last executing test programs:
2m31.129387433s ago: executing program 2 (id=3):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
r4 = socket$pppl2tp(0x18, 0x1, 0x1)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
sendmsg$L2TP_CMD_SESSION_GET(r2, &(0x7f0000000040)={0x0, 0xfc6d, &(0x7f0000000080)={&(0x7f00000001c0)={0x28, r3, 0x10, 0x2, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14, 0x8, 'team_slave_1\x00'}]}, 0x28}}, 0x4000000)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
setsockopt$RDS_GET_MR_FOR_DEST(r6, 0x114, 0x7, &(0x7f0000000340)={@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, {&(0x7f0000000240)=""/247, 0xf7}, &(0x7f0000000140), 0x8}, 0xa0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
sendmmsg(r2, &(0x7f0000006940)=[{{0x0, 0x0, &(0x7f0000000140)}}], 0x1, 0x40840)
syz_emit_vhci(&(0x7f0000000200)=ANY=[@ANYBLOB="040e04001120"], 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x18)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
2m29.827252823s ago: executing program 2 (id=14):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001e40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42673d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f435f28fbeda75cf971f54a9698cf3270f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcd"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f0000000600)={&(0x7f0000000380)={0x24, @short={0x2, 0x1, 0xffff}}, 0x14, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x28000084)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@id={0x1e, 0x3, 0x2, {0x4e20, 0x3}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
socket$kcm(0x10, 0x400000002, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
setsockopt$MRT_ASSERT(r5, 0x0, 0xcf, &(0x7f0000000300), 0x4)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x0, 0xf}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
2m14.210743013s ago: executing program 32 (id=14):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001e40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a505000000007751e841cca555077e3a159110193dd2ff1fa7c3205bfedbe9d8f3bd23cd78a07e32fe0231368b2264f9c504b2f1f65515b2e1a38d522be18bd10a48b043ccc42673d06d7535f7866925d86751dfced1fd8accae669e173a659c1cfd6587d47578f4c35235138d5521f9453559c35da860e8efbcbfb42c30d294a55e1c46680bee88956f2b3599f455c7a3a49a01010000009f2f0517e4ca0e1803a20000000013d4e21b3336f1ae0796f23526ec0fd97f7325eac34c4dfafe7cc03b0864009d2e7d7ff6ff72ba8972b122b09789d99b3d0524f39d5ae913b2d22eb2c09244ba5dbe9180950f76f7049db5cb19d7962fed44e00f39ed8c13a11fa798de504e2865cd81f2b77fdd76c677f812d249c8130b018d4300000020000000db3947c85c3a9027ce9e856fa8b7fb05000000000000593d60abc9b3e67d127e56f3d3759dcfeb820634fd4d419efaefc74305b2bea2000600000051fcf5d62205561b6efaad206335a309f7b9e01446a6285f4665a7fe3cda2349f8bf400100000000000000f435f28fbeda75cf971f54a9698cf3270f420ee83f2d9babe7b922401639ce3c4ff0850a8e078374909413f3fbd3ced3285252dc81a46ef7ce29484dc6b6adfd7a4db730fc594609654d97836f171b766ffd7526847a6bfda9c648e8aa5c558aa6d463ec9d840f3914909187b6b0776952be71b0417d33d3ab25493418ba0fbacf768e07c1a939d31f606085b9e3efc93b0f58d5ec37494d9d10d76e603129e9a726579ac7d672cacd581b7ca77b3610b7403930fd42051d4b7443e5b49c000000000000007d6173050027791c9c1e04ad3711a66da2254a6f911b1469c62a6e1e3f9c1715c009a58e6eadac8f61b45853673df72dc813f7454ae22d79ac48034282f03040889500000000179dcf66d93907cedd49e0c5752f755849953957143a0335d2f62acbf18b251ce63b29fe177745448ccc925770fac12cf9e291200df6bb669d5a57dd74df817ef2f8698f710c359afe73947afebdf5536e4db8b0231d0cbc798766ec60586f14b44775bc9d250e4515cb83275d3b495fa90000e69a68b47ac4595463e1442d88e0606a060000cc914fae896ab129ccdf8792a8435972c8391d132a2fcbd40e865d62cc7c4200000000000000000000000000000800002a77fbbccfdb1ab3d8434905f09726b8145ea99c7640faab578dc98a6134df0a10a54ce7e7ddbb709a27d977d1f91ab9ee940700009594c9a50961b7fcc56d82584dc8254df7c411fa61353a6897c4f3b9f6f2ab47adb29aefecce96c94f360e129c9f2af569c794b68b2ead404bcd"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f0000000600)={&(0x7f0000000380)={0x24, @short={0x2, 0x1, 0xffff}}, 0x14, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x28000084)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r3, &(0x7f0000000340)=@id={0x1e, 0x3, 0x2, {0x4e20, 0x3}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
socket$kcm(0x10, 0x400000002, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
setsockopt$MRT_ASSERT(r5, 0x0, 0xcf, &(0x7f0000000300), 0x4)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x34, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x0, 0xf}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)
20.690386735s ago: executing program 1 (id=312):
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000240)={{0x1, 0x1, 0x18}, './file0\x00'})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800c2ae41be1cb82bd50000000000409559dd8402ab2b428e3614def9fd"], &(0x7f0000000340)='syzkaller\x00', 0x4, 0x0, 0x0, 0x41000, 0xf, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000003c0)='contention_end\x00', r0, 0x0, 0x5}, 0x18)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/timers\x00', 0x0, 0x0)
read$qrtrtun(r1, &(0x7f0000000140)=""/245, 0xf5)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000440)='sched_switch\x00', r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
landlock_restrict_self(0xffffffffffffffff, 0x0)
userfaultfd(0x80001)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000400), r7)
ioctl$sock_SIOCGIFINDEX_802154(r6, 0x8933, &(0x7f0000000100)={'wpan0\x00', <r9=>0x0})
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)={0x3c, r8, 0x60b, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r9}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x3}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5}]}, 0x3c}}, 0x0)
r11 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r11, &(0x7f0000000040)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r11, &(0x7f0000000480)=[{{&(0x7f0000000000)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x39}}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000080)="e6", 0x1}], 0x1}}], 0x1, 0x24040890)
sendmsg$NFNL_MSG_CTHELPER_GET(r1, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40080801}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x1c, 0x1, 0x9, 0x201, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFCTH_STATUS={0x8, 0x6, 0x1, 0x0, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x801)
19.567748617s ago: executing program 1 (id=316):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000a40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0x1}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10, 0x0, 0x0, 0x2}]}}, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000a3b370086d04ae085811f1010301090212000d000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2}}, 0x2e)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000200), r3)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x5c, 0x1, 0x4, 0x3, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x1}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x5}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x2}, @NFULA_CFG_CMD={0x5, 0x1, 0x4}, @NFULA_CFG_MODE={0xa, 0x2, {0x8}}, @NFULA_CFG_MODE={0xa, 0x2, {0x0, 0x1}}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x2}]}, 0x5c}}, 0x80)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="00001000", @ANYRES16=r5, @ANYBLOB="010026bd7000fedbdf25050000000800090002000000060001000500000008000c00aa0a000008000b000400000014000800636169663000"/66], 0x48}, 0x1, 0x0, 0x0, 0x20006911}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x4, 0x4, 0x4, 0xbf22, 0x800, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_disconnect(r1)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r9 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r9, &(0x7f0000000040)={0xa, 0x80, 0x0, @mcast1, 0x8}, 0x1c)
connect$inet6(r9, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0xec9}, 0x1c)
setsockopt$sock_linger(r9, 0x1, 0xd, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x55, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r10, 0x1, 0x32, &(0x7f00000000c0)=r12, 0x4)
sendmsg$unix(r11, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
14.738941723s ago: executing program 1 (id=332):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x240c01, 0x0)
syz_usb_connect(0x3, 0x8f, 0x0, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)
r1 = gettid()
creat(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000240), 0x20400, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000001a40)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000080)='./file1\x00', 0x1a0)
mount(0x0, &(0x7f0000000200)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000180)='./file1\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r3, 0xffffffff80000801, 0xee01, &(0x7f00000000c0)={0x0, 0x1, 0x2000000000a960, 0x1, 0x201, 0x80000001, 0xd4e, 0xfffffffffffffff9, 0xdf})
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040)=0x9)
r4 = socket(0xa, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r4, 0x84, 0x20, &(0x7f00000007c0), &(0x7f0000000800)=0x4)
mremap(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffe000/0x2000)=nil)
13.593468448s ago: executing program 4 (id=334):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000100100000c"], 0x10b8}, 0x20000000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000d40), 0x1a1800, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r3, &(0x7f0000000380)=ANY=[], 0xff2e)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "a05c7b5d3cd1b0f200002000fdf700071400"})
r4 = syz_open_pts(r3, 0x0)
r5 = dup3(r4, r3, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB])
ioctl$KVM_GET_PIT(r5, 0xc048ae65, &(0x7f0000000400))
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r7, 0x4068aea3, &(0x7f0000000080))
ioctl$KVM_SET_MP_STATE(r7, 0x4004ae99, &(0x7f0000000040)=0x3)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000140)={0x2, 0x0, @ioapic={0x1000, 0x0, 0x1, 0xeffffdff, 0x0, [{0x9, 0xff}, {0x15, 0x3, 0x5}, {0x8}, {0x0, 0x0, 0x7d}, {}, {0x81, 0x65, 0x5}, {0x0, 0x0, 0x2f, '\x00', 0x3}, {}, {0x0, 0x33, 0xfa, '\x00', 0x8}, {0x2, 0x5}, {0xff, 0x5}, {0x0, 0x8, 0xff, '\x00', 0xfc}, {}, {0x3, 0x0, 0x0, '\x00', 0xc0}, {0xfc, 0xa, 0x0, '\x00', 0x3}, {0x0, 0x86, 0x80, '\x00', 0x5}, {0x7, 0x2, 0x7f}, {0x5, 0x0, 0x0, '\x00', 0x40}, {0x20, 0xfd, 0x19, '\x00', 0x5}, {0x0, 0x0, 0x0, '\x00', 0x26}, {0x58, 0x6}, {0x0, 0x0, 0x41}, {0x0, 0x0, 0x9}, {0x0, 0x0, 0x7, '\x00', 0x1}]}})
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r8, 0x4068aea3, &(0x7f0000000380)={0xc7, 0x0, 0x1})
11.85754261s ago: executing program 3 (id=337):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=@newsa={0x13c, 0x10, 0x1, 0x0, 0x0, {{@in=@multicast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in=@loopback, 0x0, 0x32}, @in6=@remote, {0x200000, 0x0, 0x6, 0x0, 0x0, 0x8}, {0x0, 0x0, 0x80000001}, {0x120000, 0x0, 0x46}, 0x0, 0x1, 0xa, 0x0, 0xfe}, [@algo_auth_trunc={0x4c, 0x14, {{'sha1-generic\x00'}}}]}, 0x13c}}, 0x0)
ioperm(0x5, 0x7, 0x65c)
timer_create(0x0, 0x0, &(0x7f0000000300)=<r1=>0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f0000000b40)=[{{&(0x7f0000000400)=@l2tp6={0xa, 0x0, 0x0, @initdev}, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000480)=""/144, 0x90}, {&(0x7f00000005c0)=""/165, 0xa5}, {&(0x7f0000000680)=""/224, 0xe0}, {&(0x7f0000000780)=""/150, 0x96}, {&(0x7f0000000840)=""/74, 0x4a}, {&(0x7f00000008c0)=""/175, 0xaf}, {&(0x7f0000000980)=""/245, 0xf5}, {&(0x7f0000000540)=""/9, 0x9}], 0x8, &(0x7f0000000b00)=""/35, 0x23}, 0x80}], 0x1, 0x2, 0x0)
ioperm(0x5, 0x78b5, 0x7)
r4 = syz_clone(0x200000, &(0x7f0000000040)="87ebd1ab6d883ade34a5c14d5dabf3e8b54a41eb024f39cd017d60aa05305a80a43cb6c0d0e7cdd3ad24608897bbcc057ea1a637329c78fd870148d51d", 0x3d, &(0x7f0000000100), &(0x7f0000000180), &(0x7f0000000340)="7d43cab13a01a46680ddd52023cb040b66c325e98fadc2eeb15a516aeb7415e444474e760ab9855e023fd41487cdeb637bdf6ebe6eb259ce2885db5672625482e0414c9c61ac683814cf75d32dc29b8ac7ad7cd80da602f42e84596fbd7ff8c8b5cd5592cfc7f182407e8f41a4857882b17a1c3e847977b5c3ebd7e4027371115e01ff954cdcd5d2d2f1d3351bf8f1a48690fbb167a35c6947396111d8710130b966200b3fea2ffb27d6a4ae01677c61")
prctl$PR_SCHED_CORE(0x3e, 0x8, r4, 0x3, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000000c0)={{0x1, 0x1, 0x18}, './file0\x00'})
writev(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$incfs(0xffffffffffffffff, &(0x7f0000000b80)='.pending_reads\x00', 0x80000, 0x8)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000bc0)={0x0, r5}, 0x8)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000140), 0x62981)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x800000, 0x0, 'queue1\x00', 0x2})
writev(r6, &(0x7f0000000580)=[{&(0x7f0000000000)="238292", 0xfff6}], 0x2)
timer_getoverrun(r1)
11.064739212s ago: executing program 4 (id=340):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da07000000000001090224000100000000090400000903000000092100000001222200090581030800"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_ep_write(r0, 0x81, 0x0, 0x0)
syz_usb_ep_write(r0, 0x81, 0x3, &(0x7f0000000000)='BBB')
10.755555807s ago: executing program 5 (id=342):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r0, 0x0)
r1 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0xb, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@printk]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 64)
socket$packet(0x11, 0x2, 0x300) (async, rerun: 64)
socket$packet(0x11, 0x2, 0x300) (async)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000140), 0x802, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000000)) (async)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001400)) (async)
writev(r2, &(0x7f0000000640)=[{&(0x7f00000006c0)="2e31b69c9bd4beb2ce56518bf0aea548722f054677edd0cb67e2afb987c3e16e3b65bfe50c4d55086a56832bebeb32802ecd8e61032995b891d24c782afea345ed2f0a87bc1bfc6101fa7d1d2c2e57f889dbb28fe7b7e2fc562acebfd86566be11c267f5c5c5e1707a44f2795400fb26cd4170d76c6807d8270435f365d737751f", 0x81}], 0x1) (async, rerun: 32)
ioctl$SNDCTL_DSP_SYNC(r2, 0x5001, 0x0) (async, rerun: 32)
socket$can_bcm(0x1d, 0x2, 0x2) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x9}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
socket$packet(0x11, 0x3, 0x300) (async)
socket(0x2, 0x80805, 0x0)
socket$unix(0x1, 0x5, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r4, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r5, @ANYRES32=r5], 0x44}}, 0x0) (async)
r6 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x53, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @random="a538ae464632", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x45, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, {0x22, 0x7c, 0x0, @multicast1, "da519d47b05e64735b00af3e61e64c86838f6fb15902cf7c8f93912580472706009d6b71828d9793fc"}}}}}, 0x0) (async)
sendmsg(r6, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0) (async)
r7 = syz_open_dev$dri(&(0x7f00000005c0), 0x1f, 0x800)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0})
sendmsg$AUDIT_DEL_RULE(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000002c0)={0x420, 0x3f4, 0x10, 0x70bd28, 0x25dfdbfb, {0x3, 0x1, 0x38, [0xff, 0x3, 0x4, 0x825, 0x81, 0x9, 0x4, 0x5cef9f36, 0x7, 0x400, 0x7, 0x5, 0x3, 0x1, 0x8, 0xffff11b7, 0x10000, 0x9, 0x3, 0x5, 0x400, 0x800, 0xffffffc7, 0x1, 0x1, 0xbf14, 0x743, 0x2, 0x1881, 0x3, 0x0, 0x4, 0x34, 0x7, 0x10, 0x6, 0x5ba, 0x4, 0x3, 0x5fb6, 0x5, 0x9, 0x4, 0x309, 0x8, 0x3, 0xcb8d, 0xfff, 0xa, 0x7, 0x6b0, 0x665c, 0x1, 0x2, 0x9, 0x10, 0x826, 0x57, 0x7, 0x0, 0x3, 0x1, 0x6], [0x9, 0x6, 0xfffffff5, 0x2, 0x2, 0xfffffffe, 0x5e, 0x2, 0x80000000, 0x5, 0x5, 0x9, 0xff, 0xfffffffb, 0xffffffff, 0x1, 0x7, 0x80000001, 0x3, 0xfe75, 0x3, 0x40, 0xda0, 0xfff, 0xb80, 0x10, 0x4, 0x10, 0x40, 0x4, 0x9, 0x0, 0x5aa3, 0x0, 0x8, 0x4, 0x6, 0x6, 0x10, 0x9, 0x7fffffff, 0x2, 0x453, 0x0, 0xe61, 0x0, 0x4, 0x4, 0xa, 0x1, 0x7, 0x1, 0x2, 0x40, 0x7d4, 0x5, 0xffff, 0x94b, 0x8, 0x2, 0xfffffffb, 0xffff9ef8, 0xffff, 0x10001], [0x81, 0x328e, 0x2, 0x8, 0x6, 0x0, 0x10000, 0xd, 0x3, 0x7fffffff, 0x401, 0x6, 0x7, 0x0, 0x1, 0x8001, 0xd83, 0x10, 0x5, 0x3, 0x7, 0x7, 0x3, 0x1, 0x2327, 0x4, 0x7, 0x5a, 0x3, 0x3, 0x7, 0x24, 0x2, 0x6, 0x833, 0x233, 0x1, 0x2, 0x4, 0x8, 0xffffffff, 0x80, 0xfffff801, 0x6ac, 0x81, 0x7, 0xb3, 0x9, 0x6, 0xd6b, 0x1, 0x6, 0xef7c, 0x7704, 0x31, 0x2, 0xff, 0xa17, 0x29a, 0x9, 0x2, 0x6, 0x5, 0x1], [0x400, 0x400, 0x3, 0xfffffffa, 0x5, 0xee, 0xe, 0x7e1, 0x6, 0x9, 0x3, 0x3fd, 0x9, 0xfff, 0x8, 0x101, 0x7fff, 0x83cc, 0x6, 0x6, 0x3, 0x2, 0x9, 0x1000, 0x200, 0x36a, 0xac14, 0x5, 0x8, 0xa8, 0xe2, 0x7fff00, 0x9, 0x4, 0x6, 0x1, 0x8001, 0x39c, 0x7, 0x81, 0x7, 0x0, 0x5, 0x86, 0x7, 0x5, 0xc9, 0x21d, 0x0, 0x8001, 0x3, 0x0, 0x1, 0x38, 0x4, 0x8, 0x80, 0x3, 0xffffff80, 0x6, 0xd2bb, 0x7, 0x5, 0x2]}}, 0x420}, 0x1, 0x0, 0x0, 0x44}, 0x10) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0xc, 0x42, 0x40, 0xc0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
10.628031255s ago: executing program 3 (id=343):
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x4541b6bf, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000040)={0xf0f002, 0x4})
10.627377012s ago: executing program 1 (id=344):
socket$nl_sock_diag(0x10, 0x3, 0x4)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000bd900000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f00000002c0)={{0x2, 0x4e20, @local}, {0x306, @random="f289017f20ee"}, 0x4, {0x2, 0x4e21, @remote}})
close(r0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0xfffffffc)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f00000000c0))
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20000, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040), 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x30, 0x0, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x6}]}]}, 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10)
syz_emit_ethernet(0x541, &(0x7f0000000500)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd60bf4c7a050b06ff00000000000000000000000000000000fc0000000000000000000000000000ff0210000000000000000100ac7a4869a450c09b3453741c939511fe079689d13532d57db97cfce64e8f9b728dcd01eab4184ce7d8b926700d0cfe64e88daf000400bfeb17d7a0ccc425525770bc549adecb641cb2fcdaacffc157b51bfe614b5792cc26358d586d58b1795351248f073ff6648ff622a58e3f51e6d9482ee1b4e1c422598fc9ac78010100000000000000670b0000000000000758000000021480a5023a160000000000000f000000000000000400000000000000070000000000000001000000000000000300000000000000070000000000000001000000000000005f0c0000000000000100000000000000000000000000322c000000000000c91000000000000000000000ffff000000000001000748000000021002090000000000010000000101000000000000010000000100000006000000000000000600000000000000ffff0000000800000c00000000000000b000000000000000c910fe8800000000000000000000000001010101000502000507180000000004724a000800000000000000090000000000000007cc2ebb6d227366939f7abe7d8932a2fb1ee41e3ed556228fad578139ffc1bdf0e8b1c5e28de058b7e766380f39e4ebdd832c2382197580eae8d43826088d2e1b1c85e27b0b706d18d662bc027b629ab2506ff7fa64c78567d76d703a862c5e5bc80f1d97d47cf7adeaae6a7a0f1fb1e9917ec45834b2aa6e13ccb1614127e21c123f13e4effaab1fe3cf93e4084618341065f62141bc406106f45b0660e85ee16834386af922f3380fe8df013472d33d085a02f0c62e01b6c40077b001949ee2a987644f531201195f0ca76fc00002000000000000c910fe880000000000000000000000000001000100000000bb1004080600090000000000000000000000ffffac1414bbff010000000000000000000000000001fe880000000000000000000000000101fe8000000000000000000000000000bbfe8000000000000000000000000000aa2001000000000000000000000000000200000000000000000000ffff7f000001000000000000000000000000000000013300052865000000000c000000000000010700000000000000c91000000000000000000000ffffac1414aa0401d6010500000000000104000000000738000000030c010800ff0300000000000000001c0000000000dd000000000000000600000000000000010000000000000003000000000000000000002c0a01090000000020010000000000000000000000000002ff010000000000000000000000000001fc020000000000000000000000000000fe800000000000000000000000000020fe80000000000000000000000000002b730c010d00000000ff020000000000000000000000000001fe800000000000000000000000000034fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000000000000000ffff7f000001fe8000000000000000000000000000bb331400000000000000010007980f75da9a2d6b3d49408912b5a985998049c9b97b9edf4c839d0aa376d7587dffbc22927ce282018fc5c62106d5f13de755222c100e8ef65f94ea7b0dd62ed77341e78fa4bb979b23791b9e4cae79afe9d9b80c18eef0d9c0bab67a9621f3df4326dc2c156fa4c4ed7358d80551579b36ecc44afafb4a301594307a67a3d0d2e97a4e9ad0f0f2fb453af430d99fd27e56aa0f93a06416adbd04010805028967000100000000000000000000000000000000000000004e2300004e21000000e461dac8da6ce2f23f221ad36515f25ad4babe02504f4cf273436091f73ed1f6761363534d939df5e74c0f6bfaeb963ea13f0f46b7f8881dda406fce3efeb4b3fe5da08c198aa4a5e70cd95ca24de887598d601825ef1a426bf612821b3ace001684260d239eb79790fd850a58bb1e4714f2a09d4995d9a4f088a6a1144839483d73702d137cddccbee27c8927cacda8cd6d9311cdb555704b7118fda465daf2fc1d046ce6b68b96828f9ec4fea3e9dc9d641c58a26e1f"], 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, 0x0, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}}, 0x0)
9.625101602s ago: executing program 3 (id=346):
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00'})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f000000a400)={0x2020, 0x0, <r2=>0x0}, 0x2020)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000700)='signal_generate\x00'}, 0x18)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5})
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0500000000bbd10d0bc11fc00000000040000000aef028c89c34dcb05408427474e1cb5e689c593e7a16dd0af4f5be2f038bc9faf7"], 0x80}}, 0x0)
ioctl$TUNSETPERSIST(r3, 0x400454c9, 0x400000000e)
syz_fuse_handle_req(r1, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x6, 0x8000, 0x80, 0x0, 0x9, 0x0, 0x0, 0x0, 0x200000, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r1, &(0x7f0000000300)={0x50, 0x0, r2, {0x7, 0x29, 0x2, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x751c786c02b50be0, 0xffffffff}}, 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
write$tcp_congestion(r3, &(0x7f00000002c0)='htcp\x00', 0x5)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{}, &(0x7f0000000700), &(0x7f0000000740)=r5}, 0x20)
r6 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x187a02, 0x2)
writev(r6, &(0x7f0000000a40)=[{0x0}, {&(0x7f0000000e00)='t', 0x2fd200}, {0x0}, {&(0x7f0000001000)="d6", 0x20c00}], 0x21)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000180)={<r8=>0xffffffffffffffff}, 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_QUERY(r7, &(0x7f0000000080)={0x13, 0x10, 0xfa00, {0x0, r8, 0x2000000}}, 0x18)
9.613643689s ago: executing program 1 (id=347):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000000c0), 0x0, 0x40000) (async)
sendmmsg$unix(r1, &(0x7f00000000c0), 0x0, 0x40000)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340), &(0x7f0000000040)) (async)
r2 = syz_io_uring_setup(0x49a, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
unshare(0x28040600)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2}}, 0x2e)
fsopen(&(0x7f0000000040)='securityfs\x00', 0x0) (async)
r7 = fsopen(&(0x7f0000000040)='securityfs\x00', 0x0)
r8 = fcntl$dupfd(r5, 0x406, r7)
setsockopt$inet_mtu(r8, 0x111, 0xa, &(0x7f0000000000), 0x4) (async)
setsockopt$inet_mtu(r8, 0x111, 0xa, &(0x7f0000000000), 0x4)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_TIMEOUT={0xb, 0x11, 0x0, 0x0, 0x7, &(0x7f0000000100)={0x0, 0x989680}, 0x1, 0x4, 0x1})
socket$inet6_sctp(0xa, 0x5, 0x84)
io_uring_enter(r2, 0x627, 0xc1040000, 0x43, 0x0, 0x0)
8.843921096s ago: executing program 1 (id=349):
setuid(0xee01)
r0 = getpid()
r1 = syz_open_dev$loop(0x0, 0x200000000000007, 0x101002)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x13, 0x1c, "fee8a2ab78fcffffffffffffff2000b8785d960000000000000000000000000f00000000000100000000000000000000000000000200", "2809e897bdb2128bfc82525edd665240f45f819e01982861ac0000000000000000001100", "90be8b1c551265406c7f306003d8a0f4bd00", [0x20]}})
getdents64(r2, 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000000400)={r2, 0x7, {0x0, 0x0, 0x0, 0x3, 0x5, 0x0, 0x1, 0x1, 0xc, "cf53220818f7f4f9c29295d861017d1161cee35d2e088931b49b0e6b1f5f4d2d0892bfa6b09a84506c58ea2375ee71c3fa76c1cd3fce86fe06396dc36f8bff6c", "53ed9a80a5934c51b3b4ffcd830d09ce7d253667fa17642363a2d357f73ce1bc0ae21364505b7bacfc0c2f9cef6a6e151d2cbb4741f2942b66ea141ec20f3329", "dd82dde12f26b474598b9211c1cf376cc37f15549ba52fd1ff5319b5786b23b2", [0x7fffffffffffffff, 0x1ff]}})
prlimit64(r0, 0xb, 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0xc020660b, 0x0)
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
rseq(0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall() (fail_nth: 1)
8.792539694s ago: executing program 5 (id=350):
syz_emit_ethernet(0x66, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa88a800008100000086dd6076cd8a002800002001003e0f21"], 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
dup(r1) (async)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid() (async)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000240)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
chdir(&(0x7f0000000100)='./file0\x00') (async)
chdir(&(0x7f0000000100)='./file0\x00')
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0) (async)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs={0x1}, 0x6e) (async)
connect$unix(r7, &(0x7f000057eff8)=@abs={0x1}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) (async)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
7.876450296s ago: executing program 0 (id=351):
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000300)={@local, 0x800, 0x2, 0x1, 0x9, 0x7, 0x83}, 0x20)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e23, 0x80380001, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x6}, 0x1c)
r5 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e20, 0x0, @remote, 0x3}, 0x80, 0x0}, 0x8000)
socket$nl_netfilter(0x10, 0x3, 0xc)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0x2, 0x0, 0x0)
ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0x70)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='.\x00', &(0x7f0000002280)='vxfs\x00', 0x8000, 0x0)
7.704043037s ago: executing program 4 (id=352):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_qrtr_TIOCINQ(r1, 0x541b, &(0x7f00000000c0))
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000140)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f00000001c0), 0x0}, 0x20)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f00000001c0)='./bus\x00', 0x19)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000280)={0x9, 0xfffffffc, 0xf, 0x3, 0x8, "2e43e53ee3c666552e1b156bcd724c637d768d"})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r5, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0/../file0\x00', &(0x7f0000000240), 0x0, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r2, <r6=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x16, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000ffff0b867b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
7.702551224s ago: executing program 3 (id=353):
openat$cgroup_devices(0xffffffffffffffff, &(0x7f0000000100)='devices.allow\x00', 0x2, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000300)=0x5)
syz_usb_connect(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$HDIO_GETGEO(0xffffffffffffffff, 0x301, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'team0\x00'})
sendmsg$nl_route(r4, 0x0, 0x0)
6.751652378s ago: executing program 0 (id=354):
timer_create(0x0, 0x0, &(0x7f0000000300)=<r0=>0x0)
timer_getoverrun(r0)
6.726058537s ago: executing program 4 (id=355):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000600)=ANY=[@ANYRESOCT=r0, @ANYRESDEC=r0, @ANYRESOCT=r0, @ANYRES32, @ANYRESHEX, @ANYRESHEX, @ANYRESOCT=r0, @ANYRESOCT=0x0], 0x18}, 0x1, 0x0, 0x0, 0x404480c}, 0x20000081)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$vim2m(&(0x7f0000000040), 0x7f, 0x2)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x2000002, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}]})
6.39180718s ago: executing program 5 (id=356):
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000300)={@local, 0x800, 0x2, 0x1, 0x9, 0x7, 0x83}, 0x20)
setsockopt$inet6_int(r5, 0x29, 0x4b, &(0x7f0000000180)=0x1, 0x4)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e23, 0x80380001, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x6}, 0x1c)
r6 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e20, 0x0, @remote, 0x3}, 0x80, 0x0}, 0x8000)
sendmsg$sock(r6, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x58}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0x2, 0x0, 0x0)
ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0x70)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='.\x00', &(0x7f0000002280)='vxfs\x00', 0x8000, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r7)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz1\x00', 0x200002, 0x0)
6.387348402s ago: executing program 0 (id=357):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0xffff}}}}}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000580)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x4, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local, {[@rr={0x7, 0x3, 0xc4}]}}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x20}}}}}}, 0x0) (fail_nth: 1)
5.001977144s ago: executing program 0 (id=358):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair(0x6, 0x2, 0x2, &(0x7f00000000c0))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_UNISCRNMAP(r3, 0x4b48, 0x0)
3.863690869s ago: executing program 5 (id=359):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x38, r1, 0x1, 0xfffffffe, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_VALUE={0x4}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x20002, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_sctp(0xa, 0x5, 0x84)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r4, 0x303, 0x0, 0x0, {0x6}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a30000000006800038064000080080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001"], 0x118}}, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r8, 0xae60)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r8, 0x8208ae63, &(0x7f0000000600)={0x1, 0x0, @ioapic={0x4000, 0xffffffff, 0x100, 0x2, 0x0, [{0x3, 0x8, 0x2, '\x00', 0xb2}, {0x8, 0xe, 0x9, '\x00', 0x7}, {0xfa, 0xff, 0x5, '\x00', 0x8}, {0x0, 0xc, 0x8, '\x00', 0x8}, {0x5, 0x3, 0xb, '\x00', 0x86}, {0x7, 0x3, 0x0, '\x00', 0x8c}, {0x8, 0x27, 0x4, '\x00', 0xf9}, {0x7, 0x8, 0x1, '\x00', 0x58}, {0x8, 0x3, 0x1, '\x00', 0xd}, {0xf7, 0x8a, 0x8, '\x00', 0x81}, {0x4, 0x5, 0x6, '\x00', 0xd}, {0xde, 0x9, 0x7, '\x00', 0x4}, {0x0, 0xf, 0x8, '\x00', 0x9}, {0x4, 0x4, 0x80}, {0x4, 0x7f, 0x7, '\x00', 0x10}, {0x9, 0x4, 0xc, '\x00', 0x5}, {0x3, 0x9, 0x5, '\x00', 0x2}, {0x6, 0x43, 0x35, '\x00', 0xc}, {0x7, 0x8, 0x8, '\x00', 0x3}, {0x9, 0x40, 0xa, '\x00', 0x40}, {0x5, 0x5, 0x18, '\x00', 0xa}, {0x7, 0x8, 0x0, '\x00', 0x4}, {0xfd, 0x9, 0xc3, '\x00', 0x4}, {0x81, 0x5b, 0x2, '\x00', 0x2}]}})
ioctl$KVM_SET_REGS(r9, 0x4090ae82, &(0x7f0000000000)={[0x34, 0x6, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x8000000000000, 0x80000000000000, 0x0, 0x9, 0x0, 0x0, 0x10, 0x800008001], 0xeeee8000, 0x3c4210})
ioctl$KVM_SET_MP_STATE(r9, 0x4004ae99, &(0x7f00000000c0)=0x3)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
fdatasync(r9)
3.685998924s ago: executing program 0 (id=360):
syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), 0xffffffffffffffff)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='task_newtask\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000300)={@local, 0x800, 0x2, 0x1, 0x9, 0x7, 0x83}, 0x20)
setsockopt$inet6_int(r5, 0x29, 0x4b, &(0x7f0000000180)=0x1, 0x4)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x4e23, 0x80380001, @ipv4={'\x00', '\xff\xff', @private=0xa010101}, 0x6}, 0x1c)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0x4e20, 0x0, @remote, 0x3}, 0x80, 0x0}, 0x8000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000002800)={0x0, 0x0, &(0x7f0000002180)=[{&(0x7f0000000e00)="6474aecf7fb87e3f6438bdf3f6988b6cf9117cc7e6b0a4b60a30df21703cf51731b33896d8701bc1ae84de42bbd722e47e0fcde009c56d2b87484f372b2372a2af7c619665b7a0e9dac43f5454eb5cf9d546505b0045e645c79cc41849c324577433b314fda142b2b0aac67342beecd16090cd679d496c348d09c99e8d26b841459d845a7bccb1e2af629389f8b7462da1112ffc91008116b9114fe350feb33c8bb0785bc61777480ed78df198a1ca3e0043e95350a506d920bff749a8d3862ff5b14b4e94e613871fe265468bacdafad0acca1d6633d158098733104b690e41d6595ae527acc79ea20b3da9fe53e480037676faae1c8f074ba0d763510e39553849892cb58535ee0dc850108449398974b21c0526b01088be7fb60076e07b4478e4face69c731372cdc7ef6f8187a8c71c1efb8ceaba8a4daf1cb56c655e4096ca576458651bca3d3f6a6d35b5ffd166fd3e6f601950438e6cdbd7570a3e80b748398e951db0b64cfd83ece126388ed984c28d6e60bfcb297302f331bdf9b77e005d265f3d2ebf10df2c9cba944ab6dbc815a4370f380817118467d3739752fb506621235c2b62769b07832060e48ef70ce7df869b75464f90540c8207909267d73bd7218877afbc651a8c9af887390c9383d891d32ae60a9d21e45c8e481ffcfb89d3cabdb3829751afce0b8e137de441bc71750dc90c53ee42c7d180406344f9e47baa80e57830b0870e5fef0c5c1caf9605320e866ab1d1e09930d76282f762a1630a8435cf91bc6da762567132d73b9823635934eaab71f41ad5b713f251308c0af689c293cb84f1a8dee53bfd6dde2f5946ee83754454748deef4a5a618a1da365ae7fd56971a3c0b30dfc10e11df14b7e9af6911694affaae0a087abaa0d0e2014701cdaa367673ea0a3dc31987ade5db2b60fd733a5c29f5ee1ce75be91e17bffb11dc5a45b16d9b6894334b76066263571c077dc32ec8c1f52b65bc2223e37a99ac6a050fc07982860d4b6ab64bda5abb84bb080490f035ef67cab82d4e93b955ce145ec33d5b16fc0f122210feb42e3c2cf1f23bc5fe4ddf6b1ec28ebc768e2fc8249e9ccbd5c41ee343067839f19760afe87842025219b98420bb731547f4393470868d82659440e770f8db41487d64799c65814ed725e034a8e987ce9eaae2fc32f0b5f4c93f0140f2429b8a036fcbf8a375dc8fb26c9c28a8f720660eab19a4d6451d9658cd2728d3ce14a723c915be0893e828a43794884188c517bfb446cb2dbdf213a6f2c68495ec7b8f89b1acefa6a79c02cc3a3fef4630bffdf26c2ce704d169e02f8555ec32562ecf141854ff4ac3270227dd3e519fa7ce0eefb43f6380d75601fcdb247e18fd084bfac986955e01353ef3946221852b7088b1cd2ca676c9face5b9a7a9bd48639879204acd54f867609ba934f723fc7297310eaf0f3545ba2b3f7045b275a8e910cb5e045832d1ea4dc93f53e2809c07935ab091fdbaaafcaebcc01a12c15e9f4b09f6426e8941a59abc82e78c2e73fb1787df3599ca212807e2f8f071713ed054ee5ef8773c170d5e272e244087542e0e245ac7d237baf7e4d74b05d61ea72f080ba2f948050f464262a654450584af92ad8cb0d71b8235ac29ec99ea7b6b541484ef4489475e5dd34c1016405aaa9f43c3ff14dd52c5ef7b68fbb8dffc62413b5916155643c4919b2be1fd0af4dbd74d135c2982a68bb67e8b634da4e32bd99198d89aad07a158651b006e49f38b8cdeb4c42cb53409578a828fed1263b0cd85664dc2e2a1ab02524c34ab661f6bea551478d1689309538e3a4232783bdb5ce8bd76806f77117896b74ec2fc0e47db274874e8caf883cdf1d5f1a038993c00b548f678edbe3af3fba20bb686be54238886af5333b465757b4c2c43d8be4f73e65a7ba204b8fded77ecb0efa25daa1aa7bdd15b7ac125e3baaa690c5870eed7bd27aa55b659bbeb2d0662d357d1d5d883875f4630507de76c9ba6a4db549338c41a83c44", 0x595}], 0x1}, 0x20008000)
sendmsg$sock(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x58}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0x70)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='.\x00', &(0x7f0000002280)='vxfs\x00', 0x8000, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r7 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r1}, 0x8)
close(r7)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup/syz1\x00', 0x200002, 0x0)
3.645842795s ago: executing program 4 (id=361):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
sendto$inet6(r0, 0x0, 0x0, 0xbcaf, 0x0, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000040)=0xc)
ioctl$SNDCTL_DSP_POST(r2, 0x5008, 0x0)
close(r2)
socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f00000000c0)={'veth1_to_batadv\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x13}}})
io_uring_setup(0x115d, &(0x7f0000000500)={0x0, 0xafa, 0x12, 0x2, 0xc6})
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x3)
rt_sigaction(0x40, &(0x7f0000000500)={&(0x7f0000000380)="2437460f1c2bdfd5c4a2f10027460f38e7418f69d8909ca3000810ffa5c43b3be5c436fe0d4e486df513bb559a00000f75bed5370b1c2665d2950e000000dbf5", 0x4000000, 0x0}, 0x0, 0x0, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
preadv(r3, &(0x7f0000000340)=[{&(0x7f00000013c0)=""/125, 0x7d}], 0x1, 0x0, 0xffffffff)
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x0)
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000ec0)={'syz0\x00', {}, 0x0, [0x8, 0xe74, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0xfffffffc], [0x0, 0x0, 0x0, 0xb16, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x100e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xbcd5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4], [0x0, 0x0, 0x0, 0xc63, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdec, 0x0, 0x0, 0x0, 0xfffffffd, 0x1000, 0x0, 0x0, 0x80000003, 0x0, 0x5]}, 0x45c)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
1.953534058s ago: executing program 0 (id=362):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000a40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0x1}}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10, 0x0, 0x0, 0x2}]}}, 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000a3b370086d04ae085811f1010301090212000d000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r4, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2}}, 0x2e)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000200), r3)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000009c0)={&(0x7f0000000940)={0x5c, 0x1, 0x4, 0x3, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x1}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x5}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x2}, @NFULA_CFG_CMD={0x5, 0x1, 0x4}, @NFULA_CFG_MODE={0xa, 0x2, {0x8}}, @NFULA_CFG_MODE={0xa, 0x2, {0x0, 0x1}}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x2}]}, 0x5c}}, 0x80)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="00001000", @ANYRES16=r5, @ANYBLOB="010026bd7000fedbdf25050000000800090002000000060001000500000008000c00aa0a000008000b000400000014000800636169663000"/66], 0x48}, 0x1, 0x0, 0x0, 0x20006911}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x4, 0x4, 0x4, 0xbf22, 0x800, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_disconnect(r1)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(r8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r9 = socket$inet6(0xa, 0x40000080806, 0x0)
bind$inet6(r9, &(0x7f0000000040)={0xa, 0x80, 0x0, @mcast1, 0x8}, 0x1c)
connect$inet6(r9, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0xec9}, 0x1c)
setsockopt$sock_linger(r9, 0x1, 0xd, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x6f, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000002200007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000b98cad95850000000300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000c50000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x55, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r10, 0x1, 0x32, &(0x7f00000000c0)=r12, 0x4)
sendmsg$unix(r11, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
1.47632158s ago: executing program 5 (id=363):
pipe(&(0x7f00000000c0))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
getsockopt$IP_SET_OP_GET_FNAME(r2, 0x1, 0x53, 0x0, &(0x7f0000019080))
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
pread64(r3, &(0x7f0000000080)=""/102356, 0x18fd4, 0x3)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000019100)={[&(0x7f0000000200)=' ']})
socket$netlink(0x10, 0x3, 0x0)
1.322223395s ago: executing program 4 (id=364):
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x6, 0x0, 0x0, 0x0, 0x0, 0x6c, 0x0, 0x8000000000000, 0x80000000000000, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8001], 0x1, 0x3c4210})
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
capset(&(0x7f0000000000)={0x20071026}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
connect$inet(r4, &(0x7f00000000c0)={0x2, 0x4e21, @remote}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f0000000080)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x4, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f000009de80)={r3, 0x6}, 0x8)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r6, 0x4048aecb, &(0x7f0000000080)=ANY=[])
ioctl$KVM_GET_VCPU_EVENTS(r6, 0xc048aeca, &(0x7f0000000080))
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_LIMIT={0x8}]}}]}, 0x3c}}, 0x4000080)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newtfilter={0x2c, 0x2c, 0x904, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r8, {0xffe0, 0x5}, {0x9, 0xc}, {0xb, 0x1}}, [@TCA_RATE={0x6, 0x5, {0xf0, 0xde}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x4)
r9 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r9, &(0x7f00000002c0), 0x4000000000000c1, 0x0)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r10 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r10, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000000)
request_key(&(0x7f0000000200)='cifs.idmap\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f0000000280)='\x00\xa8\xd8~3[q\x1f\x80\xc8\xcd\xd0\xa6\xd2G\xbb}\x1b\xd40\xb7\x1c^T\xb9\xeb\xda1\a]2F\x02\x8f\x0f\xb9K\x06S\xae\xac\x8d\xa89\xf9AJ\f\x13D0\xe85\x93\xd8\xa0L8\x87\x16\xc8\xd7:\xeb\x19\xb1\xb7\xf4\x8c\xa0\xf6\xea\xdf\xf0\x11Y\x81p\xa3b\x8dvHf\xea\xe9\xe5;J\x81c\x91[\x8a\x81O\x93g\xd9\xaf\x97\x99', 0x0)
1.315550329s ago: executing program 3 (id=365):
r0 = io_uring_setup(0x46ac, &(0x7f0000000080)={0x0, 0x5d50, 0x0, 0x0, 0x3c1})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
bind$inet6(r1, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r1, &(0x7f00000002c0)="03", 0x1, 0x24008844, &(0x7f0000000040)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000180)='illinois\x00', 0x9)
shutdown(r1, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000420000009"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xd, 0x6, 0x4, 0x1, 0x0, r2, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r3}, &(0x7f0000000840), &(0x7f0000000880)=r2}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000380)={r3, &(0x7f0000000900)}, 0x20)
close_range(r0, 0xffffffffffffffff, 0x0)
417.051408ms ago: executing program 5 (id=366):
socket(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
pipe2$9p(0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
write$vga_arbiter(r0, &(0x7f0000000000)=@other={'lock', ' ', 'io'}, 0x8)
pselect6(0x0, 0x0, 0x0, &(0x7f0000000d00)={0xd0}, 0x0, 0x0)
close(r0)
socket(0x40000000015, 0x5, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000400)={0x14, 0x25, 0x1, 0x70bd27, 0x25dfdbfc, {0x5}}, 0x14}, 0x1, 0x0, 0x0, 0x4814}, 0x24000004) (fail_nth: 1)
0s ago: executing program 3 (id=367):
timer_create(0x0, 0x0, &(0x7f0000000300)=<r0=>0x0)
timer_getoverrun(r0)
kernel console output (not intermixed with test programs):
T54] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 92.941718][ T54] Bluetooth: hci5: command tx timeout
[ 92.949387][ T30] audit: type=1400 audit(1744168290.650:247): avc: denied { read } for pid=6198 comm="syz.1.57" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 92.972342][ C1] vkms_vblank_simulate: vblank timer overrun
[ 93.148127][ T30] audit: type=1400 audit(1744168290.650:248): avc: denied { open } for pid=6198 comm="syz.1.57" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 93.349107][ T30] audit: type=1400 audit(1744168290.650:249): avc: denied { ioctl } for pid=6198 comm="syz.1.57" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[ 93.381609][ T6209] netlink: 28 bytes leftover after parsing attributes in process `syz.3.59'.
[ 93.415675][ T30] audit: type=1400 audit(1744168290.650:250): avc: denied { bind } for pid=6198 comm="syz.1.57" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 93.435803][ T30] audit: type=1400 audit(1744168290.650:251): avc: denied { name_bind } for pid=6198 comm="syz.1.57" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[ 93.456281][ C1] vkms_vblank_simulate: vblank timer overrun
[ 93.469025][ T30] audit: type=1400 audit(1744168290.650:252): avc: denied { node_bind } for pid=6198 comm="syz.1.57" saddr=2001::2 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[ 93.469131][ T6213] syz.3.59 uses obsolete (PF_INET,SOCK_PACKET)
[ 93.490844][ C1] vkms_vblank_simulate: vblank timer overrun
[ 93.500824][ T30] audit: type=1400 audit(1744168290.650:253): avc: denied { listen } for pid=6198 comm="syz.1.57" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 93.522567][ C1] vkms_vblank_simulate: vblank timer overrun
[ 93.872021][ T6217] input: syz0 as /devices/virtual/input/input13
[ 94.576588][ T30] audit: type=1400 audit(1744168290.650:254): avc: denied { connect } for pid=6198 comm="syz.1.57" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 94.604047][ T30] audit: type=1400 audit(1744168290.650:255): avc: denied { name_connect } for pid=6198 comm="syz.1.57" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[ 94.624917][ C1] vkms_vblank_simulate: vblank timer overrun
[ 94.640476][ T30] audit: type=1400 audit(1744168290.660:256): avc: denied { accept } for pid=6198 comm="syz.1.57" lport=49279 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 94.747667][ T6096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 94.774643][ T6096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 95.136970][ T6230] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.63'.
[ 95.198027][ T6096] team0: Port device team_slave_0 added
[ 95.209469][ T6096] team0: Port device team_slave_1 added
[ 95.639387][ T1159] hsr_slave_0: left promiscuous mode
[ 95.754512][ T1159] hsr_slave_1: left promiscuous mode
[ 95.770478][ T1159] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 95.791487][ T1159] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 95.849681][ T5827] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 95.860415][ T5827] Bluetooth: hci1: Injecting HCI hardware error event
[ 95.869981][ T5827] Bluetooth: hci1: hardware error 0x00
[ 96.415312][ T1159] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 96.429700][ T1159] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 96.467162][ T1159] veth1_macvtap: left promiscuous mode
[ 96.676211][ T6243] netlink: 24 bytes leftover after parsing attributes in process `syz.3.66'.
[ 97.079643][ T1159] veth0_macvtap: left promiscuous mode
[ 97.097891][ T1159] veth1_vlan: left promiscuous mode
[ 97.115905][ T6244] input: syz0 as /devices/virtual/input/input14
[ 97.119733][ T1159] veth0_vlan: left promiscuous mode
[ 97.445028][ T6251] overlayfs: missing 'lowerdir'
[ 97.776493][ T6250] netlink: 9286 bytes leftover after parsing attributes in process `syz.4.69'.
[ 97.789709][ T911] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 98.393154][ T911] usb 1-1: Using ep0 maxpacket: 16
[ 98.401094][ T911] usb 1-1: config 0 has an invalid interface number: 5 but max is 0
[ 98.409481][ T911] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 98.435799][ T30] kauditd_printk_skb: 13 callbacks suppressed
[ 98.435836][ T30] audit: type=1400 audit(1744168296.760:270): avc: denied { ioctl } for pid=6258 comm="syz.3.70" path="/dev/vbi3" dev="devtmpfs" ino=966 ioctlcmd=0x565d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[ 98.461429][ T5827] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 98.474159][ T911] usb 1-1: config 0 has no interface number 0
[ 98.488271][ T911] usb 1-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=65.b8
[ 98.568401][ T911] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 98.839637][ T30] audit: type=1400 audit(1744168296.950:271): avc: denied { create } for pid=6260 comm="syz.4.71" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[ 98.883144][ T30] audit: type=1400 audit(1744168297.210:272): avc: denied { create } for pid=6258 comm="syz.3.70" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[ 98.890125][ T911] usb 1-1: Product: syz
[ 98.948396][ T911] usb 1-1: Manufacturer: syz
[ 98.954251][ T911] usb 1-1: SerialNumber: syz
[ 98.967619][ T911] usb 1-1: config 0 descriptor??
[ 99.051556][ T911] mvusb_mdio 1-1:0.5: probe with driver mvusb_mdio failed with error -5
[ 99.401364][ T1159] team0 (unregistering): Port device team_slave_1 removed
[ 99.446789][ T1159] team0 (unregistering): Port device team_slave_0 removed
[ 99.847550][ T6096] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 99.855736][ T6096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 99.882091][ T6096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 99.924622][ T6096] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 99.956825][ T6096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 100.004285][ T6096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 100.068875][ T30] audit: type=1400 audit(1744168298.390:273): avc: denied { getopt } for pid=6278 comm="syz.3.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 100.125946][ T30] audit: type=1400 audit(1744168298.450:274): avc: denied { ioctl } for pid=6278 comm="syz.3.76" path="socket:[8592]" dev="sockfs" ino=8592 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 100.217912][ T30] audit: type=1400 audit(1744168298.450:275): avc: denied { bind } for pid=6278 comm="syz.3.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 100.237077][ T6096] hsr_slave_0: entered promiscuous mode
[ 100.253590][ T6279] netlink: 24 bytes leftover after parsing attributes in process `syz.3.76'.
[ 100.265386][ T6096] hsr_slave_1: entered promiscuous mode
[ 100.272049][ T6096] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 100.279992][ T6096] Cannot create hsr debugfs directory
[ 100.322349][ T5875] usb 1-1: USB disconnect, device number 2
[ 100.345609][ T30] audit: type=1400 audit(1744168298.680:276): avc: denied { unmount } for pid=5820 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[ 100.406877][ T30] audit: type=1400 audit(1744168298.700:277): avc: denied { write } for pid=6278 comm="syz.3.76" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[ 100.505187][ T6286] netlink: 24 bytes leftover after parsing attributes in process `syz.0.77'.
[ 100.597326][ T6291] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore
[ 100.663161][ T6291] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 100.792498][ T6301] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 100.867354][ T30] audit: type=1400 audit(1744168299.190:278): avc: denied { write } for pid=6304 comm="syz.0.81" name="001" dev="devtmpfs" ino=745 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 100.924050][ T6303] SELinux: policydb magic number 0x69662f2e does not match expected magic number 0xf97cff8c
[ 100.934642][ T6303] SELinux: failed to load policy
[ 100.942002][ T6303] =======================================================
[ 100.942002][ T6303] WARNING: The mand mount option has been deprecated and
[ 100.942002][ T6303] and is ignored by this kernel. Remove the mand
[ 100.942002][ T6303] option from the mount to silence this warning.
[ 100.942002][ T6303] =======================================================
[ 100.960461][ T30] audit: type=1400 audit(1744168299.250:279): avc: denied { load_policy } for pid=6300 comm="syz.3.80" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[ 100.976851][ C1] vkms_vblank_simulate: vblank timer overrun
[ 100.977282][ T6303] tmpfs: Bad value for 'mpol'
[ 101.071728][ T6096] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 101.093631][ T6096] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 101.191980][ T6096] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 101.201343][ T6096] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 101.368094][ T6096] 8021q: adding VLAN 0 to HW filter on device bond0
[ 101.387177][ T6096] 8021q: adding VLAN 0 to HW filter on device team0
[ 101.857441][ T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 101.864582][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 101.991516][ T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 101.998667][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 102.649795][ T5872] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[ 102.836930][ T5872] usb 2-1: device descriptor read/64, error -71
[ 103.440033][ T5872] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[ 103.558772][ T6096] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 103.570470][ T30] kauditd_printk_skb: 6 callbacks suppressed
[ 103.570486][ T30] audit: type=1400 audit(1744168301.900:286): avc: denied { getopt } for pid=6348 comm="syz.4.87" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 103.614744][ T5872] usb 2-1: device descriptor read/64, error -71
[ 103.676363][ T30] audit: type=1400 audit(1744168301.980:287): avc: denied { read write } for pid=6348 comm="syz.4.87" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 103.729827][ T5872] usb usb2-port1: attempt power cycle
[ 103.789673][ T30] audit: type=1400 audit(1744168301.980:288): avc: denied { open } for pid=6348 comm="syz.4.87" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[ 104.138500][ T6096] veth0_vlan: entered promiscuous mode
[ 104.145467][ T5872] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[ 104.169754][ T9] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[ 104.187035][ T5872] usb 2-1: device descriptor read/8, error -71
[ 104.354380][ T6376] syz.0.88: attempt to access beyond end of device
[ 104.354380][ T6376] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 104.368075][ T6376] syz.0.88: attempt to access beyond end of device
[ 104.368075][ T6376] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 104.466257][ T6096] veth1_vlan: entered promiscuous mode
[ 104.631631][ T9] usb 5-1: config 0 has no interfaces?
[ 104.643291][ T9] usb 5-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[ 104.653413][ T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 104.689667][ T9] usb 5-1: Product: syz
[ 104.696728][ T9] usb 5-1: Manufacturer: syz
[ 104.714136][ T9] usb 5-1: SerialNumber: syz
[ 104.737404][ T9] usb 5-1: config 0 descriptor??
[ 104.753160][ T6096] veth0_macvtap: entered promiscuous mode
[ 104.762533][ T6096] veth1_macvtap: entered promiscuous mode
[ 104.769333][ T5872] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[ 104.778601][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 104.792453][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 104.802411][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 104.823312][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 104.830175][ T5872] usb 2-1: device descriptor read/8, error -71
[ 104.833397][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 104.859748][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 104.879554][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 104.892970][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 104.916528][ T6096] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 104.939402][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 104.956702][ T5872] usb usb2-port1: unable to enumerate USB device
[ 104.982962][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 105.003313][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 105.064453][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 105.169540][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 105.290496][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 105.472231][ T6096] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 105.508174][ T5875] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[ 105.634566][ T6096] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 105.807313][ T6096] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 105.859025][ T5875] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 106.000506][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 106.135507][ T5875] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 106.289296][ T5875] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 106.396733][ T5875] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 106.489211][ T5875] usb 4-1: Manufacturer: syz
[ 106.632979][ T6096] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.703988][ T5875] usb 4-1: config 0 descriptor??
[ 106.799150][ T6096] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.828276][ T6096] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 106.838024][ T6096] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 107.033552][ T5872] usb 5-1: USB disconnect, device number 2
[ 107.812521][ T30] audit: type=1400 audit(1744168306.130:289): avc: denied { create } for pid=6404 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 107.960304][ T30] audit: type=1400 audit(1744168306.180:290): avc: denied { bind } for pid=6404 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 107.981547][ T30] audit: type=1400 audit(1744168306.180:291): avc: denied { listen } for pid=6404 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 108.005247][ T30] audit: type=1400 audit(1744168306.180:292): avc: denied { connect } for pid=6404 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 108.025853][ T30] audit: type=1400 audit(1744168306.210:293): avc: denied { write } for pid=6404 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 108.046634][ T30] audit: type=1400 audit(1744168306.230:294): avc: denied { accept } for pid=6404 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 108.066811][ T30] audit: type=1400 audit(1744168306.230:295): avc: denied { read } for pid=6404 comm="syz.4.94" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 108.105034][ T3541] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 108.326938][ T3541] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.170099][ T3468] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 109.191958][ T3468] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 109.214144][ T30] kauditd_printk_skb: 2 callbacks suppressed
[ 109.214158][ T30] audit: type=1400 audit(1744168307.530:298): avc: denied { mount } for pid=6096 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 109.278556][ T30] audit: type=1400 audit(1744168307.540:299): avc: denied { mounton } for pid=6096 comm="syz-executor" path="/root/syzkaller.9JYfUi/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[ 109.429577][ T10] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[ 109.456814][ T30] audit: type=1400 audit(1744168307.780:300): avc: denied { rename } for pid=5179 comm="syslogd" name="messages" dev="tmpfs" ino=3 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 109.539932][ T5872] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 109.584907][ T30] audit: type=1400 audit(1744168307.780:301): avc: denied { unlink } for pid=5179 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 109.611688][ T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 109.642319][ T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 109.656554][ T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 109.672328][ T30] audit: type=1400 audit(1744168307.780:302): avc: denied { create } for pid=5179 comm="syslogd" name="messages" scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[ 109.706427][ T10] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 109.715723][ T5872] usb 2-1: Using ep0 maxpacket: 8
[ 109.727594][ T10] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 109.737717][ T5872] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 109.757200][ T10] usb 5-1: Manufacturer: syz
[ 109.769250][ T5872] usb 2-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 109.794197][ T5872] usb 2-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[ 109.818603][ T5872] usb 2-1: Product: syz
[ 109.834025][ T5872] usb 2-1: Manufacturer: syz
[ 109.839749][ T10] usb 5-1: config 0 descriptor??
[ 109.846514][ T5872] usb 2-1: SerialNumber: syz
[ 109.872424][ T5872] usb 2-1: config 0 descriptor??
[ 109.904221][ T5872] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 109.939011][ T6431] netlink: 244 bytes leftover after parsing attributes in process `syz.5.34'.
[ 109.954041][ T30] audit: type=1400 audit(1744168308.280:303): avc: denied { ioctl } for pid=6430 comm="syz.5.34" path="/dev/kvm" dev="devtmpfs" ino=84 ioctlcmd=0xae01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 110.078190][ T10] usb 4-1: USB disconnect, device number 3
[ 110.839703][ T30] audit: type=1400 audit(1744168309.110:304): avc: denied { mounton } for pid=6430 comm="syz.5.34" path="/0/file0" dev="tmpfs" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[ 111.050423][ T6450] syz.0.101: attempt to access beyond end of device
[ 111.050423][ T6450] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 111.063965][ T6450] syz.0.101: attempt to access beyond end of device
[ 111.063965][ T6450] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 111.409859][ T5872] gspca_zc3xx: reg_w_i err -110
[ 111.460687][ T6440] tmpfs: Bad value for 'mpol'
[ 111.855667][ T30] audit: type=1400 audit(1744168310.180:305): avc: denied { setopt } for pid=6416 comm="syz.1.96" laddr=ff01::1 lport=128 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 112.000825][ T5872] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 112.007214][ T5872] gspca_zc3xx 2-1:0.0: probe with driver gspca_zc3xx failed with error -110
[ 112.051192][ T5872] usb 2-1: USB disconnect, device number 6
[ 112.957255][ T24] usb 5-1: USB disconnect, device number 3
[ 113.077883][ T30] audit: type=1400 audit(1744168311.400:306): avc: denied { getopt } for pid=6474 comm="syz.4.104" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[ 113.159814][ T30] audit: type=1400 audit(1744168311.430:307): avc: denied { name_bind } for pid=6474 comm="syz.4.104" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[ 114.263231][ T30] kauditd_printk_skb: 5 callbacks suppressed
[ 114.263247][ T30] audit: type=1400 audit(1744168312.590:313): avc: denied { read } for pid=6494 comm="syz.0.109" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 114.424550][ T6499] autofs: Unknown parameter '�};W�_����:"��+��b���'
[ 114.599192][ T6518] netlink: 36 bytes leftover after parsing attributes in process `syz.5.112'.
[ 114.608201][ T6518] netlink: 36 bytes leftover after parsing attributes in process `syz.5.112'.
[ 114.618114][ T6518] netlink: 36 bytes leftover after parsing attributes in process `syz.5.112'.
[ 114.663166][ T30] audit: type=1400 audit(1744168312.910:314): avc: denied { append } for pid=6515 comm="syz.5.112" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 117.582036][ T30] audit: type=1400 audit(1744168315.910:315): avc: denied { name_bind 0x1000000 } for pid=6530 comm="syz.3.116" path="socket:[10211]" dev="sockfs" ino=10211 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[ 119.051759][ T6533] Can't find ip_set type hash:ip,po
[ 119.380796][ T6544] tmpfs: Bad value for 'mpol'
[ 120.151573][ T6558] overlay: Unknown parameter '/'
[ 120.252020][ T6559] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 120.542462][ T30] audit: type=1400 audit(1744168318.570:316): avc: denied { unlink } for pid=6547 comm="syz.0.118" name="#1" dev="tmpfs" ino=199 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 120.906823][ T6564] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 120.915780][ T6564] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 121.572434][ T6567] overlayfs: failed to resolve './file1': -2
[ 121.673691][ T911] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 122.460015][ T911] usb 1-1: Using ep0 maxpacket: 16
[ 122.478336][ T911] usb 1-1: config 0 has an invalid interface number: 5 but max is 0
[ 122.512086][ T911] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 122.549657][ T24] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 122.561332][ T911] usb 1-1: config 0 has no interface number 0
[ 122.589954][ T5909] libceph: connect (1)[c::]:6789 error -101
[ 122.596184][ T5909] libceph: mon0 (1)[c::]:6789 connect error
[ 122.599732][ T10] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[ 122.612793][ T911] usb 1-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=65.b8
[ 122.644687][ T911] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 122.654116][ T911] usb 1-1: Product: syz
[ 122.659553][ T911] usb 1-1: Manufacturer: syz
[ 122.674585][ T911] usb 1-1: SerialNumber: syz
[ 122.703587][ T911] usb 1-1: config 0 descriptor??
[ 122.727568][ T911] mvusb_mdio 1-1:0.5: probe with driver mvusb_mdio failed with error -5
[ 122.749774][ T24] usb 6-1: Using ep0 maxpacket: 16
[ 122.761800][ T24] usb 6-1: config 0 has an invalid interface number: 5 but max is 0
[ 122.777742][ T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 122.789655][ T10] usb 2-1: device descriptor read/64, error -71
[ 122.823494][ T6578] ceph: No mds server is up or the cluster is laggy
[ 122.833108][ T24] usb 6-1: config 0 has no interface number 0
[ 122.901419][ T5875] libceph: connect (1)[c::]:6789 error -101
[ 122.907423][ T5875] libceph: mon0 (1)[c::]:6789 connect error
[ 122.913835][ T911] usb 1-1: USB disconnect, device number 3
[ 122.925845][ T24] usb 6-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=65.b8
[ 122.939813][ T30] audit: type=1400 audit(1744168321.180:317): avc: denied { append } for pid=6550 comm="syz.4.120" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 122.965238][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 122.974069][ T24] usb 6-1: Product: syz
[ 122.978273][ T24] usb 6-1: Manufacturer: syz
[ 123.000680][ T24] usb 6-1: SerialNumber: syz
[ 123.037231][ T24] usb 6-1: config 0 descriptor??
[ 123.052127][ T30] audit: type=1400 audit(1744168321.270:318): avc: denied { open } for pid=6550 comm="syz.4.120" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 123.102485][ T24] mvusb_mdio 6-1:0.5: probe with driver mvusb_mdio failed with error -5
[ 123.106323][ T10] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 123.219261][ T30] audit: type=1400 audit(1744168321.370:319): avc: denied { create } for pid=6550 comm="syz.4.120" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 123.446052][ T24] usb 6-1: USB disconnect, device number 2
[ 123.509627][ T10] usb 2-1: device descriptor read/64, error -71
[ 123.624646][ T10] usb usb2-port1: attempt power cycle
[ 123.851824][ T6599] netlink: 24 bytes leftover after parsing attributes in process `syz.0.124'.
[ 123.917389][ T6598] input: syz0 as /devices/virtual/input/input15
[ 125.761443][ T30] audit: type=1400 audit(1744168324.090:320): avc: denied { bind } for pid=6622 comm="syz.0.130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[ 126.269681][ T30] audit: type=1400 audit(1744168324.590:321): avc: denied { setopt } for pid=6622 comm="syz.0.130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 126.768387][ T6636] input: syz0 as /devices/virtual/input/input16
[ 128.282258][ T5875] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[ 128.318725][ T30] audit: type=1400 audit(1744168326.620:322): avc: denied { unlink } for pid=5828 comm="syz-executor" name="file0" dev="tmpfs" ino=134 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[ 128.569650][ T5875] usb 6-1: device descriptor read/64, error -71
[ 128.958404][ T30] audit: type=1400 audit(1744168327.250:323): avc: denied { create } for pid=6622 comm="syz.0.130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 129.010177][ T30] audit: type=1400 audit(1744168327.250:324): avc: denied { connect } for pid=6622 comm="syz.0.130" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[ 129.103764][ T5875] usb 6-1: new low-speed USB device number 4 using dummy_hcd
[ 129.392995][ T5875] usb 6-1: device descriptor read/64, error -71
[ 129.500034][ T5875] usb usb6-port1: attempt power cycle
[ 129.854950][ T5875] usb 6-1: new low-speed USB device number 5 using dummy_hcd
[ 129.889618][ T30] audit: type=1400 audit(1744168328.210:325): avc: denied { search } for pid=5179 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[ 130.082074][ T5875] usb 6-1: device not accepting address 5, error -71
[ 130.118700][ T30] audit: type=1400 audit(1744168328.440:326): avc: denied { ioctl } for pid=6672 comm="syz.3.137" path="/dev/sg0" dev="devtmpfs" ino=752 ioctlcmd=0x2275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[ 130.938976][ T6672] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 131.854605][ T6698] syz.1.139: attempt to access beyond end of device
[ 131.854605][ T6698] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[ 131.868361][ T6698] syz.1.139: attempt to access beyond end of device
[ 131.868361][ T6698] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[ 132.383648][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 132.390068][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 132.859266][ T5875] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 133.083305][ T5875] usb 1-1: config 0 interface 0 has no altsetting 0
[ 133.092513][ T6711] qnx4: no qnx4 filesystem (no root dir).
[ 133.370593][ T5875] usb 1-1: New USB device found, idVendor=13d8, idProduct=0011, bcdDevice=d0.62
[ 133.381760][ T6713] netlink: 4 bytes leftover after parsing attributes in process `syz.3.141'.
[ 133.403096][ T5875] usb 1-1: New USB device strings: Mfr=1, Product=6, SerialNumber=3
[ 133.493117][ T5875] usb 1-1: Product: syz
[ 133.497459][ T5875] usb 1-1: Manufacturer: syz
[ 133.527930][ T5875] usb 1-1: SerialNumber: syz
[ 133.590765][ T5875] usb 1-1: config 0 descriptor??
[ 133.622314][ T5875] usb 1-1: can't set config #0, error -71
[ 133.781395][ T5875] usb 1-1: USB disconnect, device number 4
[ 134.733158][ T6740] netlink: 36 bytes leftover after parsing attributes in process `syz.1.148'.
[ 134.742453][ T6740] netlink: 36 bytes leftover after parsing attributes in process `syz.1.148'.
[ 134.752010][ T6740] netlink: 36 bytes leftover after parsing attributes in process `syz.1.148'.
[ 135.636050][ T6737] sp0: Synchronizing with TNC
[ 136.187553][ T10] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[ 136.262812][ T30] audit: type=1400 audit(1744168334.580:327): avc: denied { create } for pid=6766 comm="syz.1.151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 136.334071][ T30] audit: type=1400 audit(1744168334.580:328): avc: denied { connect } for pid=6766 comm="syz.1.151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 136.443771][ T10] usb 1-1: New USB device found, idVendor=0547, idProduct=0080, bcdDevice=67.51
[ 136.453756][ T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 136.469744][ T10] usb 1-1: Product: syz
[ 136.474037][ T10] usb 1-1: Manufacturer: syz
[ 136.479951][ T10] usb 1-1: SerialNumber: syz
[ 136.490227][ T10] usb 1-1: config 0 descriptor??
[ 136.571105][ T10] usbtest 1-1:0.0: EZ-USB device
[ 136.576556][ T10] usbtest 1-1:0.0: high-speed {control bulk-in bulk-out} tests (+alt)
[ 136.645848][ T30] audit: type=1400 audit(1744168334.970:329): avc: denied { bind } for pid=6766 comm="syz.1.151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 136.670199][ T30] audit: type=1400 audit(1744168335.000:330): avc: denied { write } for pid=6766 comm="syz.1.151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 136.732294][ T30] audit: type=1400 audit(1744168335.040:331): avc: denied { read } for pid=6766 comm="syz.1.151" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 136.818029][ T30] audit: type=1400 audit(1744168335.140:332): avc: denied { write } for pid=6732 comm="syz.0.146" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[ 136.878865][ T6737] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 136.922739][ T5909] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 136.990587][ T5932] usb 1-1: USB disconnect, device number 5
[ 137.049101][ T6792] lo: entered promiscuous mode
[ 137.055038][ T6792] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 137.099604][ T5909] usb 6-1: Using ep0 maxpacket: 32
[ 137.109967][ T5909] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 137.136339][ T5909] usb 6-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 137.145631][ T5909] usb 6-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 137.153981][ T5909] usb 6-1: Product: syz
[ 137.158182][ T5909] usb 6-1: Manufacturer: syz
[ 137.304390][ T5909] usb 6-1: SerialNumber: syz
[ 137.410594][ T5909] usb 6-1: config 0 descriptor??
[ 137.430472][ T6774] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 137.649949][ T5827] Bluetooth: hci5: link tx timeout
[ 137.655363][ T5827] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 137.691396][ T54] Bluetooth: hci5: link tx timeout
[ 137.696548][ T54] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 137.745810][ T5909] usb 6-1: USB disconnect, device number 7
[ 137.883813][ T6811] netlink: 24 bytes leftover after parsing attributes in process `syz.1.156'.
[ 137.957164][ T6774] loop6: detected capacity change from 0 to 524288000
[ 137.960693][ T30] audit: type=1400 audit(1744168336.280:333): avc: denied { append } for pid=6773 comm="syz.5.152" name="loop6" dev="devtmpfs" ino=653 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[ 138.054064][ T30] audit: type=1400 audit(1744168336.330:334): avc: denied { ioctl } for pid=6810 comm="syz.1.156" path="socket:[10610]" dev="sockfs" ino=10610 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 138.142413][ T54] Bluetooth: hci5: link tx timeout
[ 138.149393][ T54] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 138.262309][ T54] Bluetooth: hci5: link tx timeout
[ 138.267558][ T54] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 138.389705][ T6823] overlay: Unknown parameter '/'
[ 138.425896][ T6823] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 138.689667][ T54] Bluetooth: hci5: link tx timeout
[ 138.694989][ T54] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 138.830025][ T5909] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 138.961025][ T6830] netlink: 36 bytes leftover after parsing attributes in process `syz.4.159'.
[ 138.982710][ T6830] netlink: 36 bytes leftover after parsing attributes in process `syz.4.159'.
[ 138.992235][ T6830] netlink: 36 bytes leftover after parsing attributes in process `syz.4.159'.
[ 139.088974][ T10] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[ 139.125645][ T5909] usb 2-1: Using ep0 maxpacket: 16
[ 139.157890][ T5909] usb 2-1: config 0 has an invalid interface number: 5 but max is 0
[ 139.191324][ T5909] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 139.781040][ T54] Bluetooth: hci5: command 0x0406 tx timeout
[ 139.803023][ T54] Bluetooth: hci5: link tx timeout
[ 139.803352][ T5909] usb 2-1: config 0 has no interface number 0
[ 139.808155][ T54] Bluetooth: hci5: killing stalled connection 11:aa:aa:aa:aa:aa
[ 140.330883][ T5909] usb 2-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=65.b8
[ 140.354435][ T6841] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[ 140.361127][ T5909] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 140.362204][ T30] audit: type=1400 audit(1744168338.680:335): avc: denied { create } for pid=6840 comm="syz.5.161" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 140.390154][ T10] usb 1-1: Using ep0 maxpacket: 16
[ 140.414687][ T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 140.438550][ T5909] usb 2-1: Product: syz
[ 140.439568][ T10] usb 1-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[ 140.442963][ T5909] usb 2-1: Manufacturer: syz
[ 140.467012][ T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 140.494624][ T5909] usb 2-1: SerialNumber: syz
[ 140.500098][ T10] usb 1-1: config 0 descriptor??
[ 140.521766][ T5909] usb 2-1: config 0 descriptor??
[ 140.601244][ T5909] mvusb_mdio 2-1:0.5: probe with driver mvusb_mdio failed with error -5
[ 140.688140][ T6841] infiniband syz0: set down
[ 140.692913][ T6841] infiniband syz0: added ipvlan1
[ 141.199233][ T10] ryos 0003:1E7D:3138.0001: hidraw0: USB HID v0.06 Device [HID 1e7d:3138] on usb-dummy_hcd.0-1/input0
[ 141.219712][ T6841] RDS/IB: syz0: added
[ 141.228055][ T6841] smc: adding ib device syz0 with port count 1
[ 141.234883][ T6841] smc: ib device syz0 port 1 has pnetid
[ 141.756775][ T30] kauditd_printk_skb: 25 callbacks suppressed
[ 141.756804][ T30] audit: type=1400 audit(1744168340.030:360): avc: denied { name_connect } for pid=6822 comm="syz.0.158" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=sctp_socket permissive=1
[ 142.347780][ T5909] usb 2-1: USB disconnect, device number 10
[ 143.180957][ T6860] tmpfs: Bad value for 'mpol'
[ 143.452621][ T911] usb 1-1: USB disconnect, device number 6
[ 144.089218][ T6880] input: syz0 as /devices/virtual/input/input17
[ 145.409593][ T30] audit: type=1400 audit(1744168343.700:361): avc: denied { create } for pid=6882 comm="syz.3.169" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 145.476605][ T30] audit: type=1400 audit(1744168343.800:362): avc: denied { ioctl } for pid=6882 comm="syz.3.169" path="socket:[11438]" dev="sockfs" ino=11438 ioctlcmd=0x8b36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[ 145.554490][ T30] audit: type=1400 audit(1744168343.850:363): avc: denied { write } for pid=6866 comm="syz.4.167" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 145.749765][ T911] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 145.919805][ T911] usb 2-1: Using ep0 maxpacket: 32
[ 145.927613][ T911] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 145.943460][ T911] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 145.953404][ T911] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 145.971715][ T6903] overlayfs: failed to resolve './file1': -2
[ 146.102809][ T911] usb 2-1: Product: syz
[ 146.107076][ T911] usb 2-1: Manufacturer: syz
[ 146.117295][ T911] usb 2-1: SerialNumber: syz
[ 146.136964][ T911] usb 2-1: config 0 descriptor??
[ 146.142175][ T30] audit: type=1400 audit(1744168344.300:364): avc: denied { mount } for pid=6896 comm="syz.3.173" name="/" dev="9p" ino=17889801302421081418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 146.192476][ T30] audit: type=1400 audit(1744168344.430:365): avc: denied { mounton } for pid=6896 comm="syz.3.173" path="/45/file0" dev="9p" ino=17889801302421081418 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[ 146.200360][ T6888] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 146.356792][ T30] audit: type=1400 audit(1744168344.680:366): avc: denied { unmount } for pid=5819 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 146.566775][ T5872] usb 2-1: USB disconnect, device number 11
[ 146.784532][ T30] audit: type=1400 audit(1744168345.080:367): avc: denied { setrlimit } for pid=6911 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=process permissive=1
[ 146.822965][ T6888] loop6: detected capacity change from 0 to 524288000
[ 147.483532][ T6924] netlink: 24 bytes leftover after parsing attributes in process `syz.4.176'.
[ 147.609848][ T6924] input: syz0 as /devices/virtual/input/input18
[ 148.668691][ T6930] FAULT_INJECTION: forcing a failure.
[ 148.668691][ T6930] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 148.715218][ T6930] CPU: 1 UID: 0 PID: 6930 Comm: syz.3.177 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 148.715245][ T6930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 148.715254][ T6930] Call Trace:
[ 148.715260][ T6930] <TASK>
[ 148.715266][ T6930] dump_stack_lvl+0x16c/0x1f0
[ 148.715292][ T6930] should_fail_ex+0x512/0x640
[ 148.715314][ T6930] _copy_to_iter+0x2a4/0x15a0
[ 148.715341][ T6930] ? __pfx__copy_to_iter+0x10/0x10
[ 148.715365][ T6930] ? do_raw_spin_lock+0x12c/0x2b0
[ 148.715389][ T6930] copy_page_to_iter+0xf1/0x180
[ 148.715410][ T6930] sk_msg_recvmsg+0x363/0xf70
[ 148.715439][ T6930] unix_bpf_recvmsg+0x309/0x1040
[ 148.715461][ T6930] ? is_bpf_text_address+0x94/0x1a0
[ 148.715480][ T6930] ? __pfx_unix_bpf_recvmsg+0x10/0x10
[ 148.715495][ T6930] ? __kernel_text_address+0xd/0x40
[ 148.715517][ T6930] ? sock_has_perm+0x259/0x2f0
[ 148.715536][ T6930] ? __pfx_sock_has_perm+0x10/0x10
[ 148.715559][ T6930] unix_stream_recvmsg+0x12d/0x1c0
[ 148.715583][ T6930] ? __pfx_unix_stream_recvmsg+0x10/0x10
[ 148.715607][ T6930] ? __pfx_unix_stream_read_actor+0x10/0x10
[ 148.715635][ T6930] sock_recvmsg+0x1f6/0x250
[ 148.715659][ T6930] ____sys_recvmsg+0x218/0x6b0
[ 148.715688][ T6930] ? __pfx_____sys_recvmsg+0x10/0x10
[ 148.715722][ T6930] ? __lock_acquire+0x5ca/0x1ba0
[ 148.715741][ T6930] ___sys_recvmsg+0x114/0x1a0
[ 148.715761][ T6930] ? __pfx____sys_recvmsg+0x10/0x10
[ 148.715802][ T6930] __sys_recvmsg+0x16a/0x220
[ 148.715822][ T6930] ? __pfx___sys_recvmsg+0x10/0x10
[ 148.715849][ T6930] ? rcu_is_watching+0x12/0xc0
[ 148.715877][ T6930] do_syscall_64+0xcd/0x260
[ 148.715901][ T6930] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 148.715918][ T6930] RIP: 0033:0x7f6c30f8d169
[ 148.715929][ T6930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 148.715944][ T6930] RSP: 002b:00007f6c31d0e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[ 148.715959][ T6930] RAX: ffffffffffffffda RBX: 00007f6c311a5fa0 RCX: 00007f6c30f8d169
[ 148.715969][ T6930] RDX: 0000000000002002 RSI: 0000200000000480 RDI: 0000000000000003
[ 148.715978][ T6930] RBP: 00007f6c31d0e090 R08: 0000000000000000 R09: 0000000000000000
[ 148.715987][ T6930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 148.715996][ T6930] R13: 0000000000000000 R14: 00007f6c311a5fa0 R15: 00007fffc0f8b378
[ 148.716018][ T6930] </TASK>
[ 148.808560][ T6936] syz.1.178: attempt to access beyond end of device
[ 148.808560][ T6936] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[ 148.974072][ T6936] syz.1.178: attempt to access beyond end of device
[ 148.974072][ T6936] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[ 149.155268][ T30] audit: type=1400 audit(1744168347.480:368): avc: denied { ioctl } for pid=6933 comm="syz.0.179" path="socket:[10827]" dev="sockfs" ino=10827 ioctlcmd=0x662b scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[ 149.399683][ T911] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[ 149.439632][ T5872] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[ 149.571640][ T911] usb 5-1: Using ep0 maxpacket: 8
[ 149.593841][ T911] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 149.619600][ T5872] usb 1-1: Using ep0 maxpacket: 32
[ 149.668984][ T5872] usb 1-1: config 0 has an invalid interface number: 32 but max is 0
[ 149.711509][ T5872] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 149.761562][ T5872] usb 1-1: config 0 has no interface number 0
[ 149.797441][ T6954] netlink: 24 bytes leftover after parsing attributes in process `syz.1.182'.
[ 149.815369][ T5872] usb 1-1: New USB device found, idVendor=05dc, idProduct=0001, bcdDevice= 0.01
[ 149.851072][ T5872] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 149.888187][ T5872] usb 1-1: Product: syz
[ 149.900611][ T6957] input: syz0 as /devices/virtual/input/input19
[ 149.919840][ T5872] usb 1-1: Manufacturer: syz
[ 149.953847][ T5872] usb 1-1: SerialNumber: syz
[ 150.043088][ T5872] usb 1-1: config 0 descriptor??
[ 150.103691][ T5872] ums-jumpshot 1-1:0.32: USB Mass Storage device detected
[ 150.186063][ T911] usb 5-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 150.740519][ T911] usb 5-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[ 150.743804][ T5872] ums-jumpshot 1-1:0.32: Quirks match for vid 05dc pid 0001: 2
[ 150.749573][ T911] usb 5-1: Product: syz
[ 150.761314][ T911] usb 5-1: Manufacturer: syz
[ 150.765954][ T911] usb 5-1: SerialNumber: syz
[ 150.802987][ T911] usb 5-1: config 0 descriptor??
[ 150.854480][ T911] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 151.008611][ T5872] usb 1-1: USB disconnect, device number 7
[ 151.038589][ T30] audit: type=1400 audit(1744168349.360:369): avc: denied { getopt } for pid=6970 comm="syz.3.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 151.424956][ T911] gspca_zc3xx: reg_w_i err -71
[ 151.428009][ T30] audit: type=1400 audit(1744168349.390:370): avc: denied { create } for pid=6970 comm="syz.3.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[ 151.753087][ T30] audit: type=1400 audit(1744168349.400:371): avc: denied { write } for pid=6970 comm="syz.3.185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[ 152.278568][ T911] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 152.294930][ T6979] overlayfs: failed to resolve './file1': -2
[ 152.319628][ T911] gspca_zc3xx 5-1:0.0: probe with driver gspca_zc3xx failed with error -71
[ 152.349366][ T911] usb 5-1: USB disconnect, device number 4
[ 153.609600][ T5932] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[ 153.953167][ T7003] netlink: ct family unspecified
[ 153.958467][ T7003] openvswitch: netlink: Actions may not be safe on all matching packets
[ 154.209573][ T5932] usb 1-1: Using ep0 maxpacket: 32
[ 154.221704][ T5932] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 154.248741][ T5932] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 154.360868][ T7014] 9pnet_fd: Insufficient options for proto=fd
[ 154.424523][ T7016] netlink: 28 bytes leftover after parsing attributes in process `syz.1.192'.
[ 154.637840][ T5932] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 154.644125][ T30] audit: type=1400 audit(1744168352.760:372): avc: denied { create } for pid=7001 comm="syz.1.192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 154.665533][ T5932] usb 1-1: Product: syz
[ 154.675563][ T5932] usb 1-1: Manufacturer: syz
[ 154.680318][ T5932] usb 1-1: SerialNumber: syz
[ 154.687083][ T5932] usb 1-1: config 0 descriptor??
[ 154.871784][ T6991] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 154.947076][ T7021] 9pnet_fd: Insufficient options for proto=fd
[ 155.011433][ T7022] netlink: 28 bytes leftover after parsing attributes in process `syz.4.193'.
[ 155.191371][ T911] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 155.199165][ T30] audit: type=1400 audit(1744168352.760:373): avc: denied { bind } for pid=7001 comm="syz.1.192" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 155.218551][ T30] audit: type=1400 audit(1744168353.000:374): avc: denied { write } for pid=6996 comm="syz.3.190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 155.339735][ T30] audit: type=1400 audit(1744168353.000:375): avc: denied { nlmsg_read } for pid=6996 comm="syz.3.190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 155.375224][ T24] usb 1-1: USB disconnect, device number 8
[ 155.469920][ T911] usb 6-1: Using ep0 maxpacket: 8
[ 155.477888][ T911] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 155.524810][ T911] usb 6-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 155.544267][ T911] usb 6-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[ 155.570368][ T911] usb 6-1: Product: syz
[ 155.576184][ T911] usb 6-1: Manufacturer: syz
[ 155.585969][ T6991] loop6: detected capacity change from 0 to 524288000
[ 155.610783][ T911] usb 6-1: SerialNumber: syz
[ 155.626768][ T911] usb 6-1: config 0 descriptor??
[ 155.642770][ T911] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 155.873305][ T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 155.934220][ T7046] netlink: 24 bytes leftover after parsing attributes in process `syz.4.198'.
[ 156.001565][ T7046] input: syz0 as /devices/virtual/input/input20
[ 156.108548][ T24] usb 4-1: Using ep0 maxpacket: 8
[ 156.184911][ T24] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 156.451701][ T24] usb 4-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 156.664400][ T24] usb 4-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[ 156.690897][ T911] gspca_zc3xx: reg_w_i err -110
[ 156.883992][ T24] usb 4-1: Product: syz
[ 157.005204][ T24] usb 4-1: Manufacturer: syz
[ 157.083677][ T24] usb 4-1: SerialNumber: syz
[ 157.098028][ T24] usb 4-1: config 0 descriptor??
[ 157.116742][ T24] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 157.349726][ T911] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 157.369905][ T911] gspca_zc3xx 6-1:0.0: probe with driver gspca_zc3xx failed with error -110
[ 157.492949][ T7068] netlink: 44 bytes leftover after parsing attributes in process `syz.0.199'.
[ 157.523105][ T30] audit: type=1400 audit(1744168355.760:376): avc: denied { bind } for pid=7058 comm="syz.0.199" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[ 158.203897][ T7067] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[ 158.235689][ T24] gspca_zc3xx: reg_w_i err -110
[ 158.607517][ T5872] usb 6-1: USB disconnect, device number 8
[ 159.191094][ T7079] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[ 159.345037][ T66] Bluetooth: hci3: Frame reassembly failed (-84)
[ 159.359578][ T24] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 159.365901][ T24] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -110
[ 159.463869][ T7081] overlayfs: missing 'lowerdir'
[ 159.809700][ T24] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 160.008097][ T5872] usb 4-1: USB disconnect, device number 4
[ 160.249861][ T7088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.205'.
[ 160.329724][ T24] usb 6-1: Using ep0 maxpacket: 16
[ 160.348313][ T24] usb 6-1: config 0 has an invalid interface number: 5 but max is 0
[ 160.360625][ T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 160.384628][ T24] usb 6-1: config 0 has no interface number 0
[ 160.398793][ T24] usb 6-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=65.b8
[ 160.419029][ T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 160.436511][ T24] usb 6-1: Product: syz
[ 160.441913][ T24] usb 6-1: Manufacturer: syz
[ 160.446663][ T24] usb 6-1: SerialNumber: syz
[ 160.466289][ T24] usb 6-1: config 0 descriptor??
[ 160.528198][ T24] mvusb_mdio 6-1:0.5: probe with driver mvusb_mdio failed with error -5
[ 160.819985][ T24] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 160.990678][ T24] usb 4-1: Using ep0 maxpacket: 8
[ 161.003462][ T24] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 161.032057][ T24] usb 4-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 161.044626][ T24] usb 4-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[ 161.059183][ T24] usb 4-1: Product: syz
[ 161.065831][ T24] usb 4-1: Manufacturer: syz
[ 161.076606][ T24] usb 4-1: SerialNumber: syz
[ 161.087466][ T24] usb 4-1: config 0 descriptor??
[ 161.096012][ T24] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 161.227145][ T30] audit: type=1400 audit(1744168359.550:377): avc: denied { getopt } for pid=7139 comm="syz.0.212" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 161.269655][ T5827] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 161.396361][ T7144] SELinux: policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[ 161.423996][ T7144] SELinux: failed to load policy
[ 161.719857][ T7153] netlink: 24 bytes leftover after parsing attributes in process `syz.1.213'.
[ 161.923020][ T24] gspca_zc3xx: reg_w_i err -71
[ 162.337965][ T5875] usb 6-1: USB disconnect, device number 9
[ 162.492359][ T30] audit: type=1400 audit(1744168360.810:378): avc: denied { append } for pid=7157 comm="syz.0.215" name="iommu" dev="devtmpfs" ino=624 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[ 162.560007][ T24] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 162.567916][ T24] gspca_zc3xx 4-1:0.0: probe with driver gspca_zc3xx failed with error -71
[ 162.609570][ T24] usb 4-1: USB disconnect, device number 5
[ 162.780770][ T7168] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 164.240322][ T7177] input: syz0 as /devices/virtual/input/input21
[ 164.642947][ T7183] ERROR: device name not specified.
[ 165.100603][ T30] audit: type=1400 audit(1744168362.880:379): avc: denied { accept } for pid=7180 comm="syz.0.220" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 165.590234][ T7185] tmpfs: Bad value for 'mpol'
[ 165.723498][ T30] audit: type=1400 audit(1744168364.050:380): avc: denied { mounton } for pid=7179 comm="syz.5.218" path="/proc/81/task" dev="proc" ino=12072 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[ 165.815836][ T30] audit: type=1400 audit(1744168364.050:381): avc: denied { mount } for pid=7179 comm="syz.5.218" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[ 165.850233][ T7200] netlink: 'syz.4.223': attribute type 1 has an invalid length.
[ 165.881667][ T30] audit: type=1400 audit(1744168364.080:382): avc: denied { search } for pid=7179 comm="syz.5.218" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[ 165.989576][ T5872] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 166.122011][ T7210] input: syz0 as /devices/virtual/input/input23
[ 166.571634][ T5872] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 166.899558][ T5872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 166.939419][ T5872] usb 6-1: config 0 descriptor??
[ 167.010125][ T7200] veth3: entered promiscuous mode
[ 167.016907][ T7208] netlink: 60 bytes leftover after parsing attributes in process `syz.4.223'.
[ 167.033852][ T7208] netlink: 60 bytes leftover after parsing attributes in process `syz.4.223'.
[ 167.152183][ T5872] [drm] vendor descriptor length:6 data:06 5f 01 74 75 6e 00 00 00 00 00
[ 167.225779][ T5872] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[ 167.320034][ T7217] overlayfs: missing 'lowerdir'
[ 167.649756][ T24] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 167.699951][ T5872] [drm:udl_init] *ERROR* Selecting channel failed
[ 167.734067][ T5872] [drm] Initialized udl 0.0.1 for 6-1:0.0 on minor 2
[ 167.759170][ T5872] [drm] Initialized udl on minor 2
[ 167.776658][ T5872] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 167.798064][ T5872] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[ 167.806576][ T5932] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 167.899777][ T24] usb 2-1: Using ep0 maxpacket: 16
[ 167.957455][ T7230] netlink: 24 bytes leftover after parsing attributes in process `syz.4.227'.
[ 167.977944][ T24] usb 2-1: config 0 has an invalid interface number: 5 but max is 0
[ 168.037560][ T7231] input: syz0 as /devices/virtual/input/input24
[ 168.051599][ T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 168.160521][ T24] usb 2-1: config 0 has no interface number 0
[ 168.251218][ T24] usb 2-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=65.b8
[ 168.362780][ T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 168.484138][ T24] usb 2-1: Product: syz
[ 168.544617][ T24] usb 2-1: Manufacturer: syz
[ 168.636035][ T24] usb 2-1: SerialNumber: syz
[ 168.943832][ T24] usb 2-1: config 0 descriptor??
[ 168.957326][ T5932] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 168.966016][ T5872] usb 6-1: USB disconnect, device number 10
[ 168.974181][ T5932] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[ 169.069972][ T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[ 169.102436][ T24] mvusb_mdio 2-1:0.5: probe with driver mvusb_mdio failed with error -5
[ 169.799647][ T10] usb 4-1: Using ep0 maxpacket: 32
[ 169.909791][ T10] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 170.503097][ T5909] usb 2-1: USB disconnect, device number 12
[ 170.525832][ T10] usb 4-1: config 228 has an invalid interface number: 143 but max is 0
[ 170.536676][ T10] usb 4-1: config 228 has an invalid descriptor of length 0, skipping remainder of the config
[ 170.547391][ T10] usb 4-1: config 228 has no interface number 0
[ 170.564474][ T10] usb 4-1: config 228 interface 143 altsetting 77 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 170.683994][ T10] usb 4-1: config 228 interface 143 has no altsetting 0
[ 170.702867][ T10] usb 4-1: string descriptor 0 read error: -71
[ 170.900524][ T10] usb 4-1: New USB device found, idVendor=13b1, idProduct=0041, bcdDevice=b0.69
[ 170.946920][ T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 171.093372][ T7257] overlayfs: failed to resolve './file1': -2
[ 171.242679][ T30] audit: type=1400 audit(1744168369.310:383): avc: denied { name_bind } for pid=7232 comm="syz.0.228" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[ 171.268215][ T10] r8152-cfgselector 4-1: Unknown version 0x0000
[ 171.342321][ T10] r8152-cfgselector 4-1: can't set config #228, error -71
[ 171.402899][ T10] r8152-cfgselector 4-1: USB disconnect, device number 6
[ 171.508645][ T7265] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[ 171.661056][ T7267] usb usb1: usbfs: process 7267 (syz.3.236) did not claim interface 0 before use
[ 171.739653][ T30] audit: type=1400 audit(1744168369.980:384): avc: denied { append } for pid=7261 comm="syz.3.236" name="001" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[ 171.998690][ T7268] futex_wake_op: syz.1.235 tries to shift op by 144; fix this program
[ 172.020748][ T30] audit: type=1400 audit(1744168370.340:385): avc: denied { bind } for pid=7253 comm="syz.4.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[ 172.039787][ C0] vkms_vblank_simulate: vblank timer overrun
[ 172.140844][ T7265] block nbd4: NBD_DISCONNECT
[ 172.147981][ T7265] block nbd4: Send disconnect failed -22
[ 172.154294][ T30] audit: type=1400 audit(1744168370.470:386): avc: denied { write } for pid=7253 comm="syz.4.233" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[ 172.173475][ C0] vkms_vblank_simulate: vblank timer overrun
[ 172.184894][ T7253] block nbd4: Disconnected due to user request.
[ 172.241964][ T7253] block nbd4: shutting down sockets
[ 172.366139][ T30] audit: type=1400 audit(1744168370.690:387): avc: denied { create } for pid=7270 comm="syz.5.237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 172.417690][ T30] audit: type=1400 audit(1744168370.700:388): avc: denied { ioctl } for pid=7270 comm="syz.5.237" path="socket:[12265]" dev="sockfs" ino=12265 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[ 172.442417][ C0] vkms_vblank_simulate: vblank timer overrun
[ 172.466277][ T30] audit: type=1400 audit(1744168370.700:389): avc: denied { setopt } for pid=7270 comm="syz.5.237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 172.545495][ T30] audit: type=1400 audit(1744168370.700:390): avc: denied { write } for pid=7270 comm="syz.5.237" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[ 172.572189][ T7279] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 172.768271][ T7281] syz.1.240: attempt to access beyond end of device
[ 172.768271][ T7281] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[ 172.781821][ T7281] syz.1.240: attempt to access beyond end of device
[ 172.781821][ T7281] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[ 173.591600][ T7289] netlink: 24 bytes leftover after parsing attributes in process `syz.3.243'.
[ 173.604238][ T7289] input: syz0 as /devices/virtual/input/input25
[ 173.667509][ T30] audit: type=1400 audit(1744168371.980:391): avc: denied { write } for pid=7290 comm="syz.1.242" name="card1" dev="devtmpfs" ino=628 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[ 173.959474][ T30] audit: type=1400 audit(1744168372.280:392): avc: denied { ioctl } for pid=7305 comm="syz.1.249" path="socket:[12422]" dev="sockfs" ino=12422 ioctlcmd=0x89f2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[ 174.038684][ T7309] overlay: Unknown parameter '/'
[ 174.045739][ T7310] syz.4.248: attempt to access beyond end of device
[ 174.045739][ T7310] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[ 174.058639][ T7310] syz.4.248: attempt to access beyond end of device
[ 174.058639][ T7310] nbd4: rw=0, sector=16, nr_sectors = 2 limit=0
[ 174.089432][ T7309] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 174.339720][ T5875] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 174.461720][ T7294] input: syz0 as /devices/virtual/input/input26
[ 174.569577][ T5872] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[ 174.589896][ T5875] usb 6-1: Using ep0 maxpacket: 16
[ 174.599010][ T5875] usb 6-1: config 0 has an invalid interface number: 255 but max is 0
[ 174.612267][ T5875] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 174.637463][ T5875] usb 6-1: config 0 has no interface number 0
[ 174.647135][ T7317] futex_wake_op: syz.1.250 tries to shift op by 144; fix this program
[ 174.663018][ T5875] usb 6-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=65.b8
[ 174.676503][ T5875] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 174.686405][ T5875] usb 6-1: Product: syz
[ 174.695889][ T5875] usb 6-1: Manufacturer: syz
[ 174.717115][ T5875] usb 6-1: SerialNumber: syz
[ 174.737045][ T5872] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 174.745510][ T5872] usb 4-1: config 0 has no interface number 0
[ 174.757640][ T5872] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 174.782164][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 174.814954][ T5872] usb 4-1: config 0 descriptor??
[ 174.830594][ T5875] usb 6-1: config 0 descriptor??
[ 174.833786][ T5872] usb 4-1: selecting invalid altsetting 1
[ 174.843472][ T5872] dvb_ttusb_budget: ttusb_init_controller: error
[ 174.850601][ T5872] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 175.056643][ T5875] mvusb_mdio 6-1:0.255: probe with driver mvusb_mdio failed with error -5
[ 175.082348][ T5872] DVB: Unable to find symbol cx22700_attach()
[ 175.119081][ T7323] syz.4.251: attempt to access beyond end of device
[ 175.119081][ T7323] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[ 175.131866][ T7323] syz.4.251: attempt to access beyond end of device
[ 175.131866][ T7323] nbd4: rw=0, sector=16, nr_sectors = 2 limit=0
[ 175.356588][ T5872] DVB: Unable to find symbol tda10046_attach()
[ 175.356603][ T5872] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 176.007274][ T5872] usb 4-1: USB disconnect, device number 7
[ 176.259645][ T5932] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 176.409562][ T5932] usb 5-1: device descriptor read/64, error -71
[ 176.659628][ T5932] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 176.801158][ T5875] usb 6-1: USB disconnect, device number 11
[ 176.816360][ T5932] usb 5-1: device descriptor read/64, error -71
[ 176.909976][ T7343] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 176.969993][ T5932] usb usb5-port1: attempt power cycle
[ 177.114073][ T7349] FAULT_INJECTION: forcing a failure.
[ 177.114073][ T7349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 177.147660][ T7349] CPU: 1 UID: 0 PID: 7349 Comm: syz.5.259 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 177.147687][ T7349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 177.147697][ T7349] Call Trace:
[ 177.147703][ T7349] <TASK>
[ 177.147709][ T7349] dump_stack_lvl+0x16c/0x1f0
[ 177.147736][ T7349] should_fail_ex+0x512/0x640
[ 177.147759][ T7349] _copy_from_user+0x2e/0xd0
[ 177.147779][ T7349] __sys_bpf+0x21d/0x4d80
[ 177.147804][ T7349] ? __pfx___sys_bpf+0x10/0x10
[ 177.147825][ T7349] ? ksys_write+0x190/0x240
[ 177.147844][ T7349] ? __mutex_unlock_slowpath+0x161/0x6a0
[ 177.147880][ T7349] ? fput+0x70/0xf0
[ 177.147898][ T7349] ? ksys_write+0x1b9/0x240
[ 177.147911][ T7349] ? __pfx_ksys_write+0x10/0x10
[ 177.147924][ T7349] ? rcu_is_watching+0x12/0xc0
[ 177.147948][ T7349] __x64_sys_bpf+0x78/0xc0
[ 177.147968][ T7349] ? lockdep_hardirqs_on+0x7c/0x110
[ 177.147989][ T7349] do_syscall_64+0xcd/0x260
[ 177.148012][ T7349] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 177.148029][ T7349] RIP: 0033:0x7f514678d169
[ 177.148042][ T7349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 177.148057][ T7349] RSP: 002b:00007f5147506038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 177.148075][ T7349] RAX: ffffffffffffffda RBX: 00007f51469a5fa0 RCX: 00007f514678d169
[ 177.148085][ T7349] RDX: 0000000000000020 RSI: 0000200000000000 RDI: 000000000000001c
[ 177.148094][ T7349] RBP: 00007f5147506090 R08: 0000000000000000 R09: 0000000000000000
[ 177.148104][ T7349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 177.148112][ T7349] R13: 0000000000000000 R14: 00007f51469a5fa0 R15: 00007ffebde3e5a8
[ 177.148134][ T7349] </TASK>
[ 177.389778][ T5932] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[ 177.444812][ T5932] usb 5-1: device descriptor read/8, error -71
[ 177.819725][ T5932] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 177.870155][ T5932] usb 5-1: device descriptor read/8, error -71
[ 177.985220][ T5932] usb usb5-port1: unable to enumerate USB device
[ 178.008046][ T7361] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 178.528942][ T5872] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[ 178.659769][ T5932] usb 2-1: new full-speed USB device number 13 using dummy_hcd
[ 178.689649][ T5872] usb 6-1: Using ep0 maxpacket: 32
[ 178.698318][ T5872] usb 6-1: config 0 interface 0 has no altsetting 0
[ 178.707051][ T5872] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 178.717272][ T5872] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 178.735099][ T5872] usb 6-1: Product: syz
[ 178.739318][ T5872] usb 6-1: Manufacturer: syz
[ 178.753064][ T5872] usb 6-1: SerialNumber: syz
[ 178.769564][ T5872] usb 6-1: config 0 descriptor??
[ 178.781749][ T30] audit: type=1400 audit(1744168377.110:393): avc: denied { bind } for pid=7364 comm="syz.3.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 178.873670][ T30] audit: type=1400 audit(1744168377.200:394): avc: denied { bind } for pid=7364 comm="syz.3.265" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[ 178.903624][ T5932] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 178.919060][ T5932] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 178.933775][ T5932] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 178.982431][ T5932] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 179.002132][ T5932] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 179.013991][ T5932] usb 2-1: Manufacturer: syz
[ 179.026126][ T5932] usb 2-1: config 0 descriptor??
[ 179.149606][ T5875] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[ 179.202480][ T5872] gs_usb 6-1:0.0: Configuring for 1 interfaces
[ 179.289583][ T5875] usb 4-1: device descriptor read/64, error -71
[ 179.529582][ T5875] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[ 179.749724][ T5875] usb 4-1: device descriptor read/64, error -71
[ 179.804449][ T7383] overlay: Unknown parameter '/'
[ 179.824437][ T7383] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 179.876172][ T5875] usb usb4-port1: attempt power cycle
[ 180.100056][ T5909] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 180.172721][ T30] audit: type=1400 audit(1744168378.500:395): avc: denied { read } for pid=7355 comm="syz.5.262" name="ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 180.271348][ T30] audit: type=1400 audit(1744168378.530:396): avc: denied { open } for pid=7355 comm="syz.5.262" path="/dev/ppp" dev="devtmpfs" ino=709 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 180.294945][ T5875] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[ 180.313412][ T7386] FAULT_INJECTION: forcing a failure.
[ 180.313412][ T7386] name failslab, interval 1, probability 0, space 0, times 0
[ 180.322618][ T30] audit: type=1400 audit(1744168378.550:397): avc: denied { ioctl } for pid=7355 comm="syz.5.262" path="/dev/ppp" dev="devtmpfs" ino=709 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[ 180.328952][ T7386] CPU: 0 UID: 0 PID: 7386 Comm: syz.0.269 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 180.328972][ T7386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 180.328980][ T7386] Call Trace:
[ 180.328985][ T7386] <TASK>
[ 180.328990][ T7386] dump_stack_lvl+0x16c/0x1f0
[ 180.329014][ T7386] should_fail_ex+0x512/0x640
[ 180.329031][ T7386] ? fs_reclaim_acquire+0xae/0x150
[ 180.329053][ T7386] ? tomoyo_realpath_from_path+0xc2/0x6e0
[ 180.329072][ T7386] should_failslab+0xc2/0x120
[ 180.329088][ T7386] __kmalloc_noprof+0xd2/0x510
[ 180.329108][ T7386] tomoyo_realpath_from_path+0xc2/0x6e0
[ 180.329129][ T7386] ? tomoyo_profile+0x47/0x60
[ 180.329144][ T7386] tomoyo_path_number_perm+0x245/0x580
[ 180.329160][ T7386] ? tomoyo_path_number_perm+0x237/0x580
[ 180.329179][ T7386] ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 180.329218][ T7386] ? find_held_lock+0x2b/0x80
[ 180.329236][ T7386] ? hook_file_ioctl_common+0x145/0x410
[ 180.329255][ T7386] ? __fget_files+0x20e/0x3c0
[ 180.329272][ T7386] security_file_ioctl+0x9b/0x240
[ 180.329293][ T7386] __x64_sys_ioctl+0xb7/0x200
[ 180.329314][ T7386] do_syscall_64+0xcd/0x260
[ 180.329334][ T7386] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 180.329348][ T7386] RIP: 0033:0x7f0a2518d169
[ 180.329360][ T7386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 180.329373][ T7386] RSP: 002b:00007f0a25fc2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 180.329387][ T7386] RAX: ffffffffffffffda RBX: 00007f0a253a5fa0 RCX: 00007f0a2518d169
[ 180.329396][ T7386] RDX: 00002000000000c0 RSI: 00000000c04064a0 RDI: 0000000000000003
[ 180.329405][ T7386] RBP: 00007f0a25fc2090 R08: 0000000000000000 R09: 0000000000000000
[ 180.329413][ T7386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 180.329421][ T7386] R13: 0000000000000000 R14: 00007f0a253a5fa0 R15: 00007ffd300be778
[ 180.329441][ T7386] </TASK>
[ 180.329457][ T7386] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 180.352660][ T5875] usb 4-1: device descriptor read/8, error -71
[ 180.458869][ T7389] FAULT_INJECTION: forcing a failure.
[ 180.458869][ T7389] name failslab, interval 1, probability 0, space 0, times 0
[ 180.462583][ T5909] usb 5-1: Using ep0 maxpacket: 16
[ 180.476205][ T5909] usb 5-1: config 0 has an invalid interface number: 255 but max is 0
[ 180.486759][ T7389] CPU: 0 UID: 0 PID: 7389 Comm: syz.0.270 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 180.486780][ T7389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 180.486789][ T7389] Call Trace:
[ 180.486794][ T7389] <TASK>
[ 180.486800][ T7389] dump_stack_lvl+0x16c/0x1f0
[ 180.486823][ T7389] should_fail_ex+0x512/0x640
[ 180.486839][ T7389] ? __kmalloc_cache_noprof+0x57/0x3e0
[ 180.486865][ T7389] should_failslab+0xc2/0x120
[ 180.486882][ T7389] __kmalloc_cache_noprof+0x6a/0x3e0
[ 180.486901][ T7389] ? find_held_lock+0x2b/0x80
[ 180.486918][ T7389] ? alloc_pipe_info+0x10e/0x590
[ 180.486937][ T7389] alloc_pipe_info+0x10e/0x590
[ 180.486954][ T7389] splice_direct_to_actor+0x77d/0xa30
[ 180.486976][ T7389] ? __lock_acquire+0x5ca/0x1ba0
[ 180.486988][ T7389] ? __pfx_direct_splice_actor+0x10/0x10
[ 180.487013][ T7389] ? __pfx_splice_direct_to_actor+0x10/0x10
[ 180.487036][ T7389] ? __pfx___might_resched+0x10/0x10
[ 180.487059][ T7389] do_splice_direct+0x174/0x240
[ 180.487080][ T7389] ? __pfx_do_splice_direct+0x10/0x10
[ 180.487101][ T7389] ? __pfx_direct_file_splice_eof+0x10/0x10
[ 180.487122][ T7389] ? bpf_lsm_file_permission+0x9/0x10
[ 180.487142][ T7389] ? security_file_permission+0x71/0x210
[ 180.487163][ T7389] ? rw_verify_area+0xcf/0x680
[ 180.487184][ T7389] do_sendfile+0xafd/0xe50
[ 180.487208][ T7389] ? __pfx_do_sendfile+0x10/0x10
[ 180.487230][ T7389] ? bpf_trace_run2+0x2a5/0x590
[ 180.487243][ T7389] ? __pfx_bpf_trace_run2+0x10/0x10
[ 180.487259][ T7389] __x64_sys_sendfile64+0x1d8/0x220
[ 180.487276][ T7389] ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 180.487290][ T7389] ? syscall_trace_enter+0x1cb/0x260
[ 180.487308][ T7389] ? rcu_is_watching+0x12/0xc0
[ 180.487328][ T7389] do_syscall_64+0xcd/0x260
[ 180.487348][ T7389] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 180.487362][ T7389] RIP: 0033:0x7f0a2518d169
[ 180.487374][ T7389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 180.487387][ T7389] RSP: 002b:00007f0a25fc2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 180.487402][ T7389] RAX: ffffffffffffffda RBX: 00007f0a253a5fa0 RCX: 00007f0a2518d169
[ 180.487412][ T7389] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[ 180.487419][ T7389] RBP: 00007f0a25fc2090 R08: 0000000000000000 R09: 0000000000000000
[ 180.487428][ T7389] R10: 0000000024002de8 R11: 0000000000000246 R12: 0000000000000001
[ 180.487436][ T7389] R13: 0000000000000000 R14: 00007f0a253a5fa0 R15: 00007ffd300be778
[ 180.487455][ T7389] </TASK>
[ 180.543399][ T54] Bluetooth: hci0: command 0x0406 tx timeout
[ 180.583991][ T5909] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 180.986571][ T5909] usb 5-1: config 0 has no interface number 0
[ 180.995158][ T5909] usb 5-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=65.b8
[ 181.004381][ T5909] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 181.012514][ T5909] usb 5-1: Product: syz
[ 181.016741][ T5909] usb 5-1: Manufacturer: syz
[ 181.021864][ T5909] usb 5-1: SerialNumber: syz
[ 181.028275][ T5909] usb 5-1: config 0 descriptor??
[ 181.046425][ T5909] mvusb_mdio 5-1:0.255: probe with driver mvusb_mdio failed with error -5
[ 181.110698][ T5909] usb 2-1: USB disconnect, device number 13
[ 181.125465][ T5875] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 181.318387][ T5875] usb 4-1: device descriptor read/8, error -71
[ 181.482851][ T5875] usb usb4-port1: unable to enumerate USB device
[ 181.941578][ T7402] FAULT_INJECTION: forcing a failure.
[ 181.941578][ T7402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 181.959632][ T7402] CPU: 1 UID: 0 PID: 7402 Comm: syz.3.274 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 181.959661][ T7402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 181.959672][ T7402] Call Trace:
[ 181.959677][ T7402] <TASK>
[ 181.959683][ T7402] dump_stack_lvl+0x16c/0x1f0
[ 181.959709][ T7402] should_fail_ex+0x512/0x640
[ 181.959730][ T7402] _copy_from_user+0x2e/0xd0
[ 181.959749][ T7402] copy_msghdr_from_user+0x98/0x160
[ 181.959769][ T7402] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 181.959793][ T7402] ? do_raw_spin_lock+0x12c/0x2b0
[ 181.959817][ T7402] ___sys_sendmsg+0xfe/0x1d0
[ 181.959837][ T7402] ? __pfx____sys_sendmsg+0x10/0x10
[ 181.959890][ T7402] __sys_sendmsg+0x16d/0x220
[ 181.959909][ T7402] ? __pfx___sys_sendmsg+0x10/0x10
[ 181.959926][ T7402] ? __pfx_bpf_trace_run2+0x10/0x10
[ 181.959947][ T7402] ? syscall_trace_enter+0x1cb/0x260
[ 181.959968][ T7402] ? rcu_is_watching+0x12/0xc0
[ 181.959991][ T7402] do_syscall_64+0xcd/0x260
[ 181.960014][ T7402] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 181.960031][ T7402] RIP: 0033:0x7f6c30f8d169
[ 181.960044][ T7402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 181.960059][ T7402] RSP: 002b:00007f6c31d0e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 181.960075][ T7402] RAX: ffffffffffffffda RBX: 00007f6c311a5fa0 RCX: 00007f6c30f8d169
[ 181.960084][ T7402] RDX: 0000000000000080 RSI: 0000200000001b40 RDI: 0000000000000003
[ 181.960094][ T7402] RBP: 00007f6c31d0e090 R08: 0000000000000000 R09: 0000000000000000
[ 181.960103][ T7402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 181.960112][ T7402] R13: 0000000000000000 R14: 00007f6c311a5fa0 R15: 00007fffc0f8b378
[ 181.960133][ T7402] </TASK>
[ 182.309938][ T7407] syz.0.273: attempt to access beyond end of device
[ 182.309938][ T7407] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 182.322857][ T7407] syz.0.273: attempt to access beyond end of device
[ 182.322857][ T7407] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 182.635180][ T911] usb 5-1: USB disconnect, device number 9
[ 183.384527][ T7417] openvswitch: netlink: IP tunnel attribute has 12 unknown bytes.
[ 183.718252][ T911] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 183.899680][ T911] usb 5-1: Using ep0 maxpacket: 16
[ 183.927930][ T911] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 183.961416][ T911] usb 5-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[ 183.972770][ T911] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 184.002056][ T911] usb 5-1: config 0 descriptor??
[ 184.027118][ T30] audit: type=1400 audit(1744168382.350:398): avc: denied { block_suspend } for pid=7418 comm="syz.0.279" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[ 184.727341][ T911] betop 0003:11C2:2208.0002: bogus close delimiter
[ 184.733923][ T911] betop 0003:11C2:2208.0002: item 0 4 2 10 parsing failed
[ 184.745175][ T911] betop 0003:11C2:2208.0002: parse failed
[ 184.759304][ T911] betop 0003:11C2:2208.0002: probe with driver betop failed with error -22
[ 185.216408][ T7441] syz.1.283: attempt to access beyond end of device
[ 185.216408][ T7441] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[ 185.230608][ T7441] syz.1.283: attempt to access beyond end of device
[ 185.230608][ T7441] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[ 185.581793][ T5872] usb 6-1: USB disconnect, device number 12
[ 185.895397][ T7451] FAULT_INJECTION: forcing a failure.
[ 185.895397][ T7451] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 186.637234][ T7451] CPU: 1 UID: 0 PID: 7451 Comm: syz.5.285 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 186.637261][ T7451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 186.637271][ T7451] Call Trace:
[ 186.637277][ T7451] <TASK>
[ 186.637283][ T7451] dump_stack_lvl+0x16c/0x1f0
[ 186.637309][ T7451] should_fail_ex+0x512/0x640
[ 186.637330][ T7451] _copy_from_user+0x2e/0xd0
[ 186.637351][ T7451] copy_from_sockptr_offset.constprop.0+0x153/0x1a0
[ 186.637374][ T7451] ? __pfx_copy_from_sockptr_offset.constprop.0+0x10/0x10
[ 186.637395][ T7451] ? __lock_acquire+0x5ca/0x1ba0
[ 186.637418][ T7451] do_ipv6_setsockopt+0x865/0x4420
[ 186.637446][ T7451] ? __pfx_do_ipv6_setsockopt+0x10/0x10
[ 186.637466][ T7451] ? avc_has_perm_noaudit+0x117/0x3b0
[ 186.637487][ T7451] ? avc_has_perm_noaudit+0x149/0x3b0
[ 186.637506][ T7451] ? avc_has_perm+0x11a/0x1c0
[ 186.637523][ T7451] ? __pfx_avc_has_perm+0x10/0x10
[ 186.637547][ T7451] ? sock_has_perm+0x259/0x2f0
[ 186.637566][ T7451] ? __pfx_sock_has_perm+0x10/0x10
[ 186.637584][ T7451] ? selinux_netlbl_socket_setsockopt+0x183/0x470
[ 186.637609][ T7451] ? __pfx_selinux_netlbl_socket_setsockopt+0x10/0x10
[ 186.637637][ T7451] ? proc_fail_nth_write+0x9f/0x250
[ 186.637668][ T7451] ? ipv6_setsockopt+0xcb/0x170
[ 186.637688][ T7451] ipv6_setsockopt+0xcb/0x170
[ 186.637711][ T7451] udpv6_setsockopt+0x7d/0xd0
[ 186.637738][ T7451] ? __pfx_sock_common_setsockopt+0x10/0x10
[ 186.637764][ T7451] do_sock_setsockopt+0x221/0x470
[ 186.637787][ T7451] ? __pfx_do_sock_setsockopt+0x10/0x10
[ 186.637824][ T7451] __sys_setsockopt+0x1a0/0x230
[ 186.637847][ T7451] __x64_sys_setsockopt+0xbd/0x160
[ 186.637864][ T7451] ? do_syscall_64+0x91/0x260
[ 186.637884][ T7451] ? lockdep_hardirqs_on+0x7c/0x110
[ 186.637905][ T7451] do_syscall_64+0xcd/0x260
[ 186.637928][ T7451] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 186.637945][ T7451] RIP: 0033:0x7f514678d169
[ 186.637959][ T7451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 186.637975][ T7451] RSP: 002b:00007f51445f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 186.637992][ T7451] RAX: ffffffffffffffda RBX: 00007f51469a6080 RCX: 00007f514678d169
[ 186.638002][ T7451] RDX: 000000000000001c RSI: 0000000000000029 RDI: 0000000000000005
[ 186.638012][ T7451] RBP: 00007f51445f6090 R08: 0000000000000014 R09: 0000000000000000
[ 186.638022][ T7451] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[ 186.638032][ T7451] R13: 0000000000000000 R14: 00007f51469a6080 R15: 00007ffebde3e5a8
[ 186.638055][ T7451] </TASK>
[ 187.360580][ T7456] syz.3.284: attempt to access beyond end of device
[ 187.360580][ T7456] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[ 187.374070][ T7456] syz.3.284: attempt to access beyond end of device
[ 187.374070][ T7456] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0
[ 187.493726][ T30] audit: type=1326 audit(1744168384.970:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2518d169 code=0x7ffc0000
[ 187.728099][ T5932] usb 5-1: USB disconnect, device number 10
[ 187.749628][ T30] audit: type=1326 audit(1744168384.970:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2518d169 code=0x7ffc0000
[ 187.848852][ T30] audit: type=1326 audit(1744168384.970:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f0a2518d169 code=0x7ffc0000
[ 187.874818][ T30] audit: type=1326 audit(1744168384.970:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2518d169 code=0x7ffc0000
[ 187.898589][ T30] audit: type=1326 audit(1744168384.970:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2518d169 code=0x7ffc0000
[ 188.123703][ T30] audit: type=1326 audit(1744168384.970:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0a2518d169 code=0x7ffc0000
[ 188.187175][ T30] audit: type=1326 audit(1744168384.970:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2518d169 code=0x7ffc0000
[ 188.546843][ T30] audit: type=1326 audit(1744168384.970:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a2518d169 code=0x7ffc0000
[ 188.592613][ T30] audit: type=1326 audit(1744168384.970:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7449 comm="syz.0.286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f0a2518d169 code=0x7ffc0000
[ 188.715790][ T7481] netlink: 36 bytes leftover after parsing attributes in process `syz.1.293'.
[ 188.725898][ T5872] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 188.791045][ T7481] netlink: 36 bytes leftover after parsing attributes in process `syz.1.293'.
[ 188.800469][ T7481] netlink: 36 bytes leftover after parsing attributes in process `syz.1.293'.
[ 189.312515][ T7486] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 189.359649][ T5872] usb 6-1: Using ep0 maxpacket: 8
[ 189.563617][ T5872] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 189.695533][ T5872] usb 6-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 189.735533][ T5872] usb 6-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[ 189.790520][ T5872] usb 6-1: Product: syz
[ 189.804468][ T5872] usb 6-1: Manufacturer: syz
[ 189.856477][ T5872] usb 6-1: SerialNumber: syz
[ 189.888934][ T5872] usb 6-1: config 0 descriptor??
[ 189.901501][ T5827] Bluetooth: hci5: link tx timeout
[ 189.906780][ T5827] Bluetooth: hci5: killing stalled connection 10:aa:aa:aa:aa:aa
[ 189.920249][ T5872] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 190.223880][ T30] kauditd_printk_skb: 5 callbacks suppressed
[ 190.223953][ T30] audit: type=1400 audit(1744168388.530:413): avc: denied { write } for pid=7498 comm="syz.3.297" path="socket:[13792]" dev="sockfs" ino=13792 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[ 190.517849][ T7508] FAULT_INJECTION: forcing a failure.
[ 190.517849][ T7508] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 190.620342][ T7508] CPU: 0 UID: 0 PID: 7508 Comm: syz.1.299 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 190.620367][ T7508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 190.620376][ T7508] Call Trace:
[ 190.620383][ T7508] <TASK>
[ 190.620389][ T7508] dump_stack_lvl+0x16c/0x1f0
[ 190.620415][ T7508] should_fail_ex+0x512/0x640
[ 190.620437][ T7508] _copy_from_user+0x2e/0xd0
[ 190.620460][ T7508] copy_msghdr_from_user+0x98/0x160
[ 190.620480][ T7508] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 190.620510][ T7508] ___sys_sendmsg+0xfe/0x1d0
[ 190.620529][ T7508] ? __pfx____sys_sendmsg+0x10/0x10
[ 190.620577][ T7508] __sys_sendmsg+0x16d/0x220
[ 190.620596][ T7508] ? __pfx___sys_sendmsg+0x10/0x10
[ 190.620613][ T7508] ? __pfx___schedule+0x10/0x10
[ 190.620647][ T7508] do_syscall_64+0xcd/0x260
[ 190.620671][ T7508] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 190.620687][ T7508] RIP: 0033:0x7fdbd138d169
[ 190.620700][ T7508] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 190.620715][ T7508] RSP: 002b:00007fdbd2231038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 190.620731][ T7508] RAX: ffffffffffffffda RBX: 00007fdbd15a6080 RCX: 00007fdbd138d169
[ 190.620741][ T7508] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[ 190.620750][ T7508] RBP: 00007fdbd2231090 R08: 0000000000000000 R09: 0000000000000000
[ 190.620759][ T7508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 190.620768][ T7508] R13: 0000000000000000 R14: 00007fdbd15a6080 R15: 00007ffcc496b818
[ 190.620790][ T7508] </TASK>
[ 190.923868][ T5872] gspca_zc3xx: reg_w_i err -71
[ 190.963286][ T30] audit: type=1400 audit(1744168389.290:414): avc: denied { relabelfrom } for pid=7514 comm="syz.3.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 191.067961][ T7521] netlink: 24 bytes leftover after parsing attributes in process `syz.1.300'.
[ 191.121385][ T7523] input: syz0 as /devices/virtual/input/input27
[ 191.127943][ T30] audit: type=1400 audit(1744168389.320:415): avc: denied { relabelto } for pid=7514 comm="syz.3.302" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1
[ 191.188882][ T30] audit: type=1400 audit(1744168389.380:416): avc: denied { read } for pid=7514 comm="syz.3.302" path="socket:[12920]" dev="sockfs" ino=12920 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 191.242072][ T5932] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 191.529758][ T5872] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 191.536103][ T5872] gspca_zc3xx 6-1:0.0: probe with driver gspca_zc3xx failed with error -71
[ 191.565639][ T7502] netlink: 44 bytes leftover after parsing attributes in process `syz.0.296'.
[ 191.596237][ T5872] usb 6-1: USB disconnect, device number 13
[ 191.615022][ T5932] usb 5-1: config 0 has an invalid interface number: 117 but max is 0
[ 191.633437][ T5932] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 191.677572][ T5932] usb 5-1: config 0 has no interface number 0
[ 191.697796][ T5932] usb 5-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 191.751528][ T5932] usb 5-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 191.797485][ T5932] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[ 191.809516][ T5932] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 191.817532][ T5932] usb 5-1: Product: syz
[ 192.019721][ T54] Bluetooth: hci5: command 0x0406 tx timeout
[ 192.375160][ T5932] usb 5-1: Manufacturer: syz
[ 192.380696][ T5932] usb 5-1: SerialNumber: syz
[ 192.387209][ T5932] usb 5-1: config 0 descriptor??
[ 192.759583][ T5909] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[ 192.867238][ T7556] FAULT_INJECTION: forcing a failure.
[ 192.867238][ T7556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 192.962695][ T5909] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 192.974339][ T7556] CPU: 0 UID: 0 PID: 7556 Comm: syz.5.308 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 192.974363][ T7556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 192.974373][ T7556] Call Trace:
[ 192.974378][ T7556] <TASK>
[ 192.974385][ T7556] dump_stack_lvl+0x16c/0x1f0
[ 192.974412][ T7556] should_fail_ex+0x512/0x640
[ 192.974434][ T7556] _copy_from_user+0x2e/0xd0
[ 192.974455][ T7556] core_sys_select+0x2c7/0xbe0
[ 192.974477][ T7556] ? __pfx_core_sys_select+0x10/0x10
[ 192.974491][ T7556] ? irqentry_exit+0x3b/0x90
[ 192.974535][ T7556] ? set_user_sigmask+0x21b/0x2b0
[ 192.974563][ T7556] ? __pfx_set_user_sigmask+0x10/0x10
[ 192.974589][ T7556] do_pselect.constprop.0+0x19f/0x1e0
[ 192.974605][ T7556] ? __pfx_do_pselect.constprop.0+0x10/0x10
[ 192.974624][ T7556] ? bpf_trace_run2+0x2a5/0x590
[ 192.974640][ T7556] ? __pfx_bpf_trace_run2+0x10/0x10
[ 192.974657][ T7556] __x64_sys_pselect6+0x182/0x240
[ 192.974674][ T7556] ? __pfx___x64_sys_pselect6+0x10/0x10
[ 192.974688][ T7556] ? syscall_trace_enter+0x1cb/0x260
[ 192.974709][ T7556] ? rcu_is_watching+0x12/0xc0
[ 192.974730][ T7556] do_syscall_64+0xcd/0x260
[ 192.974752][ T7556] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 192.974768][ T7556] RIP: 0033:0x7f514678d169
[ 192.974780][ T7556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 192.974794][ T7556] RSP: 002b:00007f5147506038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 192.974809][ T7556] RAX: ffffffffffffffda RBX: 00007f51469a5fa0 RCX: 00007f514678d169
[ 192.974819][ T7556] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 192.974828][ T7556] RBP: 00007f5147506090 R08: 0000000000000000 R09: 0000000000000000
[ 192.974837][ T7556] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[ 192.974847][ T7556] R13: 0000000000000000 R14: 00007f51469a5fa0 R15: 00007ffebde3e5a8
[ 192.974867][ T7556] </TASK>
[ 193.019587][ T5909] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 193.099891][ T5932] usb 5-1: USB disconnect, device number 11
[ 193.718166][ T7566] syz.1.309: attempt to access beyond end of device
[ 193.718166][ T7566] nbd1: rw=0, sector=2, nr_sectors = 2 limit=0
[ 193.731096][ T7566] syz.1.309: attempt to access beyond end of device
[ 193.731096][ T7566] nbd1: rw=0, sector=16, nr_sectors = 2 limit=0
[ 193.840137][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 193.846349][ T5909] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 193.860372][ T5909] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 193.863996][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 193.869548][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 193.951739][ T5909] usb 4-1: config 0 descriptor??
[ 194.166721][ T7571] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 194.386221][ T5909] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[ 194.418702][ T5909] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 194.443878][ T7568] netlink: 36 bytes leftover after parsing attributes in process `syz.5.310'.
[ 194.453417][ T7568] netlink: 36 bytes leftover after parsing attributes in process `syz.5.310'.
[ 194.462391][ T7568] netlink: 36 bytes leftover after parsing attributes in process `syz.5.310'.
[ 194.624089][ T7552] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 194.898401][ T7552] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 194.920285][ T7568] netlink: 36 bytes leftover after parsing attributes in process `syz.5.310'.
[ 194.929231][ T7568] netlink: 36 bytes leftover after parsing attributes in process `syz.5.310'.
[ 194.938241][ T7568] netlink: 36 bytes leftover after parsing attributes in process `syz.5.310'.
[ 195.018092][ T30] audit: type=1400 audit(1744168393.340:417): avc: denied { bind } for pid=7551 comm="syz.3.307" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[ 195.219585][ T30] audit: type=1400 audit(1744168393.340:418): avc: denied { name_bind } for pid=7551 comm="syz.3.307" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[ 195.306280][ T911] usb 4-1: USB disconnect, device number 12
[ 195.419561][ T30] audit: type=1400 audit(1744168393.340:419): avc: denied { node_bind } for pid=7551 comm="syz.3.307" saddr=ff02::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=rawip_socket permissive=1
[ 195.604060][ T7598] FAULT_INJECTION: forcing a failure.
[ 195.604060][ T7598] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 195.617382][ T7598] CPU: 0 UID: 0 PID: 7598 Comm: syz.4.317 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 195.617406][ T7598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 195.617416][ T7598] Call Trace:
[ 195.617421][ T7598] <TASK>
[ 195.617427][ T7598] dump_stack_lvl+0x16c/0x1f0
[ 195.617452][ T7598] should_fail_ex+0x512/0x640
[ 195.617473][ T7598] _copy_from_user+0x2e/0xd0
[ 195.617493][ T7598] copy_msghdr_from_user+0x98/0x160
[ 195.617513][ T7598] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 195.617543][ T7598] ___sys_sendmsg+0xfe/0x1d0
[ 195.617564][ T7598] ? __pfx____sys_sendmsg+0x10/0x10
[ 195.617612][ T7598] __sys_sendmsg+0x16d/0x220
[ 195.617632][ T7598] ? __pfx___sys_sendmsg+0x10/0x10
[ 195.617659][ T7598] ? rcu_is_watching+0x12/0xc0
[ 195.617686][ T7598] do_syscall_64+0xcd/0x260
[ 195.617711][ T7598] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 195.617727][ T7598] RIP: 0033:0x7f1ebc98d169
[ 195.617741][ T7598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 195.617756][ T7598] RSP: 002b:00007f1ebd7b2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 195.617772][ T7598] RAX: ffffffffffffffda RBX: 00007f1ebcba5fa0 RCX: 00007f1ebc98d169
[ 195.617782][ T7598] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[ 195.617798][ T7598] RBP: 00007f1ebd7b2090 R08: 0000000000000000 R09: 0000000000000000
[ 195.617807][ T7598] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 195.617816][ T7598] R13: 0000000000000000 R14: 00007f1ebcba5fa0 R15: 00007ffcb4c33618
[ 195.617838][ T7598] </TASK>
[ 196.138393][ T5932] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 196.473539][ T7612] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore
[ 196.484373][ T5932] usb 2-1: Using ep0 maxpacket: 8
[ 196.493276][ T7612] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 196.531375][ T5932] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 196.580891][ T5932] usb 2-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 196.597180][ T5932] usb 2-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[ 196.630032][ T5932] usb 2-1: Product: syz
[ 196.638479][ T5932] usb 2-1: Manufacturer: syz
[ 196.653285][ T5932] usb 2-1: SerialNumber: syz
[ 196.707231][ T5932] usb 2-1: config 0 descriptor??
[ 197.337459][ T5932] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 197.530837][ T7616] input: syz0 as /devices/virtual/input/input29
[ 198.000289][ T7634] overlayfs: missing 'workdir'
[ 198.430142][ T5932] gspca_zc3xx: reg_w_i err -110
[ 198.590963][ T911] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 198.789560][ T911] usb 5-1: Using ep0 maxpacket: 16
[ 198.811870][ T911] usb 5-1: config 0 has an invalid interface number: 5 but max is 0
[ 198.839568][ T911] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 198.872395][ T911] usb 5-1: config 0 has no interface number 0
[ 198.893677][ T911] usb 5-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=65.b8
[ 198.920519][ T911] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 198.928542][ T911] usb 5-1: Product: syz
[ 198.953511][ T911] usb 5-1: Manufacturer: syz
[ 198.958140][ T911] usb 5-1: SerialNumber: syz
[ 199.017476][ T911] usb 5-1: config 0 descriptor??
[ 199.069766][ T5932] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 199.077793][ T5932] gspca_zc3xx 2-1:0.0: probe with driver gspca_zc3xx failed with error -110
[ 199.618805][ T911] mvusb_mdio 5-1:0.5: probe with driver mvusb_mdio failed with error -5
[ 199.899782][ T9] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 200.095322][ T911] usb 2-1: USB disconnect, device number 14
[ 200.189546][ T9] usb 6-1: Using ep0 maxpacket: 32
[ 200.196956][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 200.218868][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 200.228982][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[ 200.252567][ T9] usb 6-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=75.9e
[ 200.274181][ T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 200.292034][ T9] usb 6-1: Product: syz
[ 200.299371][ T9] usb 6-1: Manufacturer: syz
[ 200.315038][ T9] usb 6-1: SerialNumber: syz
[ 200.339001][ T9] usb 6-1: config 0 descriptor??
[ 200.361852][ T30] audit: type=1400 audit(1744168398.690:420): avc: denied { read } for pid=7677 comm="syz.1.332" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 200.389400][ T9] iguanair 6-1:0.0: probe with driver iguanair failed with error -12
[ 201.339995][ T5909] usb 5-1: USB disconnect, device number 12
[ 201.997373][ T7692] input: syz0 as /devices/virtual/input/input31
[ 202.714669][ T9] usb 6-1: USB disconnect, device number 14
[ 202.804220][ T30] audit: type=1400 audit(1744168401.130:421): avc: denied { write } for pid=7694 comm="syz.4.334" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 203.018446][ T7703] 9pnet_fd: Insufficient options for proto=fd
[ 203.038731][ T7702] netlink: 4 bytes leftover after parsing attributes in process `syz.5.336'.
[ 203.112094][ T30] audit: type=1400 audit(1744168401.340:422): avc: denied { read } for pid=7694 comm="syz.4.334" dev="sockfs" ino=13142 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 204.241882][ T5932] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 204.354855][ T30] audit: type=1400 audit(1744168402.680:423): avc: denied { unmount } for pid=5821 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[ 204.439583][ T5932] usb 5-1: Using ep0 maxpacket: 16
[ 204.446433][ T5932] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 204.466718][ T5932] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 204.509606][ T5932] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 204.522879][ T5932] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 204.580728][ T5932] usb 5-1: config 0 descriptor??
[ 206.775192][ T7769] FAULT_INJECTION: forcing a failure.
[ 206.775192][ T7769] name failslab, interval 1, probability 0, space 0, times 0
[ 206.929585][ T7769] CPU: 1 UID: 0 PID: 7769 Comm: syz.1.349 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 206.929610][ T7769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 206.929619][ T7769] Call Trace:
[ 206.929625][ T7769] <TASK>
[ 206.929632][ T7769] dump_stack_lvl+0x16c/0x1f0
[ 206.929663][ T7769] should_fail_ex+0x512/0x640
[ 206.929682][ T7769] ? kmem_cache_alloc_noprof+0x5a/0x3b0
[ 206.929702][ T7769] should_failslab+0xc2/0x120
[ 206.929721][ T7769] kmem_cache_alloc_noprof+0x6d/0x3b0
[ 206.929737][ T7769] ? mas_alloc_nodes+0x18b/0x8b0
[ 206.929759][ T7769] mas_alloc_nodes+0x18b/0x8b0
[ 206.929783][ T7769] mas_node_count_gfp+0x105/0x130
[ 206.929805][ T7769] mas_preallocate+0x53e/0xcd0
[ 206.929831][ T7769] ? __lock_acquire+0xaa4/0x1ba0
[ 206.929849][ T7769] ? __pfx_mas_preallocate+0x10/0x10
[ 206.929871][ T7769] ? is_bpf_text_address+0x94/0x1a0
[ 206.929898][ T7769] ? __asan_memset+0x23/0x50
[ 206.929926][ T7769] commit_merge+0x29a/0x1020
[ 206.929946][ T7769] ? __pfx_commit_merge+0x10/0x10
[ 206.929966][ T7769] ? vma_merge_existing_range+0x113e/0x1c80
[ 206.929983][ T7769] ? dup_anon_vma.constprop.0+0x74/0x320
[ 206.930002][ T7769] vma_merge_existing_range+0xc52/0x1c80
[ 206.930024][ T7769] ? __pfx_vma_merge_existing_range+0x10/0x10
[ 206.930048][ T7769] vma_modify+0x87/0x410
[ 206.930066][ T7769] vma_modify_flags+0x212/0x2d0
[ 206.930083][ T7769] ? __pfx_vma_modify_flags+0x10/0x10
[ 206.930099][ T7769] ? mtree_range_walk+0x718/0xc00
[ 206.930134][ T7769] mlock_fixup+0x27c/0xe50
[ 206.930153][ T7769] apply_mlockall_flags+0x2d4/0x470
[ 206.930171][ T7769] ? __pfx_apply_mlockall_flags+0x10/0x10
[ 206.930188][ T7769] ? __pfx___might_resched+0x10/0x10
[ 206.930218][ T7769] ? __pfx_down_write_killable+0x10/0x10
[ 206.930243][ T7769] ? __pfx_ksys_write+0x10/0x10
[ 206.930263][ T7769] __do_sys_munlockall+0xc5/0x280
[ 206.930282][ T7769] do_syscall_64+0xcd/0x260
[ 206.930306][ T7769] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 206.930322][ T7769] RIP: 0033:0x7fdbd138d169
[ 206.930335][ T7769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 206.930351][ T7769] RSP: 002b:00007fdbd2231038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[ 206.930367][ T7769] RAX: ffffffffffffffda RBX: 00007fdbd15a6080 RCX: 00007fdbd138d169
[ 206.930377][ T7769] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 206.930386][ T7769] RBP: 00007fdbd2231090 R08: 0000000000000000 R09: 0000000000000000
[ 206.930395][ T7769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 206.930404][ T7769] R13: 0000000000000001 R14: 00007fdbd15a6080 R15: 00007ffcc496b818
[ 206.930427][ T7769] </TASK>
[ 206.930445][ T7769] vmg ffffc90003217c80 dumped because: VM_WARN_ON_VMG(prev && start <= prev->vm_start)
[ 207.118538][ T5932] usbhid 5-1:0.0: can't add hid device: -71
[ 207.164572][ T7769] vmg ffffc90003217c80 state: mm ffff88807d799400 pgoff 200000000
[ 207.164572][ T7769] vmi ffffc90003217e38 [200000000000,200000800000)
[ 207.164572][ T7769] prev ffff88807c77b640 middle ffff88807c77b640 next 0000000000000000 target 0000000000000000
[ 207.164572][ T7769] start 200000000000 end 200000800000 flags 8100077
[ 207.164572][ T7769] file 0000000000000000 anon_vma ffff8880344a3110 policy 0000000000000000
[ 207.164572][ T7769] uffd_ctx 0000000000000000
[ 207.164572][ T7769] anon_name 0000000000000000
[ 207.164572][ T7769] state 0
[ 207.164572][ T7769] just_expand 0
[ 207.164572][ T7769] __adjust_middle_start 0 __adjust_next_start 0
[ 207.164572][ T7769] __remove_middle 0 __remove_next 0
[ 207.332546][ T7769] vmg ffffc90003217c80 mm:
[ 207.346799][ T5932] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 207.358878][ T7769] mm ffff88807d799400 task_size 140737488351232
[ 207.358878][ T7769] mmap_base 140582100250624 mmap_legacy_base 47050694918144
[ 207.358878][ T7769] pgd ffff88802c40a000 mm_users 3 mm_count 2 pgtables_bytes 131072 map_count 36
[ 207.358878][ T7769] hiwater_rss 14ca hiwater_vm 5f85 total_vm 5fc7 locked_vm 800
[ 207.358878][ T7769] pinned_vm 0 data_vm 23db exec_vm 1a4 stack_vm 21
[ 207.358878][ T7769] start_code 7fdbd1248000 end_code 7fdbd13e9529 start_data 7fdbd1580000 end_data 7fdbd1580000
[ 207.358878][ T7769] start_brk 5555731a5000 brk 5555731d9000 start_stack 7ffcc496c080
[ 207.358878][ T7769] arg_start 7ffcc496cf6d arg_end 7ffcc496cf81 env_start 7ffcc496cf81 env_end 7ffcc496cfe9
[ 207.358878][ T7769] binfmt ffffffff8e60a660 flags 800207fc
[ 207.358878][ T7769] ioctx_table 0000000000000000
[ 207.358878][ T7769] owner ffff888076f68000 exe_file ffff88801fb0bc00
[ 207.358878][ T7769] notifier_subscriptions 0000000000000000
[ 207.358878][ T7769] numa_next_scan 4294957926 numa_scan_offset 0 numa_scan_seq 0
[ 207.358878][ T7769] tlb_flush_pending 0
[ 207.358878][ T7769] def_flags: 0x0()
[ 207.360706][ T5932] usb 5-1: USB disconnect, device number 13
[ 207.603604][ T7781] overlayfs: failed to resolve './file0': -2
[ 207.830469][ T7769] vmg ffffc90003217c80 prev:
[ 207.983594][ T7787] syz.0.351: attempt to access beyond end of device
[ 207.983594][ T7787] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 207.997109][ T7787] syz.0.351: attempt to access beyond end of device
[ 207.997109][ T7787] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 208.280024][ T7769] vma ffff88807c77b640 start 0000200000000000 end 0000200000800000 mm ffff88807d799400
[ 208.280024][ T7769] prot 25 anon_vma ffff8880344a3110 vm_ops 0000000000000000
[ 208.280024][ T7769] pgoff 200000000 file 0000000000000000 private_data 0000000000000000
[ 208.280024][ T7769] refcnt 1
[ 208.280024][ T7769] flags: 0x8102077(read|write|exec|mayread|maywrite|mayexec|locked|account|softdirty)
[ 208.457841][ T7769] vmg ffffc90003217c80 middle:
[ 208.468607][ T7769] vma ffff88807c77b640 start 0000200000000000 end 0000200000800000 mm ffff88807d799400
[ 208.468607][ T7769] prot 25 anon_vma ffff8880344a3110 vm_ops 0000000000000000
[ 208.468607][ T7769] pgoff 200000000 file 0000000000000000 private_data 0000000000000000
[ 208.468607][ T7769] refcnt 1
[ 208.468607][ T7769] flags: 0x8102077(read|write|exec|mayread|maywrite|mayexec|locked|account|softdirty)
[ 208.591784][ T7795] overlayfs: option "workdir=./file1" is useless in a non-upper mount, ignore
[ 208.648631][ T7795] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 208.948130][ T7802] syz.5.356: attempt to access beyond end of device
[ 208.948130][ T7802] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[ 208.961612][ T7802] syz.5.356: attempt to access beyond end of device
[ 208.961612][ T7802] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[ 209.248876][ T7769] vmg ffffc90003217c80 next: (NULL)
[ 209.263863][ T7804] FAULT_INJECTION: forcing a failure.
[ 209.263863][ T7804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 209.292645][ T7769] vmg ffffc90003217c80 vmi:
[ 209.307440][ T7804] CPU: 0 UID: 0 PID: 7804 Comm: syz.0.357 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 209.307458][ T7804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 209.307464][ T7804] Call Trace:
[ 209.307467][ T7804] <TASK>
[ 209.307471][ T7804] dump_stack_lvl+0x16c/0x1f0
[ 209.307488][ T7804] should_fail_ex+0x512/0x640
[ 209.307501][ T7804] _copy_from_iter+0x2a4/0x15b0
[ 209.307516][ T7804] ? __pfx__copy_from_iter+0x10/0x10
[ 209.307533][ T7804] copy_page_from_iter+0xa5/0x120
[ 209.307545][ T7804] tun_build_skb.constprop.0+0x292/0x1480
[ 209.307566][ T7804] ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[ 209.307587][ T7804] ? __pfx__kstrtoull+0x10/0x10
[ 209.307604][ T7804] tun_get_user+0x165f/0x3b10
[ 209.307622][ T7804] ? __pfx_tun_get_user+0x10/0x10
[ 209.307633][ T7804] ? __pfx_ref_tracker_alloc+0x10/0x10
[ 209.307649][ T7804] ? find_held_lock+0x2b/0x80
[ 209.307662][ T7804] ? tun_get+0x191/0x370
[ 209.307681][ T7804] tun_chr_write_iter+0xdc/0x210
[ 209.307695][ T7804] vfs_write+0x5ba/0x1180
[ 209.307705][ T7804] ? __pfx_tun_chr_write_iter+0x10/0x10
[ 209.307719][ T7804] ? __pfx_vfs_write+0x10/0x10
[ 209.307726][ T7804] ? find_held_lock+0x2b/0x80
[ 209.307746][ T7804] ksys_write+0x12a/0x240
[ 209.307755][ T7804] ? __pfx_ksys_write+0x10/0x10
[ 209.307763][ T7804] ? rcu_is_watching+0x12/0xc0
[ 209.307779][ T7804] do_syscall_64+0xcd/0x260
[ 209.307793][ T7804] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 209.307803][ T7804] RIP: 0033:0x7f0a2518bc1f
[ 209.307812][ T7804] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 209.307822][ T7804] RSP: 002b:00007f0a25fc2000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 209.307832][ T7804] RAX: ffffffffffffffda RBX: 00007f0a253a5fa0 RCX: 00007f0a2518bc1f
[ 209.307838][ T7804] RDX: 000000000000003a RSI: 0000200000000580 RDI: 00000000000000c8
[ 209.307844][ T7804] RBP: 00007f0a25fc2090 R08: 0000000000000000 R09: 0000000000000000
[ 209.307849][ T7804] R10: 000000000000003a R11: 0000000000000293 R12: 0000000000000001
[ 209.307855][ T7804] R13: 0000000000000000 R14: 00007f0a253a5fa0 R15: 00007ffd300be778
[ 209.307867][ T7804] </TASK>
[ 209.722746][ T7769] MAS: tree=ffff88807d799440 enode=ffff88807af4820c
[ 209.722771][ T7769] (ma_active)
[ 209.755910][ T7769] Store Type:
[ 209.759401][ T7769] node_store
[ 209.782378][ T7769] [6/12] index=200000000000 last=2000007fffff
[ 209.788596][ T7769] min=0 max=5555731c6fff alloc=0000000000000000, depth=1, flags=0
[ 209.799033][ T7769] maple_tree(ffff88807d799440) flags 30B, height 2 root ffff88801e2a5a1e
[ 209.826642][ T7769] 0-ffffffffffffffff: node ffff88801e2a5a00 depth 0 type 3 parent ffff88807d799441 contents: 3555721a4000 2a865c01e000 133000 ffff80033b693000 0 0 0 0 0 0 | 03 03| ffff88807af4820c 5555731C6FFF ffff88807af4920c 7FDBD11FFFFF ffff88802a781c0c 7FDBD2211FFF ffff88802a78000c FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000
[ 209.909726][ T7769] 0-5555731c6fff: node ffff88807af48200 depth 1 type 1 parent ffff88801e2a5a06 contents: 0000000000000000 110C22FFFF ffff88806037fb40 110E22FFFF 0000000000000000 1B2F31FFFF ffff88806037f780 1B2F35FFFF 0000000000000000 1FFFFFFFEFFF ffff88806037f500 1FFFFFFFFFFF ffff88807c77b640 2000007FFFFF ffff888060c54c80 200000A92FFF ffff88806037f280 200000A96FFF ffff888060c54dc0 200000FFFFFF ffff88806037f000 200001000FFF 0000000000000000 5555731A4FFF ffff88807ebbc000 5555731C6FFF 0000000000000000 0 0000000000000000 0 000000000000000c
[ 211.121843][ T7769] 0-110c22ffff: 0000000000000000
[ 211.127196][ T7769] 110c230000-110e22ffff: ffff88806037fb40
[ 211.359617][ T7769] 110e230000-1b2f31ffff: 0000000000000000
[ 211.366904][ T7769] 1b2f320000-1b2f35ffff: ffff88806037f780
[ 211.477004][ T7820] netlink: 36 bytes leftover after parsing attributes in process `syz.5.359'.
[ 211.486046][ T7820] netlink: 36 bytes leftover after parsing attributes in process `syz.5.359'.
[ 211.495253][ T7820] netlink: 36 bytes leftover after parsing attributes in process `syz.5.359'.
[ 211.521923][ T7769] 1b2f360000-1fffffffefff: 0000000000000000
[ 211.577244][ T7821] netlink: 36 bytes leftover after parsing attributes in process `syz.5.359'.
[ 211.586371][ T7821] netlink: 36 bytes leftover after parsing attributes in process `syz.5.359'.
[ 211.630187][ T7821] netlink: 36 bytes leftover after parsing attributes in process `syz.5.359'.
[ 211.643576][ T7769] 1ffffffff000-1fffffffffff: ffff88806037f500
[ 212.406558][ T7769] 200000000000-2000007fffff: ffff88807c77b640
[ 212.469132][ T7769] 200000800000-200000a92fff: ffff888060c54c80
[ 212.521837][ T7769] 200000a93000-200000a96fff: ffff88806037f280
[ 212.528307][ T7769] 200000a97000-200000ffffff: ffff888060c54dc0
[ 212.697313][ T7832] syz.0.360: attempt to access beyond end of device
[ 212.697313][ T7832] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 212.710968][ T7832] syz.0.360: attempt to access beyond end of device
[ 212.710968][ T7832] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 213.101543][ T7769] 200001000000-200001000fff: ffff88806037f000
[ 213.475318][ T7769] 200001001000-5555731a4fff: 0000000000000000
[ 213.536749][ T7769] 5555731a5000-5555731c6fff: ffff88807ebbc000
[ 213.553982][ T7769] 5555731c7000-7fdbd11fffff: node ffff88807af49200 depth 1 type 1 parent ffff88801e2a5a0e contents: ffff88807ebbc140 5555731D8FFF 0000000000000000 7FDBCF1F6FFF ffff88807ebbc280 7FDBCF1F7FFF ffff88807ebbc3c0 7FDBCF9F7FFF ffff88807ebbc500 7FDBCF9F8FFF ffff88807ebbc640 7FDBD01F8FFF ffff88807ebbc780 7FDBD01FAFFF ffff88807ebbc8c0 7FDBD05FAFFF ffff88807ebbca00 7FDBD05FCFFF ffff88807ebbcb40 7FDBD09FCFFF ffff88802fc8cc80 7FDBD09FEFFF ffff88805cf54780 7FDBD0DFEFFF ffff88805cf54640 7FDBD0DFFFFF ffff88805cf54500 7FDBD11FFFFF 0000000000000000 0 000000000000000d
[ 213.605533][ T7769] 5555731c7000-5555731d8fff: ffff88807ebbc140
[ 213.615433][ T7769] 5555731d9000-7fdbcf1f6fff: 0000000000000000
[ 213.622177][ T7769] 7fdbcf1f7000-7fdbcf1f7fff: ffff88807ebbc280
[ 213.628686][ T7769] 7fdbcf1f8000-7fdbcf9f7fff: ffff88807ebbc3c0
[ 213.635449][ T7769] 7fdbcf9f8000-7fdbcf9f8fff: ffff88807ebbc500
[ 213.645144][ T7769] 7fdbcf9f9000-7fdbd01f8fff: ffff88807ebbc640
[ 213.651805][ T7769] 7fdbd01f9000-7fdbd01fafff: ffff88807ebbc780
[ 213.661022][ T7769] 7fdbd01fb000-7fdbd05fafff: ffff88807ebbc8c0
[ 213.717959][ T7769] 7fdbd05fb000-7fdbd05fcfff: ffff88807ebbca00
[ 213.726193][ T7769] 7fdbd05fd000-7fdbd09fcfff: ffff88807ebbcb40
[ 213.734949][ T7769] 7fdbd09fd000-7fdbd09fefff: ffff88802fc8cc80
[ 213.752255][ T7769] 7fdbd09ff000-7fdbd0dfefff: ffff88805cf54780
[ 213.772027][ T7769] 7fdbd0dff000-7fdbd0dfffff: ffff88805cf54640
[ 213.778482][ T7769] 7fdbd0e00000-7fdbd11fffff: ffff88805cf54500
[ 213.816394][ T7769] 7fdbd1200000-7fdbd2211fff: node ffff88802a781c00 depth 1 type 1 parent ffff88801e2a5a16 contents: ffff88805cf543c0 7FDBD1247FFF ffff88805cf548c0 7FDBD13E9FFF ffff88805cf54b40 7FDBD1495FFF ffff88805cf54a00 7FDBD1575FFF ffff88805cf54c80 7FDBD157EFFF 0000000000000000 7FDBD157FFFF ffff88805cf54140 7FDBD20DDFFF 0000000000000000 7FDBD2210FFF ffff888079c80c80 7FDBD2211FFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000008
[ 213.919565][ T5932] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[ 213.924233][ T7769] 7fdbd1200000-7fdbd1247fff: ffff88805cf543c0
[ 213.940424][ T7769] 7fdbd1248000-7fdbd13e9fff: ffff88805cf548c0
[ 213.996445][ T7769] 7fdbd13ea000-7fdbd1495fff: ffff88805cf54b40
[ 214.039588][ T7769] 7fdbd1496000-7fdbd1575fff: ffff88805cf54a00
[ 214.074923][ T7769] 7fdbd1576000-7fdbd157efff: ffff88805cf54c80
[ 214.136343][ T7769] 7fdbd157f000-7fdbd157ffff: 0000000000000000
[ 214.179199][ T7769] 7fdbd1580000-7fdbd20ddfff: ffff88805cf54140
[ 214.223818][ T7769] 7fdbd20de000-7fdbd2210fff: 0000000000000000
[ 214.274583][ T7769] 7fdbd2211000-7fdbd2211fff: ffff888079c80c80
[ 214.279529][ T5932] usb 1-1: Using ep0 maxpacket: 8
[ 214.330696][ T7769] 7fdbd2212000-ffffffffffffffff: node ffff88802a780000 depth 1 type 1 parent ffff88801e2a5a1e contents: ffff88807ebbcdc0 7FDBD2231FFF ffff888079c80dc0 7FDBD2232FFF ffff88807ebbcc80 7FDBD2252FFF ffff88805cf54000 7FDBD2256FFF ffff8880788f0000 7FDBD2258FFF ffff8880788f0140 7FDBD225AFFF 0000000000000000 7FFCC494BFFF ffff8880788f0280 7FFCC496CFFF 0000000000000000 FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000008
[ 214.469893][ T5932] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 214.481365][ T5932] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 214.499618][ T5932] usb 1-1: New USB device strings: Mfr=241, Product=1, SerialNumber=3
[ 214.508118][ T5932] usb 1-1: Product: syz
[ 214.512445][ T5932] usb 1-1: Manufacturer: syz
[ 214.517044][ T5932] usb 1-1: SerialNumber: syz
[ 214.562631][ T5932] usb 1-1: config 0 descriptor??
[ 214.570471][ T5932] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 214.619578][ T7769] 7fdbd2212000-7fdbd2231fff: ffff88807ebbcdc0
[ 214.626048][ T7769] 7fdbd2232000-7fdbd2232fff: ffff888079c80dc0
[ 214.642642][ T7769] 7fdbd2233000-7fdbd2252fff: ffff88807ebbcc80
[ 214.661070][ T7769] 7fdbd2253000-7fdbd2256fff: ffff88805cf54000
[ 214.667525][ T7769] 7fdbd2257000-7fdbd2258fff: ffff8880788f0000
[ 214.692315][ T30] audit: type=1400 audit(1744168413.020:424): avc: denied { write } for pid=7859 comm="syz.5.366" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[ 214.701084][ T7769] 7fdbd2259000-7fdbd225afff:
[ 214.753429][ T7862] FAULT_INJECTION: forcing a failure.
[ 214.753429][ T7862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 214.753526][ T30] audit: type=1400 audit(1744168413.080:425): avc: denied { create } for pid=7859 comm="syz.5.366" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 214.758523][ T7862] CPU: 1 UID: 0 PID: 7862 Comm: syz.5.366 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 214.758541][ T7862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 214.758549][ T7862] Call Trace:
[ 214.758554][ T7862] <TASK>
[ 214.758560][ T7862] dump_stack_lvl+0x16c/0x1f0
[ 214.758581][ T7862] should_fail_ex+0x512/0x640
[ 214.758599][ T7862] _copy_from_user+0x2e/0xd0
[ 214.758617][ T7862] copy_msghdr_from_user+0x98/0x160
[ 214.758635][ T7862] ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 214.758661][ T7862] ___sys_sendmsg+0xfe/0x1d0
[ 214.758679][ T7862] ? __pfx____sys_sendmsg+0x10/0x10
[ 214.758720][ T7862] __sys_sendmsg+0x16d/0x220
[ 214.758737][ T7862] ? __pfx___sys_sendmsg+0x10/0x10
[ 214.758759][ T7862] ? rcu_is_watching+0x12/0xc0
[ 214.758781][ T7862] do_syscall_64+0xcd/0x260
[ 214.758801][ T7862] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 214.758816][ T7862] RIP: 0033:0x7f514678d169
[ 214.758827][ T7862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 214.758840][ T7862] RSP: 002b:00007f51445f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 214.758852][ T7862] RAX: ffffffffffffffda RBX: 00007f51469a6080 RCX: 00007f514678d169
[ 214.758861][ T7862] RDX: 0000000024000004 RSI: 0000200000000180 RDI: 0000000000000006
[ 214.758870][ T7862] RBP: 00007f51445f6090 R08: 0000000000000000 R09: 0000000000000000
[ 214.758878][ T7862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 214.758886][ T7862] R13: 0000000000000000 R14: 00007f51469a6080 R15: 00007ffebde3e5a8
[ 214.758905][ T7862] </TASK>
[ 214.768654][ T7769] ffff8880788f0140
[ 215.021958][ T7769] 7fdbd225b000-7ffcc494bfff: 0000000000000000
[ 215.062342][ T7769] 7ffcc494c000-7ffcc496cfff: ffff8880788f0280
[ 215.086746][ T7769] 7ffcc496d000-ffffffffffffffff: 0000000000000000
[ 215.117744][ T7769] ------------[ cut here ]------------
[ 215.123435][ T7769] WARNING: CPU: 0 PID: 7769 at mm/vma.c:759 vma_merge_existing_range+0x5d3/0x1c80
[ 215.132835][ T7769] Modules linked in:
[ 215.136968][ T7769] CPU: 0 UID: 0 PID: 7769 Comm: syz.1.349 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 215.149034][ T7769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 215.159894][ T7769] RIP: 0010:vma_merge_existing_range+0x5d3/0x1c80
[ 215.166352][ T7769] Code: 00 00 00 48 89 d8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc e8 ed 1e aa ff 48 c7 c6 60 d3 9b 8b 48 89 df e8 be bc f2 ff 90 <0f> 0b 90 e9 9b fc ff ff e8 d0 1e aa ff 48 8b 54 24 20 48 b8 00 00
[ 215.187074][ T7769] RSP: 0018:ffffc90003217b20 EFLAGS: 00010293
[ 215.193312][ T7769] RAX: 0000000000000000 RBX: ffffc90003217c80 RCX: ffffffff8b68a713
[ 215.201340][ T7769] RDX: ffff888028802440 RSI: ffffffff82111eb2 RDI: 0000000000000006
[ 215.209366][ T7769] RBP: ffff88807c77b640 R08: 0000000000000006 R09: ffffffffffffffff
[ 215.217768][ T7769] R10: ffffffffffffffff R11: 0000000000000001 R12: 0000200000800000
[ 215.226243][ T7769] R13: ffffc90003217ca0 R14: ffff88807c77b640 R15: 0000200000000000
[ 215.234595][ T7769] FS: 00007fdbd22316c0(0000) GS:ffff8881249b3000(0000) knlGS:0000000000000000
[ 215.243928][ T7769] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 215.250958][ T7769] CR2: 00007fb750d9a378 CR3: 000000002c40a000 CR4: 00000000003526f0
[ 215.258968][ T7769] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 215.268353][ T7769] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 215.277344][ T7769] Call Trace:
[ 215.280950][ T7769] <TASK>
[ 215.283914][ T7769] ? __pfx_vma_merge_existing_range+0x10/0x10
[ 215.290057][ T7769] vma_modify+0x87/0x410
[ 215.294317][ T7769] vma_modify_flags+0x212/0x2d0
[ 215.299183][ T7769] ? __pfx_vma_modify_flags+0x10/0x10
[ 215.304647][ T7769] ? mtree_range_walk+0x718/0xc00
[ 215.309738][ T7769] ? mas_walk+0x6a6/0x910
[ 215.314081][ T7769] mlock_fixup+0x27c/0xe50
[ 215.318521][ T7769] apply_mlockall_flags+0x2d4/0x470
[ 215.323782][ T7769] ? __pfx_apply_mlockall_flags+0x10/0x10
[ 215.329596][ T7769] ? __pfx___might_resched+0x10/0x10
[ 215.334921][ T7769] ? __pfx_down_write_killable+0x10/0x10
[ 215.340635][ T7769] ? __pfx_ksys_write+0x10/0x10
[ 215.345496][ T7769] __do_sys_munlockall+0xc5/0x280
[ 215.350596][ T7769] do_syscall_64+0xcd/0x260
[ 215.355120][ T7769] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 215.361853][ T7769] RIP: 0033:0x7fdbd138d169
[ 215.366953][ T7769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 215.386662][ T7769] RSP: 002b:00007fdbd2231038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[ 215.395131][ T7769] RAX: ffffffffffffffda RBX: 00007fdbd15a6080 RCX: 00007fdbd138d169
[ 215.403168][ T7769] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 215.411209][ T7769] RBP: 00007fdbd2231090 R08: 0000000000000000 R09: 0000000000000000
[ 215.419248][ T7769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 215.427494][ T7769] R13: 0000000000000001 R14: 00007fdbd15a6080 R15: 00007ffcc496b818
[ 215.435537][ T7769] </TASK>
[ 215.438572][ T7769] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 215.445861][ T7769] CPU: 0 UID: 0 PID: 7769 Comm: syz.1.349 Not tainted 6.15.0-rc1-syzkaller-00025-gbec7dcbc242c #0 PREEMPT(full)
[ 215.457760][ T7769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[ 215.467823][ T7769] Call Trace:
[ 215.471108][ T7769] <TASK>
[ 215.474043][ T7769] dump_stack_lvl+0x3d/0x1f0
[ 215.478641][ T7769] panic+0x71c/0x800
[ 215.482539][ T7769] ? __pfx_panic+0x10/0x10
[ 215.486958][ T7769] ? show_trace_log_lvl+0x29b/0x3e0
[ 215.492165][ T7769] ? check_panic_on_warn+0x1f/0xb0
[ 215.497281][ T7769] ? vma_merge_existing_range+0x5d3/0x1c80
[ 215.503089][ T7769] check_panic_on_warn+0xab/0xb0
[ 215.508029][ T7769] __warn+0xf6/0x3c0
[ 215.511928][ T7769] ? vma_merge_existing_range+0x5d3/0x1c80
[ 215.517744][ T7769] report_bug+0x3c3/0x580
[ 215.522081][ T7769] ? vma_merge_existing_range+0x5d3/0x1c80
[ 215.527883][ T7769] handle_bug+0x184/0x210
[ 215.532203][ T7769] exc_invalid_op+0x17/0x50
[ 215.536691][ T7769] asm_exc_invalid_op+0x1a/0x20
[ 215.541520][ T7769] RIP: 0010:vma_merge_existing_range+0x5d3/0x1c80
[ 215.547914][ T7769] Code: 00 00 00 48 89 d8 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc e8 ed 1e aa ff 48 c7 c6 60 d3 9b 8b 48 89 df e8 be bc f2 ff 90 <0f> 0b 90 e9 9b fc ff ff e8 d0 1e aa ff 48 8b 54 24 20 48 b8 00 00
[ 215.567508][ T7769] RSP: 0018:ffffc90003217b20 EFLAGS: 00010293
[ 215.573558][ T7769] RAX: 0000000000000000 RBX: ffffc90003217c80 RCX: ffffffff8b68a713
[ 215.581530][ T7769] RDX: ffff888028802440 RSI: ffffffff82111eb2 RDI: 0000000000000006
[ 215.589483][ T7769] RBP: ffff88807c77b640 R08: 0000000000000006 R09: ffffffffffffffff
[ 215.597440][ T7769] R10: ffffffffffffffff R11: 0000000000000001 R12: 0000200000800000
[ 215.605390][ T7769] R13: ffffc90003217ca0 R14: ffff88807c77b640 R15: 0000200000000000
[ 215.613366][ T7769] ? mt_dump_node+0xcd3/0x16d0
[ 215.618165][ T7769] ? vma_merge_existing_range+0x5d2/0x1c80
[ 215.623984][ T7769] ? __pfx_vma_merge_existing_range+0x10/0x10
[ 215.630052][ T7769] vma_modify+0x87/0x410
[ 215.634389][ T7769] vma_modify_flags+0x212/0x2d0
[ 215.639246][ T7769] ? __pfx_vma_modify_flags+0x10/0x10
[ 215.644667][ T7769] ? mtree_range_walk+0x718/0xc00
[ 215.649710][ T7769] ? mas_walk+0x6a6/0x910
[ 215.654073][ T7769] mlock_fixup+0x27c/0xe50
[ 215.658488][ T7769] apply_mlockall_flags+0x2d4/0x470
[ 215.663686][ T7769] ? __pfx_apply_mlockall_flags+0x10/0x10
[ 215.669396][ T7769] ? __pfx___might_resched+0x10/0x10
[ 215.674683][ T7769] ? __pfx_down_write_killable+0x10/0x10
[ 215.680301][ T7769] ? __pfx_ksys_write+0x10/0x10
[ 215.685131][ T7769] __do_sys_munlockall+0xc5/0x280
[ 215.690153][ T7769] do_syscall_64+0xcd/0x260
[ 215.694664][ T7769] entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 215.700556][ T7769] RIP: 0033:0x7fdbd138d169
[ 215.704971][ T7769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 215.724564][ T7769] RSP: 002b:00007fdbd2231038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[ 215.732959][ T7769] RAX: ffffffffffffffda RBX: 00007fdbd15a6080 RCX: 00007fdbd138d169
[ 215.740912][ T7769] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 215.748866][ T7769] RBP: 00007fdbd2231090 R08: 0000000000000000 R09: 0000000000000000
[ 215.756817][ T7769] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 215.764768][ T7769] R13: 0000000000000001 R14: 00007fdbd15a6080 R15: 00007ffcc496b818
[ 215.772730][ T7769] </TASK>
[ 215.775955][ T7769] Kernel Offset: disabled
[ 215.780257][ T7769] Rebooting in 86400 seconds..