last executing test programs:

15.494049281s ago: executing program 3 (id=1256):
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x80201, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_rr_get_interval(r1, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8001}, 0x8)
getsockopt$bt_hci(r4, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
symlink(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)='./bus\x00')
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00')
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid_for_children\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r5, &(0x7f0000000080)=ANY=[], 0x6)

13.623887076s ago: executing program 3 (id=1261):
syz_open_dev$sndpcmc(0x0, 0x0, 0xa340658bc40d4f52)
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(0xffffffffffffffff, 0xc0045516, &(0x7f0000000000)=0xffb)
epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40186f40, &(0x7f0000000440)=0x1f)

11.20548863s ago: executing program 3 (id=1274):
syz_open_dev$swradio(0x0, 0x0, 0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000157000/0x1000)=nil, 0x1000, 0x4, 0x810, 0xffffffffffffffff, 0x8000000)
syz_io_uring_setup(0x6c34, &(0x7f0000000080)={0x0, 0x3485, 0x80, 0x2, 0x151}, &(0x7f0000000000), &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000140)=@IORING_OP_NOP={0x0, 0x4})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000f00)={'bridge_slave_1\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x4b}})
read$FUSE(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, 0xffffffffffffffff, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r4 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
r5 = openat$binfmt(0xffffffffffffff9c, r4, 0x42, 0x1ff)
ioctl$F2FS_IOC_SEC_TRIM_FILE(0xffffffffffffffff, 0x4018f514, &(0x7f0000000380)={0x1, 0x36c, 0x2})
close(r5)
execveat$binfmt(0xffffffffffffff9c, r4, 0x0, &(0x7f0000000880)={[], 0xf000}, 0x0)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50}, 0x50)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_SPACE_INFO(r3, 0xc0109414, &(0x7f0000004280)={0xac4, 0x3, ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']})

9.293457905s ago: executing program 3 (id=1283):
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket$inet6(0xa, 0x4, 0x6)
openat$pidfd(0xffffffffffffff9c, 0x0, 0xac63094eb3328933, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x401, 0x3, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x190, 0xf1f80502f07a58b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_PACKETS_PER_SLAVE={0x8, 0x14, 0xff}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x240080c1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB], 0x50}}, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000100)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r4, 0x3ba0, &(0x7f0000000140)={0x48, 0x2, r5})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000200)={0x28, 0x3, r5, 0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1})

8.902142714s ago: executing program 0 (id=1285):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$usbmon(&(0x7f0000000080), 0x7fffffff, 0x0)

8.017321576s ago: executing program 3 (id=1288):
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_emit_ethernet(0x3a, &(0x7f0000000240)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0xe000, 0x0, 0x5, 0x0, @dev, @private=0xa010100, {[@generic={0x89, 0x2}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r0, &(0x7f0000000580)=""/102400, 0x19000)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r4 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000019580)={0x2020, 0x0, 0x0, 0x0, <r5=>0x0}, 0x2020)
r6 = getgid()
setresgid(r5, r6, 0xee01)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$P9_RGETLOCK(r2, 0x0, 0xffffff6a)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
tee(r1, r7, 0xfffffffffffffc01, 0x0)
tee(r1, r7, 0x60000000000, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={0xffffffffffffffff, 0x2, 0x1ff, 0x3})
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_si_security={{0x2, 0x7}, {0x7, 0x4, 0x5, 0x5}}}, 0xa)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r8, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0x2, {0x2, 0x0, 0x0, 0x0, 0x4000, 0x0, {0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3ff, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl$FIBMAP(r9, 0x401070c9, 0x0)

7.83577511s ago: executing program 0 (id=1289):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x16, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="1800"/12], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000680)=@newtaction={0x70, 0x30, 0x53b, 0x0, 0x25dfdbfd, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x1, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0xe7}, @TCA_SAMPLE_RATE={0x8, 0x3, 0xe85e}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x1de, 0x6, 0x300}}]}, {0x4}, {0xc}, {0xc, 0x4, {0x3, 0x1}}}}]}]}, 0x70}}, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000a80)=@nat={'nat\x00', 0x1b, 0x5, 0x3c4, 0xa4, 0x28c, 0xffffffff, 0x198, 0x198, 0x330, 0x330, 0xffffffff, 0x330, 0x330, 0x5, &(0x7f0000000740), {[{{@uncond, 0x0, 0x70, 0xa4}, @NETMAP={0x34, 'NETMAP\x00', 0x0, {0x1, {0x2, @local, @multicast2, @gre_key=0x36e, @port=0x4e23}}}}, {{@uncond, 0x0, 0xc0, 0xf4, 0x0, {}, [@common=@ttl={{0x24}, {0x0, 0xc}}, @common=@addrtype={{0x2c}, {0x10, 0x200, 0x1}}]}, @MASQUERADE={0x34, 'MASQUERADE\x00', 0x0, {0x1, {0x1f, @broadcast, @initdev={0xac, 0x1e, 0x1, 0x0}, @icmp_id=0x68, @gre_key=0x80}}}}, {{@ip={@multicast2, @dev={0xac, 0x14, 0x14, 0x32}, 0xff, 0xff000000, 'bond0\x00', 'bond0\x00', {}, {0x101}, 0x16, 0x1, 0x18}, 0x0, 0xc0, 0xf4, 0x0, {}, [@common=@addrtype={{0x2c}, {0x42, 0x80, 0x1}}, @common=@icmp={{0x24}, {0xe, "4883", 0x1}}]}, @DNAT0={0x34, 'DNAT\x00', 0x0, {0x1, {0x9, @empty, @private=0xa010100, @icmp_id=0x66, @port=0x4e23}}}}, {{@ip={@loopback, @multicast1, 0xffffffff, 0xff000000, 'veth0_to_team\x00', 'veth1_to_team\x00', {0xff}, {}, 0x62, 0x2, 0x18}, 0x0, 0x70, 0xa4}, @SNAT0={0x34, 'SNAT\x00', 0x0, {0x1, {0x17, @rand_addr=0x64010101, @private=0xa010101, @gre_key=0x6, @gre_key=0x3}}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x420)
r1 = syz_io_uring_setup(0x7da8, 0x0, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000000)=<r3=>0x0)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
r5 = dup2(r1, r4)
setitimer(0x0, &(0x7f0000000300)={{0x0, 0xea60}, {0x0, 0x2710}}, &(0x7f00000003c0))
io_uring_register$IORING_UNREGISTER_FILES(r5, 0x3, 0xff0f, 0x0)
sendmsg$key(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x2, 0x12, 0x7, 0x0, 0xe, 0x0, 0x70bd29, 0x25dfdbfc, [@sadb_x_kmaddress={0x8, 0x19, 0x0, @in6={0xa, 0x4e21, 0xdb2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, @in6={0xa, 0x4e20, 0x2, @empty, 0x8}}, @sadb_lifetime={0x4, 0x4, 0x5, 0x8, 0x7fffffffffffffff, 0x1}]}, 0x70}}, 0x44)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x2, 0xc, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r7 = dup(r6)
io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
io_uring_register$IORING_REGISTER_NAPI(r7, 0x1b, &(0x7f0000000400)={0x761, 0x81}, 0x1)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, r7, &(0x7f0000000080)={0x301801, 0x0, 0x28}, &(0x7f00000000c0)='./file0\x00', 0x18, 0x0, 0x12345, {0x0, r8}})
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x6d82, 0x0, &(0x7f0000000180), &(0x7f00000001c0))
syz_emit_ethernet(0x36, &(0x7f0000000a40)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd606410a69100fc020000ff0f00000000000000000000fe8800130000000d50a6c00f3ad7c401"], 0x0)
r9 = socket$kcm(0x10, 0x3, 0x4)
writev(r9, &(0x7f0000000780)=[{&(0x7f0000000340)="580000001400192340834b80040d8c5602117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000c0c100000000000224e0000", 0x58}], 0x1)
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/seq/clients\x00', 0x41, 0x0)
write$UHID_CREATE(r10, 0x0, 0x0)
rt_sigsuspend(0xffffffffffffffff, 0x8)

6.802544489s ago: executing program 3 (id=1292):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400200142603600e122f00160006000400a8000600200003400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
shutdown(r1, 0x0)
recvmmsg(r1, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'wrr\x00', 0x1, 0x4, 0x55}, 0x2c)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r3=>r1, {0xf943}}, './file0\x00'})
write$selinux_create(r3, &(0x7f00000001c0)=@access={'system_u:object_r:hald_cache_t:s0', 0x20, '/usr/lib/telepathy/mission-control-5', 0x20, 0x4}, 0x5c)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e21, 0x3, 'wrr\x00', 0x26, 0x81, 0x5}, {@rand_addr=0xac1414aa, 0x4e23, 0x10000, 0x1cb, 0x12d5e, 0x12d58}}, 0x44)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x2000, 0x84, 0x12d5c, 0x12d5c}}, 0x44)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2000009, 0x11, 0xffffffffffffffff, 0x1000)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000140)=[{0x20, 0x0, 0x0, 0xfffff038}, {0xb1, 0x0, 0x0, 0xfffff024}, {0x6}]}, 0x10)
sendmmsg(r6, &(0x7f0000001c00), 0x400000000000159, 0x40840)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="400100001000130427bd7000fbdbdf25fe800000000000000000000000000000ac1414bb00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa0000000000000000000000000000000032000000fe8000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000b00000000000000000000000000000000800000000000000000000000000000fdffffff00000000003500000a000000000000000000000050001200726663343130362867636d2861657329290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000006000000025cac521"], 0x140}}, 0x4000080)
r8 = signalfd(r7, &(0x7f00000000c0)={[0x8]}, 0x8)
r9 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'wg1\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@newqdisc={0x38, 0x24, 0xd0f, 0xfffffffd, 0x25dfdbfe, {0x60, 0x0, 0x0, r11, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pie={{0x8}, {0xc, 0x2, [@TCA_PIE_TUPDATE={0x8, 0x8, 0xffffffff}]}}]}, 0x38}}, 0x0)
pwrite64(r8, &(0x7f0000000100)="65c70b84da934056a27cec0893bc55f5e6281e6da2a07209a78dabecf2f1700fd08a970dc3be4481eedf427c6d3cdae38b7b4bece97f1f797242774cd5", 0x3d, 0x7)

6.68250656s ago: executing program 1 (id=1293):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
socket$kcm(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_emit_ethernet(0x3a, 0x0, 0x0)
sched_setaffinity(0x0, 0xffffffffffffff1a, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
socket$nl_netfilter(0x10, 0x3, 0xc)
newfstatat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x4000)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='ntfs3\x00', 0x2208004, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2000034000, 0x4, 0x0, 0x5, 0x0, r1, &(0x7f0000000040)="0200ffff0000", 0x6}])
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r2, 0x8b32, &(0x7f0000000040))

6.578811222s ago: executing program 0 (id=1295):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000100)={{0x4, 0xdddd1000, 0x0, 0x2, 0x4, 0x0, 0x0, 0x2, 0x0, 0x8, 0x9, 0x10}, {0xffff1000, 0xd000, 0xc, 0x8, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7, 0x0, 0xfe}, {0x3000, 0x5000, 0xc, 0x0, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0xfe, 0x0, 0x4}, {0xdddd0000, 0x3000, 0x9, 0x0, 0xff, 0x4, 0x6, 0xe, 0x0, 0x3c}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x80}, {0xdddd1000, 0x0, 0xa, 0x6, 0x0, 0x0, 0x3}, {0x0, 0x3000, 0x0, 0x0, 0x1, 0x1, 0x83, 0xa, 0x26, 0x5}, {0x80a0000}, {0xdddd1000, 0xff}, 0xddf8ffdb, 0x0, 0x0, 0x70, 0xfffffffffffffffe, 0xd801, 0x0, [0x0, 0x0, 0x1]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x115402)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x7e, 0x9e, 0xb4, 0x10, 0x54c, 0x38, 0x16f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8, 0xc5, 0x38}}]}}]}}, 0x0)
syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000000)={0x2c, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x8, 0x3}, 0x0, 0x0})
ioctl$KVM_TRANSLATE(r3, 0xc018ae85, &(0x7f0000000040)={0x6000, 0xdddd0000, 0x5, 0x5, 0x7f})
r5 = userfaultfd(0x801)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x10b500, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = dup2(r5, r5)
ioctl$KVM_IOEVENTFD(r7, 0x40a0ae49, &(0x7f0000000000)={0x4, 0x0, 0x0, r8, 0x100000})
poll(&(0x7f0000000000)=[{r0, 0x1000}], 0x1, 0xf45)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='memory.current\x00', 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f00000000c0)=0xf, 0xffffffffffffffc3)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

5.994331953s ago: executing program 1 (id=1296):
r0 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0x11e, 0x400, 0x3, 0x319}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000400))
r2 = getpgrp(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
syz_clone(0x8b28600, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x4, 0x1000085}, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
read$msr(r3, &(0x7f0000019680)=""/102384, 0x18ff0)
r4 = socket$inet6(0xa, 0x3, 0xff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r5], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x8, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
connect$inet6(r4, 0x0, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fcntl$setstatus(r7, 0x4, 0x2800)
acct(&(0x7f0000000240)='./file0\x00')
ioctl$TIOCSTI(r7, 0x5412, &(0x7f00000018c0)=0x13)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r9, 0xc008aec1, 0x0)
r10 = socket(0x1d, 0x2, 0x6)
r11 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r11, 0x3b71, &(0x7f0000000040)={0x20, 0x2, 0x0, 0x1, 0x101})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
readv(r10, &(0x7f0000000640)=[{&(0x7f0000000280)=""/106, 0x6a}, {&(0x7f0000000380)=""/112, 0x70}, {&(0x7f0000000300)=""/19, 0x13}, {&(0x7f0000000440)=""/162, 0xa2}, {&(0x7f0000000500)=""/207, 0xcf}, {&(0x7f0000000600)=""/1, 0x1}], 0x6)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))

5.365647697s ago: executing program 1 (id=1297):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f0000000000)={0x0, 0x8}, 0x8)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15)
r3 = dup(r1)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000000000ab284dc9a94095f54e34f11a5a480d2115805745f8a24d"], 0xb0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)=@newtaction={0x80, 0x30, 0x48b, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_ctinfo={0x30, 0x2, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_simple={0x38, 0x1, 0x0, 0x0, {{0xb}, {0xc, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x8, 0x3, 'nat\x00'}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x80}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0))
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000600)={'ip6gre0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x6, 0x0, 0x39, @dev={0x12, 0x80, '\x00', 0xfe}, @mcast2={0xff, 0x3}, 0x2000, 0xba08}})
rt_sigaction(0x13, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000300)=0x2)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x23}}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="18000000030000000000000026d0000095002b000000000093adff012255f674412d02000000880b5f04596a5e99fce658be2f200c699223886d8be4b50000005ab527ee3697f98125f30e6326996a3cfee33025a30b45bdcf2c69d105e5e55a1d273683623f1a5dc6e3c7e20eb7a98ecf3bd2cf898e924abe26ac296f660e69ba982fd76e00dcff7f0000ca6b78ad833488cfe4109eaf009eddcf21f5c63cde2f00150200000001000000520a0000151d010000000100bf00000000cc587424363da52001a3cdf2000000db74596fd72c002a60c1bc7dc8c38b7d2e13c50424b9dd1145d03ff45f70685c6bd9ff41c69b7de406e89dcbb7677e65a88a8407a9e7f9c0e91028b0856eb1ed9474480737a55ebb0bd701f7fb21135c6172eba7eb8a341f07e5a2d1e88b3cfc22df01e4bac9d97328fa2a82b5e8741e02056d93a433f50479387467824262852c7939db5672d07cdbe8e14abf56497e5d56dbe37551b870b2851c3f0a1a9ebfcba105a6ccdd01b0f04edb256c0200000073f6db43661bd7f0e2536ffbfe5ca31b4083145531458b7d1e341c6b351ebc5223f54d6bec93f4ef088e5d1be2515226988d664709ff03f1aa3dc7f1580ace9bf2afd28d0700000000000000d6eb372713255012e028cb2654d493a0b43bf21375709f348f5eda2967199cc936859a538100070000000000dc10e13ef227f627a40000ad1fa253d33fa74f172d3407ae4e1e347c0c6ef9dd2b6bb700000000000000000c586272c3f4d79bc36315745cb149f3cb385e6add14652003c7cdd3324f07d134d3a6c718bbd1aafe1140cff0be4c6f8df084c5e9734ae30aa9af030025f01ab03a9b1074407136bc506031f0916a39d3057d55183612b39e73ae8e6dc30356886a831836469e2051d937eb85f3f2d5ae2c1dca476b97419a3b76ed62409d004d7fbe362145d19605d760df4c5124ca325d374b371867a79b35c6617fc3327191fbf514573f0e30d1d60be2168fffc2f3dccd599a2cb77f124e22f87673675805494db821f39b50d938d5fd8c6b2a3a324c257bc9110971b749ccd74089ed6b86f81ca3ba47d8f71d290ed1b1a11f7a67125170c88c3b6a50692cc0064fc6bbd312536ac15016c85c6332226401b110da9c786eeca22debc99335587b54c13c3107008fa069af8223b38ced735c2d906551004d8dc10d88738488da01ffa4add56474573c964a270000f2f16625c0c10200000000c7a5ca60fdad159f2e44171f39638410020000004825d081f2d987f05c534187738655d7dc958f2046fa0c1619a6554b82d9c162eb61ca74f1ffdaccf0ea5f06e0fca8b27ff3983ab74fd3d560700a1fab44e77e312b3b129e000302d613916c9bcf9f0000fac73a5b6bfb27f88dba816020be760f7b45e001efada8000000000000fdaf4660402f7b3b79a433e08074ea2462974a00040000eb01352638f56dae0249d15ba8767259658878b7492cfbacde9b57cf4de00788adce638190f3570e0b4c80ef682df22201270955afb6008846557ee3bc09fda6dbb6550d597300eb82a184c96ffde5a30e5433e866665b98ca2002c804c22ff2634b7bfbf5c0d586cda5b45fd00dede1e88a4d41dee7cc76d7a23d06acb1d2d4c58faea84158bb440df2a694f4cdcaa4f65c22efffffffffffdd00000000d503d79986958115ae07b70f991430b7fb475d77b869ee02000000000000000000001ffff0ef89b2a68d2b05c995445d8a7700bcdfbec74fb2dd163e863315e84498dfb52bb93f6c9084659ce777ddac563c8596c2b1d8180289a61faa95a82bf1cfb7f2fd7252e9322abe282c33445d443a67467893b9bf0d1c8130ae6b226900000635376413c29f7c6f7b7e29b9a0c64e68328661f0c06e21f7d7dc22174ea4447a6f60edef3a4168d40200fbc71104512efe8e5d7d934aa289b4bd2b870000000000000000000007000000002000000000009b777883a02f0593dfc4cb4114b9f9cf4ad155110cc6ace2b322ac31bfa27847c799c8009a1ea5b98e525e6383ad7fd9795170e7b11e247603c2ff49a11459c7f606d729d3979676bffb3049166bb84a0f061991bd57c2566c10c282352aba05b6164ef876915a3f2491e4793e590dcc71de10da96366c1e992c0068c940dd4422c9882d3aa0f8a797b8fea6efcfb5276b7679f15559edaa977504cc0b2f777acb907ebf5fc14add71d0bca37405ded69b77ab4a3d7487fd04000000de17e1e13b93669b79556abb722d9c085b189b5fd1f30e8dc813f608830b110001732135e8e7262f290000923bfb6b41ff3792cee2fc37eee739c3e36a4bc80112968ec0d8902eced1fe552018014a463abbbf7ccd6a92a5734e3ebfca9b6e88e031f31de2183652e77c164c646a1cfd3710aa4205d8d4d4f974133ccb1e49feb42664eccd809c0ba8917eda87489e8946d5c8156197bcb66fd5606c63e3389ee9e8552381646365066ef9a36a449c96485c22ad1aa423b7b89efbc6cd54000bb0ea5f4f1e8773144fb6ac9a44d43593d77e66aa7ed7f3d4e7b211590c738888d02b2dbb0b2ba73ec72e1d8d7360a128499dd19e1e7b9b0671f4f58515b45ecb9964f3c4ddb8234391d514f8d996d8d6dd7f8fadfee2d7a0035638ce27c2936cb04b30a0eb0cde0000000000000040000000ec3c12ecee8fc3a40000000000000000e215b00ce2570b930723cbadb4033d1b8aaa2cfb3fb89e4a6e89737fd6232218a9e0c099d1eb59d60b3cca089785642f327139bc4394fb6d547a9b3c22599e780c1da7433fb47615d372e3fffe9703e37d5c87d513165278650738efcc04d27b766cf7f60066edd292f6c8a2174f391ed164bb1816819ceb3e378e776d422bc946cd9501accebeac3a5b31d8abc68ae537cd44a04e6bc21c35a7beab2610c51e593676bf635a20f597f4631b91454d182f826071f5210bd6d93173589929b23801e63c2266fde13b5a04b8d48be057c752bc415a756ea9b4d34156c4f73dd5e5924ef101a5fcdaf37c7ba2c4a9de9b000000000000000000000000000000a73b862e4b63c245616b522345587d0ee65a6902bdd0abd941e8aba37510b222ae544f395edd1b92ad53fc68f08ea00edc5e10d768836169dd296d56b306e8b75778c37571792a6c3d8b02ef378ebd59422cdd008bef6f80a80a68641ea5ed4f1126bb676098c10bf663eb3fb8c839364d28fd046dc64b35f9c3397ce6f4ad357b0000000000090000000088c7a8e2638f650a6f04a6f33a090f59414d6ebcbc687e66d600000000bd0a58ea6d36fc2cf9b9a71c137a2a22adb1006f371d4faf47285fd66fe0389afb96854bb360edcdf11b4ff6dd578bba93e949d240cde9b5836cb46032484dc19c93db7b6e5afa10547c78e76a3111557346e52566df196fd630561bb908fff4d2e19562aabd43742a26a43799f8636fa04ceb40c9e4ca1cfbbc7b949cd245a3ee118fd0d4f639444539af8766028d4ac4d4c548e290199e0dacbb4f6796b39bf32934d941ba2f88e3ebd0cf8e24f99eca86e4ca9b2cd2b54044a7fc4631572a6378a32df288785f146275c1f548e2a0c1016744e05f9de5044373d7650125027547eefe7b2d8c8871bb65395fae99d8456883705bfdfb00001854b2e5efa8aaf25827d659f592b1575281ec125de7fb91cd81d91dcb19f5cdf1e1e2b4a8a1389753a09110538689e38e07fb2dc72bd4fd11d7bc16aac5d85c6101bb722895248e463a5fb45ce0e564e90cb19d5993b471687ae4165e29cf2f58082115f5f8569896eedfd798733223e6d6584997510c374912ab798bd4af4654c01bb2c411bc36468ddd62b4eba5cfc8953526e0e5b1359797956152d0098ce47c62c3fe5a23219389622b7f65bf03527d25c3941b9cf1ffeedf6d99082bb57ea871c12213cc40900f83033bc18c529171fae324c315bc6ce358831d0230412212acfd5fc8d5cb0d028cf568e8bb40e27befe2ff01f7c6674a4d86d900633ea36641e0a781ea0ea7f2d928b8b22e2f97dd13348927375baea6863bef4acf4299096ada5cdd2a0eaafaa760a79d102d1e0c0000000000000000007926653b8d79ce16a432f124786a0bc3c5b7d196822492ae1ccf91aeac16406ad6f9cd3d96d57fceba8360ae49f73351814c9c2972f11064aaf3739d9100f9c0e4d0cb17d50c82e305ba7d62cf1cc6da26e34982a8c74dd8122cf5b5e7c34fd2712a0cef05e4d8ec7dd363219676bd9b19943185b132eb35a695e208dfa5cecdb1d6425c8879063c0f11bd64291a4209ee6dc1d9e9010013f6148c603e6a335e298efd6ab5cccc47a2c568c6afec54f8251bd840752addf200371361c9eedf05ed98585cf6d99e9e56055064bda2d373369761238c278147cd0eb7799f6b9c9fcaa3fd282154994f5b25420c86db9b6401e885de1c615a719a1c83e8fbbb181282dbaf3313a4e4a4877e9f37607e2cd6da0cf6371ec06a75f5a4206b2418ad8897ae149085d63f01f22eca44033234b3930b4d5da756669a1d59d69e7de54abf439988ed7ec33c2d0a901bb0985a24878984d8a4340fa9a356d100926fb5f2ef9976366a61b8cc2bcb1c072b0e9c564852388e1edff10d75b3832792e471cc15b40380f94d834243080158603fbc9134d6983c540525447478984611c0d9666941bfc0a30db47a8828b6e5c51aee2094599b4ce52795750e1764f1657ca8c5633c71287239dddf5c651496f7bbd148c937f083d2e4e0197dbc6ff0649c"], &(0x7f00002bf000)='GPL\x00', 0x4, 0xb7, &(0x7f0000000040)=""/183, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r8, 0x89e0, &(0x7f0000000180)={r0, r7})
ioctl$sock_kcm_SIOCKCMCLONE(r8, 0x89e2, &(0x7f0000001380)={<r9=>0xffffffffffffffff})
syz_genetlink_get_family_id$batadv(0x0, r9)
close(r8)

5.365054396s ago: executing program 4 (id=1298):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r1, 0x8982, &(0x7f0000000140)={0x0, 'team_slave_1\x00', {}, 0x4})
r2 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x11, @loopback, 0x0, 0x0, 'lblcr\x00', 0x0, 0x0, 0xfffffffc}, 0x2c)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, &(0x7f0000000180))
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="180200000000200000000000000000008500000036000000950000000000000049db185086ea6334aa453ec969352991eb38f162575a68c0e574b1758d28a5aa8e86720031a818d25477fc738a2157e500171427cceeb8adc298f40b9affaa9ceb28e1ac72f4d412696ddf196f7380423f5d1cff072e84bf03770a9bf0bede62157b45b5a2ef59cea5048ffb"], &(0x7f00000000c0)='GPL\x00', 0x5, 0xc5, &(0x7f00000001c0)=""/197, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r5=>0x0})
r6 = dup(r4)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r5, 0x25, 0x8, @void}, 0x10)
setsockopt$IP_VS_SO_SET_FLUSH(r2, 0x0, 0x485, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[], 0x48}}, 0x0)
sendmmsg$alg(0xffffffffffffffff, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[], [], 0x2f})

4.435338354s ago: executing program 4 (id=1299):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$usbmon(&(0x7f0000000080), 0x7fffffff, 0x0)

4.262707804s ago: executing program 1 (id=1300):
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001500010300000000000000000a"], 0x14}}, 0x40040)
sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB='<'], 0x3c}, 0x8, 0x3000000000002}, 0x4)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_SERVICE(0xffffffffffffffff, 0x0, 0x483, &(0x7f0000000200), &(0x7f0000000000)=0x68)

3.489052654s ago: executing program 4 (id=1301):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x566e105bf7b091e4)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000080)=0x5)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f000000d3c0)=[{{&(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000000100)=[{&(0x7f0000000480)}, {&(0x7f0000000500)="182e2a4e9d2f11fc879eed968df98dc161f0f7666eacc2a8cad9c15accce52421f47a87b8fb50cc90fd68ad463e9a0c09dfeb4a01c2642e9129962dcd94bc9d82403b492339f65bdaaa162486d", 0x4d}], 0x2, &(0x7f0000000580)=[@rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0]}}], 0x20, 0x4004040}}, {{&(0x7f00000005c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001880)=[{&(0x7f0000000640)="d86fc98899002dec2ec288be00e61d801a", 0x11}, {&(0x7f0000000680)="29bb39d6e9f20241bc3bbc07830806086e60702471c785492aa33dbc788f0ea4d5d1428f98db15288e0c4d18c0950c6c78eb9694f23530121e5341cefef0a88992d71f14e3b8c8aab4af3cef20ce0ac0df71515cdb", 0x55}, {0x0}, {&(0x7f0000001740)="7ad8922ccdd524eb3afdcd1c2194ed1cb9512ede6db179e47ffc68b8b87dfbda45c5ef5ab8ea94b7eaf87a2da469d312896fea6273552b7c8ab0b24bd2fa0e1f9f149e90345f0b08bdd27e9dbf9581aaa4", 0x51}, {&(0x7f00000017c0)="1cf82dd9cb32536c17bdb80ae74025794e4eefff24eb98892e0a05ea5bbd7d6981cf7a02ebb1d4588ab62176ca5fe8416548348556b32df47f389b67fffdae13f149af05aa7dc0b0b670458f11967ccd69f214eeabe730d675255b101564bbd217d6343d", 0x64}, {&(0x7f0000001840)="f0154fe70913d7fd6e0d9428e1c1caac39815df294e4", 0x16}], 0x6, &(0x7f0000005dc0)=[@cred={{0x1c, 0x1, 0x2, {r2}}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @cred={{0x1c, 0x1, 0x2, {r2, 0xee01}}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x10}}, @rights={{0x24, 0x1, 0x1, [r0, r0, r0, 0xffffffffffffffff, r0]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0, r1, r1]}}], 0x128, 0x40}}, {{0x0, 0x0, &(0x7f000000a740)=[{&(0x7f00000062c0)="d708439678e1f400a69c476c9e84e5c719bca3598a0c919ec185f93e8744d69d7b177eb8496e282c9e4a0bbecc4a69574c0449534131609534da7bd1192d2f10de1d1c5a313b943ee1f058f68aab261fde14802070419a08f13452f9fe64cca03939bb61ff8bcda7745fe85dabed64f10a47fd2a", 0x74}, {&(0x7f000000a3c0)="e17d01f9dc65f25639f466b5f35572c12d0564f7513041a713ed59a52f0c7fee38cbf4075719dce3dba6bfbd7c138da30e6f453ff839c14df6ae55f906801525a336ddfe188b299b8a8e74fd7402d7a43d5b5e12f2c3179bff7bdd3117816f1a68ed52ebdb9aaacfaa96e4c1a17ba9f29b5c895e117c9e6da8c9f5219b3be0abf90770a24ba462fcbdeb8dc1be01f82c7f027f9a5bb63c2f99dfbe802c00635d1b052ae570803596046c19462f3bc80c4e5594ba6d3b791ef4dfd5d771b5deacd51257e233289b386f7cd7b7b97d9382d56ce4235f68c06e38a477a5b465ff65979c6aece5527ff3ff48423259cf6a", 0xef}, {&(0x7f000000a4c0)="38840b91676e84818e31ca85670a4f8a2cb202dd77b96f341042c29e35f37511df2c2b2e5782a43a7f6a064686302607d385f92f70c70d4271eac52464915fbafec0ffcff368aa84407eb03e183c3c2b87d07aff913cdbd3d3d8e382e0c7023b67ee2847119023545fdb040d72825df3ced93d5e6d1e3ff505104209263250972c645f3739bd34934ff0dc5e72fc18ee1ea5fb71326bb9f524205785d858e9d260821dc04953", 0xa6}, {&(0x7f0000006340)="6a1262d4f80a5e3d486d42251e19845e46977b7d2bd0d1", 0x17}, {&(0x7f000000a580)="24a5bac821eda4e2a765112174d9f720d7e1ee870fb8bde80ae4b3467502c9fda5a34f8bbec19da3dfb4bf3bed547923f743344541e80e1d955a000c34e3d78b6937470dbbec9cbd66610821d8a0760b4f6804ea9bff477b39ad93a89996ea7e4d46cf06747e6483f3ffca274f8cb145585d6861c157da9b41dbc4111660c90fa55590a622c2925b06be6c83940df7bf649b94a1e340a27e3b0cbfb09b13e47b6764824623d0fd18f871c145043544531a9e4a858a0a533176cfa088c1eb1f0a7f06800b999b341cc2f85efd449f837e3c1a1563f451cb046901806b5e2d17debdbe29190eee2ba16cab7c8ec6d1790e465cd3e298858b6de90611546970", 0xfe}, {0x0}], 0x6, &(0x7f000000a800)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r1, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xd0, 0x4001}}, {{0x0, 0x0, &(0x7f000000aa00)=[{&(0x7f000000a900)}, {&(0x7f000000a940)="11c5841282c2cf88e9b3312468f12bbdbb15779144d679eef5e0c7cd6408c2274835bce9879b1812365fd576b8cf14ff05dddf9052757db80c0825578aa40bed36850fdf6716edd7eb26f3c403ee0546a8da47f13c15dc56d9c0d6aa0f7bf240bdcdebffc91f437ab2ec3a08145f6a5c093295a6006980f425f0414d2d94faafb6b6d323bb794c372a1cc80558f367c91c346ca228ee12f4101ca32e8c1bcf440c6d063ff5", 0xa5}], 0x2, &(0x7f0000000700)=ANY=[@ANYBLOB="28000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r1, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="1883abec43ebe2edf23c733296d4595f46d88454914d2cd4000000fb060000002f0000000000000000", @ANYRES32=r0, @ANYRES32, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xb0, 0x4004880}}, {{&(0x7f000000ac40)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f000000ad80), 0x0, 0x0, 0x0, 0x8811}}, {{&(0x7f000000afc0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f000000b580)=[{&(0x7f000000b040)="4bdf712428d2edd449259a4014a89b68adfb636c3e511deffbf7fdf15c96afd41d85befce81de195d760eb65a18fdc2b9a3e5fcc8c8102ee4f2399a55128dfc949c132cf09f7edca8764a73b75da1895aa681e91790e51df9d1be74c9aebb2e8b7f2b5da9a823e6890b3732024dd5c7e7b7a074953cbfc444842e28a9788b8d8787d701c2493d19e9627b22f4011fab805b773383e086c8eb8a3c1000dd747c8b64d54b807c1e993a781828b40d6de59140fcb8a267030e734250501313bbf703313e1ff947e476595564c04ed12eaec9985ab2a95749a682321b967f94205f9", 0xe0}, {&(0x7f000000b140)="292c2cc2bc5ef6a07f113a40b619793a9dbc865fe7502eb536e2b508c97bdb41a4ff3772879508c0f2bb28d6e76312c55420372e7cf9c7b0cd8d4b474c06e89c04a343caa2d4d6d4124f50818ecbd25174978c924c4c47f31882c7cbfb4cbe8dd9dbc53373a138d3bf295809d4dc270cad15d73981daa119cca93f8d6c7ec7ba5b5da67f2226c4012650bd4d53ae8043397ce30e0fa47ec6741cf27f", 0x9c}, {&(0x7f000000b200)="8b5ed8ed895d79020ba25af57dc53a2f5f0dccf7322d50a4241a0c94afcf3cf10faa21507a08e3c13da82c6eb660b3a4985be888238f754101911b32b3ebfc8318ad43c8d07c39f99ef312fe97984e84f2e7f1a3", 0x54}, {&(0x7f000000b2c0)="b291216b446bd024ade8426d86176eefdeacc40f956d63b014bb2795cdd52d9aeeed52be96e51f37116d232453dbd6536a92a84da630e66e97bee2b6072ce2e53008df1852c8e2298082921dcce1b9fd3130710aa3e945014fde9ae9215e1c1ab6c26711ec89cfea060b784ca2761f1721", 0x71}, {&(0x7f000000b340)="dad212ab69611a11bb6ffa091f5650488cbeea73e00d61c63cadf61f533482233f3ff80a", 0x24}, {&(0x7f000000b480)="bbd29439dee5c9de7c8d8cf71c6605b74e2e34195939ef57c33fc10ebcdfa829c8c47b23135bf256abe6a868d42959c8bbffa760bd55c80981d16c2554827ea4afd133e58a156b67eb", 0x49}, {&(0x7f000000b500)="767debbd8ab5037807f0dc1f00647a613c51f0cb2e3c9c2094f1356de041c2c80b9a6f77e7b7b00ffa32a7fd288bca6d145b06de909d5605b5ece72aeddc40b7abcf18d43296aea575b053a927f712977a1a2e2d2f483bcdd7a6412001c2cc1eb6088f12d34ffb8d8994c5cf3969ce26", 0x70}], 0x7, 0x0, 0x0, 0x4080}}, {{&(0x7f000000b840)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f000000bc00)=[{&(0x7f000000b8c0)="829315cf03aca92ff40dcfcf975e3d3f87bc5d98c67ca917de836e80dd625cb3467a7c1d8ffc94e0d6f06e62ae179c6c193e552e7db19f62fc335785c6713b0928b390910bd1c574c613df12140d3d65aa8da7b0bf4ce4d3dd496fe5dd699f7a06c2512efc819bc0cd80f93a615be9cc65acc26bfa79cf1e5aa183ac7d3bb7f01e80862fbabc66a408cee4fc991d0ebed12d284844ac864e4b103a8cc175f9ae55f03c9c3353bcc14e32bb208f6645554c34d809fab4e99c3f884bd07db6e57e015e6dcc025298783771487427fa1a9e6ab9025c33c06e331ebc4a979003e503dd3f3754ed7283836720de9e93a8902bc3cd48e8163c750e37a68715", 0xfc}, {&(0x7f000000b9c0)="b0ecc5a688e52d750679cfae72cdeca82655bb826d93426db7ecd3b6f9975cda6053e2aeb343ac2412eb08dd363bdd0abd709c43869f6068b935586e12117f4b82f72fa9bc1a9adb4f13419bcffb435cf993ddb70898fbade4752b8e414e65fe0993e729c844b08151b31e0b37f178d91761bd7360282f2998e9594b674ebd61c85d0203c820e661f90b36e13b584c548c22b42f2ca46a100f", 0x99}, {&(0x7f000000bb80)="2c1f91deda025dbc10ff8857bbf97eeb2a7b07b2318179c0495d2d62bba7ac93557d40b2453afd69dfd623ab11f489b41af5c996ca274105becbf0bef3bac2e2430aced3d3e84ac188e60bf3f362", 0x4e}], 0x3, &(0x7f000000be00)=[@rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {r2}}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}], 0xe0, 0x20000010}}, {{&(0x7f000000d140)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f000000d300)=[{&(0x7f000000d1c0)="af4653057acce4b3d0c9e01b655cb1078c55f8a654060eeb3e6233d54ae5a0b1c329390dee0031f6040553bfb622d425f7b0520f19bd1540e019a1c25338d2ccc3e11808fac1bf557c1925dd45df3493e16c2c8ceec1acd9a8c782d7f865b90fec6a596f51eddcc2d1cff1055c802d8caf86f1c715219c88922e471e8b106292b7d040025a0600710a56a8d3c8a58cba92a61c31b7d0e8e631e5e3e84187c44a547d641e4d793e3f7b5247ed64f11cf0f265d379c3", 0xb5}], 0x1, &(0x7f000000d340), 0x0, 0x1}}], 0x8, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP_VS_SO_GET_SERVICES(r1, 0x0, 0x482, &(0x7f0000000380)=""/138, &(0x7f00000000c0)=0x8a)
syz_emit_ethernet(0xae, &(0x7f0000000280)=ANY=[@ANYBLOB="0180c20000000180c200000086dd6001012000783afffe8000000000000000000000000000bbff03030000000000000000000000000186009078000000070000000000000000000aa78ce54006598080a8030037004023493b07aafaffffffffffffff23732472eefa45ad964892497465bb4c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbafe5af180200010000000004002600040000000101fe906d17efe30000000690efafb1dc37fd06a2bc60b57186f814d9dd48f184818921c9dfee5d7ab0b435162ca014a180551f1c5f45811f45d1077b79b603d284b4ddf884aa336e8e4ca2ff00e4a6d56653a43a"], 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
close(0xffffffffffffffff)
execve(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r3 = gettid()
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r4, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
r5 = shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
shmat(r5, &(0x7f00003e8000/0x1000)=nil, 0x4000)
write$rfkill(r4, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
r6 = syz_usb_connect(0x0, 0x24, &(0x7f0000000a40)=ANY=[@ANYBLOB="12010000c7ce360863078120abd001e402010902120001000000000904000000ff"], 0x0)
syz_usb_control_io(r6, &(0x7f0000000280)={0x2c, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00030a0000000a03"], 0x0, 0x0, 0x0}, 0x0)

3.279855842s ago: executing program 2 (id=1303):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001500010300000000000000000a"], 0x14}}, 0x40040)
sendmsg$NLBL_UNLABEL_C_STATICADD(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[@ANYBLOB='<'], 0x3c}, 0x8, 0x3000000000002}, 0x4)

3.121950264s ago: executing program 2 (id=1304):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x1b)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000300)=""/79}, 0x20)
r2 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x40000)
r3 = dup(r2)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r3, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r2, {0x1}}, './file0\x00'})
r4 = syz_open_dev$ttys(0xc, 0x2, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f0000006880)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002a00)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="010000000000ff"], 0x14}, 0x1, 0x0, 0x0, 0x48000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r8 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
connect$bt_sco(r8, &(0x7f0000000080)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8)
ioctl$TIOCSWINSZ(r4, 0x5414, &(0x7f0000000040)={0x4, 0x0, 0x2, 0xfffb})
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000400)=ANY=[@ANYRES16=r0, @ANYRES16=r9, @ANYRESDEC=r8, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESHEX=r3])
syz_fuse_handle_req(r9, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x84000, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)

2.864087385s ago: executing program 0 (id=1305):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000600)=ANY=[@ANYRES32, @ANYBLOB="454bf47b84"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b708", @ANYRES32=r0], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000003c0)={'erspan0\x00', &(0x7f0000000280)=@ethtool_coalesce={0xf, 0x4800000, 0x7, 0x2ce1, 0x287, 0xf65, 0x5, 0x9, 0x3, 0x2, 0x8bdb, 0x2, 0x4, 0x6, 0xe5d2, 0xa, 0xffffffff, 0x5, 0x5, 0x1ff, 0x101, 0x6, 0xc71}})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x0, 0x0}, &(0x7f0000000240)=0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000380)=@bpf_tracing={0x1a, 0x29, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='\x00\x00\x00', @ANYBLOB="00000000000001018510000007", @ANYRES32=0x1], 0x0, 0xe, 0x3b, &(0x7f0000000080)=""/59, 0x40f00, 0x1, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x169a0, 0xffffffffffffffff, 0x0, &(0x7f0000000300)=[0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1, 0x1], 0x0, 0x10, 0x1, @void, @value}, 0x94)
socket$netlink(0x10, 0x3, 0x8000000004)
socket$can_bcm(0x1d, 0x2, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x80000008a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, 0x0)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x8440, 0x0)
ioctl$RTC_PIE_ON(r4, 0x7005)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r5, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000002c0)=ANY=[@ANYRES64=r2, @ANYRES16=r7, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r8, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2.105283653s ago: executing program 4 (id=1306):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r3, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
recvmmsg(r3, &(0x7f0000001e40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffa0}}, {{&(0x7f0000000340)=@xdp, 0x80, &(0x7f00000000c0), 0x1}, 0x4}, {{&(0x7f00000004c0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000540)=""/90, 0x66}, {&(0x7f0000000680)=""/105, 0x69}, {&(0x7f0000000700)=""/238, 0xee}, {&(0x7f0000000a80)=""/160, 0xffffffffffffff04}], 0x4, &(0x7f00000005c0)=""/60, 0x3c}, 0x9}, {{&(0x7f00000003c0)=@phonet, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000b40)=""/233}, {&(0x7f0000000c40)=""/4096}, {&(0x7f0000000800)=""/187}, {&(0x7f0000001c40)=""/113}, {&(0x7f00000000c0)=""/60}, {&(0x7f0000001cc0)=""/106}, {&(0x7f0000000440)=""/39}], 0x0, &(0x7f0000001dc0)=""/118}, 0x2}], 0x3, 0x2, 0x0)
sendmmsg(r3, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
ioctl$KVM_SET_GUEST_DEBUG(r2, 0x4048ae9b, &(0x7f0000000200)={0x4376ea830d56d49d})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)

1.934103254s ago: executing program 2 (id=1307):
r0 = syz_io_uring_setup(0x83f, &(0x7f00000000c0)={0x0, 0x11e, 0x400, 0x3, 0x319}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000400))
r2 = getpgrp(0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
syz_clone(0x8b28600, 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x4, 0x1000085}, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
read$msr(r3, &(0x7f0000019680)=""/102384, 0x18ff0)
r4 = socket$inet6(0xa, 0x3, 0xff)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r5], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x8, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
connect$inet6(r4, 0x0, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fcntl$setstatus(r7, 0x4, 0x2800)
acct(&(0x7f0000000240)='./file0\x00')
ioctl$TIOCSTI(r7, 0x5412, &(0x7f00000018c0)=0x13)
r8 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r9, 0xc008aec1, 0x0)
r10 = socket(0x1d, 0x2, 0x6)
r11 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r11, 0x3b71, &(0x7f0000000040)={0x20, 0x2, 0x0, 0x1, 0x101})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, 0x0, 0x0, 0x4)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0xfffffdcf)
readv(r10, &(0x7f0000000640)=[{&(0x7f0000000280)=""/106, 0x6a}, {&(0x7f0000000380)=""/112, 0x70}, {&(0x7f0000000300)=""/19, 0x13}, {&(0x7f0000000440)=""/162, 0xa2}, {&(0x7f0000000500)=""/207, 0xcf}, {&(0x7f0000000600)=""/1, 0x1}], 0x6)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))

1.486120035s ago: executing program 2 (id=1308):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=@ipv6_newaddr={0x54, 0x14, 0x9535393fea6295b5, 0x1000, 0x0, {0xa, 0x78, 0x0, 0x0, r3}, [@IFA_LOCAL={0x14, 0x2, @local}, @IFA_CACHEINFO={0x14, 0x6, {0x1000000, 0xfffff001}}, @IFA_ADDRESS={0x14, 0x1, @remote}]}, 0x54}}, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(r1, 0x0, 0x4004000)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000940)={0x14, 0x4, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x20004000}, 0x8080)

1.456512555s ago: executing program 0 (id=1309):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_to_team\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000400012800c0001006d6163766c616e00300002800800010010000000100005800a000400aaaaaaaaaabb000008000300030000000a000400aaaaaaaab1aa000008000500", @ANYRES32=r1], 0x68}, 0x1, 0x0, 0x0, 0x4010}, 0x0) (fail_nth: 7)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x6}, 0x0)

1.373960675s ago: executing program 2 (id=1310):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
r1 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0xcc90, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000380)={'vcan0\x00'})
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_RECVMSG={0xa, 0x1, 0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2000, 0x0, {0x2}})
io_uring_enter(r1, 0x3513, 0x217, 0xa1, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000f80)={0xffffffa9, 0x0, 0x0, 0x0, &(0x7f0000000e40)={0x20, 0x80, 0x1c, {0x7, 0x8, 0x4, 0x6, 0xaac6, 0x2, 0x1ff, 0x2, 0x856f, 0xf7, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0})
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r6 = open$dir(&(0x7f0000000100)='./file0\x00', 0x169840, 0x0)
poll(&(0x7f00000000c0)=[{r6, 0x2000}], 0x1, 0x83)
syz_usb_connect$cdc_ncm(0x5, 0x72, &(0x7f0000000180)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x60, 0x2, 0x1, 0x7, 0x80, 0xfa, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x9, 0x24, 0x6, 0x0, 0x1, "e6655e8f"}, {0x5, 0x24, 0x0, 0xa9}, {0xd, 0x24, 0xf, 0x1, 0x5, 0x1, 0x6, 0x2}, {0x6, 0x24, 0x1a, 0xff, 0x2d}}, {{0x9, 0x5, 0x81, 0x3, 0x8, 0xa2, 0x1, 0xdf}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x7f, 0xff, 0x1}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x74, 0x8, 0x5}}}}}}}]}}, &(0x7f0000000300)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x250, 0x0, 0x0, 0x5, 0x8, 0x9}, 0x13, &(0x7f0000000200)={0x5, 0xf, 0x13, 0x2, [@ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0x8, 0x0, 0x1, 0x6, 0x1, 0x8}]}, 0x3, [{0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x423}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x2c18}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x42b}}]})
r7 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r7, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="0200000008000100000000000400020000000000100002000000000020"], 0x24, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000000)={@my=0x0, 0x2})
r8 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r8, 0x80015b12, 0x0)

1.020408298s ago: executing program 4 (id=1311):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$usbmon(&(0x7f0000000080), 0x7fffffff, 0x0)

992.559403ms ago: executing program 0 (id=1312):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
lsetxattr$security_capability(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
splice(r2, 0x0, r3, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r3, &(0x7f0000000980), 0xfdef)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

213.844387ms ago: executing program 1 (id=1313):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x4000880)

114.004543ms ago: executing program 1 (id=1314):
pipe2$watch_queue(&(0x7f0000000280), 0x80)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x8001000d, 0xad, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x8d, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
mremap(&(0x7f00004e8000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000f78000/0x2000)=nil)
r0 = syz_open_dev$vcsa(&(0x7f0000000000), 0x56, 0x2001)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000140), 0x4a4002, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(0xffffffffffffffff, 0x5761, &(0x7f0000000200)=ANY=[])
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000046ffffffff95000000a6b60000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x32, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2005, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1, 0x0, 0x4100000000}, 0x18)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x4000000080a00, 0x0)
r3 = dup(r2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = syz_io_uring_setup(0x10e, 0x0, &(0x7f0000000340)=<r6=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, 0x0, 0x0)
io_uring_enter(r5, 0x5f7c, 0xdbaa, 0x66, 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r0, 0x40084146, &(0x7f0000000700))
ioctl$SNDRV_PCM_IOCTL_UNLINK(0xffffffffffffffff, 0x4161, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), 0x0, 0x0, 0xfffffffffffffffe)
move_pages(0x0, 0x0, &(0x7f0000000640), 0x0, 0x0, 0x0)
openat$cgroup_ro(r3, &(0x7f00000007c0)='memory.swap.current\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0x0, 0x60, &(0x7f0000000240)={'filter\x00', 0xb001, 0x4, 0x3a8, 0x0, 0x1d0, 0x0, 0x2c0, 0x2c0, 0x2c0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d0}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x46e, 0xfffc}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f8)

89.628359ms ago: executing program 2 (id=1315):
openat$tun(0xffffffffffffff9c, &(0x7f0000000480), 0x48241, 0x0)
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
syz_io_uring_setup(0x231, &(0x7f0000000180)={0x0, 0xdd68, 0x40, 0x402}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140))
syz_io_uring_submit(r1, 0x0, &(0x7f00000009c0)=@IORING_OP_MKDIRAT={0x25, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000003c0)='./file0/file0\x00', 0xc1})
r2 = socket$nl_route(0x10, 0x3, 0x0)
getpeername$netlink(r2, &(0x7f0000000040), &(0x7f00000000c0)=0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], 0x0, 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
ioctl$BLKPBSZGET(0xffffffffffffffff, 0x127b, &(0x7f0000000280))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
keyctl$assume_authority(0x10, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x0, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x100, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000000240)={'gretap0\x00', 0x0})
r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
io_setup(0x3, &(0x7f0000000100)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

0s ago: executing program 4 (id=1316):
syz_open_dev$vim2m(&(0x7f0000000440), 0x8000, 0x2)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/notes', 0x309802, 0x356)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='mm_vmscan_lru_shrink_inactive\x00', r0, 0x0, 0x5}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r4, 0x29, 0x24, &(0x7f0000000000)=0xd, 0x4)
syz_emit_ethernet(0x4e, &(0x7f0000000680)={@multicast, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x18, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @local}}}}}}, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$llc(0x1a, 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f00000000c0), &(0x7f00000001c0)=0x4)
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r6, 0x4b3a, 0x1)
syz_open_dev$vcsa(0x0, 0x400, 0x20440)
clock_gettime(0x0, 0x0)
ioctl$TCXONC(r6, 0x4b3a, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

kernel console output (not intermixed with test programs):

ll, error -71
[  337.336457][   T24] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  337.362505][   T24] usb 4-1: MIDIStreaming interface descriptor not found
[  337.474088][   T24] usb 4-1: USB disconnect, device number 9
[  337.642721][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  337.660224][ T8980] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  337.781225][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  337.857944][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  337.941374][ T5834] Bluetooth: hci0: unexpected event 0x06 length: 7 > 3
[  337.955367][ T8988] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  338.473119][ T5834] Bluetooth: hci0: unexpected event for opcode 0x0c12
[  338.502815][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  338.502838][   T30] audit: type=1400 audit(1745517762.983:536): avc:  denied  { rename } for  pid=8986 comm="syz.2.848" name="file1" dev="overlay" ino=19175 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=blk_file permissive=1
[  338.565547][   T30] audit: type=1400 audit(1745517762.983:537): avc:  denied  { unlink } for  pid=8986 comm="syz.2.848" name="file0" dev="overlay" ino=19175 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=blk_file permissive=1
[  338.692079][   T30] audit: type=1400 audit(1745517762.983:538): avc:  denied  { setattr } for  pid=8986 comm="syz.2.848" name="#1b" dev="tmpfs" ino=915 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:ramfs_t tclass=blk_file permissive=1
[  338.733370][   T24] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[  338.789075][   T30] audit: type=1400 audit(1745517763.173:539): avc:  denied  { bind } for  pid=8995 comm="syz.2.851" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  338.810364][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.860227][   T30] audit: type=1400 audit(1745517763.173:540): avc:  denied  { node_bind } for  pid=8995 comm="syz.2.851" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  338.902693][   T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  338.910942][ T9002] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  338.923085][   T30] audit: type=1400 audit(1745517763.173:541): avc:  denied  { bind } for  pid=8995 comm="syz.2.851" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  338.926701][   T24] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  339.020181][ T5878] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  339.028766][   T24] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  339.060488][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.094691][   T24] usb 4-1: config 0 descriptor??
[  339.117007][   T24] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  339.125395][   T24] dvb-usb: bulk message failed: -22 (3/0)
[  339.146608][   T24] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  339.160768][ T5878] usb 3-1: device descriptor read/64, error -71
[  339.340430][ T9001] infiniband syz!: set active
[  339.348455][ T9001] infiniband syz!: added team_slave_0
[  339.356978][   T24] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  339.375127][   T24] usb 4-1: media controller created
[  339.418759][ T5878] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  339.455187][ T5866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  339.530849][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  339.545503][   T24] dvb-usb: bulk message failed: -22 (6/0)
[  339.551374][   T24] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  339.560321][ T5878] usb 3-1: device descriptor read/64, error -71
[  339.561496][   T24] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input40
[  339.581597][   T24] dvb-usb: schedule remote query interval to 150 msecs.
[  339.588565][   T24] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  339.740208][   T52] dvb-usb: bulk message failed: -22 (1/0)
[  339.746057][   T52] dvb-usb: error while querying for an remote control event.
[  339.774634][ T9015] hub 9-0:1.0: USB hub found
[  339.780334][ T9015] hub 9-0:1.0: 1 port detected
[  339.797938][ T9015] netlink: 20 bytes leftover after parsing attributes in process `syz.1.853'.
[  339.849745][ T9015] bond2: entered promiscuous mode
[  339.918162][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  339.964119][   T24] usb 4-1: USB disconnect, device number 10
[  340.023047][ T9001] RDS/IB: syz!: added
[  340.303961][ T9001] smc: adding ib device syz! with port count 1
[  340.325326][ T9001] smc:    ib device syz! port 1 has pnetid 
[  340.544369][ T5878] usb usb3-port1: attempt power cycle
[  340.602732][   T24] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  340.821552][ T5831] udevd[5831]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.95/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  340.973962][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  340.993077][ T9023] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  340.996143][ T9025] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  341.013644][ T5878] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  341.035529][ T9023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  341.047251][ T9023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  341.056588][ T5878] usb 3-1: device descriptor read/8, error -71
[  341.068602][ T9023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  341.101199][ T9023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  341.119437][ T9023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  341.133295][ T9023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  341.146000][ T9027] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  341.156918][ T9027] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  341.323894][ T5878] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  341.466772][ T9032] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  341.529490][ T5878] usb 3-1: device descriptor read/8, error -71
[  341.672345][ T5878] usb usb3-port1: unable to enumerate USB device
[  341.788705][ T5834] Bluetooth: hci2: unexpected event 0x06 length: 7 > 3
[  341.891814][ T5834] Bluetooth: hci2: unexpected event for opcode 0x0c12
[  341.974395][ T9042] hub 9-0:1.0: USB hub found
[  341.980141][ T9042] hub 9-0:1.0: 1 port detected
[  342.018348][ T9042] netlink: 20 bytes leftover after parsing attributes in process `syz.4.860'.
[  342.109257][ T9042] bond1: entered promiscuous mode
[  342.250141][ T9042] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  344.530111][   T52] usb 3-1: new full-speed USB device number 34 using dummy_hcd
[  344.732000][   T52] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  344.743541][   T30] audit: type=1326 audit(1745517769.223:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9060 comm="syz.3.867" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0026f8e969 code=0x0
[  344.743756][   T52] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  344.766136][    C1] vkms_vblank_simulate: vblank timer overrun
[  345.284287][   T30] audit: type=1400 audit(1745517769.373:543): avc:  denied  { setopt } for  pid=9060 comm="syz.3.867" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  345.331383][   T52] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  345.408543][   T52] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.493784][   T52] usb 3-1: config 0 descriptor??
[  345.517277][   T52] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  345.560328][ T1210] net_ratelimit: 6 callbacks suppressed
[  345.560346][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  345.581489][   T52] dvb-usb: bulk message failed: -22 (3/0)
[  345.602257][   T52] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  345.631510][   T52] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  345.638730][   T52] usb 3-1: media controller created
[  345.650473][   T52] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  345.697413][   T52] dvb-usb: bulk message failed: -22 (6/0)
[  345.709241][   T52] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  345.823276][   T52] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input42
[  345.851509][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  345.970245][   T52] dvb-usb: schedule remote query interval to 150 msecs.
[  346.022224][   T52] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  346.092465][   T52] usb 3-1: USB disconnect, device number 34
[  346.174810][   T52] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  346.299998][ T9076] netlink: 'syz.1.871': attribute type 10 has an invalid length.
[  346.570612][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  346.574492][ T9078] netlink: 36 bytes leftover after parsing attributes in process `syz.2.872'.
[  346.717722][ T9080] netlink: 'syz.2.873': attribute type 46 has an invalid length.
[  346.733162][ T9080] netlink: 44 bytes leftover after parsing attributes in process `syz.2.873'.
[  346.782275][ T5834] Bluetooth: hci1: unexpected event 0x06 length: 7 > 3
[  346.784538][ T5834] Bluetooth: hci1: unexpected event for opcode 0x0c12
[  347.298001][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  347.458475][ T9094] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  347.472155][ T9094] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  347.734207][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  347.864254][ T9101] xt_CT: You must specify a L4 protocol and not use inversions on it
[  348.766970][ T9106] FAULT_INJECTION: forcing a failure.
[  348.766970][ T9106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.788495][ T9106] CPU: 0 UID: 0 PID: 9106 Comm: syz.1.880 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  348.788518][ T9106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  348.788526][ T9106] Call Trace:
[  348.788531][ T9106]  <TASK>
[  348.788536][ T9106]  dump_stack_lvl+0x16c/0x1f0
[  348.788556][ T9106]  should_fail_ex+0x512/0x640
[  348.788572][ T9106]  _copy_from_user+0x2e/0xd0
[  348.788586][ T9106]  copy_msghdr_from_user+0x98/0x160
[  348.788601][ T9106]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  348.788621][ T9106]  ___sys_sendmsg+0xfe/0x1d0
[  348.788634][ T9106]  ? __pfx____sys_sendmsg+0x10/0x10
[  348.788675][ T9106]  __sys_sendmsg+0x16d/0x220
[  348.788688][ T9106]  ? __pfx___sys_sendmsg+0x10/0x10
[  348.788710][ T9106]  ? __pfx___schedule+0x10/0x10
[  348.788733][ T9106]  do_syscall_64+0xcd/0x260
[  348.788748][ T9106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.788760][ T9106] RIP: 0033:0x7fcdaad8e969
[  348.788769][ T9106] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.788780][ T9106] RSP: 002b:00007fcda8bd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  348.788790][ T9106] RAX: ffffffffffffffda RBX: 00007fcdaafb6080 RCX: 00007fcdaad8e969
[  348.788797][ T9106] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 000000000000000d
[  348.788808][ T9106] RBP: 00007fcda8bd5090 R08: 0000000000000000 R09: 0000000000000000
[  348.788814][ T9106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.788820][ T9106] R13: 0000000000000000 R14: 00007fcdaafb6080 R15: 00007ffe7b12d728
[  348.788833][ T9106]  </TASK>
[  348.953670][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  349.060670][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  349.401515][ T9119] netlink: 20 bytes leftover after parsing attributes in process `syz.3.883'.
[  349.597422][ T9121] netlink: 36 bytes leftover after parsing attributes in process `syz.0.882'.
[  349.700613][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  349.946244][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  350.305077][ T5834] Bluetooth: hci2: unexpected event 0x06 length: 7 > 3
[  350.337920][ T5834] Bluetooth: hci2: unexpected event for opcode 0x0c12
[  350.411570][ T9127] netlink: 'syz.0.887': attribute type 1 has an invalid length.
[  350.423191][ T9127] FAULT_INJECTION: forcing a failure.
[  350.423191][ T9127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  350.436449][ T9127] CPU: 1 UID: 0 PID: 9127 Comm: syz.0.887 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  350.436474][ T9127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  350.436485][ T9127] Call Trace:
[  350.436491][ T9127]  <TASK>
[  350.436497][ T9127]  dump_stack_lvl+0x16c/0x1f0
[  350.436526][ T9127]  should_fail_ex+0x512/0x640
[  350.436549][ T9127]  _copy_from_user+0x2e/0xd0
[  350.436570][ T9127]  core_sys_select+0x2c7/0xbe0
[  350.436592][ T9127]  ? __pfx_core_sys_select+0x10/0x10
[  350.436623][ T9127]  ? sched_clock_cpu+0x6c/0x530
[  350.436668][ T9127]  ? set_user_sigmask+0x21b/0x2b0
[  350.436702][ T9127]  ? __pfx_set_user_sigmask+0x10/0x10
[  350.436728][ T9127]  do_pselect.constprop.0+0x19f/0x1e0
[  350.436745][ T9127]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  350.436762][ T9127]  ? __pfx___schedule+0x10/0x10
[  350.436784][ T9127]  ? irqentry_exit+0x3b/0x90
[  350.436809][ T9127]  __x64_sys_pselect6+0x182/0x240
[  350.436833][ T9127]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  350.436857][ T9127]  do_syscall_64+0xcd/0x260
[  350.436882][ T9127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.436899][ T9127] RIP: 0033:0x7f900778e969
[  350.436914][ T9127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.436930][ T9127] RSP: 002b:00007f900862a038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  350.436947][ T9127] RAX: ffffffffffffffda RBX: 00007f90079b6080 RCX: 00007f900778e969
[  350.436967][ T9127] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000040
[  350.436977][ T9127] RBP: 00007f900862a090 R08: 0000000000000000 R09: 0000000000000000
[  350.436988][ T9127] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  350.436998][ T9127] R13: 0000000000000000 R14: 00007f90079b6080 R15: 00007ffc0ac5e498
[  350.437024][ T9127]  </TASK>
[  351.150289][ T1210] net_ratelimit: 1 callbacks suppressed
[  351.150309][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  351.263451][ T9134] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  351.364588][ T9137] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  351.411818][ T9137] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  352.170695][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  352.272415][ T9146] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  352.749801][ T9152] netlink: 20 bytes leftover after parsing attributes in process `syz.1.896'.
[  352.772229][ T9155] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  352.963455][ T9158] FAULT_INJECTION: forcing a failure.
[  352.963455][ T9158] name failslab, interval 1, probability 0, space 0, times 0
[  352.963487][ T9158] CPU: 1 UID: 0 PID: 9158 Comm: syz.4.900 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  352.963505][ T9158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  352.963514][ T9158] Call Trace:
[  352.963519][ T9158]  <TASK>
[  352.963525][ T9158]  dump_stack_lvl+0x16c/0x1f0
[  352.963550][ T9158]  should_fail_ex+0x512/0x640
[  352.963568][ T9158]  should_failslab+0xc2/0x120
[  352.963585][ T9158]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  352.963600][ T9158]  ? skb_clone+0x190/0x3f0
[  352.963620][ T9158]  skb_clone+0x190/0x3f0
[  352.963637][ T9158]  netlink_deliver_tap+0xabd/0xd30
[  352.963656][ T9158]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  352.963678][ T9158]  netlink_dump+0x638/0xd00
[  352.963698][ T9158]  ? __pfx_netlink_dump+0x10/0x10
[  352.963723][ T9158]  ? kfree_skbmem+0x1a4/0x1f0
[  352.963738][ T9158]  ? kfree_skbmem+0x1a4/0x1f0
[  352.963751][ T9158]  netlink_recvmsg+0xa15/0xf20
[  352.963770][ T9158]  ? __pfx_netlink_recvmsg+0x10/0x10
[  352.963793][ T9158]  ? iovec_from_user+0xbb/0x140
[  352.963815][ T9158]  ____sys_recvmsg+0x5f6/0x6b0
[  352.963839][ T9158]  ? __pfx_____sys_recvmsg+0x10/0x10
[  352.963865][ T9158]  ? kfree+0x2b6/0x4d0
[  352.963889][ T9158]  ___sys_recvmsg+0x114/0x1a0
[  352.963905][ T9158]  ? __pfx____sys_recvmsg+0x10/0x10
[  352.963932][ T9158]  ? __pfx___might_resched+0x10/0x10
[  352.963965][ T9158]  ? read_tsc+0x9/0x20
[  352.963988][ T9158]  ? ktime_get_ts64+0x256/0x400
[  352.964015][ T9158]  do_recvmmsg+0x2fe/0x740
[  352.964033][ T9158]  ? __pfx_do_recvmmsg+0x10/0x10
[  352.964048][ T9158]  ? find_held_lock+0x2b/0x80
[  352.964069][ T9158]  ? __might_fault+0xe3/0x190
[  352.964087][ T9158]  ? __might_fault+0x13b/0x190
[  352.964114][ T9158]  ? __pfx_get_timespec64+0x10/0x10
[  352.964133][ T9158]  ? __fget_files+0x20e/0x3c0
[  352.964151][ T9158]  __x64_sys_recvmmsg+0x199/0x280
[  352.964169][ T9158]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  352.964185][ T9158]  ? rcu_is_watching+0x12/0xc0
[  352.964207][ T9158]  do_syscall_64+0xcd/0x260
[  352.964227][ T9158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.964241][ T9158] RIP: 0033:0x7f0c35b8e969
[  352.964252][ T9158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.964266][ T9158] RSP: 002b:00007f0c36987038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  352.964280][ T9158] RAX: ffffffffffffffda RBX: 00007f0c35db5fa0 RCX: 00007f0c35b8e969
[  352.964288][ T9158] RDX: 04000000000003b4 RSI: 00002000000037c0 RDI: 0000000000000003
[  352.964296][ T9158] RBP: 00007f0c36987090 R08: 0000200000003700 R09: 0000000000000000
[  352.964304][ T9158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  352.964311][ T9158] R13: 0000000000000000 R14: 00007f0c35db5fa0 R15: 00007ffd4a7b9898
[  352.964329][ T9158]  </TASK>
[  352.972281][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  353.160171][   T30] audit: type=1400 audit(1745517777.533:544): avc:  denied  { nlmsg_write } for  pid=9156 comm="syz.1.899" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  353.160864][   T30] audit: type=1400 audit(1745517777.533:545): avc:  denied  { audit_write } for  pid=9156 comm="syz.1.899" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  353.160907][   T30] audit: type=1107 audit(1745517777.533:546): pid=9156 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t msg='aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  353.161325][   T30] audit: type=1400 audit(1745517777.583:547): avc:  denied  { ioctl } for  pid=9156 comm="syz.1.899" path="socket:[20552]" dev="sockfs" ino=20552 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  353.296214][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  353.302757][ T9161] netlink: 'syz.2.897': attribute type 10 has an invalid length.
[  353.508745][ T9167] hub 9-0:1.0: USB hub found
[  353.510288][ T9167] hub 9-0:1.0: 1 port detected
[  353.545118][ T9167] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  354.330474][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  354.434616][ T9174] =======================================================
[  354.434616][ T9174] WARNING: The mand mount option has been deprecated and
[  354.434616][ T9174]          and is ignored by this kernel. Remove the mand
[  354.434616][ T9174]          option from the mount to silence this warning.
[  354.434616][ T9174] =======================================================
[  354.435978][   T30] audit: type=1400 audit(1745517778.913:548): avc:  denied  { sqpoll } for  pid=9172 comm="syz.4.903" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  354.442467][   T30] audit: type=1400 audit(1745517778.913:549): avc:  denied  { mount } for  pid=9173 comm="syz.3.904" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  354.491370][   T30] audit: type=1400 audit(1745517778.973:550): avc:  denied  { unmount } for  pid=5827 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  354.583620][ T9180] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=9180 comm=syz.3.906
[  354.714068][   T30] audit: type=1400 audit(1745517779.193:551): avc:  denied  { read } for  pid=9177 comm="syz.1.905" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  354.714129][   T30] audit: type=1400 audit(1745517779.193:552): avc:  denied  { open } for  pid=9177 comm="syz.1.905" path="/dev/autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  355.370644][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  356.010981][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  356.511021][ T9195] netlink: 36 bytes leftover after parsing attributes in process `syz.0.909'.
[  356.922450][ T5866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  356.992290][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  357.192231][ T9206] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  357.203340][ T9206] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  357.343666][ T9208] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  357.353103][  T951] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  357.361223][ T5866] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  357.532157][  T951] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  357.545441][  T951] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  357.574590][ T5866] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  357.597706][  T951] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  358.045593][ T5866] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  358.045720][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  358.054510][  T951] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.071750][ T5866] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  358.080849][ T5866] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  358.094520][  T951] usb 2-1: config 0 descriptor??
[  358.114550][ T5866] usb 4-1: config 0 descriptor??
[  358.134299][   T30] audit: type=1400 audit(1745517782.613:553): avc:  denied  { unmount } for  pid=5825 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  358.155620][  T951] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  358.165797][  T951] dvb-usb: bulk message failed: -22 (3/0)
[  358.176255][ T5866] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  358.191224][ T5866] dvb-usb: bulk message failed: -22 (3/0)
[  358.201454][  T951] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  358.214045][ T5866] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  358.223841][  T951] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  358.234003][ T5866] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  358.241159][  T951] usb 2-1: media controller created
[  358.246687][ T5866] usb 4-1: media controller created
[  358.258567][ T5866] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  358.269977][  T951] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  358.376559][ T9200] dvb-usb: bulk message failed: -22 (2/0)
[  358.592349][ T9218] hub 9-0:1.0: USB hub found
[  358.597914][ T9218] hub 9-0:1.0: 1 port detected
[  358.616627][ T9218] netlink: 48 bytes leftover after parsing attributes in process `syz.4.915'.
[  358.635605][ T9218] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  359.394115][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  359.402798][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  359.422330][  T951] dvb-usb: bulk message failed: -22 (6/0)
[  359.428087][  T951] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  359.441753][ T5866] dvb-usb: bulk message failed: -22 (6/0)
[  359.447500][ T5866] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  359.572863][  T951] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input45
[  359.593553][ T5866] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input46
[  359.621634][  T951] dvb-usb: schedule remote query interval to 150 msecs.
[  359.628627][  T951] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  359.664854][ T5866] dvb-usb: schedule remote query interval to 150 msecs.
[  359.697095][ T5866] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  359.725163][  T951] usb 2-1: USB disconnect, device number 23
[  359.749703][ T5866] usb 4-1: USB disconnect, device number 11
[  359.772445][ T7176] Bluetooth: hci5: Frame reassembly failed (-84)
[  359.852465][  T951] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  359.862024][ T5866] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  359.931664][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  360.472704][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  360.904791][   T30] audit: type=1400 audit(1745517785.133:554): avc:  granted  { setsecparam } for  pid=9228 comm="syz.0.920" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  361.837375][ T9245] netlink: 36 bytes leftover after parsing attributes in process `syz.1.923'.
[  361.860083][ T5834] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  362.087024][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  362.498035][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  363.083064][   T30] audit: type=1400 audit(1745517787.143:555): avc:  granted  { setsecparam } for  pid=9246 comm="syz.1.924" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  363.130359][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  363.143662][ T9253] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  363.323094][ T9264] netlink: 'syz.2.928': attribute type 10 has an invalid length.
[  363.491008][ T1210] usb 2-1: new full-speed USB device number 24 using dummy_hcd
[  363.513871][  T951] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  363.722391][  T951] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  363.779850][ T1210] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  364.624320][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  364.633636][ T1210] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  364.643440][ T1210] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  364.656308][  T951] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  364.656679][ T1210] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.676490][ T9275] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  365.452824][ T5866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  365.461295][  T951] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  365.881026][ T5955] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  365.889148][ T5866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  365.897529][  T951] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.900392][   T30] audit: type=1400 audit(1745517790.113:556): avc:  granted  { setsecparam } for  pid=9270 comm="syz.0.933" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  365.927842][  T951] usb 4-1: config 0 descriptor??
[  365.931286][ T9271] netlink: 'syz.2.932': attribute type 10 has an invalid length.
[  365.961429][ T1210] usb 2-1: config 0 descriptor??
[  365.963844][  T951] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  365.989161][  T951] dvb-usb: bulk message failed: -22 (3/0)
[  365.991413][ T1210] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  366.102000][ T1210] dvb-usb: bulk message failed: -22 (3/0)
[  366.111663][ T1210] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  366.121426][ T1210] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  366.121863][  T951] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  366.128568][ T1210] usb 2-1: media controller created
[  366.143931][ T1210] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  366.175372][ T9257] dvb-usb: bulk message failed: -22 (2/0)
[  366.186368][ T1210] dvb-usb: bulk message failed: -22 (6/0)
[  366.217212][ T9289] netlink: 36 bytes leftover after parsing attributes in process `syz.4.934'.
[  366.235715][ T9289] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  366.244097][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  366.532803][  T951] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  366.561637][ T1210] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  366.562577][  T951] usb 4-1: media controller created
[  366.605763][ T1210] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input48
[  366.621286][ T1210] dvb-usb: schedule remote query interval to 150 msecs.
[  366.628935][ T1210] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  366.638507][  T951] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  366.752461][ T1210] usb 2-1: USB disconnect, device number 24
[  367.239255][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  367.261805][  T951] dvb-usb: bulk message failed: -22 (6/0)
[  367.268760][  T951] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  367.273637][ T1210] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  367.369251][  T951] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input50
[  367.407725][ T9301] FAULT_INJECTION: forcing a failure.
[  367.407725][ T9301] name failslab, interval 1, probability 0, space 0, times 0
[  367.465765][  T951] dvb-usb: schedule remote query interval to 150 msecs.
[  367.471850][ T9301] CPU: 1 UID: 0 PID: 9301 Comm: syz.0.939 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  367.471876][ T9301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  367.471884][ T9301] Call Trace:
[  367.471889][ T9301]  <TASK>
[  367.471895][ T9301]  dump_stack_lvl+0x16c/0x1f0
[  367.471922][ T9301]  should_fail_ex+0x512/0x640
[  367.471939][ T9301]  ? fs_reclaim_acquire+0xae/0x150
[  367.471962][ T9301]  should_failslab+0xc2/0x120
[  367.471979][ T9301]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  367.471995][ T9301]  ? security_inode_alloc+0x3b/0x2b0
[  367.472020][ T9301]  security_inode_alloc+0x3b/0x2b0
[  367.472038][ T9301]  inode_init_always_gfp+0xce4/0x1030
[  367.472057][ T9301]  alloc_inode+0x86/0x240
[  367.472081][ T9301]  new_inode+0x22/0x1c0
[  367.472102][ T9301]  mqueue_get_inode+0x2e/0xdd0
[  367.472122][ T9301]  mqueue_create_attr+0x261/0x440
[  367.472143][ T9301]  vfs_mkobj+0x3d8/0x620
[  367.472161][ T9301]  ? __pfx_mqueue_create_attr+0x10/0x10
[  367.472180][ T9301]  do_mq_open+0x700/0x8b0
[  367.472198][ T9301]  ? __pfx_do_mq_open+0x10/0x10
[  367.472219][ T9301]  __x64_sys_mq_open+0x155/0x1e0
[  367.472236][ T9301]  ? __pfx___x64_sys_mq_open+0x10/0x10
[  367.472251][ T9301]  ? fput+0x70/0xf0
[  367.472278][ T9301]  do_syscall_64+0xcd/0x260
[  367.472300][ T9301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.472314][ T9301] RIP: 0033:0x7f900778e969
[  367.472327][ T9301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  367.472340][ T9301] RSP: 002b:00007f900864b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f0
[  367.472355][ T9301] RAX: ffffffffffffffda RBX: 00007f90079b5fa0 RCX: 00007f900778e969
[  367.472364][ T9301] RDX: 000000000000012e RSI: 6e93ebbbcc0884f2 RDI: 000020000084dff0
[  367.472372][ T9301] RBP: 00007f900864b090 R08: 0000000000000000 R09: 0000000000000000
[  367.472381][ T9301] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000002
[  367.472389][ T9301] R13: 0000000000000000 R14: 00007f90079b5fa0 R15: 00007ffc0ac5e498
[  367.472409][ T9301]  </TASK>
[  368.392309][   T30] audit: type=1400 audit(1745517792.523:557): avc:  granted  { setsecparam } for  pid=9303 comm="syz.4.938" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  368.394978][  T951] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  368.438141][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  368.583465][ T5878] dvb-usb: bulk message failed: -22 (1/0)
[  368.593684][  T951] usb 4-1: USB disconnect, device number 12
[  368.797902][ T5878] dvb-usb: error while querying for an remote control event.
[  368.959403][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  369.533636][   T30] audit: type=1400 audit(1745517793.613:558): avc:  granted  { setsecparam } for  pid=9324 comm="syz.1.945" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  369.556397][ T5955] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  369.568381][  T951] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  370.385590][ T9330] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  370.468876][ T5137] Bluetooth: hci3: Malformed Event: 0x02
[  370.557968][ T9345] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  370.570687][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  371.797659][ T5955] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  372.010804][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  372.747171][ T9376] netlink: 28 bytes leftover after parsing attributes in process `syz.0.958'.
[  373.291233][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  373.306537][   T30] audit: type=1400 audit(1745517797.403:559): avc:  granted  { setsecparam } for  pid=9371 comm="syz.3.957" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  374.009991][ T9387] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma?
[  374.360320][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  374.716845][ T9400] hub 9-0:1.0: USB hub found
[  374.730129][ T9400] hub 9-0:1.0: 1 port detected
[  374.798752][ T9400] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  375.499864][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  375.512075][ T5137] Bluetooth: hci1: Malformed Event: 0x02
[  375.551473][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  375.776351][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  376.039278][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  376.053286][ T9411] netlink: 4 bytes leftover after parsing attributes in process `syz.3.966'.
[  376.906123][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  377.216979][ T9420] netlink: 36 bytes leftover after parsing attributes in process `syz.1.967'.
[  377.643732][ T9425] netlink: 20 bytes leftover after parsing attributes in process `syz.0.971'.
[  377.655429][ T9426] netlink: 28 bytes leftover after parsing attributes in process `syz.4.970'.
[  377.687457][ T9427] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  378.036188][ T5879] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  378.043995][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  378.574257][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  378.850601][ T5879] usb 2-1: Using ep0 maxpacket: 16
[  378.930246][ T5879] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  378.964903][ T5879] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  379.060570][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  379.103240][ T5834] Bluetooth: hci1: Malformed Event: 0x02
[  379.140247][ T5879] usb 2-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  379.152415][ T5879] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.183179][ T5879] usb 2-1: config 0 descriptor??
[  379.290130][ T5834] Bluetooth: hci4: command 0x0405 tx timeout
[  379.376719][ T9448] Illegal XDP return value 4294967274 on prog  (id 183) dev N/A, expect packet loss!
[  379.599738][   T30] audit: type=1400 audit(1745517804.073:560): avc:  denied  { shutdown } for  pid=9445 comm="syz.0.976" lport=51498 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  379.604375][ T9448] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  379.656810][ T5834] Bluetooth: hci4: Malformed Event: 0x02
[  379.814409][ T9457] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  379.852282][ T5879] playstation 0003:054C:05C4.0006: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.1-1/input0
[  380.088832][ T5879] playstation 0003:054C:05C4.0006: Invalid byte count transferred, expected 16 got 0
[  380.100461][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  380.111516][ T5879] playstation 0003:054C:05C4.0006: Failed to retrieve DualShock4 pairing info: -22
[  380.121178][ T5879] playstation 0003:054C:05C4.0006: Failed to get MAC address from DualShock4
[  380.132594][ T5879] playstation 0003:054C:05C4.0006: Failed to create dualshock4.
[  380.500640][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  380.507025][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  380.654596][ T5879] playstation 0003:054C:05C4.0006: probe with driver playstation failed with error -22
[  381.478758][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  381.517640][ T9477] netlink: 28 bytes leftover after parsing attributes in process `syz.4.984'.
[  381.544445][ T5879] usb 2-1: USB disconnect, device number 25
[  381.650891][ T9478] ubi31: attaching mtd0
[  381.656053][ T9478] ubi31: scanning is finished
[  381.691210][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  382.324703][ T9490] usb usb8: usbfs: process 9490 (syz.1.985) did not claim interface 2 before use
[  382.501193][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  382.749243][ T9478] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[  383.243257][   T30] audit: type=1400 audit(1745517807.403:561): avc:  granted  { setsecparam } for  pid=9486 comm="syz.2.988" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  383.503700][ T9506] tipc: Enabling of bearer <eth:wlan1> rejected, already enabled
[  383.530873][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  383.744184][ T1210] usb 3-1: new full-speed USB device number 35 using dummy_hcd
[  383.746484][ T9509] netlink: 72 bytes leftover after parsing attributes in process `syz.1.992'.
[  383.917755][ T1210] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  383.958294][ T1210] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  383.991593][ T5834] Bluetooth: hci2: Malformed Event: 0x02
[  384.095982][ T1210] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  384.145595][ T1210] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  384.188143][ T1210] usb 3-1: config 0 descriptor??
[  384.243685][ T1210] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  384.267348][ T1210] dvb-usb: bulk message failed: -22 (3/0)
[  384.319576][ T1210] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  384.473906][ T9503] dvb-usb: bulk message failed: -22 (2/0)
[  384.856712][ T9526] hub 9-0:1.0: USB hub found
[  384.863045][ T9526] hub 9-0:1.0: 1 port detected
[  384.888789][ T9526] netlink: 48 bytes leftover after parsing attributes in process `syz.4.995'.
[  384.914678][ T9526] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  384.963310][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  385.312036][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  385.395687][ T1210] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  385.785167][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  385.848652][ T1210] usb 3-1: media controller created
[  385.869133][ T1210] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  385.903653][ T1210] dvb-usb: bulk message failed: -22 (6/0)
[  385.909490][ T1210] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  385.951386][ T1210] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input53
[  386.013421][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  386.109042][ T9538] netlink: 'syz.0.996': attribute type 10 has an invalid length.
[  386.630706][ T1210] dvb-usb: schedule remote query interval to 150 msecs.
[  386.637851][ T1210] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  386.788416][ T1210] usb 3-1: USB disconnect, device number 35
[  386.908174][   T52] dvb-usb: bulk message failed: -22 (1/0)
[  386.924299][   T52] dvb-usb: error while querying for an remote control event.
[  387.053316][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  387.120927][ T9546] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  387.153460][ T1210] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  387.377028][ T9555] usb usb8: usbfs: process 9555 (syz.1.1000) did not claim interface 2 before use
[  387.680877][   T30] audit: type=1400 audit(1745517812.163:562): avc:  denied  { module_request } for  pid=9540 comm="syz.2.999" kmod="net-pf-10-proto-223-type-1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  387.763964][   T30] audit: type=1400 audit(1745517812.163:563): avc:  denied  { map } for  pid=9557 comm="syz.4.1004" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  387.834912][   T30] audit: type=1400 audit(1745517812.163:564): avc:  denied  { execute } for  pid=9557 comm="syz.4.1004" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  387.919570][   T30] audit: type=1400 audit(1745517812.213:565): avc:  denied  { read } for  pid=9560 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  388.036117][   T30] audit: type=1400 audit(1745517812.213:566): avc:  denied  { open } for  pid=9560 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  388.065075][   T30] audit: type=1400 audit(1745517812.213:567): avc:  denied  { getattr } for  pid=9560 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=1708 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  388.095418][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  388.213237][ T9548] tipc: Resetting bearer <eth:wlan1>
[  388.337129][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.571092][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  389.590932][ T9548] tipc: Resetting bearer <eth:wlan1>
[  389.597637][   T30] audit: type=1400 audit(1745517814.003:568): avc:  denied  { write } for  pid=9551 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=1707 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  389.651964][   T30] audit: type=1400 audit(1745517814.073:569): avc:  denied  { add_name } for  pid=9551 comm="dhcpcd-run-hook" name="resolv.conf.lapb4.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  389.681205][   T30] audit: type=1400 audit(1745517814.073:570): avc:  denied  { create } for  pid=9551 comm="dhcpcd-run-hook" name="resolv.conf.lapb4.link" scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  389.709969][   T30] audit: type=1400 audit(1745517814.073:571): avc:  denied  { write } for  pid=9551 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf.lapb4.link" dev="tmpfs" ino=5380 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  389.717196][ T9548] tipc: Resetting bearer <eth:wlan1>
[  389.732686][ T9590] ubi31: attaching mtd0
[  389.750633][ T9590] ubi31: scanning is finished
[  389.773112][ T9548] tipc: Resetting bearer <eth:wlan1>
[  389.881039][ T9590] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  389.919549][ T9590] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  389.938399][ T9595] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  389.976574][ T9595] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  390.001496][ T9590] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  390.021622][ T9590] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  390.027297][ T9595] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  390.043513][ T9590] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  390.075907][ T9595] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  390.194048][ T9590] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  390.685494][ T9590] ubi31: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 344205512
[  390.719948][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  390.832134][ T9590] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  390.846928][ T9593] ubi31: background thread "ubi_bgt31d" started, PID 9593
[  391.370468][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  391.657042][ T9610] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  391.757747][ T9623] netlink: 'syz.4.1014': attribute type 10 has an invalid length.
[  391.793135][ T9623] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  391.804394][ T9623] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  391.815952][ T9623] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  391.944231][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  392.147543][ T9628] hub 9-0:1.0: USB hub found
[  392.160279][ T9628] hub 9-0:1.0: 1 port detected
[  392.224749][ T9628] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  393.282116][ T9618] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  393.330226][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  393.358480][ T9618] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  394.528208][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  394.550138][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  394.645896][ T9642] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1019'.
[  394.885134][   T30] audit: type=1400 audit(1745517818.613:575): avc:  granted  { setsecparam } for  pid=9632 comm="syz.0.1017" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  394.976580][ T9646] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1018'.
[  394.991884][ T9646] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1018'.
[  395.002047][   T30] audit: type=1400 audit(1745517819.473:576): avc:  denied  { write } for  pid=9638 comm="syz.1.1018" path="socket:[22573]" dev="sockfs" ino=22573 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  395.809643][ T9661] hub 9-0:1.0: USB hub found
[  395.817298][ T9661] hub 9-0:1.0: 1 port detected
[  395.850061][ T9661] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  396.759218][ T5885] net_ratelimit: 2 callbacks suppressed
[  396.759236][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  397.196756][ T9668] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1021'.
[  397.663975][ T9667] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  397.835284][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  398.517698][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  398.820491][   T30] audit: type=1400 audit(1745517823.303:577): avc:  denied  { read } for  pid=9680 comm="syz.3.1027" name="cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  398.906297][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  398.957105][   T30] audit: type=1400 audit(1745517823.303:578): avc:  denied  { open } for  pid=9680 comm="syz.3.1027" path="/dev/cachefiles" dev="devtmpfs" ino=4 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cachefiles_device_t tclass=chr_file permissive=1
[  399.001388][ T9694] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  399.170101][   T30] audit: type=1400 audit(1745517823.503:579): avc:  denied  { write } for  pid=9691 comm="syz.2.1031" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  399.939303][ T9705] syz0: rxe_newlink: already configured on lo
[  400.084021][ T9705] netlink: 'syz.4.1029': attribute type 1 has an invalid length.
[  400.091975][ T9705] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1029'.
[  400.237543][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  400.323685][ T9706] tty tty28: ldisc open failed (-12), clearing slot 27
[  401.490951][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  401.536377][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  402.516007][ T9727] netlink: 'syz.0.1034': attribute type 10 has an invalid length.
[  402.589016][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  402.947682][   T30] audit: type=1400 audit(1745517827.403:580): avc:  denied  { watch } for  pid=9728 comm="syz.1.1036" path=2F6D656D66643A2D42D54E49C56A9A08202864656C6574656429 dev="tmpfs" ino=1224 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  403.200208][ T5956] usb 2-1: new full-speed USB device number 26 using dummy_hcd
[  403.307980][ T9747] hub 9-0:1.0: USB hub found
[  403.313778][ T9747] hub 9-0:1.0: 1 port detected
[  403.367882][ T9747] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  403.611800][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  404.140184][   T10] usb 4-1: new low-speed USB device number 13 using dummy_hcd
[  404.432079][ T5956] usb 2-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=c2.09
[  404.472164][   T10] usb 4-1: config 0 has no interfaces?
[  404.480100][ T5956] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.480274][   T10] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  404.520124][ T5956] usb 2-1: Product: syz
[  404.538986][ T5956] usb 2-1: Manufacturer: syz
[  404.558908][ T5956] usb 2-1: SerialNumber: syz
[  404.562084][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.572069][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  404.581598][ T5956] usb 2-1: config 0 descriptor??
[  404.611381][ T9759] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  404.632184][   T10] usb 4-1: config 0 descriptor??
[  404.651992][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  404.733952][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  404.850271][ T1210] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  405.440518][ T1210] usb 3-1: Using ep0 maxpacket: 32
[  405.523638][ T1210] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 40727, setting to 1024
[  405.577759][ T1210] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  405.592070][ T1210] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  405.596829][ T9737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  405.605863][ T1210] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  405.661549][ T9737] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  405.692883][   T30] audit: type=1326 audit(1745517830.153:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.1.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdaad8e969 code=0x7ffc0000
[  405.720913][ T1210] usb 3-1: Product: syz
[  405.725192][ T1210] usb 3-1: Manufacturer: syz
[  405.780223][ T1210] usb 3-1: SerialNumber: syz
[  405.788913][   T30] audit: type=1326 audit(1745517830.153:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.1.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdaad8e969 code=0x7ffc0000
[  405.812542][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  405.821912][ T1210] usb 3-1: config 0 descriptor??
[  405.835626][ T5878] usb 2-1: USB disconnect, device number 26
[  405.837608][ T9742] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22
[  405.910441][ T5834] Bluetooth: hci1: Malformed Event: 0x02
[  405.939575][   T30] audit: type=1326 audit(1745517830.153:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.1.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fcdaad8e969 code=0x7ffc0000
[  405.962941][    C0] vkms_vblank_simulate: vblank timer overrun
[  406.062764][   T30] audit: type=1326 audit(1745517830.153:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.1.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdaad8e969 code=0x7ffc0000
[  406.093321][ T1210] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  406.225372][ T9790] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1046'.
[  406.523060][   T30] audit: type=1326 audit(1745517830.163:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.1.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdaad8e969 code=0x7ffc0000
[  406.546374][    C0] vkms_vblank_simulate: vblank timer overrun
[  406.562401][ T9789] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  406.648162][   T30] audit: type=1326 audit(1745517830.163:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.1.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7fcdaad8e969 code=0x7ffc0000
[  406.680085][   T30] audit: type=1326 audit(1745517830.163:587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.1.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdaad8e969 code=0x7ffc0000
[  406.723554][ T1210] usb 3-1: USB disconnect, device number 36
[  406.738073][ T7176] usb 3-1: Failed to submit usb control message: -71
[  406.761574][ T7176] usb 3-1: unable to send the bmi data to the device: -71
[  406.792230][   T30] audit: type=1326 audit(1745517830.163:588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.1.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdaad8e969 code=0x7ffc0000
[  406.830838][ T7176] usb 3-1: unable to get target info from device
[  406.860116][ T7176] usb 3-1: could not get target info (-71)
[  406.866258][ T7176] usb 3-1: could not probe fw (-71)
[  406.937692][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  406.946455][   T30] audit: type=1326 audit(1745517830.173:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9728 comm="syz.1.1036" exe="/root/syz-executor" sig=0 arch=c000003e syscall=105 compat=0 ip=0x7fcdaad8e969 code=0x7ffc0000
[  407.641098][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  408.180109][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  409.701672][ T5879] usb 4-1: USB disconnect, device number 13
[  409.726041][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  410.431347][ T9843] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  410.653482][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  410.725839][ T9856] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1056'.
[  411.478240][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  411.502476][   T10] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[  411.629359][ T9864] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1060'.
[  411.794246][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  411.864536][   T10] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  412.490193][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  412.645277][   T10] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  412.714872][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  412.731082][   T10] usb 2-1: config 0 descriptor??
[  412.757841][   T10] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  412.765773][   T10] dvb-usb: bulk message failed: -22 (3/0)
[  412.780772][   T10] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  412.791511][   T10] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  412.798678][   T10] usb 2-1: media controller created
[  412.807675][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  412.834896][   T10] dvb-usb: bulk message failed: -22 (6/0)
[  412.841298][   T10] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  412.860901][   T10] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input58
[  412.874237][   T10] dvb-usb: schedule remote query interval to 150 msecs.
[  412.884642][   T10] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  413.087918][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  413.926919][   T10] dvb-usb: error while querying for an remote control event.
[  413.938494][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  414.052069][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  414.102308][ T5866] usb 2-1: USB disconnect, device number 27
[  414.380632][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  414.504943][ T5866] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  414.666651][ T9893] tipc: Started in network mode
[  414.674100][ T9893] tipc: Node identity 080211000001, cluster identity 4711
[  414.685521][ T9893] tipc: Enabled bearer <eth:wlan1>, priority 10
[  414.894222][ T9896] syz_tun: entered allmulticast mode
[  414.994686][ T9895] syz_tun: left allmulticast mode
[  415.485896][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  415.832484][ T5878] tipc: Node number set to 134418688
[  416.400174][ T5879] usb 2-1: new full-speed USB device number 28 using dummy_hcd
[  416.494659][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  416.615545][ T5879] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  416.628587][ T5879] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  416.637864][ T5879] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  416.648731][ T5879] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.812858][ T5879] usb 2-1: config 0 descriptor??
[  416.845229][ T5879] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  416.864067][ T5879] dvb-usb: bulk message failed: -22 (3/0)
[  417.112092][ T5866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.383974][ T5879] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  417.411766][ T5879] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  417.437647][ T5879] usb 2-1: media controller created
[  417.468646][ T5879] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  417.523241][ T5879] dvb-usb: bulk message failed: -22 (6/0)
[  417.540622][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.554631][ T5879] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  417.679968][ T5879] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input60
[  417.695657][ T5879] dvb-usb: schedule remote query interval to 150 msecs.
[  417.703712][ T5879] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  417.714369][ T5879] usb 2-1: USB disconnect, device number 28
[  417.726884][ T5879] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  417.872743][ T9927] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1077'.
[  417.985001][ T5878] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  418.166838][ T9926] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  418.320443][ T5878] usb 3-1: Using ep0 maxpacket: 16
[  418.874703][ T5878] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11
[  418.886002][ T5878] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  418.907506][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  418.920054][ T9934] ubi: mtd0 is already attached to ubi31
[  418.944948][ T5878] usb 3-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  418.959206][ T5878] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  418.995772][ T5878] usb 3-1: config 0 descriptor??
[  419.250085][  T951] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  419.257790][ T9940] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  419.960456][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  419.969295][ T5137] Bluetooth: hci4: command 0x0405 tx timeout
[  420.016832][   T30] kauditd_printk_skb: 21 callbacks suppressed
[  420.016849][   T30] audit: type=1400 audit(1745517844.483:611): avc:  denied  { getopt } for  pid=9939 comm="syz.1.1082" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  420.111115][  T951] usb 4-1: Using ep0 maxpacket: 16
[  420.116642][ T9941] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  420.122969][ T9941] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  420.129952][  T951] usb 4-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  420.132316][ T9941] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  420.149688][ T9941] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  420.154201][  T951] usb 4-1: config 0 interface 0 has no altsetting 0
[  420.159219][ T9941] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  420.170199][ T9941] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  420.178646][ T9941] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  420.184626][ T9941] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  420.202361][ T9941] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  420.208274][ T9941] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  420.284973][ T5866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  420.322420][  T951] usb 4-1: New USB device found, idVendor=172f, idProduct=0034, bcdDevice= 0.00
[  420.350447][ T5878] hid-picolcd 0003:04D8:C002.0007: No report with id 0x11 found
[  420.360173][  T951] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.370179][   T10] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  420.410572][  T951] usb 4-1: config 0 descriptor??
[  420.475291][ T9923] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1078'.
[  420.580236][   T10] usb 2-1: Using ep0 maxpacket: 8
[  420.687164][ T1210] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[  420.696831][   T10] usb 2-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab
[  420.810077][   T10] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  420.906013][ T1210] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  420.906474][  T951] waltop 0003:172F:0034.0008: item fetching failed at offset 1/3
[  420.928184][ T1210] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  420.944320][   T10] usb 2-1: Product: syz
[  420.948513][   T10] usb 2-1: Manufacturer: syz
[  420.951365][ T1210] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  420.968124][   T10] usb 2-1: SerialNumber: syz
[  420.970450][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  420.973428][  T951] waltop 0003:172F:0034.0008: probe with driver waltop failed with error -22
[  420.991339][ T5866] usb 3-1: USB disconnect, device number 37
[  421.003518][   T10] usb 2-1: config 0 descriptor??
[  421.008934][ T1210] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.040624][ T1210] usb 1-1: config 0 descriptor??
[  421.062839][ T1210] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  421.069635][ T1210] dvb-usb: bulk message failed: -22 (3/0)
[  421.083317][ T1210] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  421.093029][ T1210] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  421.103178][ T1210] usb 1-1: media controller created
[  421.122685][ T1210] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  421.150500][ T1210] dvb-usb: bulk message failed: -22 (6/0)
[  421.156770][ T1210] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  421.176756][ T1210] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input61
[  421.200907][ T1210] dvb-usb: schedule remote query interval to 150 msecs.
[  421.207937][ T1210] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  421.309273][ T9948] dvb-usb: bulk message failed: -22 (2/0)
[  421.327448][ T1210] usb 1-1: USB disconnect, device number 14
[  421.375252][ T1210] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  421.667595][   T10] usb 2-1: USB disconnect, device number 29
[  421.980897][ T9960] tipc: Enabling of bearer <eth:wlan1> rejected, already enabled
[  422.021225][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  422.233842][ T6806] udevd[6806]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  422.548176][  T951] usb 4-1: USB disconnect, device number 14
[  423.080525][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  423.320292][ T5866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  423.506055][ T9981] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1090'.
[  423.515264][ T9979] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  424.035204][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  424.090385][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  424.126418][ T9994] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  424.803461][T10000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  424.829502][T10000] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  425.130431][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  425.160247][   T10] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  425.310845][ T9998] ubi: mtd0 is already attached to ubi31
[  425.390143][   T10] usb 2-1: Using ep0 maxpacket: 8
[  425.406507][   T10] usb 2-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=c4.6d
[  425.887231][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.924542][   T10] usb 2-1: Product: syz
[  426.070206][T10010] overlayfs: missing 'lowerdir'
[  426.423123][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  426.432497][   T30] audit: type=1400 audit(1745517850.543:612): avc:  granted  { setsecparam } for  pid=10007 comm="syz.3.1099" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  426.434657][   T10] usb 2-1: Manufacturer: syz
[  426.496295][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  426.720644][   T10] usb 2-1: SerialNumber: syz
[  426.908419][   T10] usb 2-1: config 0 descriptor??
[  426.936780][   T10] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  427.470571][   T10] gspca_sonixj: reg_w1 err -110
[  427.530351][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  427.990235][   T10] sonixj 2-1:0.0: probe with driver sonixj failed with error -110
[  428.097237][   T10] usb 2-1: USB disconnect, device number 30
[  428.747306][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  428.787022][T10040] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  428.966263][T10046] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1106'.
[  429.401821][T10045] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  429.479197][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  429.560158][   T30] audit: type=1400 audit(1745517854.033:613): avc:  denied  { create } for  pid=10030 comm="syz.2.1108" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  429.633984][   T30] audit: type=1400 audit(1745517854.063:614): avc:  denied  { allowed } for  pid=10052 comm="syz.4.1110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  430.758764][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  430.782107][T10069] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  430.836968][   T10] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  431.068324][T10074] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.079104][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.098594][   T30] audit: type=1400 audit(1745517855.453:615): avc:  denied  { ioctl } for  pid=10066 comm="syz.4.1114" path="socket:[24017]" dev="sockfs" ino=24017 ioctlcmd=0xf509 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  431.169400][   T10] usb 1-1: Using ep0 maxpacket: 8
[  431.183500][T10074] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.209291][   T10] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  431.220268][T10077] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.229671][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.246084][   T10] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  431.582575][T10066] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.620067][   T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  431.630313][T10066] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.650270][   T10] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  431.703030][   T10] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  431.736300][   T10] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  431.750982][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.770773][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  431.865143][T10087] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  431.874815][T10087] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  431.890278][ T5879] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  431.910166][ T1210] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  431.941769][T10088] ubi: mtd0 is already attached to ubi31
[  431.983752][   T10] usb 1-1: GET_CAPABILITIES returned 0
[  431.989602][   T10] usbtmc 1-1:16.0: can't read capabilities
[  432.053077][ T5879] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  432.063883][ T5879] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.113492][ T5879] usb 3-1: Product: syz
[  432.117850][ T5879] usb 3-1: Manufacturer: syz
[  432.123882][ T1210] usb 2-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice=32.00
[  432.134556][ T1210] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.143120][ T5879] usb 3-1: SerialNumber: syz
[  432.158789][ T1210] usb 2-1: Product: syz
[  432.163508][ T5879] usb 3-1: config 0 descriptor??
[  432.173358][ T5879] ch341 3-1:0.0: ch341-uart converter detected
[  432.180047][ T1210] usb 2-1: Manufacturer: syz
[  432.189798][ T1210] usb 2-1: SerialNumber: syz
[  432.213489][ T1210] usb 2-1: config 0 descriptor??
[  432.225423][   T10] usb 1-1: USB disconnect, device number 15
[  432.234628][ T1210] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  432.273244][ T1210] usb 2-1: Detected FT233HP
[  432.399571][ T5879] usb 3-1: failed to receive control message: -121
[  432.407312][ T5879] ch341-uart ttyUSB1: probe with driver ch341-uart failed with error -121
[  432.448174][ T1210] ftdi_sio ttyUSB2: Unable to read latency timer: -71
[  432.472145][ T1210] ftdi_sio ttyUSB2: Unable to write latency timer: -71
[  432.492081][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  432.503278][ T1210] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB2
[  432.550394][ T1210] usb 2-1: USB disconnect, device number 31
[  432.706328][ T5907] usb 3-1: USB disconnect, device number 38
[  432.707094][ T1210] ftdi_sio ttyUSB2: FTDI USB Serial Device converter now disconnected from ttyUSB2
[  432.741198][ T1210] ftdi_sio 2-1:0.0: device disconnected
[  432.749680][ T5907] ch341 3-1:0.0: device disconnected
[  433.700352][T10117] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1127'.
[  434.109551][T10116] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  434.172203][ T1210] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  434.644188][T10124] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  434.656527][T10124] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  434.844953][ T1210] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  434.855145][ T1210] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.864639][ T1210] usb 1-1: Product: syz
[  434.869232][ T1210] usb 1-1: Manufacturer: syz
[  434.883234][ T1210] usb 1-1: SerialNumber: syz
[  434.892669][ T1210] usb 1-1: config 0 descriptor??
[  435.475240][ T1210] usb 1-1: Firmware version (0.0) predates our first public release.
[  435.488362][ T1210] usb 1-1: Please update to version 0.2 or newer
[  435.557198][ T1210] usb 1-1: Firmware: build 
[  435.557302][T10146] netlink: 'syz.4.1134': attribute type 10 has an invalid length.
[  435.821572][ T5877] net_ratelimit: 7 callbacks suppressed
[  435.821589][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  435.871495][   T30] audit: type=1400 audit(1745517860.352:616): avc:  denied  { write } for  pid=10149 comm="syz.3.1135" name="usbmon0" dev="devtmpfs" ino=716 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  435.899502][ T1210] usb 1-1: USB disconnect, device number 16
[  435.947738][T10143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  436.211081][T10143] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  436.258686][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  436.268494][T10155] tipc: Enabling of bearer <eth:wlan1> rejected, already enabled
[  436.329540][T10156] ubi: mtd0 is already attached to ubi31
[  436.358593][ T5877] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  436.740229][ T5877] usb 4-1: unable to get BOS descriptor or descriptor too short
[  436.765349][ T5877] usb 4-1: config 38 has an invalid interface number: 170 but max is 0
[  436.792843][ T5877] usb 4-1: config 38 has no interface number 0
[  436.803330][T10158] netlink: 'syz.4.1137': attribute type 10 has an invalid length.
[  436.817411][T10158] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  436.825633][T10158] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  436.833837][T10158] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  436.848593][T10157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  436.858862][ T5877] usb 4-1: config 38 interface 170 has no altsetting 0
[  436.958084][ T5877] usb 4-1: New USB device found, idVendor=04ca, idProduct=3005, bcdDevice=cb.be
[  436.992433][T10157] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  437.020586][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.447730][ T5877] usb 4-1: Product: syz
[  437.449214][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  437.452363][ T5877] usb 4-1: Manufacturer: syz
[  437.468592][ T5877] usb 4-1: SerialNumber: syz
[  437.787291][T10170] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1139'.
[  437.810458][T10169] FAULT_INJECTION: forcing a failure.
[  437.810458][T10169] name failslab, interval 1, probability 0, space 0, times 0
[  437.842420][T10169] CPU: 1 UID: 0 PID: 10169 Comm: syz.4.1140 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  437.842447][T10169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  437.842458][T10169] Call Trace:
[  437.842465][T10169]  <TASK>
[  437.842490][T10169]  dump_stack_lvl+0x16c/0x1f0
[  437.842525][T10169]  should_fail_ex+0x512/0x640
[  437.842547][T10169]  ? fs_reclaim_acquire+0xae/0x150
[  437.842576][T10169]  should_failslab+0xc2/0x120
[  437.842596][T10169]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  437.842615][T10169]  ? security_inode_alloc+0x3b/0x2b0
[  437.842643][T10169]  security_inode_alloc+0x3b/0x2b0
[  437.842665][T10169]  inode_init_always_gfp+0xce4/0x1030
[  437.842687][T10169]  alloc_inode+0x86/0x240
[  437.842709][T10169]  sock_alloc+0x40/0x280
[  437.842737][T10169]  __sock_create+0xc1/0x8d0
[  437.842762][T10169]  ? __pfx___schedule+0x10/0x10
[  437.842786][T10169]  __sys_socket+0x14d/0x260
[  437.842801][T10169]  ? native_tss_update_io_bitmap+0x3ca/0x720
[  437.842824][T10169]  ? __pfx___sys_socket+0x10/0x10
[  437.842841][T10169]  ? do_user_addr_fault+0x843/0x1370
[  437.842869][T10169]  __x64_sys_socket+0x72/0xb0
[  437.842884][T10169]  ? lockdep_hardirqs_on+0x7c/0x110
[  437.842905][T10169]  do_syscall_64+0xcd/0x260
[  437.842930][T10169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  437.842948][T10169] RIP: 0033:0x7f0c35b90887
[  437.842967][T10169] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  437.842983][T10169] RSP: 002b:00007f0c36985fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  437.843001][T10169] RAX: ffffffffffffffda RBX: 00007f0c35db5fa0 RCX: 00007f0c35b90887
[  437.843011][T10169] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  437.843020][T10169] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  437.843030][T10169] R10: 0000200000000680 R11: 0000000000000286 R12: 0000000000000001
[  437.843040][T10169] R13: 0000000000000000 R14: 00007f0c35db5fa0 R15: 00007ffd4a7b9898
[  437.843063][T10169]  </TASK>
[  438.052115][    C1] vkms_vblank_simulate: vblank timer overrun
[  438.204665][T10162] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  438.238436][T10175] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  438.303110][T10175] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  439.189706][ T5877] usb 4-1: USB disconnect, device number 15
[  439.206040][T10196] team0: No ports can be present during mode change
[  439.586711][T10203] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1146'.
[  440.007676][T10207] tipc: Enabling of bearer <eth:wlan1> rejected, already enabled
[  440.059738][T10202] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  440.925749][   T30] audit: type=1400 audit(1745517865.372:617): avc:  denied  { read write } for  pid=10216 comm="syz.4.1151" name="nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  440.926080][ T5956] net_ratelimit: 7 callbacks suppressed
[  440.926091][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  441.377347][   T30] audit: type=1400 audit(1745517865.372:618): avc:  denied  { open } for  pid=10216 comm="syz.4.1151" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  441.704290][T10220] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  441.863742][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[  441.930716][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  442.111412][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.108937][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.121815][   T30] audit: type=1400 audit(1745517866.632:619): avc:  denied  { load_policy } for  pid=10223 comm="syz.4.1155" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  443.130333][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.154083][ T7183] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.306718][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.334209][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.350056][ T7183] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.359758][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  443.373108][T10224] SELinux: ebitmap: truncated map
[  443.422433][T10224] SELinux: failed to load policy
[  443.578048][T10236] SELinux:  policydb magic number 0x800 does not match expected magic number 0xf97cff8c
[  443.591075][T10236] SELinux: failed to load policy
[  443.616553][T10236] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  443.623097][T10236] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  443.630615][   T30] audit: type=1400 audit(1745517868.102:620): avc:  denied  { setopt } for  pid=10237 comm="syz.2.1157" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  443.653061][T10236] vhci_hcd vhci_hcd.0: Device attached
[  443.890135][ T5907] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[  443.920214][  T951] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  444.260794][  T951] usb 1-1: Using ep0 maxpacket: 16
[  444.336681][T10264] netlink: 'syz.1.1161': attribute type 10 has an invalid length.
[  444.601471][  T951] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  444.613240][  T951] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  444.642775][T10266] tipc: Enabling of bearer <eth:wlan1> rejected, already enabled
[  444.870155][  T951] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  444.883378][  T951] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  444.907172][  T951] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.953248][  T951] usb 1-1: config 0 descriptor??
[  445.768248][   T30] audit: type=1400 audit(1745517870.252:621): avc:  denied  { setopt } for  pid=10274 comm="syz.3.1164" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  445.978831][T10236] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  445.997962][T10236] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  446.078395][  T951] usbhid 1-1:0.0: can't add hid device: -71
[  446.862658][ T5956] net_ratelimit: 4 callbacks suppressed
[  446.862676][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  446.910499][T10240] usb 33-1: recv xbuf, 0
[  446.984801][  T951] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  446.996976][  T951] usb 1-1: USB disconnect, device number 17
[  447.030561][ T7170] vhci_hcd: stop threads
[  447.030591][ T7170] vhci_hcd: release socket
[  447.030690][ T7170] vhci_hcd: disconnect device
[  447.343997][ T5907] vhci_hcd: vhci_device speed not set
[  447.393385][T10287] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  447.459842][T10298] block nbd2: Unsupported socket: shutdown callout must be supported.
[  447.883637][   T30] audit: type=1400 audit(1745517872.372:622): avc:  denied  { connect } for  pid=10303 comm="syz.2.1171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  447.951943][   T30] audit: type=1400 audit(1745517872.432:623): avc:  denied  { write } for  pid=10303 comm="syz.2.1171" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  447.952059][ T5879] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  448.972702][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  449.306023][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  449.381085][   T30] audit: type=1400 audit(1745517873.862:624): avc:  denied  { read } for  pid=10311 comm="syz.0.1172" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  449.595943][ T7170] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  449.620752][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  449.629682][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  449.861866][T10324] netlink: 'syz.1.1174': attribute type 10 has an invalid length.
[  450.010854][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  450.392146][T10327] batman_adv: batadv0: Removing interface: team0
[  450.441670][T10327] batadv0: left allmulticast mode
[  450.481953][T10327] batadv0: left promiscuous mode
[  450.502635][   T30] audit: type=1400 audit(1745517874.982:625): avc:  denied  { accept } for  pid=10326 comm="syz.3.1176" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  450.541804][T10327] bridge0: port 3(batadv0) entered disabled state
[  450.694798][T10327] bridge_slave_0: left allmulticast mode
[  450.788773][T10338] Invalid ELF header type: 3 != 1
[  450.810653][   T30] audit: type=1400 audit(1745517875.272:626): avc:  denied  { module_load } for  pid=10330 comm="syz.2.1177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  451.392516][T10339] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  451.660107][T10327] bridge_slave_0: left promiscuous mode
[  451.665946][T10327] bridge0: port 1(bridge_slave_0) entered disabled state
[  451.723196][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.921507][T10327] bridge_slave_1: left allmulticast mode
[  451.943222][T10327] bridge_slave_1: left promiscuous mode
[  451.972127][T10327] bridge0: port 2(bridge_slave_1) entered disabled state
[  452.096281][T10327] bond0: (slave bond_slave_0): Releasing backup interface
[  452.156830][T10327] bond0: (slave bond_slave_1): Releasing backup interface
[  452.251676][T10327] team0: Port device team_slave_0 removed
[  452.317951][T10327] team0: Port device team_slave_1 removed
[  452.340307][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  452.364654][T10327] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  452.383926][T10327] batman_adv: batadv0: Removing interface: batadv_slave_0
[  452.412931][T10327] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  452.442566][T10327] batman_adv: batadv0: Removing interface: batadv_slave_1
[  452.487284][T10333] vlan2: entered allmulticast mode
[  452.500151][ T5866] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  452.514848][T10333] bond0: entered allmulticast mode
[  452.534278][T10333] bridge0: port 1(vlan2) entered blocking state
[  452.549319][T10333] bridge0: port 1(vlan2) entered disabled state
[  452.604080][   T30] audit: type=1400 audit(1745517877.092:627): avc:  denied  { map } for  pid=10357 comm="syz.3.1185" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  452.657799][   T30] audit: type=1400 audit(1745517877.092:628): avc:  denied  { execute } for  pid=10357 comm="syz.3.1185" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  452.690119][ T5866] usb 2-1: Using ep0 maxpacket: 16
[  452.695460][ T5879] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  452.710756][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  452.730913][ T5956] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  452.771278][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  452.850117][ T5866] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  452.957373][ T5879] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  452.968372][ T5879] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  452.977571][ T5879] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  453.428949][ T5879] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.447489][ T5866] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  453.451659][ T5879] usb 1-1: config 0 descriptor??
[  453.477740][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  453.502590][ T5866] usb 2-1: config 0 descriptor??
[  453.514787][ T5879] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  453.532824][ T5879] dvb-usb: bulk message failed: -22 (3/0)
[  453.551031][ T5879] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  453.654512][ T5879] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  453.680127][ T5879] usb 1-1: media controller created
[  453.696164][ T5879] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  453.700047][ T5907] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  453.953450][ T5907] usb 3-1: Using ep0 maxpacket: 16
[  454.091884][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  454.102062][ T5879] dvb-usb: bulk message failed: -22 (6/0)
[  454.107894][ T5879] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  454.123503][ T5879] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input64
[  454.137429][ T5907] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  454.143392][T10355] dvb-usb: bulk message failed: -22 (2/0)
[  454.152733][ T5866] shield 0003:0955:7214.0009: unknown main item tag 0x0
[  454.163837][ T5907] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  454.175954][ T5866] shield 0003:0955:7214.0009: unknown main item tag 0x0
[  454.179508][ T5879] dvb-usb: schedule remote query interval to 150 msecs.
[  454.185568][ T5866] shield 0003:0955:7214.0009: unknown main item tag 0x0
[  454.193118][ T5879] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  454.207434][ T5907] usb 3-1: config 0 has no interface number 0
[  454.232580][ T5879] usb 1-1: USB disconnect, device number 18
[  454.245600][ T5907] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  454.256860][ T5866] shield 0003:0955:7214.0009: unknown main item tag 0x0
[  454.265403][ T5866] shield 0003:0955:7214.0009: unknown main item tag 0x0
[  454.272982][ T5907] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.279693][ T5879] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  454.283940][ T5866] input: HID 0955:7214 Haptics as /devices/virtual/input/input65
[  454.300106][ T5907] usb 3-1: Product: syz
[  454.304289][ T5907] usb 3-1: Manufacturer: syz
[  454.309002][ T5907] usb 3-1: SerialNumber: syz
[  454.335131][   T30] audit: type=1400 audit(1745517878.822:629): avc:  denied  { write } for  pid=10352 comm="syz.1.1183" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  454.335424][T10353] random: crng reseeded on system resumption
[  454.367629][T10376] ubi: mtd0 is already attached to ubi31
[  454.375248][   T30] audit: type=1400 audit(1745517878.822:630): avc:  denied  { ioctl } for  pid=10352 comm="syz.1.1183" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  454.458432][ T5907] usb 3-1: config 0 descriptor??
[  454.470692][ T5866] shield 0003:0955:7214.0009: Registered Thunderstrike controller
[  454.494610][ T5866] shield 0003:0955:7214.0009: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[  454.505508][ T5907] usb 3-1: Found UVC 0.00 device syz (046d:08f3)
[  454.512004][ T5907] usb 3-1: No valid video chain found.
[  455.156784][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  455.344280][ T7196] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  455.380280][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  455.514586][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  455.566092][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  455.673727][ T5907] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -ESHUTDOWN
[  455.691439][ T5907] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  455.703886][ T5907] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  455.721511][ T5907] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  455.837829][  T951] usb 3-1: USB disconnect, device number 39
[  455.843864][ T5878] usb 2-1: reset high-speed USB device number 32 using dummy_hcd
[  456.006446][T10393] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  456.119809][   T30] audit: type=1400 audit(1745517880.602:631): avc:  denied  { connect } for  pid=10394 comm="syz.2.1195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  456.179000][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  456.197782][   T30] audit: type=1400 audit(1745517880.602:632): avc:  denied  { setopt } for  pid=10394 comm="syz.2.1195" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  456.520910][T10405] hub 9-0:1.0: USB hub found
[  456.530259][T10405] hub 9-0:1.0: 1 port detected
[  456.599854][T10405] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  457.614159][ T5907] usb 2-1: USB disconnect, device number 32
[  457.696582][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.996074][T10417] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1200'.
[  458.543953][T10429] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  458.571058][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  459.093400][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  459.844621][   T30] audit: type=1400 audit(1745517884.332:633): avc:  denied  { setattr } for  pid=10439 comm="syz.3.1205" name="bus" dev="tmpfs" ino=1375 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  459.880714][T10427] 8021q: VLANs not supported on vcan0
[  460.063170][T10447] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  460.190277][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  460.925870][T10460] usb usb8: usbfs: process 10460 (syz.2.1207) did not claim interface 2 before use
[  461.052336][ T7190] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  461.070568][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  461.096175][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  461.210774][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  461.628412][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  462.103033][T10487] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1219'.
[  462.251871][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  462.493651][T10485] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  462.507590][   T30] audit: type=1326 audit(1745517886.992:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  462.776498][   T30] audit: type=1326 audit(1745517886.992:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  462.814795][   T30] audit: type=1326 audit(1745517886.992:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=132 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  462.933267][   T30] audit: type=1326 audit(1745517886.992:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  462.994860][T10498] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  463.147568][   T30] audit: type=1326 audit(1745517886.992:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  463.709542][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  463.727198][   T30] audit: type=1326 audit(1745517886.992:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  463.821775][   T30] audit: type=1326 audit(1745517886.992:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  463.912567][   T30] audit: type=1326 audit(1745517886.992:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  464.086858][T10521] FAULT_INJECTION: forcing a failure.
[  464.086858][T10521] name failslab, interval 1, probability 0, space 0, times 0
[  464.110257][T10521] CPU: 1 UID: 0 PID: 10521 Comm: syz.3.1229 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  464.110282][T10521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  464.110292][T10521] Call Trace:
[  464.110298][T10521]  <TASK>
[  464.110311][T10521]  dump_stack_lvl+0x16c/0x1f0
[  464.110338][T10521]  should_fail_ex+0x512/0x640
[  464.110356][T10521]  ? __kmalloc_noprof+0xbf/0x510
[  464.110373][T10521]  ? iovec_from_user+0x108/0x140
[  464.110391][T10521]  should_failslab+0xc2/0x120
[  464.110410][T10521]  __kmalloc_noprof+0xd2/0x510
[  464.110424][T10521]  ? find_held_lock+0x2b/0x80
[  464.110453][T10521]  iovec_from_user+0x108/0x140
[  464.110475][T10521]  __import_iovec+0x88/0x660
[  464.110493][T10521]  ? __might_fault+0xe3/0x190
[  464.110509][T10521]  ? __might_fault+0x13b/0x190
[  464.110529][T10521]  import_iovec+0x109/0x140
[  464.110549][T10521]  copy_msghdr_from_user+0xf9/0x160
[  464.110572][T10521]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  464.110595][T10521]  ? __pfx__kstrtoull+0x10/0x10
[  464.110621][T10521]  ___sys_sendmsg+0xfe/0x1d0
[  464.110640][T10521]  ? __pfx____sys_sendmsg+0x10/0x10
[  464.110669][T10521]  ? find_held_lock+0x2b/0x80
[  464.110702][T10521]  __sys_sendmmsg+0x200/0x420
[  464.110723][T10521]  ? __pfx___sys_sendmmsg+0x10/0x10
[  464.110751][T10521]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  464.110783][T10521]  ? fput+0x70/0xf0
[  464.110802][T10521]  ? ksys_write+0x1b9/0x240
[  464.110816][T10521]  ? __pfx_ksys_write+0x10/0x10
[  464.110829][T10521]  ? rcu_is_watching+0x12/0xc0
[  464.110854][T10521]  __x64_sys_sendmmsg+0x9c/0x100
[  464.110874][T10521]  ? lockdep_hardirqs_on+0x7c/0x110
[  464.110896][T10521]  do_syscall_64+0xcd/0x260
[  464.110920][T10521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.110937][T10521] RIP: 0033:0x7f0026f8e969
[  464.110951][T10521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.110966][T10521] RSP: 002b:00007f0027e68038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  464.110982][T10521] RAX: ffffffffffffffda RBX: 00007f00271b5fa0 RCX: 00007f0026f8e969
[  464.110993][T10521] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000003
[  464.111003][T10521] RBP: 00007f0027e68090 R08: 0000000000000000 R09: 0000000000000000
[  464.111013][T10521] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[  464.111022][T10521] R13: 0000000000000000 R14: 00007f00271b5fa0 R15: 00007ffd368630c8
[  464.111055][T10521]  </TASK>
[  464.403681][T10523] hub 9-0:1.0: USB hub found
[  464.409209][T10523] hub 9-0:1.0: 1 port detected
[  464.452667][T10523] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  465.072661][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  465.092931][   T30] audit: type=1326 audit(1745517886.992:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  465.310559][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  465.408481][   T30] audit: type=1326 audit(1745517886.992:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  465.519051][   T30] audit: type=1326 audit(1745517886.992:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  465.766237][   T30] audit: type=1326 audit(1745517887.092:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0c35b85927 code=0x7ffc0000
[  465.806338][T10547] Invalid ELF header magic: != ELF
[  465.948658][T10549] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1232'.
[  466.236830][   T30] audit: type=1326 audit(1745517887.092:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0c35b2ab39 code=0x7ffc0000
[  466.330886][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  466.354026][   T30] audit: type=1326 audit(1745517887.092:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  466.379488][T10547] bpf: Bad value for 'uid'
[  466.399410][T10547] Invalid ELF header magic: != ELF
[  466.400371][T10548] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  466.482606][   T30] audit: type=1326 audit(1745517887.102:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0c35b85927 code=0x7ffc0000
[  466.715900][   T30] audit: type=1326 audit(1745517887.102:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f0c35b2ab39 code=0x7ffc0000
[  467.711243][   T30] audit: type=1326 audit(1745517887.102:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f0c35b8e969 code=0x7ffc0000
[  467.715875][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  467.734717][   T30] audit: type=1326 audit(1745517887.112:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10477 comm="syz.4.1218" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f0c35b85927 code=0x7ffc0000
[  468.090471][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  468.679440][T10570] overlayfs: failed to clone upperpath
[  469.056092][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  469.122448][T10575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  469.149460][T10575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  469.783562][T10564] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1237'.
[  469.798374][T10579] fuse: Unknown parameter '000000000000000000030x0000000000000003'
[  469.853502][T10575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  469.872110][T10575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  470.093270][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  470.151068][  T951] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  470.220092][ T5907] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  470.300112][  T951] usb 4-1: Using ep0 maxpacket: 16
[  470.306802][  T951] usb 4-1: config 0 interface 0 has no altsetting 0
[  470.313554][  T951] usb 4-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  470.322640][  T951] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.332652][  T951] usb 4-1: config 0 descriptor??
[  470.392009][ T5907] usb 2-1: unable to get BOS descriptor or descriptor too short
[  470.404609][ T5907] usb 2-1: New USB device found, idVendor=1235, idProduct=4661, bcdDevice=ae.13
[  470.413786][ T5907] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.422127][ T5907] usb 2-1: Product: syz
[  470.426305][ T5907] usb 2-1: Manufacturer: syz
[  470.430918][ T5907] usb 2-1: SerialNumber: syz
[  470.650934][T10590] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  470.659868][ T5878] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  470.661082][T10590] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  470.689032][ T5907] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  470.728902][ T5907] snd-usb-audio 2-1:8.0: probe with driver snd-usb-audio failed with error -2
[  470.774573][ T5907] usb 2-1: USB disconnect, device number 33
[  470.799104][  T951] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.000A/input/input67
[  471.005653][T10585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  471.114965][T10608] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  471.130679][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  471.245609][T10585] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  471.258751][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  471.292764][T10608] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  471.304116][T10585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  471.341607][T10585] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  471.373594][  T951] input: HID 0458:5013 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5013.000A/input/input68
[  471.385682][ T5833] udevd[5833]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:8.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  471.502969][T10585] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  471.515021][T10608] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  471.538556][T10608] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  472.169322][T10585] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  472.169678][  T951] kye 0003:0458:5013.000A: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0458:5013] on usb-dummy_hcd.3-1/input0
[  472.197495][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  472.280702][  T951] usb 4-1: USB disconnect, device number 16
[  472.439671][T10621] netlink: 'syz.1.1253': attribute type 10 has an invalid length.
[  472.782747][   T30] kauditd_printk_skb: 16 callbacks suppressed
[  472.782763][   T30] audit: type=1400 audit(1745517897.272:668): avc:  denied  { ioctl } for  pid=10624 comm="syz.1.1255" path="/dev/autofs" dev="devtmpfs" ino=98 ioctlcmd=0x9379 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  473.368984][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.467353][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.604708][  T951] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  474.671133][ T5877] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  475.500127][ T5877] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  475.512756][ T5877] usb 2-1: config 1 has no interface number 0
[  475.518961][ T5877] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  475.530692][ T5877] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  475.530935][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  475.539888][ T5877] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 128
[  475.585668][ T5877] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  475.599026][ T5877] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  475.620409][ T5877] usb 2-1: Product: syz
[  475.634066][ T5877] usb 2-1: Manufacturer: syz
[  475.649180][ T5877] usb 2-1: SerialNumber: syz
[  475.954410][T10630] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  475.985864][T10670] ubi: mtd0 is already attached to ubi31
[  476.037184][T10674] hub 9-0:1.0: USB hub found
[  476.046926][T10674] hub 9-0:1.0: 1 port detected
[  476.056622][T10674] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  476.177380][T10677] netlink: 'syz.2.1270': attribute type 10 has an invalid length.
[  476.222496][T10677] batman_adv: batadv0: Removing interface: team0
[  476.241390][T10677] 8021q: adding VLAN 0 to HW filter on device team0
[  476.253852][T10677] bond0: (slave team0): Enslaving as an active interface with an up link
[  476.345814][T10679] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[  476.571086][T10630] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  476.979651][T10684] openvswitch: netlink: IP tunnel attribute has 20 unknown bytes.
[  476.988988][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  477.022571][ T5877] cdc_ncm 2-1:1.1: bind() failure
[  477.189084][ T1210] usb 2-1: USB disconnect, device number 34
[  477.610646][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  477.928348][T10697] netlink: 'syz.1.1276': attribute type 10 has an invalid length.
[  478.021780][T10697] batman_adv: batadv0: Removing interface: team0
[  478.036700][T10697] team_slave_0: entered promiscuous mode
[  478.042574][T10697] team_slave_1: entered promiscuous mode
[  478.065599][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  478.103668][T10699] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1275'.
[  478.320745][T10697] 8021q: adding VLAN 0 to HW filter on device team0
[  478.389758][T10697] bond0: (slave team0): Enslaving as an active interface with an up link
[  478.468323][T10698] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  479.173062][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.279068][T10721] hub 9-0:1.0: USB hub found
[  479.284224][T10721] hub 9-0:1.0: 1 port detected
[  479.293173][T10721] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  480.258797][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.272994][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.710284][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.962942][T10723] ubi: mtd0 is already attached to ubi31
[  481.397618][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  481.434371][   T30] audit: type=1400 audit(1745517905.922:669): avc:  denied  { write } for  pid=10741 comm="syz.0.1289" path="socket:[26458]" dev="sockfs" ino=26458 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  481.575094][   T30] audit: type=1400 audit(1745517905.922:670): avc:  denied  { nlmsg_read } for  pid=10741 comm="syz.0.1289" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  481.713031][T10753] netlink: 'syz.3.1292': attribute type 21 has an invalid length.
[  481.730301][T10753] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1292'.
[  481.760291][T10753] netlink: 'syz.3.1292': attribute type 4 has an invalid length.
[  481.768042][T10753] netlink: 'syz.3.1292': attribute type 3 has an invalid length.
[  481.860528][T10758] ntfs3(nullb0): Primary boot signature is not NTFS.
[  481.868449][T10758] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  482.064917][T10753] netlink: 3 bytes leftover after parsing attributes in process `syz.3.1292'.
[  482.161337][T10761] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  482.216398][   T52] IPVS: starting estimator thread 0...
[  482.344426][T10768] IPVS: using max 80 ests per chain, 192000 per kthread
[  482.415352][   T52] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  482.480297][ T5885] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  482.821915][ T5885] usb 1-1: Using ep0 maxpacket: 16
[  482.872249][ T5885] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  482.893942][ T5885] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  482.946661][ T5885] usb 1-1: Product: syz
[  482.969286][ T5885] usb 1-1: Manufacturer: syz
[  482.974719][ T5885] usb 1-1: SerialNumber: syz
[  482.994609][ T5885] usb 1-1: config 0 descriptor??
[  483.007026][ T5885] visor 1-1:0.0: Sony Clie 3.5 converter detected
[  483.103534][T10781] netlink: 'syz.1.1297': attribute type 10 has an invalid length.
[  483.113331][T10781] team_slave_0: left promiscuous mode
[  483.119449][T10781] team_slave_1: left promiscuous mode
[  483.227581][T10781] bond0: (slave team0): Releasing backup interface
[  483.265643][T10781] batman_adv: batadv0: Adding interface: team0
[  483.272218][T10781] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  483.298223][T10781] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  483.454537][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  483.496706][   T30] audit: type=1400 audit(1745517907.972:671): avc:  denied  { ioctl } for  pid=10784 comm="syz.4.1298" path="socket:[26500]" dev="sockfs" ino=26500 ioctlcmd=0x8982 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  483.586803][ T5907] IPVS: starting estimator thread 0...
[  483.761224][T10789] IPVS: using max 37 ests per chain, 88800 per kthread
[  483.810696][ T5907] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  484.542704][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  484.908534][T10799] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  484.917246][T10799] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  484.958364][T10801] tipc: Enabling of bearer <eth:wlan1> rejected, already enabled
[  485.362860][ T5885] usb 1-1: clie_3_5_startup: get interface number failed: -71
[  485.380730][ T5885] visor 1-1:0.0: probe with driver visor failed with error -71
[  485.390873][ T5885] usb 1-1: USB disconnect, device number 19
[  486.177612][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  486.476957][   T30] audit: type=1400 audit(1745517910.962:672): avc:  denied  { append } for  pid=10808 comm="syz.0.1305" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  486.578868][   T30] audit: type=1400 audit(1745517911.062:673): avc:  denied  { connect } for  pid=10810 comm="syz.4.1306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  486.696199][   T30] audit: type=1400 audit(1745517911.172:674): avc:  denied  { read } for  pid=10810 comm="syz.4.1306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  486.759366][   T30] audit: type=1400 audit(1745517911.242:675): avc:  denied  { write } for  pid=10810 comm="syz.4.1306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  486.901137][ T5877] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  486.911420][T10821] FAULT_INJECTION: forcing a failure.
[  486.911420][T10821] name failslab, interval 1, probability 0, space 0, times 0
[  486.938350][T10821] CPU: 1 UID: 0 PID: 10821 Comm: syz.0.1309 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  486.938377][T10821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  486.938387][T10821] Call Trace:
[  486.938393][T10821]  <TASK>
[  486.938414][T10821]  dump_stack_lvl+0x16c/0x1f0
[  486.938442][T10821]  should_fail_ex+0x512/0x640
[  486.938462][T10821]  ? __kvmalloc_node_noprof+0x122/0x600
[  486.938480][T10821]  should_failslab+0xc2/0x120
[  486.938498][T10821]  __kvmalloc_node_noprof+0x135/0x600
[  486.938515][T10821]  ? alloc_netdev_mqs+0xd2/0x1570
[  486.938539][T10821]  ? __pfx_macvlan_setup+0x10/0x10
[  486.938563][T10821]  ? alloc_netdev_mqs+0xd2/0x1570
[  486.938583][T10821]  alloc_netdev_mqs+0xd2/0x1570
[  486.938609][T10821]  rtnl_create_link+0xc10/0xfa0
[  486.938635][T10821]  rtnl_newlink+0xb69/0x2000
[  486.938663][T10821]  ? __pfx_rtnl_newlink+0x10/0x10
[  486.938680][T10821]  ? find_held_lock+0x2b/0x80
[  486.938707][T10821]  ? avc_has_perm_noaudit+0x117/0x3b0
[  486.938728][T10821]  ? avc_has_perm_noaudit+0x149/0x3b0
[  486.938765][T10821]  ? find_held_lock+0x2b/0x80
[  486.938784][T10821]  ? __pfx_rtnl_newlink+0x10/0x10
[  486.938802][T10821]  ? __pfx_rtnl_newlink+0x10/0x10
[  486.938820][T10821]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  486.938842][T10821]  ? __pfx_rtnl_newlink+0x10/0x10
[  486.938864][T10821]  rtnetlink_rcv_msg+0x95b/0xe90
[  486.938888][T10821]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  486.938923][T10821]  netlink_rcv_skb+0x16a/0x440
[  486.938948][T10821]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  486.938970][T10821]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  486.939008][T10821]  ? netlink_deliver_tap+0x1ae/0xd30
[  486.939035][T10821]  netlink_unicast+0x53a/0x7f0
[  486.939061][T10821]  ? __pfx_netlink_unicast+0x10/0x10
[  486.939089][T10821]  netlink_sendmsg+0x8d1/0xdd0
[  486.939117][T10821]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.939150][T10821]  ____sys_sendmsg+0xa95/0xc70
[  486.939177][T10821]  ? copy_msghdr_from_user+0x10a/0x160
[  486.939198][T10821]  ? __pfx_____sys_sendmsg+0x10/0x10
[  486.939242][T10821]  ___sys_sendmsg+0x134/0x1d0
[  486.939264][T10821]  ? __pfx____sys_sendmsg+0x10/0x10
[  486.939317][T10821]  __sys_sendmsg+0x16d/0x220
[  486.939338][T10821]  ? __pfx___sys_sendmsg+0x10/0x10
[  486.939367][T10821]  ? rcu_is_watching+0x12/0xc0
[  486.939395][T10821]  do_syscall_64+0xcd/0x260
[  486.939420][T10821]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.939437][T10821] RIP: 0033:0x7f900778e969
[  486.939451][T10821] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.939467][T10821] RSP: 002b:00007f900864b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  486.939483][T10821] RAX: ffffffffffffffda RBX: 00007f90079b5fa0 RCX: 00007f900778e969
[  486.939494][T10821] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  486.939503][T10821] RBP: 00007f900864b090 R08: 0000000000000000 R09: 0000000000000000
[  486.939513][T10821] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.939522][T10821] R13: 0000000000000000 R14: 00007f90079b5fa0 R15: 00007ffc0ac5e498
[  486.939543][T10821]  </TASK>
[  487.364603][ T1210] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  488.435509][T10839] ICMPv6: NA: aa:aa:aa:aa:aa:00 advertised our address fe80::aa on syz_tun!
[  488.475651][ T5885] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  488.654269][T10842] ------------[ cut here ]------------
[  488.654345][T10842] WARNING: CPU: 1 PID: 10842 at drivers/gpu/drm/vkms/vkms_crtc.c:97 vkms_get_vblank_timestamp+0x167/0x1b0
[  488.654396][T10842] Modules linked in:
[  488.654467][T10842] CPU: 1 UID: 0 PID: 10842 Comm: syz.4.1316 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  488.654495][T10842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  488.654508][T10842] RIP: 0010:vkms_get_vblank_timestamp+0x167/0x1b0
[  488.654537][T10842] Code: c4 fb e8 dc ae b2 fb 4c 89 e1 48 ba 00 00 00 00 00 fc ff df 48 c1 e9 03 80 3c 11 00 75 43 49 89 04 24 eb c0 e8 da e3 c4 fb 90 <0f> 0b 90 eb b5 e8 df 5e 2a fc e9 dc fe ff ff e8 65 5f 2a fc e9 14
[  488.654562][T10842] RSP: 0018:ffffc900038670b8 EFLAGS: 00010283
[  488.654580][T10842] RAX: 0000000000040c64 RBX: ffff888143398028 RCX: ffffc9000ed13000
[  488.654594][T10842] RDX: 0000000000080000 RSI: ffffffff85f66c16 RDI: 0000000000000006
[  488.654606][T10842] RBP: 00000071c4385f1c R08: 0000000000000006 R09: 00000071c4385f1c
[  488.654618][T10842] R10: 00000071c4385f1c R11: 0000000000000000 R12: ffffc90003867220
[  488.654631][T10842] R13: 00000071c4385f1c R14: 0000000000004e20 R15: ffffffff85f66ab0
[  488.654644][T10842] FS:  00007f0c369456c0(0000) GS:ffff888124ab2000(0000) knlGS:0000000000000000
[  488.654662][T10842] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  488.654676][T10842] CR2: 0000001b301e8ff8 CR3: 0000000021afc000 CR4: 00000000003526f0
[  488.654688][T10842] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  488.654700][T10842] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  488.654713][T10842] Call Trace:
[  488.654720][T10842]  <TASK>
[  488.654733][T10842]  drm_crtc_get_last_vbltimestamp+0x102/0x1b0
[  488.654764][T10842]  ? __pfx_drm_crtc_get_last_vbltimestamp+0x10/0x10
[  488.654791][T10842]  ? drm_gem_vmap_unlocked+0x72/0xa0
[  488.654817][T10842]  drm_crtc_next_vblank_start+0x182/0x300
[  488.654842][T10842]  drm_atomic_helper_wait_for_fences+0x203/0x830
[  488.654876][T10842]  ? __pfx_drm_atomic_helper_wait_for_fences+0x10/0x10
[  488.654904][T10842]  ? drm_atomic_helper_prepare_planes+0x5aa/0xbb0
[  488.654938][T10842]  drm_atomic_helper_commit+0x1cf/0x380
[  488.654968][T10842]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  488.654995][T10842]  drm_atomic_commit+0x231/0x300
[  488.655019][T10842]  ? __pfx_drm_atomic_commit+0x10/0x10
[  488.655038][T10842]  ? __pfx___drm_printfn_info+0x10/0x10
[  488.655065][T10842]  ? drm_client_rotation+0x4d9/0x6a0
[  488.655098][T10842]  drm_client_modeset_commit_atomic+0x69d/0x7e0
[  488.655137][T10842]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  488.655185][T10842]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  488.655224][T10842]  drm_client_modeset_commit_locked+0x14d/0x580
[  488.655263][T10842]  drm_fb_helper_pan_display+0x32d/0xa40
[  488.655295][T10842]  ? drm_client_modeset_commit_locked+0x15d/0x580
[  488.655330][T10842]  fb_pan_display+0x479/0x7d0
[  488.655362][T10842]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  488.655387][T10842]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[  488.655416][T10842]  fb_set_var+0x860/0x11f0
[  488.655449][T10842]  ? __pfx_fb_set_var+0x10/0x10
[  488.655484][T10842]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  488.655519][T10842]  ? lock_acquire+0x179/0x350
[  488.655539][T10842]  ? find_held_lock+0x2b/0x80
[  488.655564][T10842]  ? finish_task_switch.isra.0+0x21c/0xc10
[  488.655594][T10842]  ? rcu_is_watching+0x12/0xc0
[  488.655616][T10842]  ? finish_task_switch.isra.0+0x221/0xc10
[  488.655641][T10842]  ? lockdep_hardirqs_on+0x7c/0x110
[  488.655667][T10842]  ? finish_task_switch.isra.0+0x221/0xc10
[  488.655694][T10842]  ? rcu_is_watching+0x12/0xc0
[  488.655717][T10842]  ? trace_sched_exit_tp+0xde/0x130
[  488.655770][T10842]  ? __pfx___schedule+0x10/0x10
[  488.655797][T10842]  fbcon_blank+0x674/0xd20
[  488.655830][T10842]  ? __pfx_fbcon_blank+0x10/0x10
[  488.655875][T10842]  ? __pfx___might_resched+0x10/0x10
[  488.655906][T10842]  ? __pfx_fbcon_blank+0x10/0x10
[  488.655934][T10842]  do_unblank_screen+0x27b/0x4c0
[  488.655964][T10842]  vt_ioctl+0x1229/0x2f50
[  488.655992][T10842]  ? __pfx_vt_ioctl+0x10/0x10
[  488.656013][T10842]  ? lockdep_hardirqs_on+0x7c/0x110
[  488.656052][T10842]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  488.656077][T10842]  ? do_vfs_ioctl+0x512/0x1990
[  488.656103][T10842]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  488.656126][T10842]  ? tty_jobctrl_ioctl+0x152/0xe00
[  488.656152][T10842]  ? __pfx_vt_ioctl+0x10/0x10
[  488.656172][T10842]  tty_ioctl+0x65a/0x1610
[  488.656202][T10842]  ? __pfx_tty_ioctl+0x10/0x10
[  488.656230][T10842]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  488.656276][T10842]  ? hook_file_ioctl_common+0x145/0x410
[  488.656304][T10842]  ? selinux_file_ioctl+0x180/0x270
[  488.656332][T10842]  ? selinux_file_ioctl+0xb4/0x270
[  488.656362][T10842]  ? __pfx_tty_ioctl+0x10/0x10
[  488.656391][T10842]  __x64_sys_ioctl+0x190/0x200
[  488.656420][T10842]  do_syscall_64+0xcd/0x260
[  488.656450][T10842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.656470][T10842] RIP: 0033:0x7f0c35b8e969
[  488.656488][T10842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.656506][T10842] RSP: 002b:00007f0c36945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  488.656527][T10842] RAX: ffffffffffffffda RBX: 00007f0c35db6160 RCX: 00007f0c35b8e969
[  488.656541][T10842] RDX: 0000000000000002 RSI: 0000000000004b3a RDI: 000000000000000c
[  488.656553][T10842] RBP: 00007f0c35c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  488.656566][T10842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  488.656579][T10842] R13: 0000000000000000 R14: 00007f0c35db6160 R15: 00007ffd4a7b9898
[  488.656607][T10842]  </TASK>
[  488.656617][T10842] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  488.656630][T10842] CPU: 1 UID: 0 PID: 10842 Comm: syz.4.1316 Not tainted 6.15.0-rc3-syzkaller-00032-ga79be02bba5c #0 PREEMPT(full) 
[  488.656654][T10842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  488.656665][T10842] Call Trace:
[  488.656672][T10842]  <TASK>
[  488.656679][T10842]  dump_stack_lvl+0x3d/0x1f0
[  488.656705][T10842]  panic+0x71c/0x800
[  488.656724][T10842]  ? __pfx_panic+0x10/0x10
[  488.656743][T10842]  ? show_trace_log_lvl+0x29b/0x3e0
[  488.656778][T10842]  ? vkms_get_vblank_timestamp+0x167/0x1b0
[  488.656806][T10842]  check_panic_on_warn+0xab/0xb0
[  488.656826][T10842]  __warn+0xf6/0x3c0
[  488.656844][T10842]  ? vkms_get_vblank_timestamp+0x167/0x1b0
[  488.656873][T10842]  report_bug+0x3c3/0x580
[  488.656896][T10842]  ? vkms_get_vblank_timestamp+0x167/0x1b0
[  488.656921][T10842]  handle_bug+0x184/0x210
[  488.656948][T10842]  exc_invalid_op+0x17/0x50
[  488.656975][T10842]  asm_exc_invalid_op+0x1a/0x20
[  488.656992][T10842] RIP: 0010:vkms_get_vblank_timestamp+0x167/0x1b0
[  488.657016][T10842] Code: c4 fb e8 dc ae b2 fb 4c 89 e1 48 ba 00 00 00 00 00 fc ff df 48 c1 e9 03 80 3c 11 00 75 43 49 89 04 24 eb c0 e8 da e3 c4 fb 90 <0f> 0b 90 eb b5 e8 df 5e 2a fc e9 dc fe ff ff e8 65 5f 2a fc e9 14
[  488.657033][T10842] RSP: 0018:ffffc900038670b8 EFLAGS: 00010283
[  488.657048][T10842] RAX: 0000000000040c64 RBX: ffff888143398028 RCX: ffffc9000ed13000
[  488.657060][T10842] RDX: 0000000000080000 RSI: ffffffff85f66c16 RDI: 0000000000000006
[  488.657072][T10842] RBP: 00000071c4385f1c R08: 0000000000000006 R09: 00000071c4385f1c
[  488.657083][T10842] R10: 00000071c4385f1c R11: 0000000000000000 R12: ffffc90003867220
[  488.657094][T10842] R13: 00000071c4385f1c R14: 0000000000004e20 R15: ffffffff85f66ab0
[  488.657106][T10842]  ? __pfx_vkms_get_vblank_timestamp+0x10/0x10
[  488.657137][T10842]  ? vkms_get_vblank_timestamp+0x166/0x1b0
[  488.657164][T10842]  ? vkms_get_vblank_timestamp+0x166/0x1b0
[  488.657189][T10842]  drm_crtc_get_last_vbltimestamp+0x102/0x1b0
[  488.657212][T10842]  ? __pfx_drm_crtc_get_last_vbltimestamp+0x10/0x10
[  488.657237][T10842]  ? drm_gem_vmap_unlocked+0x72/0xa0
[  488.657269][T10842]  drm_crtc_next_vblank_start+0x182/0x300
[  488.657292][T10842]  drm_atomic_helper_wait_for_fences+0x203/0x830
[  488.657325][T10842]  ? __pfx_drm_atomic_helper_wait_for_fences+0x10/0x10
[  488.657351][T10842]  ? drm_atomic_helper_prepare_planes+0x5aa/0xbb0
[  488.657382][T10842]  drm_atomic_helper_commit+0x1cf/0x380
[  488.657409][T10842]  ? __pfx_drm_atomic_helper_commit+0x10/0x10
[  488.657435][T10842]  drm_atomic_commit+0x231/0x300
[  488.657455][T10842]  ? __pfx_drm_atomic_commit+0x10/0x10
[  488.657472][T10842]  ? __pfx___drm_printfn_info+0x10/0x10
[  488.657497][T10842]  ? drm_client_rotation+0x4d9/0x6a0
[  488.657529][T10842]  drm_client_modeset_commit_atomic+0x69d/0x7e0
[  488.657566][T10842]  ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10
[  488.657612][T10842]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  488.657648][T10842]  drm_client_modeset_commit_locked+0x14d/0x580
[  488.657681][T10842]  drm_fb_helper_pan_display+0x32d/0xa40
[  488.657709][T10842]  ? drm_client_modeset_commit_locked+0x15d/0x580
[  488.657741][T10842]  fb_pan_display+0x479/0x7d0
[  488.657766][T10842]  ? __pfx_drm_fb_helper_pan_display+0x10/0x10
[  488.657790][T10842]  ? __pfx_drm_fb_helper_set_par+0x10/0x10
[  488.657816][T10842]  fb_set_var+0x860/0x11f0
[  488.657847][T10842]  ? __pfx_fb_set_var+0x10/0x10
[  488.657880][T10842]  ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10
[  488.657914][T10842]  ? lock_acquire+0x179/0x350
[  488.657931][T10842]  ? find_held_lock+0x2b/0x80
[  488.657956][T10842]  ? finish_task_switch.isra.0+0x21c/0xc10
[  488.657982][T10842]  ? rcu_is_watching+0x12/0xc0
[  488.658003][T10842]  ? finish_task_switch.isra.0+0x221/0xc10
[  488.658026][T10842]  ? lockdep_hardirqs_on+0x7c/0x110
[  488.658053][T10842]  ? finish_task_switch.isra.0+0x221/0xc10
[  488.658079][T10842]  ? rcu_is_watching+0x12/0xc0
[  488.658101][T10842]  ? trace_sched_exit_tp+0xde/0x130
[  488.658148][T10842]  ? __pfx___schedule+0x10/0x10
[  488.658174][T10842]  fbcon_blank+0x674/0xd20
[  488.658205][T10842]  ? __pfx_fbcon_blank+0x10/0x10
[  488.658253][T10842]  ? __pfx___might_resched+0x10/0x10
[  488.658282][T10842]  ? __pfx_fbcon_blank+0x10/0x10
[  488.658308][T10842]  do_unblank_screen+0x27b/0x4c0
[  488.658335][T10842]  vt_ioctl+0x1229/0x2f50
[  488.658360][T10842]  ? __pfx_vt_ioctl+0x10/0x10
[  488.658380][T10842]  ? lockdep_hardirqs_on+0x7c/0x110
[  488.658417][T10842]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  488.658439][T10842]  ? do_vfs_ioctl+0x512/0x1990
[  488.658462][T10842]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  488.658484][T10842]  ? tty_jobctrl_ioctl+0x152/0xe00
[  488.658507][T10842]  ? __pfx_vt_ioctl+0x10/0x10
[  488.658526][T10842]  tty_ioctl+0x65a/0x1610
[  488.658554][T10842]  ? __pfx_tty_ioctl+0x10/0x10
[  488.658581][T10842]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  488.658619][T10842]  ? hook_file_ioctl_common+0x145/0x410
[  488.658645][T10842]  ? selinux_file_ioctl+0x180/0x270
[  488.658672][T10842]  ? selinux_file_ioctl+0xb4/0x270
[  488.658701][T10842]  ? __pfx_tty_ioctl+0x10/0x10
[  488.658729][T10842]  __x64_sys_ioctl+0x190/0x200
[  488.658757][T10842]  do_syscall_64+0xcd/0x260
[  488.658784][T10842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.658802][T10842] RIP: 0033:0x7f0c35b8e969
[  488.658816][T10842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.658834][T10842] RSP: 002b:00007f0c36945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  488.658851][T10842] RAX: ffffffffffffffda RBX: 00007f0c35db6160 RCX: 00007f0c35b8e969
[  488.658863][T10842] RDX: 0000000000000002 RSI: 0000000000004b3a RDI: 000000000000000c
[  488.658873][T10842] RBP: 00007f0c35c10ab1 R08: 0000000000000000 R09: 0000000000000000
[  488.658884][T10842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  488.658895][T10842] R13: 0000000000000000 R14: 00007f0c35db6160 R15: 00007ffd4a7b9898
[  488.658921][T10842]  </TASK>
[  488.659135][T10842] Kernel Offset: disabled