T29864]  _copy_from_iter+0x29f/0x16f0
[ 2232.476636][T29864]  ? __lock_acquire+0x622/0x1c90
[ 2232.476661][T29864]  ? __pfx__copy_from_iter+0x10/0x10
[ 2232.476701][T29864]  copy_page_from_iter+0xde/0x180
[ 2232.476728][T29864]  tun_build_skb.constprop.0+0x2e8/0x14f0
[ 2232.476762][T29864]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[ 2232.476812][T29864]  ? __pfx__kstrtoull+0x10/0x10
[ 2232.476849][T29864]  tun_get_user+0x165f/0x3b80
[ 2232.476883][T29864]  ? __pfx_tun_get_user+0x10/0x10
[ 2232.476906][T29864]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 2232.476937][T29864]  ? find_held_lock+0x2b/0x80
[ 2232.476963][T29864]  ? tun_get+0x191/0x370
[ 2232.476991][T29864]  tun_chr_write_iter+0xdc/0x210
[ 2232.477016][T29864]  vfs_write+0x6c4/0x1150
[ 2232.477034][T29864]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 2232.477061][T29864]  ? __pfx_vfs_write+0x10/0x10
[ 2232.477075][T29864]  ? find_held_lock+0x2b/0x80
[ 2232.477116][T29864]  ksys_write+0x12a/0x250
[ 2232.477131][T29864]  ? __pfx_ksys_write+0x10/0x10
[ 2232.477160][T29864]  do_syscall_64+0xcd/0x4c0
[ 2232.477182][T29864]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2232.477199][T29864] RIP: 0033:0x7fc8eb58d41f
[ 2232.477213][T29864] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 2232.477228][T29864] RSP: 002b:00007fc8ec36b000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 2232.477245][T29864] RAX: ffffffffffffffda RBX: 00007fc8eb7b5fa0 RCX: 00007fc8eb58d41f
[ 2232.477263][T29864] RDX: 0000000000000056 RSI: 0000200000000040 RDI: 00000000000000c8
[ 2232.477274][T29864] RBP: 00007fc8ec36b090 R08: 0000000000000000 R09: 0000000000000000
[ 2232.477285][T29864] R10: 0000000000000056 R11: 0000000000000293 R12: 0000000000000001
[ 2232.477296][T29864] R13: 0000000000000000 R14: 00007fc8eb7b5fa0 R15: 00007ffd7f08bbc8
[ 2232.477323][T29864]  </TASK>
[ 2232.703862][T27469] usb 1-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 2232.715128][T27469] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2232.728028][T27469] usb 1-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[ 2232.883599][T27469] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2232.896372][T14400] usb 4-1: 0:2 : does not exist
[ 2232.958483][T27469] usb 1-1: config 0 descriptor??
[ 2232.965131][T14400] usb 4-1: USB disconnect, device number 66
[ 2233.054426][T29843] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 2233.096465][T29492] udevd[29492]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2233.126513][T29877] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6301'.
[ 2233.479295][   T30] audit: type=1400 audit(1748665916.078:1182): avc:  denied  { append } for  pid=29883 comm="syz.3.6305" name="file2" dev="tmpfs" ino=170 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2233.518652][   T30] audit: type=1400 audit(1748665916.078:1183): avc:  denied  { ioctl } for  pid=29883 comm="syz.3.6305" path="/30/file2" dev="tmpfs" ino=170 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 2233.593156][T27469] uclogic 0003:5543:0042.0018: item fetching failed at offset 0/3
[ 2233.615830][T27469] uclogic 0003:5543:0042.0018: parse failed
[ 2233.622133][T27469] uclogic 0003:5543:0042.0018: probe with driver uclogic failed with error -22
[ 2234.001195][T14400] usb 1-1: USB disconnect, device number 65
[ 2234.074457][T29896] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2234.177466][T17820] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[ 2234.510781][T17820] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 252, changing to 11
[ 2234.524304][T17820] usb 4-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00
[ 2234.551885][T17820] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2234.573413][   T30] audit: type=1400 audit(1748665917.178:1184): avc:  denied  { map } for  pid=29900 comm="syz.5.6311" path="socket:[121798]" dev="sockfs" ino=121798 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[ 2234.602982][T17820] usb 4-1: config 0 descriptor??
[ 2235.218027][T17820] uclogic 0003:5543:0005.0019: No inputs registered, leaving
[ 2235.254435][T17820] uclogic 0003:5543:0005.0019: hidraw0: USB HID v4.01 Device [HID 5543:0005] on usb-dummy_hcd.3-1/input0
[ 2235.415379][T29889] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2235.428626][T29889] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2235.456129][T18453] usb 4-1: USB disconnect, device number 67
[ 2235.791947][T29926] FAULT_INJECTION: forcing a failure.
[ 2235.791947][T29926] name failslab, interval 1, probability 0, space 0, times 0
[ 2235.929364][T29926] CPU: 1 UID: 0 PID: 29926 Comm: syz.0.6318 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2235.929394][T29926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2235.929405][T29926] Call Trace:
[ 2235.929413][T29926]  <TASK>
[ 2235.929422][T29926]  dump_stack_lvl+0x16c/0x1f0
[ 2235.929448][T29926]  should_fail_ex+0x512/0x640
[ 2235.929476][T29926]  ? fs_reclaim_acquire+0xae/0x150
[ 2235.929502][T29926]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 2235.929526][T29926]  should_failslab+0xc2/0x120
[ 2235.929547][T29926]  __kmalloc_noprof+0xd2/0x510
[ 2235.929573][T29926]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 2235.929603][T29926]  ? tomoyo_profile+0x47/0x60
[ 2235.929632][T29926]  tomoyo_path_number_perm+0x245/0x580
[ 2235.929651][T29926]  ? tomoyo_path_number_perm+0x237/0x580
[ 2235.929675][T29926]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2235.929697][T29926]  ? find_held_lock+0x2b/0x80
[ 2235.929753][T29926]  ? find_held_lock+0x2b/0x80
[ 2235.929779][T29926]  ? hook_file_ioctl_common+0x145/0x410
[ 2235.929813][T29926]  ? __fget_files+0x20e/0x3c0
[ 2235.929837][T29926]  security_file_ioctl+0x9b/0x240
[ 2235.929874][T29926]  __x64_sys_ioctl+0xb7/0x210
[ 2235.929901][T29926]  do_syscall_64+0xcd/0x4c0
[ 2235.929924][T29926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2235.929948][T29926] RIP: 0033:0x7f37e3f8e969
[ 2235.929962][T29926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2235.929980][T29926] RSP: 002b:00007f37e4e02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2235.929998][T29926] RAX: ffffffffffffffda RBX: 00007f37e41b5fa0 RCX: 00007f37e3f8e969
[ 2235.930009][T29926] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000003
[ 2235.930020][T29926] RBP: 00007f37e4e02090 R08: 0000000000000000 R09: 0000000000000000
[ 2235.930031][T29926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2235.930041][T29926] R13: 0000000000000000 R14: 00007f37e41b5fa0 R15: 00007ffff94aadc8
[ 2235.930066][T29926]  </TASK>
[ 2235.930137][T29926] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2236.237587][T29930] overlayfs: unescaped trailing colons in lowerdir mount option.
[ 2236.798979][T29938] FAULT_INJECTION: forcing a failure.
[ 2236.798979][T29938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2236.812424][T29938] CPU: 1 UID: 0 PID: 29938 Comm: syz.3.6322 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2236.812440][T29938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2236.812446][T29938] Call Trace:
[ 2236.812450][T29938]  <TASK>
[ 2236.812454][T29938]  dump_stack_lvl+0x16c/0x1f0
[ 2236.812470][T29938]  should_fail_ex+0x512/0x640
[ 2236.812486][T29938]  _copy_from_user+0x2e/0xd0
[ 2236.812502][T29938]  move_addr_to_kernel+0x65/0x170
[ 2236.812519][T29938]  __sys_sendto+0x1be/0x520
[ 2236.812529][T29938]  ? __pfx___sys_sendto+0x10/0x10
[ 2236.812550][T29938]  ? ksys_write+0x1ac/0x250
[ 2236.812559][T29938]  ? __pfx_ksys_write+0x10/0x10
[ 2236.812570][T29938]  __x64_sys_sendto+0xe0/0x1c0
[ 2236.812580][T29938]  ? do_syscall_64+0x91/0x4c0
[ 2236.812591][T29938]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2236.812603][T29938]  do_syscall_64+0xcd/0x4c0
[ 2236.812615][T29938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2236.812626][T29938] RIP: 0033:0x7f9d3738e969
[ 2236.812634][T29938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2236.812646][T29938] RSP: 002b:00007f9d381ca038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 2236.812656][T29938] RAX: ffffffffffffffda RBX: 00007f9d375b5fa0 RCX: 00007f9d3738e969
[ 2236.812663][T29938] RDX: 000000000001000a RSI: 0000200000000180 RDI: 0000000000000003
[ 2236.812669][T29938] RBP: 00007f9d381ca090 R08: 0000200000000140 R09: 0000000000000014
[ 2236.812675][T29938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2236.812681][T29938] R13: 0000000000000000 R14: 00007f9d375b5fa0 R15: 00007fff187ee358
[ 2236.812694][T29938]  </TASK>
[ 2237.106742][T29939] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2237.441066][T29946] FAULT_INJECTION: forcing a failure.
[ 2237.441066][T29946] name failslab, interval 1, probability 0, space 0, times 0
[ 2237.454838][T29946] CPU: 1 UID: 0 PID: 29946 Comm: syz.3.6325 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2237.454864][T29946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2237.454875][T29946] Call Trace:
[ 2237.454882][T29946]  <TASK>
[ 2237.454889][T29946]  dump_stack_lvl+0x16c/0x1f0
[ 2237.454914][T29946]  should_fail_ex+0x512/0x640
[ 2237.454936][T29946]  ? fs_reclaim_acquire+0xae/0x150
[ 2237.454963][T29946]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 2237.454987][T29946]  should_failslab+0xc2/0x120
[ 2237.455007][T29946]  __kmalloc_noprof+0xd2/0x510
[ 2237.455031][T29946]  tomoyo_realpath_from_path+0xc2/0x6e0
[ 2237.455057][T29946]  ? tomoyo_profile+0x47/0x60
[ 2237.455085][T29946]  tomoyo_path_number_perm+0x245/0x580
[ 2237.455105][T29946]  ? tomoyo_path_number_perm+0x237/0x580
[ 2237.455127][T29946]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2237.455154][T29946]  ? find_held_lock+0x2b/0x80
[ 2237.455210][T29946]  ? find_held_lock+0x2b/0x80
[ 2237.455237][T29946]  ? hook_file_ioctl_common+0x145/0x410
[ 2237.455270][T29946]  ? __fget_files+0x20e/0x3c0
[ 2237.455292][T29946]  security_file_ioctl+0x9b/0x240
[ 2237.455317][T29946]  __x64_sys_ioctl+0xb7/0x210
[ 2237.455343][T29946]  do_syscall_64+0xcd/0x4c0
[ 2237.455366][T29946]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2237.455383][T29946] RIP: 0033:0x7f9d3738e969
[ 2237.455397][T29946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2237.455415][T29946] RSP: 002b:00007f9d381ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2237.455432][T29946] RAX: ffffffffffffffda RBX: 00007f9d375b5fa0 RCX: 00007f9d3738e969
[ 2237.455444][T29946] RDX: 0000200000000000 RSI: 00000000c01064ac RDI: 0000000000000003
[ 2237.455455][T29946] RBP: 00007f9d381ca090 R08: 0000000000000000 R09: 0000000000000000
[ 2237.455466][T29946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2237.455476][T29946] R13: 0000000000000000 R14: 00007f9d375b5fa0 R15: 00007fff187ee358
[ 2237.455501][T29946]  </TASK>
[ 2237.667591][T29946] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2237.838680][T29950] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2237.846175][T29950] team0: Device ipvlan2 is already an upper device of the team interface
[ 2237.930012][T29957] xt_socket: unknown flags 0x4
[ 2237.945919][   T30] audit: type=1400 audit(1748665920.538:1185): avc:  denied  { mount } for  pid=29942 comm="syz.2.6324" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 2237.990846][T29958] block nbd4: NBD_DISCONNECT
[ 2238.019673][T29958] block nbd4: Send disconnect failed -22
[ 2238.349296][    T9] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[ 2238.534673][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 2238.607391][    T9] usb 5-1: config index 0 descriptor too short (expected 8192, got 68)
[ 2238.700593][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2238.825490][   T30] audit: type=1400 audit(1748665921.418:1186): avc:  denied  { unmount } for  pid=20313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[ 2238.851744][    T9] usb 5-1: config 0 has no interfaces?
[ 2238.928937][    T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2239.014533][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 2239.108153][    T9] usb 5-1: SerialNumber: syz
[ 2239.212972][    T9] usb 5-1: config 0 descriptor??
[ 2239.719285][ T5900] usb 6-1: new full-speed USB device number 33 using dummy_hcd
[ 2239.756319][ T3555] tipc: Subscription rejected, illegal request
[ 2239.765081][T29949] block nbd4: Disconnected due to user request.
[ 2239.771769][    T9] usb 5-1: USB disconnect, device number 61
[ 2239.783143][T29949] block nbd4: shutting down sockets
[ 2239.902853][ T5900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[ 2239.916100][ T5900] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 2239.929119][ T5900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[ 2239.947736][ T5900] usb 6-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 2239.957479][ T5900] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2239.966827][ T5900] usb 6-1: Product: syz
[ 2239.972120][ T5900] usb 6-1: Manufacturer: syz
[ 2239.977800][ T5900] usb 6-1: SerialNumber: syz
[ 2240.009527][ T5900] usb 6-1: config 0 descriptor??
[ 2240.024248][T29975] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 2240.032026][T29975] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 2240.045832][ T5900] usb 6-1: ucan: probing device on interface #0
[ 2240.129564][T18453] usb 4-1: new full-speed USB device number 68 using dummy_hcd
[ 2240.310226][T18453] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 2240.319809][T18453] usb 4-1: config 0 has no interface number 0
[ 2240.479514][T18453] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 2240.495022][T18453] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2240.523821][T18453] usb 4-1: config 0 descriptor??
[ 2240.532409][T18453] usb 4-1: selecting invalid altsetting 1
[ 2240.542701][T18453] dvb_ttusb_budget: ttusb_init_controller: error
[ 2240.560733][T18453] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 2240.697853][T18453] DVB: Unable to find symbol cx22700_attach()
[ 2241.232561][ T5900] ucan 6-1:0.0 can0: registered device
[ 2241.249559][ T5900] ucan 6-1:0.0 can0: firmware string: unknown
[ 2241.445930][ T5900] usb 6-1: USB disconnect, device number 33
[ 2241.488802][T18453] DVB: Unable to find symbol tda10046_attach()
[ 2241.545764][T18453] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 2241.567439][T30007] FAULT_INJECTION: forcing a failure.
[ 2241.567439][T30007] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2241.598471][T30007] CPU: 1 UID: 0 PID: 30007 Comm: syz.0.6342 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2241.598499][T30007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2241.598510][T30007] Call Trace:
[ 2241.598517][T30007]  <TASK>
[ 2241.598524][T30007]  dump_stack_lvl+0x16c/0x1f0
[ 2241.598549][T30007]  should_fail_ex+0x512/0x640
[ 2241.598576][T30007]  _copy_from_user+0x2e/0xd0
[ 2241.598601][T30007]  __sys_bpf+0x21d/0x4d80
[ 2241.598625][T30007]  ? __pfx___sys_bpf+0x10/0x10
[ 2241.598645][T30007]  ? ksys_write+0x190/0x250
[ 2241.598666][T30007]  ? __mutex_unlock_slowpath+0x161/0x6a0
[ 2241.598701][T30007]  ? fput+0x70/0xf0
[ 2241.598720][T30007]  ? ksys_write+0x1ac/0x250
[ 2241.598735][T30007]  ? __pfx_ksys_write+0x10/0x10
[ 2241.598755][T30007]  __x64_sys_bpf+0x78/0xc0
[ 2241.598775][T30007]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2241.598793][T30007]  do_syscall_64+0xcd/0x4c0
[ 2241.598815][T30007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2241.598832][T30007] RIP: 0033:0x7f37e3f8e969
[ 2241.598847][T30007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2241.598864][T30007] RSP: 002b:00007f37e4e02038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2241.598881][T30007] RAX: ffffffffffffffda RBX: 00007f37e41b5fa0 RCX: 00007f37e3f8e969
[ 2241.598892][T30007] RDX: 0000000000000050 RSI: 0000200000000000 RDI: 0000000000000000
[ 2241.598903][T30007] RBP: 00007f37e4e02090 R08: 0000000000000000 R09: 0000000000000000
[ 2241.598914][T30007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2241.598924][T30007] R13: 0000000000000001 R14: 00007f37e41b5fa0 R15: 00007ffff94aadc8
[ 2241.598948][T30007]  </TASK>
[ 2241.850329][T30012] tc_dump_action: action bad kind
[ 2241.891175][T30015] overlayfs: unescaped trailing colons in lowerdir mount option.
[ 2242.037851][T29434] usb 4-1: USB disconnect, device number 68
[ 2242.139790][    T9] usb 5-1: new low-speed USB device number 62 using dummy_hcd
[ 2242.285074][   T30] audit: type=1400 audit(1748665924.808:1187): avc:  denied  { sqpoll } for  pid=30014 comm="syz.0.6346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[ 2242.304513][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2242.511012][    T9] usb 5-1: config 0 has an invalid interface number: 3 but max is 0
[ 2242.544127][    T9] usb 5-1: config 0 has no interface number 0
[ 2242.667184][    T9] usb 5-1: config 0 interface 3 altsetting 0 endpoint 0x6 has invalid maxpacket 64, setting to 8
[ 2242.732110][    T9] usb 5-1: config 0 interface 3 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 2242.749492][T30037] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6353'.
[ 2242.773362][T30037] fuse: Unknown parameter '0x0000000000000004'
[ 2242.789616][   T30] audit: type=1400 audit(1748665925.388:1188): avc:  denied  { read } for  pid=30036 comm="syz.5.6353" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 2242.825469][    T9] usb 5-1: config 0 interface 3 altsetting 0 endpoint 0x8 has invalid maxpacket 1024, setting to 8
[ 2242.846487][    T9] usb 5-1: config 0 interface 3 altsetting 0 endpoint 0x4 has invalid maxpacket 1023, setting to 8
[ 2242.918068][   T30] audit: type=1400 audit(1748665925.398:1189): avc:  denied  { ioctl } for  pid=30036 comm="syz.5.6353" path="/dev/rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[ 2242.947830][    T9] usb 5-1: config 0 interface 3 altsetting 0 endpoint 0xA has invalid maxpacket 1023, setting to 8
[ 2242.989522][    T9] usb 5-1: New USB device found, idVendor=1199, idProduct=6821, bcdDevice=98.59
[ 2243.018921][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2243.072759][    T9] usb 5-1: config 0 descriptor??
[ 2243.098491][T30012] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 2243.110292][    T9] hub 5-1:0.3: bad descriptor, ignoring hub
[ 2243.133891][    T9] hub 5-1:0.3: probe with driver hub failed with error -5
[ 2243.152070][    T9] sierra 5-1:0.3: Sierra USB modem converter detected
[ 2243.163077][T30052] FAULT_INJECTION: forcing a failure.
[ 2243.163077][T30052] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2243.187326][T30052] CPU: 0 UID: 0 PID: 30052 Comm: syz.5.6356 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2243.187360][T30052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2243.187371][T30052] Call Trace:
[ 2243.187378][T30052]  <TASK>
[ 2243.187385][T30052]  dump_stack_lvl+0x16c/0x1f0
[ 2243.187411][T30052]  should_fail_ex+0x512/0x640
[ 2243.187440][T30052]  _copy_from_user+0x2e/0xd0
[ 2243.187467][T30052]  copy_msghdr_from_user+0x98/0x160
[ 2243.187489][T30052]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 2243.187524][T30052]  ___sys_sendmsg+0xfe/0x1d0
[ 2243.187546][T30052]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2243.187564][T30052]  ? __lock_acquire+0x622/0x1c90
[ 2243.187623][T30052]  __sys_sendmsg+0x16d/0x220
[ 2243.187643][T30052]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2243.187683][T30052]  do_syscall_64+0xcd/0x4c0
[ 2243.187706][T30052]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2243.187724][T30052] RIP: 0033:0x7f664ad8e969
[ 2243.187739][T30052] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2243.187756][T30052] RSP: 002b:00007f6648bf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2243.187774][T30052] RAX: ffffffffffffffda RBX: 00007f664afb5fa0 RCX: 00007f664ad8e969
[ 2243.187785][T30052] RDX: 0000000004008000 RSI: 0000200000006040 RDI: 0000000000000004
[ 2243.187797][T30052] RBP: 00007f6648bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 2243.187807][T30052] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2243.187818][T30052] R13: 0000000000000000 R14: 00007f664afb5fa0 R15: 00007ffcc91f5ed8
[ 2243.187841][T30052]  </TASK>
[ 2243.580771][    T9] usb 5-1: Sierra USB modem converter now attached to ttyUSB0
[ 2243.606498][    T9] usb 5-1: Sierra USB modem converter now attached to ttyUSB1
[ 2243.780353][    T9] usb 5-1: USB disconnect, device number 62
[ 2243.789458][T17820] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[ 2243.985162][T17820] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2244.074082][    T9] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[ 2244.082957][T17820] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 2244.094657][T17820] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2244.103922][T17820] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2244.114905][    T9] sierra ttyUSB1: Sierra USB modem converter now disconnected from ttyUSB1
[ 2244.141765][T30058] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 2244.150943][    T9] sierra 5-1:0.3: device disconnected
[ 2244.167704][T17820] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 2244.384010][T30067] FAULT_INJECTION: forcing a failure.
[ 2244.384010][T30067] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2244.425508][T30067] CPU: 1 UID: 0 PID: 30067 Comm: syz.4.6364 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2244.425534][T30067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2244.425545][T30067] Call Trace:
[ 2244.425552][T30067]  <TASK>
[ 2244.425559][T30067]  dump_stack_lvl+0x16c/0x1f0
[ 2244.425582][T30067]  should_fail_ex+0x512/0x640
[ 2244.425608][T30067]  _copy_from_user+0x2e/0xd0
[ 2244.425633][T30067]  do_sock_getsockopt+0x5f4/0x800
[ 2244.425658][T30067]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 2244.425679][T30067]  ? __fget_files+0x204/0x3c0
[ 2244.425708][T30067]  __sys_getsockopt+0x12f/0x260
[ 2244.425732][T30067]  __x64_sys_getsockopt+0xbd/0x160
[ 2244.425748][T30067]  ? do_syscall_64+0x91/0x4c0
[ 2244.425767][T30067]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2244.425786][T30067]  do_syscall_64+0xcd/0x4c0
[ 2244.425805][T30067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2244.425823][T30067] RIP: 0033:0x7fc8eb58e969
[ 2244.425836][T30067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2244.425853][T30067] RSP: 002b:00007fc8ec36b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 2244.425868][T30067] RAX: ffffffffffffffda RBX: 00007fc8eb7b5fa0 RCX: 00007fc8eb58e969
[ 2244.425879][T30067] RDX: 0000000000000084 RSI: 0000000000000084 RDI: 0000000000000003
[ 2244.425900][T30067] RBP: 00007fc8ec36b090 R08: 0000200000001080 R09: 0000000000000000
[ 2244.425911][T30067] R10: 00002000000020c0 R11: 0000000000000246 R12: 0000000000000001
[ 2244.425922][T30067] R13: 0000000000000000 R14: 00007fc8eb7b5fa0 R15: 00007ffd7f08bbc8
[ 2244.425945][T30067]  </TASK>
[ 2244.715992][    T9] usb 1-1: USB disconnect, device number 66
[ 2244.953222][T30077] netlink: 60 bytes leftover after parsing attributes in process `syz.4.6366'.
[ 2245.169532][T29434] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[ 2245.267241][T30068] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2245.350237][T29434] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2245.566835][T29434] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2245.581433][T29434] usb 4-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[ 2245.599526][T29434] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2245.869551][T29434] usb 4-1: config 0 descriptor??
[ 2245.888805][T30091] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2245.906389][T30091] team0: Device ipvlan2 is already an upper device of the team interface
[ 2246.059275][T30094] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 2246.066680][T30094] team0: Device ipvlan2 is already an upper device of the team interface
[ 2246.478658][T29434] lenovo 0003:17EF:6047.001A: unknown main item tag 0x0
[ 2246.507204][T29434] lenovo 0003:17EF:6047.001A: unknown main item tag 0x0
[ 2246.524639][T29434] lenovo 0003:17EF:6047.001A: unknown main item tag 0x0
[ 2246.544678][T29434] lenovo 0003:17EF:6047.001A: unknown main item tag 0x0
[ 2246.561254][T29434] lenovo 0003:17EF:6047.001A: unknown main item tag 0x0
[ 2246.640103][T29434] lenovo 0003:17EF:6047.001A: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.3-1/input0
[ 2246.667266][T30110] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2248.363931][T29434] lenovo 0003:17EF:6047.001A: Fn-lock setting failed: -71
[ 2248.385269][T29434] lenovo 0003:17EF:6047.001A: Sensitivity setting failed: -71
[ 2248.398094][T29434] usb 4-1: USB disconnect, device number 69
[ 2249.147523][T17820] hid-generic 0003:FFFFFFFF:0004.001B: item fetching failed at offset 0/1
[ 2249.165496][T17820] hid-generic 0003:FFFFFFFF:0004.001B: probe with driver hid-generic failed with error -22
[ 2354.169192][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 2354.176168][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P20723/1:b..l
[ 2354.184646][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=134473, q=228 ncpus=2)
[ 2354.192451][    C0] task:syz-executor    state:R  running task     stack:23208 pid:20723 tgid:20723 ppid:20684  task_flags:0x400140 flags:0x00004002
[ 2354.206413][    C0] Call Trace:
[ 2354.209691][    C0]  <TASK>
[ 2354.212622][    C0]  __schedule+0x116a/0x5de0
[ 2354.217126][    C0]  ? __lock_acquire+0x622/0x1c90
[ 2354.222071][    C0]  ? __lock_acquire+0x622/0x1c90
[ 2354.227011][    C0]  ? __pfx___schedule+0x10/0x10
[ 2354.231866][    C0]  ? __lock_acquire+0x622/0x1c90
[ 2354.236810][    C0]  preempt_schedule_irq+0x51/0x90
[ 2354.241832][    C0]  irqentry_exit+0x36/0x90
[ 2354.246242][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2354.252222][    C0] RIP: 0010:unwind_next_frame+0x159d/0x20a0
[ 2354.258118][    C0] Code: 10 49 89 f8 41 83 e0 07 44 38 c6 41 0f 9e c0 40 84 f6 40 0f 95 c6 41 84 f0 0f 85 01 0a 00 00 83 e0 07 38 c2 40 0f 9e c6 84 d2 <0f> 95 c0 40 84 c6 0f 85 ea 09 00 00 48 0f bf 69 02 ba 08 00 00 00
[ 2354.277719][    C0] RSP: 0018:ffffc90003e378b8 EFLAGS: 00000246
[ 2354.283784][    C0] RAX: 0000000000000001 RBX: 0000000000000001 RCX: ffffffff9149da66
[ 2354.291749][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffffffff9149da68
[ 2354.299711][    C0] RBP: ffffc90003e37970 R08: 0000000000000001 R09: 0000000000000000
[ 2354.307676][    C0] R10: 0000000000000000 R11: 00000000000117e6 R12: ffffc90003e37978
[ 2354.315638][    C0] R13: ffffc90003e37928 R14: ffffc90003e37d20 R15: ffffc90003e3795c
[ 2354.323617][    C0]  ? unwind_next_frame+0xb8f/0x20a0
[ 2354.328812][    C0]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 2354.334445][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2354.340596][    C0]  arch_stack_walk+0x94/0x100
[ 2354.345284][    C0]  ? sk_prot_alloc+0x60/0x2a0
[ 2354.349965][    C0]  stack_trace_save+0x8e/0xc0
[ 2354.354635][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 2354.360005][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 2354.365373][    C0]  ? stack_depot_save_flags+0x28/0xa40
[ 2354.370834][    C0]  kasan_save_stack+0x33/0x60
[ 2354.375504][    C0]  ? kasan_save_stack+0x33/0x60
[ 2354.380346][    C0]  ? kasan_save_track+0x14/0x30
[ 2354.385186][    C0]  ? __kasan_slab_alloc+0x89/0x90
[ 2354.390203][    C0]  ? kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 2354.395875][    C0]  kasan_save_track+0x14/0x30
[ 2354.400545][    C0]  __kasan_slab_alloc+0x89/0x90
[ 2354.405394][    C0]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[ 2354.410847][    C0]  ? sk_prot_alloc+0x60/0x2a0
[ 2354.415525][    C0]  sk_prot_alloc+0x60/0x2a0
[ 2354.420030][    C0]  sk_alloc+0x36/0xc20
[ 2354.424097][    C0]  inet6_create+0x381/0x1300
[ 2354.428689][    C0]  ? inet6_create+0x7f/0x1300
[ 2354.433368][    C0]  __sock_create+0x335/0x8d0
[ 2354.437966][    C0]  __sys_socket+0x14d/0x260
[ 2354.442471][    C0]  ? __pfx___sys_socket+0x10/0x10
[ 2354.447496][    C0]  ? dnotify_flush+0x79/0x4c0
[ 2354.452176][    C0]  __x64_sys_socket+0x72/0xb0
[ 2354.456852][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2354.462045][    C0]  do_syscall_64+0xcd/0x4c0
[ 2354.466549][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2354.472438][    C0] RIP: 0033:0x7f37e3f90887
[ 2354.476845][    C0] RSP: 002b:00007ffff94aaa58 EFLAGS: 00000206 ORIG_RAX: 0000000000000029
[ 2354.485250][    C0] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f37e3f90887
[ 2354.493218][    C0] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 000000000000000a
[ 2354.501183][    C0] RBP: 00007ffff94ab18c R08: 00007ffff94aaa7c R09: 0079746972756365
[ 2354.509145][    C0] R10: 00007ffff94aaae0 R11: 0000000000000206 R12: 00007f37e417ec80
[ 2354.517109][    C0] R13: 00000000000927c0 R14: 0000000000225149 R15: 00007f37e4180e40
[ 2354.525088][    C0]  </TASK>
[ 2354.528099][    C0] rcu: rcu_preempt kthread starved for 10500 jiffies! g134473 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 2354.539378][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 2354.549338][    C0] rcu: RCU grace-period kthread stack dump:
[ 2354.555214][    C0] task:rcu_preempt     state:R  running task     stack:28360 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[ 2354.568703][    C0] Call Trace:
[ 2354.571973][    C0]  <TASK>
[ 2354.574901][    C0]  __schedule+0x116a/0x5de0
[ 2354.579410][    C0]  ? __lock_acquire+0x622/0x1c90
[ 2354.584350][    C0]  ? __pfx___schedule+0x10/0x10
[ 2354.589198][    C0]  ? find_held_lock+0x2b/0x80
[ 2354.593879][    C0]  ? schedule+0x2d7/0x3a0
[ 2354.598206][    C0]  schedule+0xe7/0x3a0
[ 2354.602443][    C0]  schedule_timeout+0x123/0x290
[ 2354.607294][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 2354.612667][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 2354.617951][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 2354.623750][    C0]  ? prepare_to_swait_event+0xf5/0x480
[ 2354.629297][    C0]  rcu_gp_fqs_loop+0x1ea/0xb00
[ 2354.634063][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 2354.639353][    C0]  ? rcu_gp_cleanup+0x7c1/0xd90
[ 2354.644224][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 2354.650028][    C0]  rcu_gp_kthread+0x270/0x380
[ 2354.654789][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2354.659984][    C0]  ? rcu_is_watching+0x12/0xc0
[ 2354.664740][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 2354.669936][    C0]  ? __kthread_parkme+0x19e/0x250
[ 2354.674958][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2354.680157][    C0]  kthread+0x3c2/0x780
[ 2354.684226][    C0]  ? __pfx_kthread+0x10/0x10
[ 2354.688823][    C0]  ? rcu_is_watching+0x12/0xc0
[ 2354.693581][    C0]  ? __pfx_kthread+0x10/0x10
[ 2354.698168][    C0]  ret_from_fork+0x5d4/0x6f0
[ 2354.702753][    C0]  ? __pfx_kthread+0x10/0x10
[ 2354.707341][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2354.712114][    C0]  </TASK>
[ 2354.715122][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 2354.721437][    C0] CPU: 0 UID: 0 PID: 26516 Comm: kworker/u8:16 Not tainted 6.15.0-syzkaller-09161-g0f70f5b08a47 #0 PREEMPT(full) 
[ 2354.733402][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2354.743448][    C0] Workqueue: events_unbound toggle_allocation_gate
[ 2354.749949][    C0] RIP: 0010:__sanitizer_cov_trace_const_cmp4+0x0/0x20
[ 2354.756713][    C0] Code: 0c 24 0f b7 d6 0f b7 f7 bf 03 00 00 00 e9 58 fe ff ff 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 0c 24 89 f2 89 fe bf 05 00 00 00 e9 2a fe ff ff
[ 2354.776317][    C0] RSP: 0018:ffffc90004107898 EFLAGS: 00000202
[ 2354.782376][    C0] RAX: 0000000000000001 RBX: ffff8880b85416a0 RCX: ffffffff81afd49d
[ 2354.790342][    C0] RDX: ffff88801d2c2440 RSI: 0000000000000001 RDI: 0000000000000000
[ 2354.798304][    C0] RBP: 0000000000000001 R08: 0000000000000005 R09: 0000000000000000
[ 2354.806270][    C0] R10: 0000000000000001 R11: 0000000000000001 R12: dffffc0000000000
[ 2354.814234][    C0] R13: 0000000000000003 R14: ffffed10170a82d5 R15: ffff8880b843cfc0
[ 2354.822206][    C0] FS:  0000000000000000(0000) GS:ffff88812476e000(0000) knlGS:0000000000000000
[ 2354.831130][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2354.837707][    C0] CR2: 0000000000000000 CR3: 000000000e382000 CR4: 00000000003526f0
[ 2354.845671][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2354.853635][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2354.861598][    C0] Call Trace:
[ 2354.864868][    C0]  <TASK>
[ 2354.867789][    C0]  smp_call_function_many_cond+0xd2d/0x1490
[ 2354.873690][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 2354.878720][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 2354.885057][    C0]  ? __pfx___text_poke+0x10/0x10
[ 2354.890001][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 2354.895023][    C0]  on_each_cpu_cond_mask+0x40/0x90
[ 2354.900129][    C0]  ? __kmalloc_node_track_caller_noprof+0xeb/0x510
[ 2354.906622][    C0]  smp_text_poke_batch_finish+0x27b/0xdb0
[ 2354.912343][    C0]  ? __pfx___mutex_lock+0x10/0x10
[ 2354.917366][    C0]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[ 2354.923611][    C0]  ? arch_jump_label_transform_queue+0xc0/0x120
[ 2354.929854][    C0]  ? find_held_lock+0x2b/0x80
[ 2354.934539][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[ 2354.940520][    C0]  jump_label_update+0x376/0x550
[ 2354.945481][    C0]  static_key_enable_cpuslocked+0x1b7/0x270
[ 2354.951379][    C0]  static_key_enable+0x1a/0x20
[ 2354.956146][    C0]  toggle_allocation_gate+0xfa/0x280
[ 2354.961426][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 2354.967320][    C0]  ? rcu_is_watching+0x12/0xc0
[ 2354.972079][    C0]  process_one_work+0x9cc/0x1b70
[ 2354.977029][    C0]  ? __pfx_process_one_work+0x10/0x10
[ 2354.982408][    C0]  ? assign_work+0x1a0/0x250
[ 2354.986999][    C0]  worker_thread+0x6c8/0xf10
[ 2354.991603][    C0]  ? __kthread_parkme+0x19e/0x250
[ 2354.996622][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2355.001732][    C0]  kthread+0x3c2/0x780
[ 2355.005801][    C0]  ? __pfx_kthread+0x10/0x10
[ 2355.010409][    C0]  ? rcu_is_watching+0x12/0xc0
[ 2355.015168][    C0]  ? __pfx_kthread+0x10/0x10
[ 2355.019759][    C0]  ret_from_fork+0x5d4/0x6f0
[ 2355.024349][    C0]  ? __pfx_kthread+0x10/0x10
[ 2355.028938][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2355.033798][    C0]  </TASK>
[ 2355.037092][    C0] vkms_vblank_simulate: vblank timer overrun