last executing test programs:

1m45.79627546s ago: executing program 1 (id=969):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x20042)
preadv(r0, &(0x7f0000000300)=[{0x0}], 0x1, 0x0, 0xffffffff)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
r2 = open(0x0, 0x200001, 0x31)
ioctl$SIOCRSGL2CALL(r2, 0x89e5, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x814)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x8, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xa, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bd21ffff0000000007010000f8ffffffb502020008040000b70300000000000085000000a400000095"], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000}, 0x94)

1m45.344203255s ago: executing program 1 (id=971):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYRES32=r0, @ANYRESDEC], 0x54}, 0x1, 0x0, 0x0, 0x48000}, 0x24004800)
r1 = openat$mice(0xffffffffffffff9c, &(0x7f0000001400), 0x101)
r2 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
close(0x3)
socket$nl_generic(0x10, 0x3, 0x10)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0xa40, 0x0)
r3 = syz_io_uring_setup(0x172, &(0x7f0000000780)={0x0, 0x4f5c, 0x10100, 0xfffffffe, 0x2a0}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r3, 0x567, 0x0, 0x0, 0x0, 0x0)
r6 = dup(0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3d2e0ff7bcdbb45531f030375c0806d4b6860df2f14e62ec5fb0c7641bff3ef08bf2775d95ab5c7ffe6de2e929e1aae57841a74da704171a536ed1c1008e5c716bc43336b27601a695da4ac6e42f5c4f4668d7d3c24a72d6770b992f96fb1ebcd1296a77b5333bb2901b48b0d6ccd9785be9ad36fcfe462aa236eb4a8abef338aa7ee88d5c8479adff070000dd953fcd0712d4a822f91e7f8d396b5430d5d44d9715ae11b58891ea1cbe8aad1a12655b8c820db1fb5c80", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c6361636865642c6bdfff000000000000004992223cb07b7ea230dbb21e747e65c46afb521773b3821a4d784b5a3828988544ad94d1636d5bc55666199597b59f977b78cb477d8fca0195f5c34bf94d0b03279e915e32541892151afdbbef869bf07224edaef66d7e2a09d177145c9b013b86c9d49432ec6b8227b5f6868e35a02a4deb58610a2fe4859a9ed5d9ae4337e75f0ee0726cd6cd82ade2eaec7191406e87b31cac9926abf52f7ebb5418f90b598eb5"])
ioctl$UI_END_FF_ERASE(r6, 0x400c55cb, &(0x7f00000002c0)={0x90, 0xd, 0x5})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
bind$netrom(r2, &(0x7f0000000380)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, [@bcast, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47}, 0x94)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c000000000801016fa7000000000000030000050c00048008000240fffffff706000240060000000900010073797a31000000000500030088000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4800}, 0x800)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r10, @ANYRES32=r9, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r10, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r8}, 0x20)
sendmmsg$inet6(r8, &(0x7f0000008c00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)='PU', 0x2}], 0x1}}], 0x1, 0x20004810)
r12 = socket$inet_sctp(0x2, 0x1, 0x84)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f000094c000/0x3000)=nil, 0x3000, 0x6, 0x4000010, 0xffffffffffffffff, 0x9f81c000)
r13 = dup(r12)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r13, 0x660c)

1m45.084574027s ago: executing program 1 (id=974):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
socket(0xa, 0x3, 0x3a)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0xf, 0x8041)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r3, 0x8108551b, &(0x7f00000001c0)={0x0, 0x2, "4cf90fba85c830e42a3ca4b10f01bbcb15f3806c4853e7c44a6974759d9f643905a56baa4195fb396d9bfa306999f1586e5d1ca49add100a36b751a7d9fe0b182ebf2c8a0e66f72c1c08260030752f07cd4089473e52885a3c85bacf3ccfac5bb9435fe036dcfccd7254bbd8bce90e2284d29e1f17d6652270fd0abcb8729f16ff602b438bd122a9e09984e2799d0dbfef7533d1a930ea4f4b57605ace45f5815450693650ae122d34aa0c5ca5e793516d156e5a5b34d6c17c40d753426a3d8e15e726d0f2622e873e0cbe63751bb62c68594d4cb0a21b92ad2e80f24a9b290a87ee6779022a0b7f5223e4e8c9f53f501ec8c439724078fdc076a51d50760566"})
ioctl$FIOCLEX(0xffffffffffffffff, 0x5451)
ioctl$USBDEVFS_ALLOC_STREAMS(r3, 0x8008551c, &(0x7f00000007c0)=ANY=[@ANYBLOB="4a180000090000008102850486868c830e1eeca4811683b19149f28306b2323844cb77b52b2b8eb4cf4ea4c6bc54e71213048c01dfa2647731295cff020487e4c14e2081745ce167d7fe86819361ec9aef7a684282f666696cde0d7dc76aa0ffd85cca1df5c1e3fd5a7ae3b7bc9788fd6b3712cc0269f9319e8df1090c884f14c7f7c1cf7e811767fce6668da61103d9f97936653e6f4ce2b07d9701c321bdf62e6e6124ca0a1d7f409bc12e44e917f1d722f0c48fd8926a343763e16d041f73f21f5627e1de9dc1f415e0fce323d4701d81ebdc2b9099174efa93681fb7fff945f0194953e673809a9218d04a839c32e6d035dfdc551f31ba1d45f8e3c7"])
r4 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x482, 0x0)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000200)={0xfffffffc, 0x4, 0x6, 0x0, 0xff, "db8f2d2b3b7596160c6981acf8805944823a7f"})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0)
ioctl$IOCTL_STOP_ACCEL_DEV(0xffffffffffffffff, 0x40096101, &(0x7f0000000780)={{&(0x7f0000000700)={'Accelerator0\x00', {&(0x7f0000000500)=@adf_hex={@bank={'Bank', '3', 'InterruptCoalescingTimerNs\x00'}, {0x9}, {&(0x7f0000000440)=@adf_str={@normal='NumberCyInstances\x00', {"acfe62918b0e521853e6c54c8c1fc3f3204fe64bda9d1c61bedcb1b1be63d3715d44757803960bfba9b5a62f2ee0a2128bae2f15d7f6f913cf906e93f811a479"}}}}}, {&(0x7f0000000680)={'Accelerator\x00', {&(0x7f00000005c0)=@adf_str={@bank={'Bank', '4', 'CoreAffinity\x00'}, {"ff6bda26ae6c81b6ccc502924ebdc3a9fad985d7ea8d54e0b8fbf963eaa2bb535fdc61927a11ec0be4eb3c1a828e1f43346f18bef5b81d460a0dc618ef37b7b7"}}}}}}}, 0xc7})
getxattr(0x0, 0x0, 0x0, 0x0)
ppoll(&(0x7f0000000100)=[{0xffffffffffffffff, 0x200}], 0x1, &(0x7f0000000280)={0x77359400}, &(0x7f0000000300)={[0x10000]}, 0x8)
unshare(0x40020000)
r5 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(r5, 0xc25c4110, &(0x7f0000000080)={0x3000000, [[0x7fff, 0x2, 0x0, 0x0, 0x1, 0x10000, 0x0, 0xc], [0xfffffffc, 0x52cf, 0x0, 0x0, 0x6, 0x4], [0x403, 0x2000c, 0x0, 0x0, 0x0, 0x6]], '\x00', [{0x5, 0x5}, {}, {}, {}, {0x2}, {0xfffffffe}, {0x4000, 0xffffff01}, {0x0, 0x4}, {}, {0x0, 0xffffffff}], '\x00', 0x100})
ioctl$HCIINQUIRY(0xffffffffffffffff, 0x800448f0, &(0x7f0000000180)={0x0, 0x0, "a4cd91", 0x9})

1m43.9637552s ago: executing program 1 (id=976):
socket(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
io_uring_enter(0xffffffffffffffff, 0x6e2, 0x600, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
open(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup.net/cgroup.procs\x00', 0x2, 0x128)
io_setup(0x9, &(0x7f0000001d00)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f00000000c0)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x8, r2, &(0x7f0000000100)="331e76", 0x3, 0x7, 0x0, 0x2}])
mkdir(&(0x7f0000000100)='./file1\x00', 0x13b)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
write$FUSE_CREATE_OPEN(0xffffffffffffffff, &(0x7f0000000180)={0xa0, 0xffffffffffffffda, 0x0, {{0x4, 0x3, 0x5, 0x6, 0x3, 0x1, {0x0, 0x9, 0x20ff, 0x5, 0x89, 0xd615, 0x9, 0x7fffffff, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x3ff, 0x1}}, {0x0, 0x13}}}, 0xa0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
pread64(r0, &(0x7f0000002280)=""/4096, 0x1000, 0xd33)
syz_usb_connect(0x0, 0x4f, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000a6ff0540cdabeecdb9050000000109023d0c020000000009049c00030103510009050a00000000000009050313000000000003270103"], 0x0)

1m40.493818425s ago: executing program 1 (id=983):
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x3)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000280)={0x8000})
bind$bt_hci(r2, &(0x7f00000000c0)={0x1f, 0x3, 0x1}, 0x6)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, 0x0, 0x0)
write(r2, &(0x7f0000000080)="0b000300010001", 0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x48202, 0x0)
r9 = dup(r8)
write$6lowpan_enable(r9, &(0x7f0000000000)='0', 0xfffffffffffffeca)
fadvise64(r7, 0x18, 0x1800, 0x4)

1m39.44698753s ago: executing program 1 (id=988):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
r6 = accept4(r0, 0x0, 0x0, 0x0)
sendto$packet(r6, &(0x7f00000000c0)="37fe0187610488b3d05d92015ee9ad38d34e1b37234adcd7a271dcd87da03ea3c1b0eb949065c29156446f75a0f3128825ba4f61f4b702bf489c5737aa6121dd0090d0729c829124ccc2197c0af536a4bf1add8929dddebfe0edee", 0xfffffffffffffec6, 0x0, 0x0, 0x0)

1m39.162929285s ago: executing program 32 (id=988):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
r6 = accept4(r0, 0x0, 0x0, 0x0)
sendto$packet(r6, &(0x7f00000000c0)="37fe0187610488b3d05d92015ee9ad38d34e1b37234adcd7a271dcd87da03ea3c1b0eb949065c29156446f75a0f3128825ba4f61f4b702bf489c5737aa6121dd0090d0729c829124ccc2197c0af536a4bf1add8929dddebfe0edee", 0xfffffffffffffec6, 0x0, 0x0, 0x0)

20.362095272s ago: executing program 0 (id=1224):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0xea100, 0x0)
timer_create(0x2, 0x0, 0x0)
sendmsg$inet6(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000080)={0xa, 0x4e21, 0x4080000, @dev={0xfe, 0x80, '\x00', 0x1a}}, 0x1c, 0x0}, 0xc000)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000001cc0)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000001b40)={0xa, 0x4e21, 0x80003, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x60bc}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000001980)=[{&(0x7f0000000680)="a4f04dfd21a1323b50f6e1aa636512c9c038376ea123c819a8db30e58710b53997a2b80a3782dc72c7a327db53370c2a488409f69e00"/65, 0x41}, {&(0x7f0000000700)="3737ed2cb8fd0e031d3213758cad80304c64363a1e83a954c1ccd7ecb6fd18a143132e05303ea571db900a515fa97d364cec014e5dd575904afcbf11daa1a0370f841ec5f576c88582291a561cf8d03af285c8534f7a85f9c9afac913b6f912705e7118692a5ab8d2462b86cce5e1a1aa8cf5290f18b89c817f4187215dd05e2249786c28b1a615f1a22b7235cf864be70476f69", 0x94}, {&(0x7f00000007c0)="dae91e70a51262d25cf79a6ca6f46c3766cc0e0126c736165903e3caa40afae5d01bbf5919986ff752a00feb088fb2c162b8b90eb1591d89b1c0478b024dfbd0789231848f7b04aa471e0dedd7124e04de4105b6d9245f9d68b08e74a1cede7eeac86055df8dab1a59e35be6ad2f39f0a4ddc7cb90c766d40851cc91b9b0fbf7fbefd27108b2fc7f153b04734accdc1bae57d48fc6c8070352e9a074e6deb9be662c304a11986f26ab42efb282067df004d559dd8f5e3c7bc803722d4fe30c8fa77e14d39e9fb365a92dfa136dec48b7abce79ed6d2d1039626ae20b7d1e0e4fb3fceb53ac19985af24735d7690407460d3c96c3ef2cf1cc8a4c9183d1ad27afbdf6063f52c8818b2143ac8118f9994c6b3f9ae8eca84c6d0f87597657c167920f6d3186e10d00c5b078906a7c031d2f2b9a98cb1a948e18ff7d4389f8f154da38e78f27373f9a289e32cd0a1f6d99c81c4476d8342d2ff003826db11e43bf1097d7ff818864c1bb78fd79731ba70338f6b3ecfa2266e2dacdc22e6c7f44023858ae460970801464f6aa8307e1b092a55b61029c3240e96b2039041e1b25fdc1a2be95cf43a4e7e7f04e65d3977494f35508e43a819374e2ee3269ca06b912a83888df507bc1dfd0b2fff09ee54cf210adda918a5f4c20e4b10e643432f0969d7977a565a36a45b27d7698e73cbbc4802b43063db35697cfa6df4983353e7a98910afca79e90cc29db0e6a56784876ac31e6105d5c4a99bb7da60b00d0937f92151bec2c235b3a7372f799e008fc6df5b671259d5540281a6d7fca215c078de54620b20ae0f899713c960405151352b3f45a9fb3842fa45899e6a137289a0774b13ab51ceb96008ce79dee13a58a7a25dda5d92548be7a1bbf5cc71e7e158dd453b50d0592915e347bddae36fb310665f012bdf7628d09c6253e358654dc800a388ce5911837eb308a2e26db306929db03a8756ff3a3414f977ec306a276f27ebcb55ec4c72daecec5491917fa40aab78600546f17e296e7217e91aa4fe044eeff7f4c9a3c5ccb3520b681ae010f0b44f44e066c2eab6e979b1dea7fc6f5792aac5b8e18d6227d42119691cc89b32f7e6eebe88b06da0c952d4d3cba3984d71d2b45baaffd10af43e978b979ec194a2a618f095a5a34959cdd550316fe174c20f1a2c5d2b7ee9a1a62a3573325634e9a21dde4a237d2c424bdcd19d6b23cc210aafb9af17c05bbc59b4668b930c1e773b44c22a1c437041014411345d50d1c8a930e2bbb3348842a944fc643229b44b96eeb80279a20aa5db2be67a6284f0b3f4c803af437fdb6a8f9f34954f3eea59c4faf651abf4727eeb2f7e0441ff07ac1b20229fdd3b55fba4c11f2deaea6aee932a9af802ba9077c90f4b6985cfd780265cc09c4ef2c478d91a586725ae1869f4f011c7eda25c8ec6e25d49cd3fed1ae03891d4a1015925ee500f182f35be9cf33919510ab4b046b757b6097869c5b68074d3b644ce5aabf941eec21062b9484f7bdd01afb1df561514eacec6982b6c4a106f5adc59fe61213763d3fd2c3987764f8e078284ebd41faac278d729ffcdfa51d85823204fca0322824921e29e9f4f6bb59f73c15c1386ba746394cb054fc8fa07946fcffab7607ad221c424203d3fcb9ac81fb5b63f2aa5e71224baf808bd921f661203391e7f4b6c47cb97b03009aeb34be24db56508e9a2a71effb6257d704cb50b1bfd40f8ba10b85cf9a1658668c2872bc4dd11e16143070f43b7a029e3fae421289dd825a3e2ab1c96262691523c46c52f9f26ccbc72cda4fdbecbe2c359334b5c556521b95010506fddad45778f811ed52652adda90793f8e6daa58591565d3d5919cab58e935bd73053e1685bbc5346e3cdcc3e26c83b024b19940443570c77c7531518d2fcaefb75c6ab12a87223583337822ffdf504354ced45d3f210b69ba691cfd78b78b140a21e6acb8da98b5d3f9929ee6fe25d16f6461439b16b5607ec59abb02521325297dab58c98fad37b919c89cc0ac421348f62f475c18b636f9576c695029296869a4aa168bec32d34e4574fb50e8c77b97c8badfc34ddb1c4e0a0f296f7545b33d76f16a4faa59087b5cfe8519fe6e093ec24a96792475bbb4078656edc57520b38f4e9ee1f674863bce79041c1e55301d5a2aeea4f18fb6a08a1eb60141c1fc8f4773b6d914f537bddb4094afbda20f681bf8dd78076ccc64d0cb13bcf87b539a6cf0c4e3511810745d5aabe6b26ef585033b9ae721fac7f8e705e71c498231d88ea689621c231323fb4c13aed6fd0adcc24ca3530f38338ea921c83207fe95f1e1b20d66903bc029f12064b3823fe4d9b0a25b706f1f67008fe2e48da90e988ab7b3ed109cb6773fc4eaaf95d118bb5095c7cbb8145bf7362a4afff094996e4cc06c6ed563ab4b12dd77072bd8f0536827aefbfed40f63130858a78d9a0aba0a2708269552c19c685180b9add30a10b87d4feb71d40a28f322cd69673bb292297c02062131342b61e3322c4dfffa3018bc4ce0ae581877cf5a3dc46053e9fcf04d63c991e0d3cd6c05830868a860b1b2b4c4e3f39e200124fed3faa5580a9ba0cd9251900f33219986b22c56b3f7bf0b4a96e4cfd77230be5c830e9e91df052bab948dc73de71a572fa3b269d9ee8fe0947179d295578f78892cf573bf376ce88a17b432d41e1d59d146fc68ab377cf3ac4a0b12cc641151b69c794de94fb2ea17d7280745937d93ed43c5411169235a24080822916422ec612677df60c0d007cb46e252ea59df3aae4d3acf50e7ee3d111dab9fe0cd55a43fcaefcea6ecfa755ed457c69789e35cb5a73f95b36b7a2e7b7aa33d4ac34062031c931bb108239e63c6097b2f1bb342bbbf8e15a94f0b8858c36e2ee7683d82de5c9255776853d4c2d2c8cce13b56cd44459ebd37cf71b5ab2d27176cfd21c77b2ef27dbe6b9e28a42f048e5c969b5e1383ede91361495dfb640b8605bae7391fddaff1dbd4ab4e59e988eb346dbe0f3750af1ce3c1ec5f469a397f46e487a475d5b5042bd67dd7644b5a9ec7cd155ab92dcca315ce9f78d1579fcb9fa082ee24f503e4d40ed1e9f4613d6c3aecd86ebc62733bbcdec4b615a2ce4a020d9c6499c4600ec34331b200bd6a1455b4882e2884d54ecc7bada2446e99e18b2de8886c768f32bde6d9dfff2e843bcba0f756c4a47e71fe9bc6bb17aa44b6d5fe9a633f9a24d8a44bf631e2589b4ff3b1f3055ca2a274246c58c9562f8e2dc72641dd8dbbb022af179bcbf4c798c1da228b0af9d5886b45cad08b73bed1acdc444e5f25ebd328b7e1d9a8cdd1c289d90965835834ccc587df241b688f90e8988589ce1b8ceb29abb59ab56001954cba212cda6b4c1b9fec1bfd678b4a87d0f3bc3d084cfbb0f306d0b239b3003c1a5314509d378e4e5d64ed89329c584ee8bed8f2143eb3d314bda17f5d1b32e79efec13a09a0515bb7ec931a2c80d92104de7bab24f1baf1051ab1fa704aa369fc311c54bc085c3e49fd4333c6237a800f7bd52d114b2e089486295427b9f8a17e0f9887c9df58df3a7a3aea761a0a41509fdd02ade34de267b1a175de924fa19a5a538277a6f4db3641c7961a49fa8b2ca426ae643bc47203450464141048727877a650e02ac87b110a9d44ace9a057798f2fd6cad5d9943f4840402f5fdb756936bf90f3f65581869432104513611f0d4d197b689ffb407dcdab7d87d171fac0045bc8458da9929478a74de388ce307ca4f7a3fb26fda183084fe0b04a5407790c4a89715ddba8e8c278966d66ea17a91784ebcbbc2a0c0cc903063d51a0e69b7f5a2715981c9cf676070f7ab126b8ed59d60a59e74043279c97e1640609b465728c7ad27590d7d4d6f711311a8422b0e0c8c0da91bd505a107b2aa8117e0957dc813fe63f07c11e5315a2357f59c4311e8286acbed34db3395c24dee747667c4d784bbf106689af3676579b716099b397f6b82c4c07039e89737996d7a40ed0d13c54d6f901133e8ee2a6b882aa3a0d96503ebd56a9fb38f7e46d33db6ddc231a8676ab6f544b82cb0f0b67c9a4925b57c122d08e2b3e25c28a73f2adaea112cf402ed81b326f74da1674d3b76f9fc1e6463955f14dcc41ac046342bb11800aaf3002add0bf58e75dd8cb646f1bf0e3bd5aa9af6d20f460da9c11543f2963f0a28d08340088ef83dbed1e7ebcf2898f11092842a2734648ac10bc6f7c5663731e86a07595f2e02f4399ff7cbe9ddaa821af94b7ce3693deb59930d44146ae85c53155f858e01ac537a9adb7005056b820ce956e9a122c7ecfd272cd7856e8b302588c26fe1a8b2a464378a5b8185c44e7e8ad3d7a017b945130f6a23eeb5cdadffca2c0787a40f0e1bd49ad1157b37aa5fe4d9ff4f1959967e31a50b1242839962e1a0e1625d47573d25a873e1cce7c002d3469e951bbfd3440dd9da77b3efcbeea48c9d569517ffd68a4bded28cb45397da45a9c8d45b4794e3a852c29d817784736641e7c5ec6def0b15ce3129b1f2a85fad88764eea137ae081b4fe48537a35e4ea004eea79892fae124b54e26a11a2df5983f40f6bd3f4974fff0b7b29deae95ea5ec3507beefe9f4353dbcc3086ab281d7633785f86f344a39c0b606d6f2ab10e283772f66474bf697be68efb60aa10d121254ece3c84dd70f57f6fbd61257e42d8b3708a275df4d33e4214442890ca26377414227b237b78eaf7c8dced162bb12de51e6529b62720126619c3d9390c7448dc8c4616c0c655b1b1abf800be5e48ca7c61ff8bf1a1899ba756546cc1ccad8d153e91dd198b141cea4890be44bec44d072f0f2739bdc5efe412ed6e3770694d0d907daf3770f7c51fc09ac818e44ad6bbfcbd4a71ff6bd3f56277e77a7048d1e19b556ab4c348cbabf35b595a1215a2cd2f7a9b04305c1cfd24fdcf8c63edccb33147a2316ed8ed36650f5e138f600daaec5d0d3a42d2c5f9089a8d4144f5ff3a886b3b3533cbf56bdb772486d605286cc2ee3c12aa8b945c1a9b4219c5a7e0387d7fa0268a035b11259924302e50d9b01d8c8c0e6bc93f1e1761cdf3a9a86a0c17fa4b3324ec98a47a452d939724866576085b1a1a4661c7a24af7e661a89596220abebcc36b347c4e7617ef9891024a89e0c1b19c365ab71d2e05e91447e9ec434efcb21d790e0a32867af4843c8e36c8e2f614a3e695a2ae970e4818956464c0742237a3e1b3a5b1bfec396377f0f21c9e9983d1410d41576bfaacf2e39aef15933b7b170b7e1679fcd9c91a51ab2f29f293905c37299892b45d2ca0b1aabe8c02bea8dd0bd4cfecefeb7419004361cb301e2c7c4dab79ebb9a639593929e20533f2f0e29495637a7f1e00a886dcc427f55b474a01fc1e1cce1f83345e7b7757d6681d945e8addaf94d12703c5f6cbb207ae4e39d5583e7c363b0389b244e91bf181245d6bd5bb47f50f63de076cbb8806f9eb7777c765d500f155b10e58ffc4fdfba0beb652c1351175a9f48adf078c877f7d253f51c278ae2127c1bab75018c6649f2192b5c9757f53842cedfa59766babf0855cbb234e5b17451bbbb0a2584305728d8dde5d7e9bad3afa457b83c9e92b4957b647cc698bf9f8adac547d39335f5fd883f3b93a572958f4bc60fceea084dd04b2b2d46ae5bea676a867e9c0060c1ea47821722851f81bf0edb8d9cdb43b7c6dcdefe7bc5a265cdd660dd3df7a678e24426d6c14b3d28a842ff4259f4fa5f25cb689f8db61f98f497967781992a91e8f16acef7a75283298d72baaf2f2da9979b05baeda", 0x1000}, {&(0x7f00000017c0)="15d079271254381d27260cbe4ddb4acb64975c3047292bc3f62364dd56d5375458dd42f427c43b2cb66de2a3ddf987c75ada7b1b", 0x34}, {&(0x7f0000001800)="a52b53136c5d772b3a51d5c35c872cae", 0x10}, {&(0x7f0000001840)="51775c9cde50789b6ad5dca5d4d06861b1cd2a4372fd2c97f91154c29fd0dd1e0035687befaf69a22127abb45e1fb9ee5580a876810fe28fdc9e8d88a6efb58c329643807b918ab0f6dd5dfae5fc96333a11e73f413e9fdea9a34aeb53a25613bce55be5da42e305de2fccb61baf053a1acf0a369911b15552784ef0ecdf5d21", 0x80}, {&(0x7f00000018c0)="a8938ad3ce592a7278fe39d03283c5d70e5fc46e1e1f09b9dacbbdfddbcc03f4b52b13e1f5a8916aac230555b9af3fa3d7a1c9e34295b8adb09ab8a54e80489ec6f33a34593244583081b56bd3a0f777f414a4048d79616439190e578b87df5c75d6dfda35a16aea820b862db28cfe71fd7dbb25d651d2f1561ea503b630c2012f9f2e0047a07564367be7dfd9bfcdad97a06802bd8586c65dc9323b3e1df9c33aa65105995382", 0xa7}], 0x7, &(0x7f0000001ec0)=ANY=[@ANYBLOB="1400000000000000290000003e000000000000000000000024000000000000001e00000032000000ff020000000000000000000000000001874c807dab4723b420d7b616ddb4789202683f1927f30338f10525ab8de2afc6b9f7ff479f872f2293991fbb54ecd1f2e19792634010ecc7532432ca66a40869efd0c83b315ea7322bf12c06aa8c43cf6e09f7d6d2fd5e4005332b7265f9fde00de32c940a1cc3f63fa79b78ac1fb326d0029946360e2aada4e709146b5459c98b29fa36dde6364ff69ffa6da08abdf990d87b9e17c20a0fedb7f3036bf37cc6295191e478186c69e61601d318681f9af6544c1a46dd1562125828092ef45f8495e7d6a703d1365c980d31bec7e44a51bf75aee20f00be9c679179c05206c900784add7f", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x40}}, {{0x0, 0x0, &(0x7f0000001c40)=[{&(0x7f0000001ac0)="0c06cb2e064fab4464a83c4b41000ea4c299078e4cfcb0913bc46e2b9938200ff6dcd9fe1137", 0x26}, {&(0x7f0000001b80)="2af6fe94a83773d228a83de398996bb77194562cd81c627a3a4496a5eedd2ca0a14136284c925ed2d8d6bcc4ebbd1c01665481ce1a0eaa3eb7cf6fafaf37e9b35ca2bc48df689777cbc87e772cd7909cf291b79b1c636de92d088695363da2c422d1a1422d11bfc0bfa5f7d83fb4aa4a7e99d4", 0x73}, {&(0x7f0000001b00)="b1092b76c4e18362415504205942adbbfc94a09a9ddaa206", 0x18}, {&(0x7f0000001c00)="1593508143c4ccf098555f640b422263b4ff796fb3c99c53a20deb970ca9f86304005eeeccaff120bf55a01b74cefb", 0x2f}], 0x4, &(0x7f0000001c80)=[@dstopts={{0x20, 0x29, 0x37, {0x0, 0x0, '\x00', [@jumbo={0xc2, 0x4, 0x3}]}}}], 0x20}}], 0x4, 0x80)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x9, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_open_dev$video4linux(0x0, 0x0, 0x40000)
ioperm(0x1, 0xb, 0x7)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$getregset(0x4204, r3, 0x201, &(0x7f0000000000)={0x0})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f018581c0bc0065666765f36f0f33f0100a660f3a0cb9000000752066b9800000c00f3a32c632c6004000a50f01d70f0901", 0x32}], 0x1, 0x54, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000001dc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f0000000280)={&(0x7f0000000180)=[0x0, <r4=>0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x4, 0x0, 0xb0b0b0b0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(0xffffffffffffffff, 0xc02064b9, &(0x7f00000003c0)={&(0x7f00000002c0)=[<r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000340)=[0x0], 0x7, 0x0, 0x1eeeeeeef})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(0xffffffffffffffff, 0xc01064bd, &(0x7f00000004c0)={&(0x7f0000000400)="8449966dd9f2088ea498f93c25d5b03dc19bd5c9d042dc246b977caa076ec7f1f4adcafcd82d8d08177316bb84747fcfd6b9dcee84696ceb4beb9c945b96ec1d9aa52492bc843c3aa88f7bd1d165b1ca7b03390a3d2a62dceb1a7325d8076478e0e7388f9a1e8c86b25e123546c97c0bc17bf5a9072ba2790ce9c4287684d76e288e400b15800dc3946a4ccd4bcce3a6af9eb3eb583a4ea4306cadc292f9bd7bd28a9d5cda95c9e5a606", 0xaa, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f0000000540)={&(0x7f0000000500)=[r4, r5, r6], 0x3, 0x800})
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0\x00')

16.177711945s ago: executing program 0 (id=1234):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r0, 0x0, 0x20000811)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0xfffffffd, 0x0}, 0x6400c810)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
mlock2(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r3, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x1, 0x2000)
socket$pptp(0x18, 0x1, 0x2)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="1400000002060113020000000000000a00000000"], 0x14}}, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
read(r5, &(0x7f0000000040)=""/148, 0xffffff96)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000011008188e6b62aa73f72cc9f0ba1f8483d0000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)

13.296493716s ago: executing program 0 (id=1242):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(des3_ede)\x00'}, 0x58)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
close(r1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x2001001000000000, 0x22072a18}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x0)
socket$kcm(0x10, 0x2, 0x4)
ioctl$SIOCSIFHWADDR(r1, 0x8b28, &(0x7f0000000000)={'virt_wifi0\x00', @random='4\x00'})
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe1a}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x4924924924924b9, 0x0)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0xfd90, &(0x7f0000000140)=[{&(0x7f00000000c0)=""/73, 0x49}, {&(0x7f0000000200)=""/83, 0x53}], 0x3a}, 0x0)
r3 = syz_io_uring_setup(0x7a6e, &(0x7f0000000040)={0x0, 0x7ffffffe}, &(0x7f00000000c0), &(0x7f0000000100))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r3, 0x6, &(0x7f00000013c0)={0x0, 0x0, &(0x7f0000000140)=[0xffffffffffffffff]}, 0x1)

10.927264858s ago: executing program 0 (id=1247):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x20042)
preadv(r0, &(0x7f0000000300)=[{0x0, 0x20}, {&(0x7f0000000500)=""/92, 0x5c}], 0x2, 0x0, 0xffffffff)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
r2 = open(0x0, 0x200001, 0x31)
ioctl$SIOCRSGL2CALL(r2, 0x89e5, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x814)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x8, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xa, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bd21ffff0000000007010000f8ffffffb502020008040000b70300000000000085000000a400000095"], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000}, 0x94)

10.89056761s ago: executing program 2 (id=1248):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x20042)
preadv(r0, &(0x7f0000000300)=[{0x0, 0x20}, {&(0x7f0000000500)=""/92, 0x5c}], 0x2, 0x0, 0xffffffff)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
r2 = open(0x0, 0x200001, 0x31)
ioctl$SIOCRSGL2CALL(r2, 0x89e5, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x814)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r3, 0x0, r5, 0x0, 0x8, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xa, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bd21ffff0000000007010000f8ffffffb502020008040000b70300000000000085000000a400000095"], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000}, 0x94)

6.934175214s ago: executing program 4 (id=1258):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, r1, 0xc11, 0x70bd2d, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{0x2, 0x1}, {0x7a, 0x2}, {0x0, 0x4}, {0xe8, 0x6}], "7ecd4163b8fccf09"}}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) (fail_nth: 1)

5.481225648s ago: executing program 4 (id=1260):
open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="180000000000002b0000000000000000181100006b494a8cfccc", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0b00000007000000010001000800000001000000", @ANYRES32, @ANYBLOB="000800120000000000d296fd54b14f658ac23dc374657275ca69932ba5de4caf05e7edac42410d147766e03f3aa2d3eef9251d3514c258725735c60b50cbbde97ae78b2d175ee5e5", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
pipe2$9p(&(0x7f00000000c0), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$ax25(0x3, 0x3, 0xf0)
setpriority(0x0, 0x0, 0x2a14b58)
r1 = openat$kvm(0xffffff9c, &(0x7f0000000140), 0x1ab801, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f0000000200)={0x8f, 0x0, 0x7})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x8, 0x3, 0x6, 0x2, 0x80000000, 0x2004c8, 0x0, 0x0, 0x1000000100800001, 0x5, 0x0, 0x2000, 0x1004, 0x0, 0x5], 0xeeef0000, 0x200346})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(r2, 0x4068aea3, &(0x7f00000002c0)={0xdb, 0x0, 0x4})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24008080}, 0x4810)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008c}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r3 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x200c8004, &(0x7f0000000280)={0xa, 0xe20, 0x0, @remote}, 0x1c)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000001000/0x400000)=nil)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r4, &(0x7f0000002080)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383363030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b2f38f0106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f330000000000000003d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9870af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xa75}}, 0x1006)

5.403232455s ago: executing program 3 (id=1261):
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0xb}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0xffffffff, 0x800006}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x240080c1}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r7)
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
r11 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r11, 0xaf01, 0x0)
r12 = eventfd(0xffffffff)
ioctl$VHOST_SET_VRING_KICK(r11, 0x4008af20, &(0x7f0000000040)={0x1, r12})
close(0x3)
sendmsg$nl_route_sched(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r10, {}, {0x2, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_pie={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f00000001c0)={0x79, 0x0, 0xc73})
r13 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$VIDIOC_SUBDEV_S_SELECTION(r13, 0xc040563e, &(0x7f00000001c0)={0x1, 0x2000000, 0x103, 0x0, {0x1, 0x1, 0x1, 0x1}})

5.27964952s ago: executing program 5 (id=1263):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000640)='bic', 0x3)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0xf00, 0x80040000}}], 0x1, 0x20000810)

4.929118553s ago: executing program 5 (id=1264):
r0 = syz_open_dev$dri(0x0, 0x1, 0x20042)
preadv(r0, &(0x7f0000000300)=[{0x0, 0x20}, {&(0x7f0000000500)=""/92, 0x5c}], 0x2, 0x0, 0xffffffff)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r1 = syz_open_dev$MSR(0x0, 0x0, 0x0)
r2 = open(0x0, 0x200001, 0x31)
ioctl$SIOCRSGL2CALL(r2, 0x89e5, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r3, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x814)
pipe(&(0x7f00000002c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xa, 0xd, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bd21ffff0000000007010000f8ffffffb502020008040000b70300000000000085000000a400000095"], &(0x7f0000000080)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000}, 0x94)

4.861750728s ago: executing program 5 (id=1265):
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0xc0c00)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001340)={'wlan0\x00', <r3=>0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
ioctl$TIOCGPTPEER(r4, 0x933, 0x7)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r4, 0x4020aed2, &(0x7f0000000240)={0x4000, 0x11000})
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000fedbdf250a00000008000300", @ANYRES32=r3, @ANYBLOB="1c006e8004000100040002000400020004000100040001000400010005000800040000000400280004002800040028000400280004000a00"], 0x54}, 0x1, 0x0, 0x0, 0x40040}, 0x8aca9f9772f626f6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000300)="4af783fe3c98379548088e8ea16fe1ec628bdaff258b2e0665cbd2e509a2d7d68089be8248a5d6a76d28c988fe31598b4d7c671cd3909805ab31d04dbcb63304f8eed50ad68471f0a562dc338c4a6748cfb66ad90f9bbd84806bdb3dcae04067b4901d322d80687017b7a620c9b565749ebe1c83aa8454f96e3b4d0c8a1085cf9ee26ac24412ca42819972b4d267b89fd2ef03477eb45ef0d9f8a2446416ccbd10bb977d96c4c8faa638e7230075b626b49d38507730a312c12f7cb5aaa2e8a3ccc7cc1d47c14f8642fc0027fce33422cc5d4e327475e816155f5fadc50e0a0d30e7", 0xe2, r1}, 0x68)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r7, 0x0, 0x11, &(0x7f0000000080)={{{@in=@broadcast, @in6=@private0, 0x0, 0x0, 0x4e22, 0x0, 0x2}, {0x0, 0x9, 0x0, 0x2}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in=@local, 0x0, 0x32}, 0x0, @in6=@rand_addr=' \x01\x00', 0x34ff, 0x4, 0x0, 0xb7}}, 0x400)
r8 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000200)=@x86={0x7, 0x4, 0x8, 0x0, 0x1000, 0x10, 0x7, 0xf3, 0x5, 0x9, 0x6, 0x5, 0x0, 0x6, 0x10, 0xa, 0x9, 0x7f, 0x9f, '\x00', 0x6b})

4.760371118s ago: executing program 2 (id=1266):
recvmsg(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
keyctl$instantiate(0xc, 0x0, 0x0, 0x0, 0xfffffffffffffff9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={0x0, r1}, 0x18)
add_key$fscrypt_v1(&(0x7f0000000000), 0x0, &(0x7f00000002c0)={0x0, "de442bfc9610e10ac69ac094b0fac7010000fffffe0040d47a6edb3367b5cc888e1fd5102ae2d3d05f251f8d490254eab4152b6e6d87cd6088e97a9d06d29143"}, 0x48, 0xffffffffffffffff)
r2 = io_uring_setup(0x50a0, &(0x7f0000000380)={0x0, 0x0, 0x2, 0x2, 0x10f2})
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r2, 0x12, 0x0, 0x0)

4.704986826s ago: executing program 0 (id=1267):
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x0, 0x2})
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x641, 0x0)
flock(r1, 0x2)
fcntl$lock(r1, 0x24, &(0x7f0000000740)={0x1, 0x0, 0xe6a, 0xa})
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f0000002580))
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000003c0)=@generic={&(0x7f0000000380)='./file0\x00', r2}, 0x18)
msync(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x6)
unshare(0x22020600)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f0000000180)=@gcm_128={{0x303}, "345aa3593519c7e1", "e8a1056a7c356ba2b862ef93136b1587", "28bc90f4", "790f59276094db31"}, 0x28)

4.24080873s ago: executing program 4 (id=1268):
socket$igmp6(0xa, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="60000000020601010000000000000000000000001c0007800500140007000400080012400005000008000840000000000900020073797a300000002005000100070000000c000300686173683a697000050005000a000000050004"], 0x60}, 0x1, 0x0, 0x0, 0x4}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x4, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r3, &(0x7f0000000100)={&(0x7f0000000000)={0x24, @long={0x3, 0xffff, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x20044005}, 0x0)

4.080107312s ago: executing program 3 (id=1269):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x2)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0xa9)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x201008, 0x0)
chdir(&(0x7f0000001180)='./bus\x00')
open$dir(&(0x7f0000000100)='./file0\x00', 0x10002, 0x102)

3.921410952s ago: executing program 2 (id=1270):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x494040, 0x17f)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000c0}, 0x240488b0) (async)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000100)='./binderfs/binder0\x00', 0x802, 0x0) (async)
socket$inet_smc(0x2b, 0x1, 0x0) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e20, 0x0, @private2}]}, 0x0) (async)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_PIT(0xffffffffffffffff, 0x8048ae66, &(0x7f0000000340)={[{0x122e, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0xff, 0x1f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}]}) (async)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1, 0x4}, 0x1c) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x5)
ioctl$KVM_CAP_PTP_KVM(r4, 0x4068aea3, &(0x7f0000000140)) (async)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.918535344s ago: executing program 5 (id=1271):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0xfffc, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, {0x14, 0x0, 0x0, @remote}}}}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x140}}, 0x0)
r3 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, 0x0)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
r4 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r4, 0x0, &(0x7f0000000200)=0xd)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), 0xffffffffffffffff)
openat$sndseq(0xffffff9c, &(0x7f0000000040), 0x2)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x317, 0x1, 0x34, 0x9}, 0x9c)

3.866897836s ago: executing program 3 (id=1272):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000100)=@newlink={0x34, 0x10, 0x403, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @lowpan={{0xb}, {0x4}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8004081}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaa"], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850", 0x4, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="48000000100005"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2.784375745s ago: executing program 0 (id=1273):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = memfd_create(&(0x7f0000000000)='\xff\x00l\x1e\xa0</\x00\x8e._\x14zC\x9a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-\xe2\xc7\xd3\xe6M^\x98\x85x\x14\t\xe9Q1\x1dK\x9a\x045\xd3\x17\xb22\x00D(\xd2\xdd\xa0\xff\x1f\x00\x00\n\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xe36g\xfd\xd2\xd4\xe3\x1f\xa6\xc6\xe2\xa6!\x9aE<2`]<\xf2R?8\xb8\xa3\xbf\xc3\x18s\xf7!~0\xc7y\xe2\xb2VP\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yxm\x96\xbfS\x97\x9c/\x1f5i\xc6\x861\x8a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd26<Z|U6\r\xd7\x18\xad\x1d`\x06\xcfN\a\xf9\xd7 \x1a\xd8\xef\xb6\x9e8Z\t:#r\xa2\xb1h\xc0\xc0a\xa9\xc46A\x01\xac\xe6\xbf !5I\xc9<\x19{)\xa4\xad\v\x923\b\x9d\xbd>,\xc1\x8d\\Rxt\'\xb6\xbf\xc8*\n\xaf\x1b\xec\xfd\xbbY\x99\xb3\x06c\xd6\xf6\xb0\xcd=\xf3\x03`\x93\xff\x05e\xaa$\x00\xeaw\xd9\x10\x0f\x1d\x888\x8cS\x12?R\x99\xda7\xce)\x8f\xcc\x87\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd32J\xd7\x9f\xea:=\xcc\x17(|L\xda\xc3\x1ca\xe8s\xb6\xebw\xc7\xabS\xd7pJ\xd2\xa1\xcf\xae\x1f2\x9f\x98\xa80\r\x85\xb4\x86\xbc\xd0\xea\xbf\xb1Z\xb7e$\xcf<\ra\x9b\xa5\xdc\v\x1e\xfd\xc7\x91\xf22\xcf\x96\x99\xc1\xbb\xa1j\xe5\xa8\x7f\a\xa9\xa7G\xad\xa3\x8b\xf1\xdb\\]R\x8cf\xac1\xd7V\xaf\xb5\x8e\x10\x95\x9f=2\xd0-\xe1K:\xc3b\x89\x15OS\xa5\x98Ky\x12\xe7Qt#\xeb\x99\a\x10\x1c\xb3N\x85\xeb\x80\x05\x82_\x15\xdc\xbc\xf93\xdd\xf5g\x98\xd4\x8az\xe4`\xa5\x00\x00\x00\x00\xcd\x13\xfc+\xac\xe5\x8bI\f\xd6\x89\xc7HY\xcf\x00O\x88\xe6\x8b\x8bF/\x82u\xffCnG\x02\x82\xfc\xe9Od\x92\x06\xdeg@y\xa6=4\xb1}\xa8Yr\xad9\xb9b)\xec}\x87=\x91:IV\xab\xdf\xa2\xba+6D\x1fuf\xdeJYw$L\xa1\x83NH\xe3\xf2\x91\x8cW\xb7\b\x04\x12\x8b\x8bV\x19\xf1\r\xcb\x94\xa3\xf4\xe4\x97$\x99c\rG\xd7#\xe2\xfd\x80\xadR\x83\xdc\xb8d\x15|\xac\xb8g$\x0f@\xca3\x9f\xb1\xea\xc6vQ\x1b\xdb#\xa3\"\x9f\x9e\xd8\xba\x13d\x9bx\x9a\xbf\xee\xf2kQ\xe0\xc4/~7\xcd\xd1\x06\xe5\x17\x9b\bW|\xbc\x86D\x05\xaf<\xdfy,I2f\xa7G\xe3Qp<\'6 x\n\x94f\xf8\xa2\xea\xf4\xa5\x9eY\xf80C\x91\x7f\x16u\x8c(Xl\x90\xd2\x9f\xa9\xb9kJy[\x93\xfe{\xe5\x1a\xe9\xb7T\x19;\xb9\t\xe7\x0ei\xfaZ\xfbS:\x9b\xc1r\xcbM.\xf8\xb8wR\xb3p~b\xcb\v1-\a-\x8a#\xaa1\xa9\x9a\x88\a\xc5\xb9*\xd3?\xac\n\x9c\xcd\xe2\xc9\xbd\xeb\xb3\xf65\xbdaP\t\xd6\x06\x1c\xeeNg\x92>\x92>\xaf\b3\x05\xfdM\xd2F\v\xbd\xeb\x83 \x9d\x90S\x11w\xefg\\\xca\xe2\xfc~w\xbe\xefh#\x96\xa5h\xec\xbfr\xc8Bi\x90\"(\xf2\xc6\xcc\xfbX\x14{\x9e5\x87\x91\xe2\x9b\xd4\xc6\xc2whk+\x0f\x82\xca\xc1@\xcb~P\xe4\x18\xf9E\'\xab\xc7z\xd7\x05V{\xa1X\xa3\x10\x13.]tlz\x12\xde\xf2\xa43\xee#\x92J~\xda \x9b\xc4\xc0V\xb3\x9dCO\x1fu\x1c4\x1d\v}\x1b\xe5>w\xfbsm\xa3\fI|\x96-p\x86\xd3O\xfa\x9a\x8f\xb2\x8e\x88qGEG', 0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
fallocate(r2, 0x3, 0x1, 0xfffffffb)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x237, &(0x7f0000000240)={0x0, 0x8101, 0x0, 0x0, 0x250}, &(0x7f0000000100)=<r5=>0x0, &(0x7f0000000600)=<r6=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r4, 0x16, &(0x7f00000001c0)={&(0x7f0000001000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0xc7, 0x3, 0x0, 0x9276, 0x0, 0x1, {0x1}})
io_uring_enter(r4, 0x47bc, 0x3bf6, 0x7, 0x0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r7, 0x800448f0, &(0x7f00000000c0)={0x0, 0x2, '\x00', 0x9, 0xf8})
r8 = socket$qrtr(0x2a, 0x2, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r8, 0x8914, &(0x7f0000000380)={'wlan1\x00', 0x8000})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x28, r1, 0x5, 0x3, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}]}, 0x28}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

2.606696186s ago: executing program 5 (id=1274):
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0xc0c00)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001340)={'wlan0\x00', <r3=>0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
ioctl$TIOCGPTPEER(r4, 0x933, 0x7)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r4, 0x4020aed2, &(0x7f0000000240)={0x4000, 0x11000})
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000fedbdf250a00000008000300", @ANYRES32=r3, @ANYBLOB="1c006e8004000100040002000400020004000100040001000400010005000800040000000400280004002800040028000400280004000a00"], 0x54}, 0x1, 0x0, 0x0, 0x40040}, 0x8aca9f9772f626f6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000300)="4af783fe3c98379548088e8ea16fe1ec628bdaff258b2e0665cbd2e509a2d7d68089be8248a5d6a76d28c988fe31598b4d7c671cd3909805ab31d04dbcb63304f8eed50ad68471f0a562dc338c4a6748cfb66ad90f9bbd84806bdb3dcae04067b4901d322d80687017b7a620c9b565749ebe1c83aa8454f96e3b4d0c8a1085cf9ee26ac24412ca42819972b4d267b89fd2ef03477eb45ef0d9f8a2446416ccbd10bb977d96c4c8faa638e7230075b626b49d38507730a312c12f7cb5aaa2e8a3ccc7cc1d47c14f8642fc0027fce33422cc5d4e327475e816155f5fadc50e0a0d30e7", 0xe2, r1}, 0x68)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
lseek(r5, 0x6, 0x3)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f0000000080)={{{@in=@broadcast, @in6=@private0, 0x0, 0x0, 0x4e22, 0x0, 0x2}, {0x0, 0x9, 0x0, 0x2}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in=@local, 0x0, 0x32}, 0x0, @in6=@rand_addr=' \x01\x00', 0x34ff, 0x4, 0x0, 0xb7}}, 0x400)
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r7, 0x4040aea0, &(0x7f0000000200)=@x86={0x7, 0x4, 0x8, 0x0, 0x1000, 0x10, 0x7, 0xf3, 0x5, 0x9, 0x6, 0x5, 0x0, 0x6, 0x10, 0xa, 0x9, 0x7f, 0x9f, '\x00', 0x6b})

2.542759821s ago: executing program 2 (id=1275):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_HOOK={0xc, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x74}}, 0x24044810)

2.498679643s ago: executing program 3 (id=1276):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x18)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_READ(r0, 0x40187013, &(0x7f0000000040))
syz_open_dev$MSR(0x0, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="08000000040000000400000008"], 0x48)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000680)={0x1f, 0x20, @none}, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = io_uring_setup(0x67bb, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="0100"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="6ce751c2dffdfed91f5f412721dfe404c8fc733fb7f7f32dd2e2c1290162e49302884e5b08811c7ad02556e03e1865ac8e4788e2c500c999c44b9e1f24672eb06ecb0da5c37847189f862dbba21d4c453e6662f08e442380526b073e98224229c39acce24b3661891148c3c6859bd5478323f37a36d5fb1d508135e44b955dd6e165be1726cc1433d5b7d87307cefffe80d129eeabc1b1a4c102bb76d57aea2ee393ec75edec0d414706fbfcca64f8a0262b90d96e15d58da77d3f6290f6cfe668d7aae952b2f6d302a258fcfdfb012d20805c539aa95e5edf8c8b9deb7915370d04f2a575935a75dc0366befc4f0f4406682d9f", @ANYRESHEX=r2, @ANYBLOB="0000000001001fd8"], 0x48}}, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="01000000080000000200000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="020000e001"], 0x48}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000)
sendmsg$can_bcm(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001100)=ANY=[@ANYBLOB="02fa0000d7b2c71bb28190e400000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="00000000010000000000008035010000c075bfebcd0ba27d0241591616a6b1cb67d98ec29b60126a252d15082816668e112528aec50cd3705b13923c6b01ee331a6f97344bf7669085864df306abfaa0"], 0x80}}, 0x11)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
syz_io_uring_setup(0xa2, &(0x7f0000000580)={0x0, 0x933, 0x100, 0x0, 0x1a0}, &(0x7f00000006c0), &(0x7f00000001c0))
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000180)={0x28, 0x7, 0x0, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000002})
socket$nl_generic(0x10, 0x3, 0x10)

2.496949089s ago: executing program 4 (id=1277):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeef, 0x8031, 0xffffffffffffffff, 0xee31b000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x1}, 0x1c)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYRES16=r6, @ANYBLOB="010000000000000000000c00000018000180140002006261746164765f736c6176655f310000600003805c0003800c0001"], 0x8c}}, 0x10004000)
listen(r4, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r8 = accept(r3, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0xc000}, 0x10)

1.896794334s ago: executing program 2 (id=1278):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x18)
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$RTC_ALM_READ(r0, 0x40187013, &(0x7f0000000040))
syz_open_dev$MSR(0x0, 0x5, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="08000000040000000400000008"], 0x48)
bind$bt_l2cap(0xffffffffffffffff, 0x0, 0x0)
connect$bt_l2cap(0xffffffffffffffff, &(0x7f0000000680)={0x1f, 0x20, @none}, 0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r2 = io_uring_setup(0x67bb, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f00000000c0)={0x1d, r4}, 0x10)
sendmsg$can_bcm(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000840)=ANY=[@ANYBLOB="0100"/16, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="6ce751c2dffdfed91f5f412721dfe404c8fc733fb7f7f32dd2e2c1290162e49302884e5b08811c7ad02556e03e1865ac8e4788e2c500c999c44b9e1f24672eb06ecb0da5c37847189f862dbba21d4c453e6662f08e442380526b073e98224229c39acce24b3661891148c3c6859bd5478323f37a36d5fb1d508135e44b955dd6e165be1726cc1433d5b7d87307cefffe80d129eeabc1b1a4c102bb76d57aea2ee393ec75edec0d414706fbfcca64f8a0262b90d96e15d58da77d3f6290f6cfe668d7aae952b2f6d302a258fcfdfb012d20805c539aa95e5edf8c8b9deb7915370d04f2a575935a75dc0366befc4f0f4406682d9f", @ANYRESHEX=r2, @ANYBLOB="0000000001001fd8"], 0x48}}, 0x0)
sendmsg$can_bcm(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="01000000080000000200000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="020000e001"], 0x48}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000)
sendmsg$can_bcm(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001100)=ANY=[@ANYBLOB="02fa0000d7b2c71bb28190e400000000", @ANYRES64=0x0, @ANYRES64=0x2710, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="00000000010000000000008035010000c075bfebcd0ba27d0241591616a6b1cb67d98ec29b60126a252d15082816668e112528aec50cd3705b13923c6b01ee331a6f97344bf7669085864df306abfaa0"], 0x80}}, 0x11)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
syz_io_uring_setup(0xa2, &(0x7f0000000580)={0x0, 0x933, 0x100, 0x0, 0x1a0}, &(0x7f00000006c0), &(0x7f00000001c0))
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f0000000180)={0x28, 0x7, r5, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x100000002})
socket$nl_generic(0x10, 0x3, 0x10)

932.192541ms ago: executing program 4 (id=1279):
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0xc0c00)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), r1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001340)={'wlan0\x00', <r3=>0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
ioctl$TIOCGPTPEER(r4, 0x933, 0x7)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r4, 0x4020aed2, &(0x7f0000000240)={0x4000, 0x11000})
sendmsg$NL80211_CMD_SET_KEY(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000140)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010029bd7000fedbdf250a00000008000300", @ANYRES32=r3, @ANYBLOB="1c006e8004000100040002000400020004000100040001000400010005000800040000000400280004002800040028000400280004000a00"], 0x54}, 0x1, 0x0, 0x0, 0x40040}, 0x8aca9f9772f626f6)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ffb000/0x1000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000000300)="4af783fe3c98379548088e8ea16fe1ec628bdaff258b2e0665cbd2e509a2d7d68089be8248a5d6a76d28c988fe31598b4d7c671cd3909805ab31d04dbcb63304f8eed50ad68471f0a562dc338c4a6748cfb66ad90f9bbd84806bdb3dcae04067b4901d322d80687017b7a620c9b565749ebe1c83aa8454f96e3b4d0c8a1085cf9ee26ac24412ca42819972b4d267b89fd2ef03477eb45ef0d9f8a2446416ccbd10bb977d96c4c8faa638e7230075b626b49d38507730a312c12f7cb5aaa2e8a3ccc7cc1d47c14f8642fc0027fce33422cc5d4e327475e816155f5fadc50e0a0d30e7", 0xe2, r1}, 0x68)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)

928.658817ms ago: executing program 3 (id=1280):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
io_setup(0x6, &(0x7f00000000c0))
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'wlan1\x00', &(0x7f0000000080)=@ethtool_ringparam={0x11}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
socket$pppoe(0x18, 0x1, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port1\x00', 0x72, 0x11cfa, 0x0, 0x8000007, 0x3, 0x4, 0x1, 0x0, 0x5})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f00000001c0)={0x800100, 0xffffffff, 0x22, 0xe1d9, 0x1101, 0xff})
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)

875.356623ms ago: executing program 5 (id=1281):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$inet(0x2, 0xa, 0x5)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
write$binfmt_script(r2, &(0x7f0000000200), 0xfffffd9d)
bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3e}}, 0x10)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x10b200, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r7, 0xffffffffffffffff, &(0x7f0000012000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f00000000c0)="650f78309a0f000000ad000f01d10f5abff5b65d6466baf80cb8aa82c380ef66bafc0c66ed0f015d05b805000000b9ba0000000f01d9b9800000c00f3235004000000f3065660fd6b93b6800009a00100000ed00", 0x54}], 0x1, 0x1, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x40, 0x972, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
pidfd_send_signal(0xffffffffffffffff, 0x0, 0x0, 0x7)
cachestat(r0, &(0x7f0000000040)={0x4, 0x230}, &(0x7f0000000080), 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)

215.01254ms ago: executing program 2 (id=1282):
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(0xffffffffffffffff, 0x0, 0x8000)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='writeback_pages_written\x00', r1}, 0x18)
connect$rose(0xffffffffffffffff, &(0x7f0000000040)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, 0x3, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @null, @default]}, 0x40)
mount(&(0x7f0000000080)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./cgroup\x00', &(0x7f0000000000)='ecryptfs\x00', 0x1a0c099, 0x0)

24.258304ms ago: executing program 4 (id=1283):
bpf$PROG_LOAD(0x4, 0x0, 0x0)
socket$kcm(0x21, 0x2, 0xa)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x0, 0x0, 0x20}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r1, &(0x7f0000000980), 0xe)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newtaction={0xcc, 0x30, 0xffff, 0x70bd27, 0x25dfdbfc, {}, [{0xb8, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x10000, 0x0, 0x0, 0x0, 0x0, {0x0, 0x2, 0x0, 0x0, 0xfffe}, {0x0, 0x0, 0x0, 0x0, 0xfffd}}}]]}, {0x4}, {0xc}, {0xc}}}, @m_gact={0x48, 0x2, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xfffffffd, 0x0, 0x20, 0x3}}]}, {0x4}, {0xc, 0x3}, {0xc}}}]}]}, 0xcc}}, 0x0) (fail_nth: 7)
openat$mice(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x244, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2, 0x0, {0x9}}}]}}]}}, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
close_range(r3, 0xffffffffffffffff, 0x0)

0s ago: executing program 3 (id=1284):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x9)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0xfffc, 0x0, 0x0, 0x2, 0x0, @private, @multicast1}, {0x14, 0x0, 0x0, @remote}}}}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[], 0x140}}, 0x0)
r3 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
mbind(&(0x7f00005b4000/0x4000)=nil, 0x100000000004000, 0x0, 0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, 0x0)
mmap(&(0x7f0000fed000/0x12000)=nil, 0x12000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
r4 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r4, 0x0, &(0x7f0000000200)=0xd)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), 0xffffffffffffffff)
openat$sndseq(0xffffff9c, &(0x7f0000000040), 0x2)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x317, 0x1, 0x34, 0x9}, 0x9c)

kernel console output (not intermixed with test programs):

K>
[  276.699847][ T9288]  dump_stack_lvl+0x16c/0x1f0
[  276.699871][ T9288]  should_fail_ex+0x512/0x640
[  276.699891][ T9288]  ? fs_reclaim_acquire+0xae/0x150
[  276.699914][ T9288]  ? tomoyo_encode2+0x100/0x3e0
[  276.699935][ T9288]  should_failslab+0xc2/0x120
[  276.699953][ T9288]  __kmalloc_noprof+0xd2/0x510
[  276.699969][ T9288]  ? d_absolute_path+0x136/0x1a0
[  276.699995][ T9288]  tomoyo_encode2+0x100/0x3e0
[  276.700020][ T9288]  tomoyo_encode+0x29/0x50
[  276.700041][ T9288]  tomoyo_realpath_from_path+0x18f/0x6e0
[  276.700070][ T9288]  tomoyo_path_number_perm+0x245/0x580
[  276.700089][ T9288]  ? tomoyo_path_number_perm+0x237/0x580
[  276.700110][ T9288]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  276.700131][ T9288]  ? find_held_lock+0x2b/0x80
[  276.700170][ T9288]  ? find_held_lock+0x2b/0x80
[  276.700187][ T9288]  ? hook_file_ioctl_common+0x145/0x410
[  276.700208][ T9288]  ? __fget_files+0x20e/0x3c0
[  276.700229][ T9288]  security_file_ioctl+0x9b/0x240
[  276.700253][ T9288]  __x64_sys_ioctl+0xb7/0x210
[  276.700277][ T9288]  do_syscall_64+0xcd/0x4e0
[  276.700299][ T9288]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.700319][ T9288] RIP: 0033:0x7f061258eec9
[  276.700332][ T9288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.700346][ T9288] RSP: 002b:00007f0613506038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  276.700362][ T9288] RAX: ffffffffffffffda RBX: 00007f06127e5fa0 RCX: 00007f061258eec9
[  276.700372][ T9288] RDX: 0000200000000340 RSI: 00000000c05c6104 RDI: 0000000000000005
[  276.700381][ T9288] RBP: 00007f0613506090 R08: 0000000000000000 R09: 0000000000000000
[  276.700390][ T9288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.700399][ T9288] R13: 00007f06127e6038 R14: 00007f06127e5fa0 R15: 00007fff9778b8b8
[  276.700420][ T9288]  </TASK>
[  276.700435][ T9288] ERROR: Out of memory at tomoyo_realpath_from_path.
[  276.958377][ T9137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  277.092206][ T9299] netlink: 4 bytes leftover after parsing attributes in process `syz.0.743'.
[  277.375412][ T9137] team0: Port device team_slave_0 added
[  277.419263][ T9137] team0: Port device team_slave_1 added
[  278.059240][ T9137] batman_adv: batadv0: Adding interface: batadv_slave_0
[  278.070606][ T9315] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43 sclass=netlink_route_socket pid=9315 comm=syz.1.747
[  278.083113][ T9137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.109019][    C0] vkms_vblank_simulate: vblank timer overrun
[  278.241983][ T9137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  278.274552][   T30] audit: type=1400 audit(1758592837.775:906): avc:  denied  { read write } for  pid=9313 comm="syz.1.747" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  278.297853][    C0] vkms_vblank_simulate: vblank timer overrun
[  278.329451][   T30] audit: type=1400 audit(1758592837.775:907): avc:  denied  { open } for  pid=9313 comm="syz.1.747" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  278.366974][ T9137] batman_adv: batadv0: Adding interface: batadv_slave_1
[  278.374426][ T9137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  278.400303][    C0] vkms_vblank_simulate: vblank timer overrun
[  278.416728][ T9137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  278.942356][ T9137] hsr_slave_0: entered promiscuous mode
[  278.948928][ T9137] hsr_slave_1: entered promiscuous mode
[  278.957106][ T9137] debugfs: 'hsr0' already exists in 'hsr'
[  278.967108][ T9137] Cannot create hsr debugfs directory
[  279.037283][ T5925] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  279.177191][   T30] audit: type=1400 audit(1758592838.675:908): avc:  denied  { write } for  pid=9337 comm="syz.0.751" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  279.195401][ T5925] usb 2-1: Using ep0 maxpacket: 8
[  279.244057][ T5925] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  279.278672][ T5925] usb 2-1: config 0 has no interface number 0
[  279.301840][   T30] audit: type=1400 audit(1758592838.675:909): avc:  denied  { open } for  pid=9337 comm="syz.0.751" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=26131 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  279.326118][   T30] audit: type=1400 audit(1758592838.675:910): avc:  denied  { ioctl } for  pid=9337 comm="syz.0.751" path="/dev/input/mice" dev="devtmpfs" ino=916 ioctlcmd=0x5414 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  279.336163][ T5925] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  279.351358][   T30] audit: type=1400 audit(1758592838.685:911): avc:  denied  { listen } for  pid=9337 comm="syz.0.751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  279.351400][   T30] audit: type=1400 audit(1758592838.685:912): avc:  denied  { accept } for  pid=9337 comm="syz.0.751" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  279.493735][ T5925] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  279.540319][ T5925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.587145][ T5925] usb 2-1: config 0 descriptor??
[  280.025607][ T5925] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  280.219948][ T5925] usb 2-1: USB disconnect, device number 29
[  281.000771][ T9137] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  281.026609][ T9137] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  281.064402][ T9137] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  281.335837][ T9137] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  281.442062][ T9379] netlink: 12 bytes leftover after parsing attributes in process `syz.3.757'.
[  281.557334][   T30] audit: type=1400 audit(1758592841.005:913): avc:  denied  { connect } for  pid=9375 comm="syz.1.756" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  282.238440][ T9137] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.358939][ T9137] 8021q: adding VLAN 0 to HW filter on device team0
[  282.404847][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.411985][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.509872][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.517048][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.697835][ T9414] overlayfs: missing 'lowerdir'
[  282.777749][   T30] audit: type=1400 audit(1758592842.235:914): avc:  denied  { watch } for  pid=9413 comm="syz.3.762" path="/85/file0" dev="tmpfs" ino=465 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  283.192052][ T9432] netlink: 'syz.3.765': attribute type 11 has an invalid length.
[  283.482800][ T9137] 8021q: adding VLAN 0 to HW filter on device batadv0
[  284.001918][ T9137] veth0_vlan: entered promiscuous mode
[  284.038841][ T9137] veth1_vlan: entered promiscuous mode
[  284.163237][ T9137] veth0_macvtap: entered promiscuous mode
[  284.291576][ T9137] veth1_macvtap: entered promiscuous mode
[  284.414956][ T9137] batman_adv: batadv0: Interface activated: batadv_slave_0
[  284.460254][ T9137] batman_adv: batadv0: Interface activated: batadv_slave_1
[  284.787507][   T13] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  284.789395][ T9456] FAULT_INJECTION: forcing a failure.
[  284.789395][ T9456] name failslab, interval 1, probability 0, space 0, times 0
[  284.872276][ T9456] CPU: 1 UID: 0 PID: 9456 Comm: syz.4.769 Not tainted syzkaller #0 PREEMPT(full) 
[  284.872300][ T9456] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  284.872310][ T9456] Call Trace:
[  284.872316][ T9456]  <TASK>
[  284.872323][ T9456]  dump_stack_lvl+0x16c/0x1f0
[  284.872349][ T9456]  should_fail_ex+0x512/0x640
[  284.872371][ T9456]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  284.872393][ T9456]  should_failslab+0xc2/0x120
[  284.872413][ T9456]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  284.872431][ T9456]  ? __alloc_skb+0x2b2/0x380
[  284.872455][ T9456]  __alloc_skb+0x2b2/0x380
[  284.872474][ T9456]  ? __pfx___alloc_skb+0x10/0x10
[  284.872496][ T9456]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  284.872524][ T9456]  netlink_alloc_large_skb+0x69/0x130
[  284.872547][ T9456]  netlink_sendmsg+0x6a1/0xdd0
[  284.872574][ T9456]  ? __pfx_netlink_sendmsg+0x10/0x10
[  284.872605][ T9456]  ____sys_sendmsg+0xa98/0xc70
[  284.872632][ T9456]  ? copy_msghdr_from_user+0x10a/0x160
[  284.872654][ T9456]  ? __pfx_____sys_sendmsg+0x10/0x10
[  284.872691][ T9456]  ___sys_sendmsg+0x134/0x1d0
[  284.872713][ T9456]  ? __pfx____sys_sendmsg+0x10/0x10
[  284.872762][ T9456]  __sys_sendmsg+0x16d/0x220
[  284.872782][ T9456]  ? __pfx___sys_sendmsg+0x10/0x10
[  284.872817][ T9456]  do_syscall_64+0xcd/0x4e0
[  284.872842][ T9456]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.872859][ T9456] RIP: 0033:0x7f4a8178eec9
[  284.872872][ T9456] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.872888][ T9456] RSP: 002b:00007f4a82575038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  284.872906][ T9456] RAX: ffffffffffffffda RBX: 00007f4a819e5fa0 RCX: 00007f4a8178eec9
[  284.872918][ T9456] RDX: 0000000000050040 RSI: 0000200000000280 RDI: 0000000000000003
[  284.872928][ T9456] RBP: 00007f4a82575090 R08: 0000000000000000 R09: 0000000000000000
[  284.872938][ T9456] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  284.872948][ T9456] R13: 00007f4a819e6038 R14: 00007f4a819e5fa0 R15: 00007ffdd4aaac68
[  284.872972][ T9456]  </TASK>
[  284.879234][   T13] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.210935][   T30] audit: type=1400 audit(1758592844.705:915): avc:  denied  { watch_reads } for  pid=9461 comm="syz.4.771" path="/165" dev="tmpfs" ino=909 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  285.444631][ T9465] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=25730 sclass=netlink_route_socket pid=9465 comm=syz.4.771
[  285.555533][ T9462] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  286.141919][   T30] audit: type=1400 audit(1758592844.755:916): avc:  denied  { accept } for  pid=9459 comm="syz.0.770" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  286.364732][   T30] audit: type=1400 audit(1758592845.865:917): avc:  denied  { name_bind } for  pid=9469 comm="syz.3.773" src=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  286.405361][   T30] audit: type=1400 audit(1758592845.865:918): avc:  denied  { ioctl } for  pid=9469 comm="syz.3.773" path="socket:[27951]" dev="sockfs" ino=27951 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  286.429770][    C0] vkms_vblank_simulate: vblank timer overrun
[  286.528090][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  286.539718][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  286.801021][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  286.856840][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  286.908956][   T30] audit: type=1400 audit(1758592846.405:919): avc:  denied  { bind } for  pid=9485 comm="syz.3.775" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  286.935274][ T9487] netlink: 8 bytes leftover after parsing attributes in process `syz.4.774'.
[  287.002910][ T9491] netlink: 20 bytes leftover after parsing attributes in process `syz.3.775'.
[  287.110756][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  287.176872][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  287.284633][ T9491] netlink: 8 bytes leftover after parsing attributes in process `syz.3.775'.
[  287.293763][ T9491] netlink: 24 bytes leftover after parsing attributes in process `syz.3.775'.
[  287.341835][ T5932] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  287.417529][   T30] audit: type=1400 audit(1758592846.905:920): avc:  denied  { mounton } for  pid=9137 comm="syz-executor" path="/root/syzkaller.3AVMAJ/syz-tmp" dev="sda1" ino=2055 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  287.441840][    C0] vkms_vblank_simulate: vblank timer overrun
[  287.768030][   T30] audit: type=1400 audit(1758592846.955:921): avc:  denied  { mounton } for  pid=9137 comm="syz-executor" path="/root/syzkaller.3AVMAJ/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  287.773385][ T1916] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  287.794782][    C0] vkms_vblank_simulate: vblank timer overrun
[  287.794890][   T30] audit: type=1400 audit(1758592847.085:922): avc:  denied  { mounton } for  pid=9137 comm="syz-executor" path="/root/syzkaller.3AVMAJ/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=27428 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  287.836241][   T30] audit: type=1400 audit(1758592847.185:923): avc:  denied  { mounton } for  pid=9137 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=2784 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  287.859590][    C0] vkms_vblank_simulate: vblank timer overrun
[  287.866015][ T5932] usb 2-1: Using ep0 maxpacket: 32
[  287.871367][   T30] audit: type=1400 audit(1758592847.195:924): avc:  denied  { mount } for  pid=9137 comm="syz-executor" name="/" dev="gadgetfs" ino=8388 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  287.893699][    C0] vkms_vblank_simulate: vblank timer overrun
[  287.934164][ T5932] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=67.fe
[  287.960191][ T5932] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.969324][ T5932] usb 2-1: Product: syz
[  287.973864][ T5932] usb 2-1: Manufacturer: syz
[  287.978575][ T5932] usb 2-1: SerialNumber: syz
[  288.014185][ T5932] usb 2-1: config 0 descriptor??
[  288.113958][ T1916] usb 1-1: Using ep0 maxpacket: 32
[  288.523101][ T5932] snd-usb-6fire 2-1:0.0: unable to receive device firmware state.
[  288.603179][ T5932] snd-usb-6fire 2-1:0.0: probe with driver snd-usb-6fire failed with error -71
[  288.613815][ T1916] usb 1-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  288.656145][ T1916] usb 1-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  288.674370][ T1916] usb 1-1: config 0 interface 0 has no altsetting 0
[  288.701509][ T1916] usb 1-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  288.707179][ T5932] usb 2-1: USB disconnect, device number 30
[  288.766470][ T1916] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.845166][ T1916] usb 1-1: config 0 descriptor??
[  289.130470][ T9515] =======================================================
[  289.130470][ T9515] WARNING: The mand mount option has been deprecated and
[  289.130470][ T9515]          and is ignored by this kernel. Remove the mand
[  289.130470][ T9515]          option from the mount to silence this warning.
[  289.130470][ T9515] =======================================================
[  289.165360][    C0] vkms_vblank_simulate: vblank timer overrun
[  289.306961][ T9519] overlayfs: overlapping lowerdir path
[  289.542126][ T1916] hid-thrustmaster 0003:044F:B65D.0007: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.0-1/input0
[  289.556695][ T1916] hid-thrustmaster 0003:044F:B65D.0007: Wrong number of endpoints?
[  289.627668][ T5932] IPVS: starting estimator thread 0...
[  289.742021][ T9526] IPVS: using max 44 ests per chain, 105600 per kthread
[  289.849148][ T9529] ieee802154 phy0 wpan0: encryption failed: -22
[  290.043856][    C1] hid-thrustmaster 0003:044F:B65D.0007: URB to get model id failed with error -71
[  290.047012][ T5925] usb 1-1: USB disconnect, device number 35
[  290.201788][ T1916] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  290.476369][ T1916] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  290.487802][ T1916] usb 2-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  290.497253][ T1916] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.570264][   T30] kauditd_printk_skb: 6 callbacks suppressed
[  290.570274][   T30] audit: type=1400 audit(1758592850.065:931): avc:  denied  { read } for  pid=9533 comm="syz.3.784" name="file0" dev="fuse" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  290.611640][   T30] audit: type=1400 audit(1758592850.065:932): avc:  denied  { open } for  pid=9533 comm="syz.3.784" path="/92/file0/file0" dev="fuse" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  290.644639][ T1916] usb 2-1: config 0 descriptor??
[  290.960845][ T1916] holtek 0003:1241:5015.0008: item fetching failed at offset 1/5
[  291.037619][   T30] audit: type=1400 audit(1758592850.195:933): avc:  denied  { write } for  pid=9539 comm="syz.2.786" lport=59820 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  291.061440][    C0] vkms_vblank_simulate: vblank timer overrun
[  291.063669][ T1916] holtek 0003:1241:5015.0008: parse failed
[  291.070198][   T30] audit: type=1400 audit(1758592850.195:934): avc:  denied  { setopt } for  pid=9539 comm="syz.2.786" lport=59820 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[  291.097128][    C0] vkms_vblank_simulate: vblank timer overrun
[  291.099390][ T1916] holtek 0003:1241:5015.0008: probe with driver holtek failed with error -22
[  291.157488][ T1916] usb 2-1: USB disconnect, device number 31
[  291.637477][ T9554] input: syz0 as /devices/virtual/input/input13
[  291.726403][ T9557] comedi comedi3: 8255: I/O port conflict (0x40404f26,4)
[  291.734055][ T9557] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  291.742337][ T9557] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  291.749141][ T9557] comedi comedi3: 8255: I/O port conflict (0xc,4)
[  291.756453][ T9557] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  291.763949][ T9557] comedi comedi3: 8255: I/O port conflict (0x5c95239c,4)
[  291.771241][ T9557] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  291.778342][ T9557] comedi comedi3: 8255: I/O port conflict (0x3bf,4)
[  291.785860][ T9557] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  291.793201][ T9557] comedi comedi3: 8255: I/O port conflict (0x20000001,4)
[  291.800683][ T9557] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  291.808644][ T9557] comedi comedi3: 8255: I/O port conflict (0x6,4)
[  293.867599][ T9594] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  293.867855][ T9594] Error validating options; rc = [-22]
[  293.923218][   T30] audit: type=1400 audit(1758592853.365:935): avc:  denied  { mounton } for  pid=9592 comm="syz.1.799" path="/syzcgroup/unified/syz1" dev="cgroup2" ino=38 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  294.354049][ T9601] kvm: kvm [9600]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x5407
[  294.363053][ T9601] kvm: kvm [9600]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x5b07
[  294.491755][ T5925] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  294.560969][ T9601] kvm_intel: kvm [9600]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x1d9) = 0x9cbf
[  294.574509][ T9601] kvm: kvm [9600]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x187) = 0xcabf
[  294.583687][ T9601] kvm: kvm [9600]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x186) = 0x78ae
[  294.601882][ T9601] kvm: kvm [9600]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0x11e) = 0x835b
[  294.622048][ T9601] kvm: kvm [9600]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x1b4a
[  294.630963][ T9601] kvm: kvm [9600]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x553a
[  294.651800][ T5925] usb 2-1: Using ep0 maxpacket: 16
[  294.665938][ T5925] usb 2-1: no configurations
[  294.679265][ T5925] usb 2-1: can't read configurations, error -22
[  294.801018][ T9607] FAULT_INJECTION: forcing a failure.
[  294.801018][ T9607] name failslab, interval 1, probability 0, space 0, times 0
[  294.811831][ T5925] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  294.821579][ T9607] CPU: 1 UID: 0 PID: 9607 Comm: syz.0.804 Not tainted syzkaller #0 PREEMPT(full) 
[  294.821603][ T9607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  294.821613][ T9607] Call Trace:
[  294.821619][ T9607]  <TASK>
[  294.821626][ T9607]  dump_stack_lvl+0x16c/0x1f0
[  294.821653][ T9607]  should_fail_ex+0x512/0x640
[  294.821678][ T9607]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  294.821699][ T9607]  should_failslab+0xc2/0x120
[  294.821720][ T9607]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  294.821737][ T9607]  ? __alloc_skb+0x2b2/0x380
[  294.821761][ T9607]  __alloc_skb+0x2b2/0x380
[  294.821781][ T9607]  ? __pfx___alloc_skb+0x10/0x10
[  294.821802][ T9607]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  294.821830][ T9607]  netlink_alloc_large_skb+0x69/0x130
[  294.821854][ T9607]  netlink_sendmsg+0x6a1/0xdd0
[  294.821880][ T9607]  ? __pfx_netlink_sendmsg+0x10/0x10
[  294.821912][ T9607]  ____sys_sendmsg+0xa98/0xc70
[  294.821938][ T9607]  ? copy_msghdr_from_user+0x10a/0x160
[  294.821958][ T9607]  ? __pfx_____sys_sendmsg+0x10/0x10
[  294.821996][ T9607]  ___sys_sendmsg+0x134/0x1d0
[  294.822018][ T9607]  ? __pfx____sys_sendmsg+0x10/0x10
[  294.822076][ T9607]  __sys_sendmsg+0x16d/0x220
[  294.822097][ T9607]  ? __pfx___sys_sendmsg+0x10/0x10
[  294.822134][ T9607]  do_syscall_64+0xcd/0x4e0
[  294.822159][ T9607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.822176][ T9607] RIP: 0033:0x7fdb9898eec9
[  294.822190][ T9607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.822207][ T9607] RSP: 002b:00007fdb99902038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  294.822224][ T9607] RAX: ffffffffffffffda RBX: 00007fdb98be5fa0 RCX: 00007fdb9898eec9
[  294.822235][ T9607] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000004
[  294.822245][ T9607] RBP: 00007fdb99902090 R08: 0000000000000000 R09: 0000000000000000
[  294.822255][ T9607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  294.822265][ T9607] R13: 00007fdb98be6038 R14: 00007fdb98be5fa0 R15: 00007ffd303c5988
[  294.822290][ T9607]  </TASK>
[  295.235561][   T30] audit: type=1400 audit(1758592854.735:936): avc:  denied  { ioctl } for  pid=9610 comm="syz.3.806" path="socket:[28487]" dev="sockfs" ino=28487 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  295.260278][    C0] vkms_vblank_simulate: vblank timer overrun
[  295.771812][ T5925] usb 2-1: Using ep0 maxpacket: 16
[  295.784801][ T5925] usb 2-1: no configurations
[  295.801292][ T5925] usb 2-1: can't read configurations, error -22
[  295.813016][ T5925] usb usb2-port1: attempt power cycle
[  296.514807][ T9625] netlink: 4 bytes leftover after parsing attributes in process `syz.3.810'.
[  296.624139][   T30] audit: type=1400 audit(1758592856.095:937): avc:  denied  { read } for  pid=9624 comm="syz.3.810" path="socket:[28734]" dev="sockfs" ino=28734 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  296.652864][ T9631] netlink: 4 bytes leftover after parsing attributes in process `syz.4.811'.
[  296.719119][   T30] audit: type=1400 audit(1758592856.215:938): avc:  denied  { read } for  pid=9624 comm="syz.3.810" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  296.731766][ T5925] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  296.758818][ T9631] team0: Port device batadv0 removed
[  296.793472][ T5925] usb 2-1: Using ep0 maxpacket: 16
[  296.819779][ T5925] usb 2-1: no configurations
[  296.845439][ T5925] usb 2-1: can't read configurations, error -22
[  296.991857][ T5925] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  297.014645][ T5925] usb 2-1: Using ep0 maxpacket: 16
[  297.020363][ T5925] usb 2-1: no configurations
[  297.025527][ T5925] usb 2-1: can't read configurations, error -22
[  297.032070][ T5925] usb usb2-port1: unable to enumerate USB device
[  297.161841][ T5932] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  297.311881][ T5932] usb 3-1: Using ep0 maxpacket: 32
[  297.321293][ T5932] usb 3-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  297.330582][ T5932] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  297.346019][ T5932] usb 3-1: config 0 descriptor??
[  297.366380][ T5932] as10x_usb: device has been detected
[  297.373797][ T5932] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  297.397282][ T5932] usb 3-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  297.451568][ T5932] as10x_usb: error during firmware upload part1
[  297.469132][ T5932] Registered device nBox DVB-T Dongle
[  297.469535][   T30] audit: type=1400 audit(1758592856.945:939): avc:  denied  { firmware_load } for  pid=5932 comm="kworker/0:6" path="/lib/firmware/as102_data1_st.hex" dev="sda1" ino=297 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  297.691383][ T5925] usb 3-1: USB disconnect, device number 25
[  297.888998][   T30] audit: type=1400 audit(1758592857.385:940): avc:  denied  { read } for  pid=9640 comm="syz.1.815" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  297.922608][ T5925] Unregistered device nBox DVB-T Dongle
[  297.939580][ T5925] as10x_usb: device has been disconnected
[  297.956419][   T30] audit: type=1400 audit(1758592857.385:941): avc:  denied  { open } for  pid=9640 comm="syz.1.815" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  298.047303][   T30] audit: type=1400 audit(1758592857.545:942): avc:  denied  { read } for  pid=9656 comm="syz.0.818" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  298.419449][ T9654] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  298.425730][ T9654] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  298.440201][ T9654] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  298.446475][ T9654] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  298.473287][ T9654] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  298.480482][ T9654] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  298.540366][ T9654] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  300.505073][ T5860] Bluetooth: hci3: command 0x0c1a tx timeout
[  300.505098][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[  300.511113][ T5859] Bluetooth: hci1: command 0x0c1a tx timeout
[  300.523323][   T51] Bluetooth: hci4: command 0x0c1a tx timeout
[  300.529357][ T5865] Bluetooth: hci2: command 0x0c1a tx timeout
[  300.837411][ T9698] netlink: 4 bytes leftover after parsing attributes in process `syz.4.826'.
[  300.882073][ T5911] usb 3-1: new full-speed USB device number 26 using dummy_hcd
[  301.067028][ T5911] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 7
[  301.081225][ T5911] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  301.096509][ T5911] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  301.124066][ T5911] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.142961][ T5911] usb 3-1: config 0 descriptor??
[  301.214572][ T9688] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  302.162844][   T30] audit: type=1400 audit(1758592861.635:943): avc:  denied  { create } for  pid=9710 comm="syz.1.830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  302.332239][   T30] audit: type=1400 audit(1758592861.645:944): avc:  denied  { bind } for  pid=9710 comm="syz.1.830" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  302.508028][ T9726] comedi comedi0: comedi_config --init_data is deprecated
[  302.624450][ T5860] Bluetooth: hci4: command 0x0c1a tx timeout
[  302.643904][   T30] audit: type=1400 audit(1758592862.095:945): avc:  denied  { bind } for  pid=9714 comm="syz.3.832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  303.060425][   T30] audit: type=1400 audit(1758592862.095:946): avc:  denied  { write } for  pid=9714 comm="syz.3.832" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  304.021213][ T5974] usb 3-1: USB disconnect, device number 26
[  304.089731][ T9743] dlm: Unknown command passed to DLM device : 68
[  304.089731][ T9743] 
[  304.235901][ T9749] netlink: 8 bytes leftover after parsing attributes in process `syz.0.834'.
[  304.332238][ T9754] C: renamed from team_slave_0 (while UP)
[  304.363409][   T30] audit: type=1400 audit(1758592863.855:947): avc:  denied  { ioctl } for  pid=9742 comm="syz.0.834" path="socket:[29818]" dev="sockfs" ino=29818 ioctlcmd=0x89ed scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  304.401582][ T9754] netlink: 'syz.2.837': attribute type 3 has an invalid length.
[  304.410675][ T9754] netlink: 152 bytes leftover after parsing attributes in process `syz.2.837'.
[  304.496895][ T9754] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  304.681863][ T5860] Bluetooth: hci4: command 0x0c1a tx timeout
[  305.821421][ T9767] netlink: 'syz.0.841': attribute type 2 has an invalid length.
[  305.839567][   T30] audit: type=1400 audit(1758592865.335:948): avc:  denied  { write } for  pid=9766 comm="syz.0.841" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  306.322832][ T9782] fuse: Unknown parameter ''
[  306.769269][ T9769] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  306.971888][   T30] audit: type=1400 audit(1758592866.365:949): avc:  denied  { mount } for  pid=9784 comm="syz.0.847" name="/" dev="rpc_pipefs" ino=29943 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  307.758047][ T9796] sctp: [Deprecated]: syz.4.850 (pid 9796) Use of int in max_burst socket option deprecated.
[  307.758047][ T9796] Use struct sctp_assoc_value instead
[  308.795831][   T30] audit: type=1400 audit(1758592868.295:950): avc:  denied  { append } for  pid=9802 comm="syz.4.852" name="video5" dev="devtmpfs" ino=937 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:v4l_device_t tclass=chr_file permissive=1
[  308.859529][ T9805] netlink: 552 bytes leftover after parsing attributes in process `syz.2.853'.
[  308.859888][   T30] audit: type=1400 audit(1758592868.355:951): avc:  denied  { nlmsg_read } for  pid=9804 comm="syz.2.853" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  309.167876][ T9812] CIFS mount error: No usable UNC path provided in device string!
[  309.167876][ T9812] 
[  309.177970][ T9812] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  309.226574][ T9812] binder: 9804:9812 ioctl c0046209 9999999999999999 returned -22
[  309.730381][   T30] audit: type=1400 audit(1758592868.645:952): avc:  denied  { execute_no_trans } for  pid=9804 comm="syz.2.853" path="/17/file0" dev="tmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  309.958810][   T30] audit: type=1400 audit(1758592869.435:953): avc:  denied  { block_suspend } for  pid=9802 comm="syz.4.852" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  311.147535][ T9831] netlink: 32 bytes leftover after parsing attributes in process `syz.2.859'.
[  311.221956][   T48] usb 2-1: new full-speed USB device number 36 using dummy_hcd
[  311.249060][   T30] audit: type=1326 audit(1758592870.745:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9834 comm="syz.4.861" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4a8178eec9 code=0x0
[  311.307536][   T30] audit: type=1326 audit(1758592870.805:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9834 comm="syz.4.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a8178eec9 code=0x7ffc0000
[  311.329233][ T9842] binder: 9841:9842 ioctl c0306201 0 returned -14
[  311.403418][   T48] usb 2-1: config 1 has an invalid interface number: 105 but max is 0
[  311.413611][   T48] usb 2-1: config 1 has no interface number 0
[  311.419795][   T48] usb 2-1: config 1 interface 105 has no altsetting 0
[  311.436528][   T48] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  311.447477][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.459300][   T48] usb 2-1: Product: syz
[  311.469060][   T48] usb 2-1: Manufacturer: syz
[  311.478305][   T30] audit: type=1326 audit(1758592870.805:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9834 comm="syz.4.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=36 compat=0 ip=0x7f4a8178eec9 code=0x7ffc0000
[  311.481096][   T48] usb 2-1: SerialNumber: syz
[  311.502696][   T30] audit: type=1326 audit(1758592870.805:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9834 comm="syz.4.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a8178eec9 code=0x7ffc0000
[  311.529848][   T30] audit: type=1326 audit(1758592870.805:958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9834 comm="syz.4.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f4a8178eec9 code=0x7ffc0000
[  311.553343][   T30] audit: type=1326 audit(1758592870.805:959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9834 comm="syz.4.861" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a8178eec9 code=0x7ffc0000
[  313.079464][   T48] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71
[  313.094461][   T48] aqc111 2-1:1.105: probe with driver aqc111 failed with error -71
[  313.110142][   T48] usb 2-1: USB disconnect, device number 36
[  313.355093][ T9870] netlink: 'syz.4.870': attribute type 13 has an invalid length.
[  313.383483][ T9870] netlink: 'syz.4.870': attribute type 27 has an invalid length.
[  314.362927][ T9877] binder: 9876:9877 ioctl c0306201 0 returned -14
[  316.219576][ T5925] libceph: connect (1)[c::]:6789 error -101
[  316.226101][ T5925] libceph: mon0 (1)[c::]:6789 connect error
[  316.271536][ T9900] binder: 9899:9900 ioctl c0306201 0 returned -14
[  316.283079][ T9896] ceph: No mds server is up or the cluster is laggy
[  316.506638][ T5911] libceph: connect (1)[c::]:6789 error -101
[  316.512854][ T5911] libceph: mon0 (1)[c::]:6789 connect error
[  317.011047][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  317.017467][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  317.352635][ T5925] libceph: connect (1)[c::]:6789 error -101
[  317.358737][ T5925] libceph: mon0 (1)[c::]:6789 connect error
[  317.871620][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  317.871637][   T30] audit: type=1400 audit(1758592877.335:967): avc:  denied  { read } for  pid=9914 comm="syz.1.882" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=alg_socket permissive=1
[  318.114505][   T30] audit: type=1400 audit(1758592877.375:968): avc:  denied  { kexec_image_load } for  pid=9918 comm="syz.3.874" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=system permissive=1
[  319.312289][   T30] audit: type=1400 audit(1758592877.855:969): avc:  denied  { getopt } for  pid=9924 comm="syz.3.884" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  321.518134][ T9936] netlink: 4 bytes leftover after parsing attributes in process `syz.1.886'.
[  321.782875][ T5974] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  321.991938][ T5974] usb 4-1: Using ep0 maxpacket: 32
[  322.028402][ T5974] usb 4-1: config 0 has an invalid interface number: 146 but max is 0
[  322.073603][ T5974] usb 4-1: config 0 has no interface number 0
[  322.104974][ T5974] usb 4-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  322.118735][   T30] audit: type=1400 audit(1758592881.615:970): avc:  denied  { map } for  pid=9942 comm="syz.2.889" path="socket:[30461]" dev="sockfs" ino=30461 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  322.202126][ T5974] usb 4-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  322.266498][ T5974] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  322.332758][ T5974] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  322.364453][ T5974] usb 4-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  322.422234][ T5974] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  322.459933][ T5974] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  322.501723][ T5974] usb 4-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 19968, setting to 1024
[  322.535453][ T5974] usb 4-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  322.589200][ T5974] usb 4-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  322.638529][ T5974] usb 4-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  322.703917][ T5974] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.722174][ T5974] usb 4-1: Product: syz
[  322.735117][ T5974] usb 4-1: Manufacturer: syz
[  322.747397][ T5974] usb 4-1: SerialNumber: syz
[  322.762155][ T5974] usb 4-1: config 0 descriptor??
[  322.774332][ T9938] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  322.791967][ T9938] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  322.800825][ T5974] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[  322.838598][ T5974] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[  322.866307][ T9949] SELinux:  Context Z is not valid (left unmapped).
[  322.906961][ T5974] scsi host1: microtekX6
[  323.289294][ T9955] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  323.467491][ T9957] netlink: 'syz.2.893': attribute type 2 has an invalid length.
[  323.510673][   T30] audit: type=1400 audit(1758592883.005:971): avc:  denied  { getopt } for  pid=9958 comm="syz.1.894" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  323.545677][ T9959] netlink: 'syz.1.894': attribute type 10 has an invalid length.
[  323.554146][ T9960] bridge0: port 2(bridge_slave_1) entered disabled state
[  323.562104][ T9960] bridge0: port 1(bridge_slave_0) entered disabled state
[  323.587466][ T9959] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  324.048960][ T9959] mac80211_hwsim hwsim4 wlan1: entered allmulticast mode
[  324.489579][ T5925] usb 4-1: USB disconnect, device number 22
[  324.751953][   T48] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  324.946092][ T5974] IPVS: starting estimator thread 0...
[  324.967487][ T9978] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  325.041817][ T9979] IPVS: using max 49 ests per chain, 117600 per kthread
[  325.091734][   T48] usb 2-1: Using ep0 maxpacket: 16
[  325.120174][   T48] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  325.160325][   T48] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  325.201593][   T48] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  325.221255][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.229878][   T48] usb 2-1: Product: syz
[  325.241172][   T48] usb 2-1: Manufacturer: syz
[  325.246117][   T48] usb 2-1: SerialNumber: syz
[  325.284422][   T48] usb 2-1: config 0 descriptor??
[  325.315455][   T48] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  325.333220][   T48] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  325.984156][   T48] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  326.004292][   T48] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  326.019062][ T9995] macsec1: entered promiscuous mode
[  326.051922][ T9995] bridge0: entered promiscuous mode
[  326.183555][ T9999] netlink: 'syz.3.906': attribute type 2 has an invalid length.
[  326.217048][ T9999] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.224873][ T9999] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.331644][   T30] audit: type=1400 audit(1758592885.825:972): avc:  denied  { write } for  pid=10001 comm="syz.3.907" path="socket:[30711]" dev="sockfs" ino=30711 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  326.615553][T10004] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  326.913679][   T48] em28xx 2-1:0.0: Unknown AC97 audio processor detected!
[  326.933362][   T48] em28xx 2-1:0.0: couldn't setup AC97 register 2
[  326.949442][   T48] em28xx 2-1:0.0: couldn't setup AC97 register 4
[  326.969537][   T48] em28xx 2-1:0.0: couldn't setup AC97 register 6
[  326.989995][   T48] em28xx 2-1:0.0: couldn't setup AC97 register 54
[  327.010272][   T48] em28xx 2-1:0.0: couldn't setup AC97 register 56
[  327.049657][   T48] usb 2-1: USB disconnect, device number 37
[  327.279519][   T30] audit: type=1400 audit(1758592886.775:973): avc:  denied  { getopt } for  pid=10011 comm="syz.3.910" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  327.298794][    C1] vkms_vblank_simulate: vblank timer overrun
[  327.382585][T10014] input: syz1 as /devices/virtual/input/input14
[  327.413107][T10015] ubi31: attaching mtd0
[  327.423084][T10010] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode active-backup(1)
[  327.424126][T10015] ubi31: scanning is finished
[  327.440552][T10015] ubi31: empty MTD device detected
[  327.894851][T10015] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  327.902533][T10015] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  327.911630][T10015] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  327.924071][T10015] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  327.933070][T10015] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  327.949841][T10015] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  327.960944][T10015] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2126715425
[  327.975011][T10015] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  328.024029][T10023] ubi31: background thread "ubi_bgt31d" started, PID 10023
[  328.034542][ T5855] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  328.251859][ T5855] usb 2-1: Using ep0 maxpacket: 8
[  328.287743][ T5855] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  328.311795][ T5855] usb 2-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x74, changing to 0x4
[  328.391746][ T5855] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 114, changing to 10
[  328.442562][ T5855] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 25183, setting to 1024
[  328.469164][ T5855] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  328.501719][   T30] audit: type=1400 audit(1758592887.985:974): avc:  denied  { append } for  pid=10029 comm="syz.4.915" name="random" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  328.504962][ T5855] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  328.624214][ T5855] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.664645][ T5855] usb 2-1: Product: syz
[  328.668840][ T5855] usb 2-1: Manufacturer: syz
[  328.719836][ T5855] usb 2-1: SerialNumber: syz
[  328.776385][T10021] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  328.786492][ T5855] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  328.828626][T10028] netlink: 44 bytes leftover after parsing attributes in process `syz.0.913'.
[  328.839628][ T5855] usbtest 2-1:1.0: couldn't get endpoints, -22
[  328.847131][ T5855] usbtest 2-1:1.0: probe with driver usbtest failed with error -22
[  329.407078][   T48] usb 2-1: USB disconnect, device number 38
[  329.409630][   T30] audit: type=1400 audit(1758592888.615:975): avc:  denied  { bind } for  pid=10035 comm="syz.3.918" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  330.054321][   T30] audit: type=1400 audit(1758592888.895:976): avc:  denied  { getopt } for  pid=10020 comm="syz.1.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  331.140739][T10062] ISOFS: Unable to identify CD-ROM format.
[  331.142109][   T30] audit: type=1400 audit(1758592890.615:977): avc:  denied  { mount } for  pid=10045 comm="syz.3.919" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  331.168003][    C1] vkms_vblank_simulate: vblank timer overrun
[  331.257395][   T30] audit: type=1400 audit(1758592890.755:978): avc:  denied  { setopt } for  pid=10063 comm="syz.0.924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  331.339953][   T30] audit: type=1400 audit(1758592890.835:979): avc:  denied  { map } for  pid=10061 comm="syz.1.923" path="/dev/bus/usb/006/001" dev="devtmpfs" ino=736 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  331.363961][    C1] vkms_vblank_simulate: vblank timer overrun
[  331.931818][T10069] netlink: 44 bytes leftover after parsing attributes in process `syz.1.923'.
[  331.943712][T10069] tmpfs: Bad value for 'nr_blocks'
[  332.204039][ T5855] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  332.229350][   T30] audit: type=1400 audit(1758592891.725:980): avc:  denied  { accept } for  pid=10077 comm="syz.3.928" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  332.513538][ T5855] usb 2-1: config 0 has an invalid interface number: 120 but max is 0
[  332.522054][T10085] FAULT_INJECTION: forcing a failure.
[  332.522054][T10085] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  332.550631][ T5855] usb 2-1: config 0 has no interface number 0
[  332.557756][   T30] audit: type=1400 audit(1758592892.045:981): avc:  denied  { bind } for  pid=10079 comm="syz.4.929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  332.577880][ T5855] usb 2-1: config 0 interface 120 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  332.589770][   T30] audit: type=1400 audit(1758592892.045:982): avc:  denied  { connect } for  pid=10079 comm="syz.4.929" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  332.609792][ T5855] usb 2-1: config 0 interface 120 altsetting 0 endpoint 0x8F has an invalid bInterval 52, changing to 9
[  332.622087][T10085] CPU: 0 UID: 0 PID: 10085 Comm: syz.2.930 Not tainted syzkaller #0 PREEMPT(full) 
[  332.622103][T10085] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  332.622109][T10085] Call Trace:
[  332.622113][T10085]  <TASK>
[  332.622118][T10085]  dump_stack_lvl+0x16c/0x1f0
[  332.622136][T10085]  should_fail_ex+0x512/0x640
[  332.622153][T10085]  _copy_from_user+0x2e/0xd0
[  332.622170][T10085]  vhost_vsock_dev_ioctl+0x5f4/0xb30
[  332.622186][T10085]  ? hook_file_ioctl_common+0x145/0x410
[  332.622198][T10085]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[  332.622216][T10085]  ? selinux_file_ioctl+0xb4/0x270
[  332.622233][T10085]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[  332.622249][T10085]  __x64_sys_ioctl+0x18e/0x210
[  332.622267][T10085]  do_syscall_64+0xcd/0x4e0
[  332.622283][T10085]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  332.622294][T10085] RIP: 0033:0x7f3b14d8eec9
[  332.622303][T10085] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  332.622314][T10085] RSP: 002b:00007f3b15bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  332.622325][T10085] RAX: ffffffffffffffda RBX: 00007f3b14fe5fa0 RCX: 00007f3b14d8eec9
[  332.622332][T10085] RDX: 00002000000002c0 RSI: 000000004008af00 RDI: 0000000000000003
[  332.622338][T10085] RBP: 00007f3b15bfe090 R08: 0000000000000000 R09: 0000000000000000
[  332.622344][T10085] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  332.622351][T10085] R13: 00007f3b14fe6038 R14: 00007f3b14fe5fa0 R15: 00007ffe8e69c908
[  332.622364][T10085]  </TASK>
[  332.626176][ T5855] usb 2-1: config 0 interface 120 altsetting 0 endpoint 0x8F has invalid maxpacket 8241, setting to 1024
[  332.973807][ T5855] usb 2-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[  332.983609][ T5855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.995519][ T5855] usb 2-1: config 0 descriptor??
[  333.009384][ T5855] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.120/input/input15
[  333.114830][T10087] netlink: 'syz.2.931': attribute type 1 has an invalid length.
[  333.196579][   T30] audit: type=1400 audit(1758592892.685:983): avc:  denied  { read } for  pid=5206 comm="acpid" name="mouse8" dev="devtmpfs" ino=3219 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  333.218303][    C1] vkms_vblank_simulate: vblank timer overrun
[  333.446540][ T5855] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  333.517996][    C0] usbtouchscreen 2-1:0.120: usbtouch_irq - usb_submit_urb failed with result: -1
[  333.542638][   T30] audit: type=1400 audit(1758592892.685:984): avc:  denied  { open } for  pid=5206 comm="acpid" path="/dev/input/mouse8" dev="devtmpfs" ino=3219 scontext=system_u:system_r:acpid_t tcontext=root:object_r:device_t tclass=file permissive=1
[  333.667338][ T5855] usb 3-1: device descriptor read/64, error -71
[  333.809378][T10092] netlink: 'syz.0.933': attribute type 1 has an invalid length.
[  333.831792][T10092] netlink: 8 bytes leftover after parsing attributes in process `syz.0.933'.
[  333.936759][ T5855] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  334.081756][ T5855] usb 3-1: device descriptor read/64, error -71
[  334.200697][ T5855] usb usb3-port1: attempt power cycle
[  335.075670][ T5855] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  335.215362][ T5855] usb 3-1: device descriptor read/8, error -71
[  335.461524][T10113] random: crng reseeded on system resumption
[  335.471108][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  335.471121][   T30] audit: type=1400 audit(1758592894.955:990): avc:  denied  { write } for  pid=10112 comm="syz.3.936" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  335.507695][ T5974] usb 2-1: USB disconnect, device number 39
[  335.569134][   T30] audit: type=1400 audit(1758592895.045:991): avc:  denied  { ioctl } for  pid=10112 comm="syz.3.936" path="/dev/snapshot" dev="devtmpfs" ino=92 ioctlcmd=0x3313 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  335.651893][ T5855] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  335.783092][ T5855] usb 3-1: device descriptor read/8, error -71
[  336.642137][ T5855] usb usb3-port1: unable to enumerate USB device
[  337.475195][   T30] audit: type=1400 audit(1758592896.975:992): avc:  denied  { create } for  pid=10139 comm="syz.0.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  338.187317][   T30] audit: type=1400 audit(1758592897.675:993): avc:  denied  { write } for  pid=10139 comm="syz.0.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  338.215145][   T30] audit: type=1400 audit(1758592897.675:994): avc:  denied  { create } for  pid=10139 comm="syz.0.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  338.215189][   T30] audit: type=1400 audit(1758592897.675:995): avc:  denied  { write } for  pid=10139 comm="syz.0.944" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  338.342169][ T5855] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  338.531803][ T5855] usb 2-1: Using ep0 maxpacket: 32
[  338.561482][ T5855] usb 2-1: unable to get BOS descriptor or descriptor too short
[  338.570668][ T5855] usb 2-1: config 128 has an invalid interface number: 127 but max is 3
[  338.580337][ T5855] usb 2-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[  338.606017][ T5855] usb 2-1: config 128 has 1 interface, different from the descriptor's value: 4
[  338.621922][ T5855] usb 2-1: config 128 has no interface number 0
[  338.631872][ T5855] usb 2-1: config 128 interface 127 altsetting 14 has an endpoint descriptor with address 0x74, changing to 0x4
[  338.670035][ T5855] usb 2-1: config 128 interface 127 altsetting 14 endpoint 0x4 has invalid maxpacket 9529, setting to 1024
[  338.704753][T10156] block nbd3: shutting down sockets
[  338.717665][ T5855] usb 2-1: config 128 interface 127 altsetting 14 bulk endpoint 0x4 has invalid maxpacket 1024
[  338.819557][T10159] 9pnet_fd: Insufficient options for proto=fd
[  339.200106][ T5855] usb 2-1: config 128 interface 127 has no altsetting 0
[  339.215366][ T5855] usb 2-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[  339.224768][ T5855] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.242276][ T5855] usb 2-1: Product: syz
[  339.246494][ T5855] usb 2-1: Manufacturer: syz
[  339.251122][ T5855] usb 2-1: SerialNumber: syz
[  339.282048][T10145] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  339.515611][T10168] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  339.546893][ T5855] usb 2-1: USB disconnect, device number 40
[  339.916923][ T5848] udevd[5848]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  339.979711][T10175] netlink: 8 bytes leftover after parsing attributes in process `syz.4.952'.
[  340.095853][T10178] Bluetooth: MGMT ver 1.23
[  340.135506][   T30] audit: type=1400 audit(1758592899.635:996): avc:  denied  { bind } for  pid=10174 comm="syz.4.952" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  340.170872][   T30] audit: type=1400 audit(1758592899.635:997): avc:  denied  { node_bind } for  pid=10174 comm="syz.4.952" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  341.862387][ T5855] usb 4-1: new full-speed USB device number 23 using dummy_hcd
[  342.261962][ T5855] usb 4-1: config 0 has an invalid interface number: 128 but max is 0
[  342.270215][ T5855] usb 4-1: config 0 has no interface number 0
[  342.424853][ T5855] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  342.437666][ T5855] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.449309][ T5855] usb 4-1: Product: syz
[  342.465256][ T5855] usb 4-1: Manufacturer: syz
[  342.470390][ T5855] usb 4-1: SerialNumber: syz
[  342.545863][ T5855] usb 4-1: config 0 descriptor??
[  342.790822][T10213] netlink: 100 bytes leftover after parsing attributes in process `syz.4.960'.
[  342.939355][   T30] audit: type=1400 audit(1758592902.435:998): avc:  denied  { watch watch_reads } for  pid=10210 comm="syz.2.961" path="/syzcgroup/unified/syz2" dev="cgroup2" ino=125 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  342.972496][ T5855] usb 4-1: Firmware: major: 84, minor: 103, hardware type: UNKNOWN (73)
[  343.184511][ T5855] usb 4-1: Read permanent extended address 52:39:35:8d:79:3e:bf:c5 from device
[  343.193673][ T5855] usb 4-1: atusb_probe: initialization failed, error = -524
[  343.203917][ T5855] atusb 4-1:0.128: probe with driver atusb failed with error -524
[  343.851363][ T5855] usb 4-1: USB disconnect, device number 23
[  345.361796][   T48] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  345.453493][T10255] fuse: Bad value for 'fd'
[  346.006873][   T48] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  346.018332][   T48] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  346.030340][   T48] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  346.043667][   T48] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  346.053796][   T48] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.061943][   T48] usb 4-1: Product: syz
[  346.066220][   T48] usb 4-1: Manufacturer: syz
[  346.070847][   T48] usb 4-1: SerialNumber: syz
[  346.079984][   T48] usb 4-1: config 0 descriptor??
[  346.088294][T10248] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  346.146232][T10248] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  346.325695][   T30] audit: type=1326 audit(1758592905.695:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10258 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9898eec9 code=0x7ffc0000
[  346.349020][    C1] vkms_vblank_simulate: vblank timer overrun
[  346.516642][   T48] usb 4-1: ucan: probing device on interface #0
[  346.532827][   T30] audit: type=1326 audit(1758592905.695:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10258 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9898eec9 code=0x7ffc0000
[  347.004952][   T30] audit: type=1326 audit(1758592905.705:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10258 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fdb9898eec9 code=0x7ffc0000
[  347.029323][   T30] audit: type=1326 audit(1758592905.705:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10258 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9898eec9 code=0x7ffc0000
[  347.122334][   T30] audit: type=1326 audit(1758592905.705:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10258 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9898eec9 code=0x7ffc0000
[  347.146006][   T30] audit: type=1326 audit(1758592905.705:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10258 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fdb9898eec9 code=0x7ffc0000
[  347.152151][   T48] usb 4-1: ucan: could not read protocol version, ret=26
[  347.173358][   T30] audit: type=1326 audit(1758592905.705:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10258 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9898eec9 code=0x7ffc0000
[  347.481749][   T30] audit: type=1326 audit(1758592905.705:1006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10258 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb9898eec9 code=0x7ffc0000
[  347.507155][   T30] audit: type=1326 audit(1758592905.705:1007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10258 comm="syz.0.973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fdb9898eec9 code=0x7ffc0000
[  347.523975][   T48] usb 4-1: ucan: probe failed; try to update the device firmware
[  348.177147][   T48] usb 4-1: USB disconnect, device number 24
[  348.501866][ T5974] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  348.684622][ T5974] usb 2-1: config index 0 descriptor too short (expected 3133, got 61)
[  348.723500][ T5974] usb 2-1: config 0 has an invalid interface number: 156 but max is 1
[  348.743113][ T5974] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  348.773221][ T5974] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  348.820048][ T5974] usb 2-1: config 0 has no interface number 0
[  349.753758][ T5974] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  349.794919][ T5974] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  349.811713][ T5974] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  349.860649][T10297] trusted_key: encrypted_key: master key parameter '' is invalid
[  349.891504][ T5974] usb 2-1: config 0 interface 156 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  350.029028][T10296] netlink: 'syz.3.979': attribute type 10 has an invalid length.
[  350.047071][   T30] kauditd_printk_skb: 39 callbacks suppressed
[  350.047082][   T30] audit: type=1400 audit(1758592909.535:1047): avc:  denied  { unmount } for  pid=5845 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  350.143985][ T5974] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  350.293881][ T5974] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.400867][ T5974] usb 2-1: config 0 descriptor??
[  350.408601][ T5974] usb 2-1: can't set config #0, error -71
[  350.425413][ T5974] usb 2-1: USB disconnect, device number 41
[  350.442143][ T5860] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  350.443777][ T5859] Bluetooth: hci5: command 0x1003 tx timeout
[  350.727740][T10303] netlink: 'syz.0.985': attribute type 2 has an invalid length.
[  350.850862][T10306] comedi comedi0: Minor 127 is invalid!
[  350.959566][ T7810] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.110502][ T7810] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.217830][ T7810] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  351.431369][ T7810] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  352.515611][ T7810] bridge_slave_1: left allmulticast mode
[  352.521278][ T7810] bridge_slave_1: left promiscuous mode
[  352.564548][ T7810] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.644120][ T7810] bridge_slave_0: left allmulticast mode
[  352.663735][   T30] audit: type=1400 audit(1758592912.155:1048): avc:  denied  { map } for  pid=10309 comm="syz.0.987" path="/dev/nullb0" dev="devtmpfs" ino=696 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  352.694222][ T7810] bridge_slave_0: left promiscuous mode
[  352.712128][ T7810] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.928535][ T5859] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  353.373640][ T5859] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  353.421509][ T5859] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  353.433729][ T5859] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  353.455428][ T5859] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  353.663581][   T30] audit: type=1326 audit(1758592913.155:1049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10338 comm="syz.2.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b14d8eec9 code=0x7ffc0000
[  353.841464][T10344] sd 0:0:1:0: device reset
[  353.881396][   T30] audit: type=1326 audit(1758592913.195:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10338 comm="syz.2.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b14d8eec9 code=0x7ffc0000
[  354.034304][   T30] audit: type=1326 audit(1758592913.195:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10338 comm="syz.2.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f3b14d8eec9 code=0x7ffc0000
[  354.086885][   T30] audit: type=1326 audit(1758592913.195:1052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10338 comm="syz.2.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b14d8eec9 code=0x7ffc0000
[  354.132153][   T30] audit: type=1326 audit(1758592913.195:1053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10338 comm="syz.2.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b14d8eec9 code=0x7ffc0000
[  354.160908][   T30] audit: type=1326 audit(1758592913.195:1054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10338 comm="syz.2.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3b14d8d710 code=0x7ffc0000
[  354.186186][   T30] audit: type=1326 audit(1758592913.195:1055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10338 comm="syz.2.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b14d8eec9 code=0x7ffc0000
[  354.227156][   T30] audit: type=1326 audit(1758592913.195:1056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10338 comm="syz.2.994" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b14d8eec9 code=0x7ffc0000
[  354.679764][ T7810] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  354.784176][ T7810] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  354.858806][ T7810] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  355.060405][ T7810] bond0 (unregistering): Released all slaves
[  355.109971][ T7810] bond1 (unregistering): Released all slaves
[  355.331732][T10358] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  355.345267][T10358] Error validating options; rc = [-22]
[  355.497487][ T5859] Bluetooth: hci1: command tx timeout
[  355.664690][T10362] netlink: 16 bytes leftover after parsing attributes in process `syz.4.998'.
[  356.109942][T10377] netlink: 4 bytes leftover after parsing attributes in process `syz.0.999'.
[  356.151262][   T30] kauditd_printk_skb: 22 callbacks suppressed
[  356.151277][   T30] audit: type=1400 audit(1758592915.635:1079): avc:  denied  { append } for  pid=10378 comm="syz.3.1000" name="nvram" dev="devtmpfs" ino=623 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  356.437404][ T7810] hsr_slave_0: left promiscuous mode
[  356.464668][ T7810] hsr_slave_1: left promiscuous mode
[  356.538483][ T7810] veth1_macvtap: left promiscuous mode
[  356.569576][ T7810] veth0_macvtap: left promiscuous mode
[  356.585624][ T7810] veth1_vlan: left promiscuous mode
[  356.607378][ T7810] veth0_vlan: left promiscuous mode
[  357.611846][ T5859] Bluetooth: hci1: command tx timeout
[  357.611975][   T30] audit: type=1400 audit(1758592917.005:1080): avc:  denied  { recv } for  pid=0 comm="swapper/0" saddr=10.128.0.169 src=42888 daddr=10.128.0.93 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  357.776580][ T7810] team0 (unregistering): Port device vlan2 removed
[  358.583368][ T7810] team0 (unregistering): Port device team_slave_1 removed
[  358.723106][ T7810] team0 (unregistering): Port device team_slave_0 removed
[  359.407217][   T30] audit: type=1400 audit(1758592918.905:1081): avc:  denied  { ioctl } for  pid=10423 comm="syz.4.1011" path="socket:[33476]" dev="sockfs" ino=33476 ioctlcmd=0x89e2 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  359.539391][T10426] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1012'.
[  359.551967][   T30] audit: type=1400 audit(1758592918.905:1082): avc:  denied  { write } for  pid=10423 comm="syz.4.1011" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=socket permissive=1
[  359.688703][ T5859] Bluetooth: hci1: command tx timeout
[  359.823897][T10406] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1005'.
[  359.847309][T10333] chnl_net:caif_netlink_parms(): no params data found
[  361.116792][T10333] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.178754][T10333] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.209340][T10333] bridge_slave_0: entered allmulticast mode
[  361.229183][T10333] bridge_slave_0: entered promiscuous mode
[  361.240814][T10459] netlink: 'syz.3.1018': attribute type 2 has an invalid length.
[  361.241271][T10333] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.261377][T10333] bridge0: port 2(bridge_slave_1) entered disabled state
[  361.269460][T10333] bridge_slave_1: entered allmulticast mode
[  361.331304][T10333] bridge_slave_1: entered promiscuous mode
[  361.445390][ T7810] IPVS: stop unused estimator thread 0...
[  361.816034][ T5859] Bluetooth: hci1: command tx timeout
[  361.885471][T10333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  361.888320][T10333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  362.152543][   T30] audit: type=1326 audit(1758592921.585:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10471 comm="syz.4.1021" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4a8178eec9 code=0x0
[  362.175384][    C1] vkms_vblank_simulate: vblank timer overrun
[  362.182968][T10333] team0: Port device team_slave_0 added
[  362.214226][T10333] team0: Port device team_slave_1 added
[  362.908696][T10333] batman_adv: batadv0: Adding interface: batadv_slave_0
[  362.916615][T10333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  362.942532][    C1] vkms_vblank_simulate: vblank timer overrun
[  363.122008][T10333] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  363.155733][T10333] batman_adv: batadv0: Adding interface: batadv_slave_1
[  363.188688][T10333] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  363.214597][    C1] vkms_vblank_simulate: vblank timer overrun
[  363.225871][T10333] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  364.194723][T10333] hsr_slave_0: entered promiscuous mode
[  364.202585][T10333] hsr_slave_1: entered promiscuous mode
[  364.211198][T10333] debugfs: 'hsr0' already exists in 'hsr'
[  364.218630][T10333] Cannot create hsr debugfs directory
[  364.705828][T10508] mac80211_hwsim hwsim11 wlan1: entered allmulticast mode
[  364.726862][T10508] bridge_slave_0: left allmulticast mode
[  364.735913][T10508] bridge_slave_0: left promiscuous mode
[  364.743070][T10508] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.765825][T10508] bridge_slave_1: left allmulticast mode
[  364.793390][T10508] bridge_slave_1: left promiscuous mode
[  364.812729][T10510] netlink: 'syz.4.1029': attribute type 10 has an invalid length.
[  364.841351][T10508] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.863329][T10512] netlink: 'syz.3.1030': attribute type 2 has an invalid length.
[  364.893057][T10508] bond0: (slave bond_slave_0): Releasing backup interface
[  364.960622][T10508] bond0: (slave bond_slave_1): Releasing backup interface
[  365.003125][T10508] team0: Port device team_slave_0 removed
[  365.028577][T10508] team0: Port device team_slave_1 removed
[  365.154329][T10510] mac80211_hwsim hwsim11 wlan1: left allmulticast mode
[  365.185164][T10510] 8021q: adding VLAN 0 to HW filter on device bond0
[  365.218888][T10510] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  365.420526][   T30] audit: type=1400 audit(1758592924.915:1084): avc:  denied  { connect } for  pid=10526 comm="syz.0.1032" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  365.858237][ T5932] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  365.870915][T10333] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  365.881924][T10333] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  365.893397][T10333] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  366.418134][T10333] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  366.484142][ T5932] usb 4-1: Using ep0 maxpacket: 8
[  366.509299][ T5932] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  366.532382][ T5932] usb 4-1: config 179 has no interface number 0
[  366.553428][ T5932] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[  366.599101][ T5932] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[  366.641964][T10544] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1033'.
[  366.693341][ T5932] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  366.717973][T10333] 8021q: adding VLAN 0 to HW filter on device bond0
[  366.726048][ T5932] usb 4-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  366.736363][ T5932] usb 4-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  366.855575][T10333] 8021q: adding VLAN 0 to HW filter on device team0
[  366.872625][   T79] bridge0: port 1(bridge_slave_0) entered blocking state
[  366.879731][   T79] bridge0: port 1(bridge_slave_0) entered forwarding state
[  366.959729][ T5932] usb 4-1: config 179 interface 65 has no altsetting 0
[  366.973986][ T5932] usb 4-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  366.975643][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  366.983451][ T5932] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.990162][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  367.050504][ T5932] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input16
[  367.566589][ T5925] usb 4-1: USB disconnect, device number 25
[  367.586351][   T30] audit: type=1400 audit(1758592927.065:1085): avc:  denied  { write } for  pid=10524 comm="syz.3.1031" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  367.972424][T10333] 8021q: adding VLAN 0 to HW filter on device batadv0
[  369.490666][T10581] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  369.504236][T10581] Error validating options; rc = [-22]
[  369.904303][T10585] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1039'.
[  369.917251][   T30] audit: type=1400 audit(1758592929.415:1086): avc:  denied  { setopt } for  pid=10583 comm="syz.2.1039" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  370.304283][T10597] pim6reg: entered allmulticast mode
[  370.565363][T10333] veth0_vlan: entered promiscuous mode
[  370.575372][T10333] veth1_vlan: entered promiscuous mode
[  370.869035][T10333] veth0_macvtap: entered promiscuous mode
[  370.881289][T10333] veth1_macvtap: entered promiscuous mode
[  371.320369][T10333] batman_adv: batadv0: Interface activated: batadv_slave_0
[  371.342170][T10333] batman_adv: batadv0: Interface activated: batadv_slave_1
[  371.409154][ T7810] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  371.453511][ T7810] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  371.478346][ T7810] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  371.557583][T10617] binder: 10616:10617 ioctl c0306201 0 returned -14
[  371.572245][ T7810] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  372.719742][   T79] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  372.788160][   T79] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  372.898589][T10645] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  372.912335][T10645] Error validating options; rc = [-22]
[  373.201797][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  373.211077][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  373.373569][T10655] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  373.387183][T10655] Error validating options; rc = [-22]
[  375.597576][T10682] binder: 10679:10682 ioctl c0306201 0 returned -14
[  377.616697][ T5859] block nbd0: Receive control failed (result -32)
[  377.825183][T10714] netlink: 'syz.2.1062': attribute type 7 has an invalid length.
[  378.347645][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  378.354063][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  378.354133][T10714] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1062'.
[  378.803208][ T5911] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  379.102848][ T5911] usb 4-1: Using ep0 maxpacket: 8
[  379.178012][ T5911] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  379.340616][ T5911] usb 4-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x74, changing to 0x4
[  379.353246][T10733] binder: 10731:10733 ioctl c0306201 0 returned -14
[  379.368069][ T5911] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 114, changing to 10
[  379.476768][ T5911] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 25183, setting to 1024
[  379.979609][ T5911] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  380.333546][ T5911] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  380.382502][T10745] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1068'.
[  380.384964][ T5911] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  380.415491][ T5911] usb 4-1: Product: syz
[  380.551741][ T5911] usb 4-1: Manufacturer: syz
[  380.556405][ T5911] usb 4-1: SerialNumber: syz
[  380.581505][T10728] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  380.608269][ T5911] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  381.094301][ T5911] usbtest 4-1:1.0: couldn't get endpoints, -22
[  381.114466][ T5911] usbtest 4-1:1.0: probe with driver usbtest failed with error -22
[  382.553762][   T48] usb 4-1: USB disconnect, device number 26
[  382.584767][   T30] audit: type=1400 audit(1758592942.085:1087): avc:  denied  { read } for  pid=10776 comm="syz.5.1077" path="socket:[36240]" dev="sockfs" ino=36240 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  383.922219][T10795] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1080'.
[  383.964198][T10804] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1083'.
[  384.381749][   T48] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  384.614069][   T48] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  384.631845][   T48] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  385.051180][   T48] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  385.120994][   T48] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  385.130493][   T48] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  385.138882][   T48] usb 3-1: Product: syz
[  385.159101][   T48] usb 3-1: Manufacturer: syz
[  385.169257][   T48] usb 3-1: SerialNumber: syz
[  385.476269][   T48] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 31 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  385.843061][   T48] usb 3-1: USB disconnect, device number 31
[  385.869851][   T48] usblp0: removed
[  386.850707][T10841] netlink: 'syz.0.1091': attribute type 2 has an invalid length.
[  387.338903][   T30] audit: type=1400 audit(1758592946.835:1088): avc:  denied  { connect } for  pid=10850 comm="syz.0.1094" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  387.406281][T10853] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  387.975498][   T30] audit: type=1400 audit(1758592946.905:1089): avc:  denied  { setopt } for  pid=10845 comm="syz.5.1093" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  388.231914][   T48] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  388.243401][T10869] FAULT_INJECTION: forcing a failure.
[  388.243401][T10869] name failslab, interval 1, probability 0, space 0, times 0
[  388.256395][T10869] CPU: 1 UID: 0 PID: 10869 Comm: syz.2.1099 Not tainted syzkaller #0 PREEMPT(full) 
[  388.256419][T10869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  388.256430][T10869] Call Trace:
[  388.256436][T10869]  <TASK>
[  388.256443][T10869]  dump_stack_lvl+0x16c/0x1f0
[  388.256470][T10869]  should_fail_ex+0x512/0x640
[  388.256501][T10869]  should_failslab+0xc2/0x120
[  388.256522][T10869]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  388.256540][T10869]  ? lock_acquire+0x179/0x350
[  388.256557][T10869]  ? dst_alloc+0x99/0x1a0
[  388.256578][T10869]  ? __pfx_ip6_dst_gc+0x10/0x10
[  388.256601][T10869]  dst_alloc+0x99/0x1a0
[  388.256621][T10869]  ip6_pol_route+0x96b/0x1230
[  388.256645][T10869]  ? __pfx_ip6_pol_route+0x10/0x10
[  388.256673][T10869]  ? __pfx_ip6_addr_string+0x10/0x10
[  388.256698][T10869]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  388.256717][T10869]  fib6_rule_lookup+0x386/0x720
[  388.256738][T10869]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  388.256769][T10869]  ? dev_get_by_index_rcu+0x102/0x140
[  388.256791][T10869]  ip6_route_output_flags+0x1d0/0x640
[  388.256812][T10869]  ip6_dst_lookup_tail.constprop.0+0x115a/0x2140
[  388.256843][T10869]  ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10
[  388.256868][T10869]  ? find_held_lock+0x2b/0x80
[  388.256891][T10869]  ? ip6_dst_check+0x343/0x950
[  388.256914][T10869]  ip6_dst_lookup_flow+0x99/0x1d0
[  388.256935][T10869]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  388.256963][T10869]  ip6_sk_dst_lookup_flow+0x56d/0x970
[  388.256983][T10869]  ? selinux_sk_getsecid+0x7c/0xd0
[  388.257005][T10869]  udpv6_sendmsg+0x19ef/0x2d20
[  388.257030][T10869]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  388.257063][T10869]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  388.257093][T10869]  ? avc_has_perm+0x144/0x1f0
[  388.257142][T10869]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  388.257169][T10869]  ? inet6_sendmsg+0x105/0x140
[  388.257194][T10869]  inet6_sendmsg+0x105/0x140
[  388.257221][T10869]  __sys_sendto+0x376/0x520
[  388.257241][T10869]  ? __pfx___sys_sendto+0x10/0x10
[  388.257283][T10869]  ? ksys_write+0x1ac/0x250
[  388.257301][T10869]  ? __pfx_ksys_write+0x10/0x10
[  388.257322][T10869]  __x64_sys_sendto+0xe0/0x1c0
[  388.257341][T10869]  ? do_syscall_64+0x91/0x4e0
[  388.257363][T10869]  ? lockdep_hardirqs_on+0x7c/0x110
[  388.257384][T10869]  do_syscall_64+0xcd/0x4e0
[  388.257409][T10869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  388.257426][T10869] RIP: 0033:0x7f3b14d8eec9
[  388.257441][T10869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  388.257457][T10869] RSP: 002b:00007f3b15bfe038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  388.257474][T10869] RAX: ffffffffffffffda RBX: 00007f3b14fe5fa0 RCX: 00007f3b14d8eec9
[  388.257491][T10869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  388.257501][T10869] RBP: 00007f3b15bfe090 R08: 0000200000000080 R09: 000000000000001c
[  388.257512][T10869] R10: 00000000200400c1 R11: 0000000000000246 R12: 0000000000000001
[  388.257522][T10869] R13: 00007f3b14fe6038 R14: 00007f3b14fe5fa0 R15: 00007ffe8e69c908
[  388.257546][T10869]  </TASK>
[  388.851774][   T48] usb 4-1: Using ep0 maxpacket: 8
[  388.867074][   T48] usb 4-1: unable to get BOS descriptor or descriptor too short
[  388.880418][   T48] usb 4-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  388.912049][   T48] usb 4-1: config 6 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  389.006208][   T48] usb 4-1: config 6 interface 0 has no altsetting 0
[  389.054939][   T48] usb 4-1: New USB device found, idVendor=2a39, idProduct=3f8c, bcdDevice=37.59
[  389.156142][   T48] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.185165][   T48] usb 4-1: Product: syz
[  389.191362][   T48] usb 4-1: Manufacturer: syz
[  390.149787][   T48] usb 4-1: SerialNumber: syz
[  390.252767][T10874] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  390.308599][   T30] audit: type=1400 audit(1758592949.765:1090): avc:  denied  { ioctl } for  pid=10881 comm="syz.4.1103" path="/dev/fb0" dev="devtmpfs" ino=629 ioctlcmd=0x4611 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  390.693436][   T48] snd-usb-audio 4-1:6.0: probe with driver snd-usb-audio failed with error -22
[  390.705686][   T48] usb 4-1: USB disconnect, device number 27
[  390.824452][ T5848] udevd[5848]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:6.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  390.905294][T10899] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1105'.
[  390.914798][T10899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  391.328106][T10899] batman_adv: batadv0: Removing interface: batadv_slave_0
[  392.442075][T10899] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  392.449477][T10899] batman_adv: batadv0: Removing interface: batadv_slave_1
[  394.080079][T10935] netlink: 'syz.4.1113': attribute type 2 has an invalid length.
[  394.679430][   T30] audit: type=1326 audit(1758592954.175:1091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10946 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  394.775298][T10952] binder: 10950:10952 ioctl c0306201 0 returned -14
[  394.971385][   T30] audit: type=1326 audit(1758592954.175:1092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10946 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  395.681441][   T30] audit: type=1326 audit(1758592954.265:1093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10946 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  395.721435][   T30] audit: type=1326 audit(1758592954.265:1094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10946 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  396.073864][   T30] audit: type=1326 audit(1758592954.275:1095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10946 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  396.101723][   T30] audit: type=1326 audit(1758592954.275:1096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10946 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f061258d710 code=0x7ffc0000
[  396.125630][   T30] audit: type=1326 audit(1758592954.275:1097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10946 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  396.150168][   T30] audit: type=1326 audit(1758592954.275:1098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10946 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  396.174307][   T30] audit: type=1326 audit(1758592954.275:1099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10946 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  396.199005][   T30] audit: type=1326 audit(1758592954.275:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10946 comm="syz.3.1115" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  397.557173][T10976] FAULT_INJECTION: forcing a failure.
[  397.557173][T10976] name failslab, interval 1, probability 0, space 0, times 0
[  397.570213][T10976] CPU: 0 UID: 0 PID: 10976 Comm: syz.3.1121 Not tainted syzkaller #0 PREEMPT(full) 
[  397.570236][T10976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  397.570245][T10976] Call Trace:
[  397.570252][T10976]  <TASK>
[  397.570259][T10976]  dump_stack_lvl+0x16c/0x1f0
[  397.570286][T10976]  should_fail_ex+0x512/0x640
[  397.570310][T10976]  should_failslab+0xc2/0x120
[  397.570331][T10976]  __kmalloc_cache_noprof+0x6a/0x3e0
[  397.570354][T10976]  ? irqentry_exit+0x3b/0x90
[  397.570374][T10976]  ? lockdep_hardirqs_on+0x7c/0x110
[  397.570392][T10976]  ? __request_region+0x5c/0xf0
[  397.570421][T10976]  __request_region+0x5c/0xf0
[  397.570447][T10976]  serial8250_request_std_resource+0x226/0x360
[  397.570473][T10976]  serial8250_config_port+0x7b/0x5030
[  397.570498][T10976]  ? free_resource.part.0+0x2bb/0x350
[  397.570526][T10976]  ? __release_region+0x1d1/0x3a0
[  397.570551][T10976]  ? __pfx_serial8250_config_port+0x10/0x10
[  397.570575][T10976]  ? __pfx___release_region+0x10/0x10
[  397.570610][T10976]  univ8250_config_port+0x279/0x3b0
[  397.570630][T10976]  ? serial8250_release_std_resource+0x204/0x2e0
[  397.570655][T10976]  uart_ioctl+0xfd9/0x2d30
[  397.570682][T10976]  ? __pfx_uart_ioctl+0x10/0x10
[  397.570702][T10976]  ? tomoyo_path_number_perm+0x18d/0x580
[  397.570733][T10976]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  397.570754][T10976]  ? __pfx_uart_ioctl+0x10/0x10
[  397.570777][T10976]  tty_ioctl+0x661/0x1680
[  397.570798][T10976]  ? __pfx_tty_ioctl+0x10/0x10
[  397.570819][T10976]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  397.570852][T10976]  ? hook_file_ioctl_common+0x145/0x410
[  397.570876][T10976]  ? selinux_file_ioctl+0x180/0x270
[  397.570899][T10976]  ? selinux_file_ioctl+0xb4/0x270
[  397.570923][T10976]  ? __pfx_tty_ioctl+0x10/0x10
[  397.570944][T10976]  __x64_sys_ioctl+0x18e/0x210
[  397.570974][T10976]  do_syscall_64+0xcd/0x4e0
[  397.570999][T10976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.571020][T10976] RIP: 0033:0x7f061258eec9
[  397.571034][T10976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.571051][T10976] RSP: 002b:00007f06134e1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  397.571067][T10976] RAX: ffffffffffffffda RBX: 00007f06127e6090 RCX: 00007f061258eec9
[  397.571078][T10976] RDX: 0000000000000000 RSI: 0000000000005453 RDI: 0000000000000006
[  397.571088][T10976] RBP: 00007f06134e1090 R08: 0000000000000000 R09: 0000000000000000
[  397.571098][T10976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.571108][T10976] R13: 00007f06127e6128 R14: 00007f06127e6090 R15: 00007fff9778b8b8
[  397.571132][T10976]  </TASK>
[  398.185282][T10982] binder: 10980:10982 ioctl c0306201 0 returned -14
[  398.870285][T10992] netlink: 'syz.5.1123': attribute type 2 has an invalid length.
[  398.884427][T10992] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1123'.
[  399.211652][ T5911] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  399.382728][ T5911] usb 6-1: Using ep0 maxpacket: 32
[  399.393238][ T5911] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  399.423584][ T5911] usb 6-1: config 0 has no interface number 0
[  399.455430][ T5911] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  399.481476][T11020] input: syz1 as /devices/virtual/input/input17
[  399.510317][ T5911] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.531692][ T5911] usb 6-1: Product: syz
[  399.549623][ T5911] usb 6-1: Manufacturer: syz
[  399.609962][ T5911] usb 6-1: SerialNumber: syz
[  399.641552][ T5911] usb 6-1: config 0 descriptor??
[  399.672455][ T5911] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  399.958736][ T5911] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  400.011998][ T5911] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  401.763664][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  401.763699][   T30] audit: type=1400 audit(1758592961.255:1120): avc:  denied  { connect } for  pid=11047 comm="syz.2.1133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  402.046650][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  402.146954][ T5925] usb 6-1: USB disconnect, device number 2
[  402.169253][ T5925] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  402.215482][ T5925] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  402.230657][T11057] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1137'.
[  402.235397][T11056] FAULT_INJECTION: forcing a failure.
[  402.235397][T11056] name failslab, interval 1, probability 0, space 0, times 0
[  402.271043][ T5925] quatech2 6-1:0.51: device disconnected
[  402.280030][T11057] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1137'.
[  402.348702][T11056] CPU: 1 UID: 0 PID: 11056 Comm: syz.3.1135 Not tainted syzkaller #0 PREEMPT(full) 
[  402.348728][T11056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  402.348739][T11056] Call Trace:
[  402.348744][T11056]  <TASK>
[  402.348751][T11056]  dump_stack_lvl+0x16c/0x1f0
[  402.348780][T11056]  should_fail_ex+0x512/0x640
[  402.348801][T11056]  ? __kmalloc_cache_noprof+0x57/0x3e0
[  402.348832][T11056]  should_failslab+0xc2/0x120
[  402.348852][T11056]  __kmalloc_cache_noprof+0x6a/0x3e0
[  402.348879][T11056]  ? rtnl_newlink+0x11b/0x2000
[  402.348905][T11056]  ? __pfx_rtnl_newlink+0x10/0x10
[  402.348926][T11056]  rtnl_newlink+0x11b/0x2000
[  402.348956][T11056]  ? __pfx_rtnl_newlink+0x10/0x10
[  402.348976][T11056]  ? find_held_lock+0x2b/0x80
[  402.348998][T11056]  ? avc_has_perm_noaudit+0x117/0x3b0
[  402.349020][T11056]  ? avc_has_perm_noaudit+0x149/0x3b0
[  402.349044][T11056]  ? __lock_acquire+0x62e/0x1ce0
[  402.349083][T11056]  ? find_held_lock+0x2b/0x80
[  402.349103][T11056]  ? __pfx_rtnl_newlink+0x10/0x10
[  402.349123][T11056]  ? __pfx_rtnl_newlink+0x10/0x10
[  402.349144][T11056]  ? rtnetlink_rcv_msg+0x93a/0xe90
[  402.349166][T11056]  ? __pfx_rtnl_newlink+0x10/0x10
[  402.349188][T11056]  rtnetlink_rcv_msg+0x95e/0xe90
[  402.349213][T11056]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  402.349241][T11056]  ? ref_tracker_free+0x37c/0x830
[  402.349268][T11056]  netlink_rcv_skb+0x155/0x420
[  402.349291][T11056]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  402.349322][T11056]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  402.349354][T11056]  ? netlink_deliver_tap+0x1ae/0xd30
[  402.349381][T11056]  netlink_unicast+0x5aa/0x870
[  402.349412][T11056]  ? __pfx_netlink_unicast+0x10/0x10
[  402.349436][T11056]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  402.349466][T11056]  netlink_sendmsg+0x8d1/0xdd0
[  402.349493][T11056]  ? __pfx_netlink_sendmsg+0x10/0x10
[  402.349525][T11056]  ____sys_sendmsg+0xa98/0xc70
[  402.349553][T11056]  ? copy_msghdr_from_user+0x10a/0x160
[  402.349573][T11056]  ? __pfx_____sys_sendmsg+0x10/0x10
[  402.349611][T11056]  ___sys_sendmsg+0x134/0x1d0
[  402.349635][T11056]  ? __pfx____sys_sendmsg+0x10/0x10
[  402.349686][T11056]  __sys_sendmsg+0x16d/0x220
[  402.349709][T11056]  ? __pfx___sys_sendmsg+0x10/0x10
[  402.349746][T11056]  do_syscall_64+0xcd/0x4e0
[  402.349770][T11056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.349788][T11056] RIP: 0033:0x7f061258eec9
[  402.349802][T11056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.349819][T11056] RSP: 002b:00007f0613506038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  402.349837][T11056] RAX: ffffffffffffffda RBX: 00007f06127e5fa0 RCX: 00007f061258eec9
[  402.349849][T11056] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  402.349860][T11056] RBP: 00007f0613506090 R08: 0000000000000000 R09: 0000000000000000
[  402.349870][T11056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.349880][T11056] R13: 00007f06127e6038 R14: 00007f06127e5fa0 R15: 00007fff9778b8b8
[  402.349905][T11056]  </TASK>
[  404.211068][T11083] nbd: must specify a device to reconfigure
[  405.246422][T11089] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1143'.
[  405.631911][ T5925] usb 4-1: new full-speed USB device number 28 using dummy_hcd
[  405.771671][ T5925] usb 4-1: device descriptor read/64, error -71
[  406.272092][ T5925] usb 4-1: new full-speed USB device number 29 using dummy_hcd
[  406.584122][ T5925] usb 4-1: device descriptor read/64, error -71
[  406.627160][T11107] netlink: 'syz.0.1144': attribute type 10 has an invalid length.
[  406.639184][T11107] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  406.694092][ T5925] usb usb4-port1: attempt power cycle
[  406.700356][T11085] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  407.053497][ T5925] usb 4-1: new full-speed USB device number 30 using dummy_hcd
[  407.908897][ T5925] usb 4-1: device descriptor read/8, error -71
[  408.101247][ T5911] usb 6-1: new low-speed USB device number 3 using dummy_hcd
[  408.719740][T11128] FAULT_INJECTION: forcing a failure.
[  408.719740][T11128] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  408.732912][T11128] CPU: 1 UID: 0 PID: 11128 Comm: syz.0.1156 Not tainted syzkaller #0 PREEMPT(full) 
[  408.732937][T11128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  408.732947][T11128] Call Trace:
[  408.732954][T11128]  <TASK>
[  408.732960][T11128]  dump_stack_lvl+0x16c/0x1f0
[  408.732988][T11128]  should_fail_ex+0x512/0x640
[  408.733014][T11128]  _copy_to_user+0x32/0xd0
[  408.733043][T11128]  simple_read_from_buffer+0xcb/0x170
[  408.733065][T11128]  proc_fail_nth_read+0x197/0x240
[  408.733088][T11128]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  408.733111][T11128]  ? rw_verify_area+0xcf/0x6c0
[  408.733138][T11128]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  408.733159][T11128]  vfs_read+0x1e1/0xcf0
[  408.733181][T11128]  ? __pfx___mutex_lock+0x10/0x10
[  408.733205][T11128]  ? __pfx_vfs_read+0x10/0x10
[  408.733230][T11128]  ? __fget_files+0x20e/0x3c0
[  408.733258][T11128]  ksys_read+0x12a/0x250
[  408.733276][T11128]  ? __pfx_ksys_read+0x10/0x10
[  408.733302][T11128]  do_syscall_64+0xcd/0x4e0
[  408.733328][T11128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.733346][T11128] RIP: 0033:0x7fdb9898d8dc
[  408.733360][T11128] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  408.733377][T11128] RSP: 002b:00007fdb998e1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  408.733394][T11128] RAX: ffffffffffffffda RBX: 00007fdb98be6090 RCX: 00007fdb9898d8dc
[  408.733406][T11128] RDX: 000000000000000f RSI: 00007fdb998e10a0 RDI: 0000000000000006
[  408.733417][T11128] RBP: 00007fdb998e1090 R08: 0000000000000000 R09: 0000000000000000
[  408.733427][T11128] R10: 0000200000000500 R11: 0000000000000246 R12: 0000000000000001
[  408.733444][T11128] R13: 00007fdb98be6128 R14: 00007fdb98be6090 R15: 00007ffd303c5988
[  408.733470][T11128]  </TASK>
[  409.091672][ T5859] Bluetooth: hci0: command 0x0c1a tx timeout
[  409.162378][ T5925] usb 4-1: new full-speed USB device number 31 using dummy_hcd
[  409.190472][ T5911] usb 6-1: unable to get BOS descriptor or descriptor too short
[  409.351476][ T5911] usb 6-1: too many configurations: 14, using maximum allowed: 8
[  409.380837][ T5911] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  409.535752][ T5925] usb 4-1: device not accepting address 31, error -71
[  409.563156][ T5925] usb usb4-port1: unable to enumerate USB device
[  409.571229][ T5911] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  409.587509][ T5911] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  409.633127][ T5911] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  409.649979][ T5911] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  409.667629][ T5911] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  409.678163][T11139] netlink: 'syz.2.1159': attribute type 2 has an invalid length.
[  409.687107][T11139] netlink: 4272 bytes leftover after parsing attributes in process `syz.2.1159'.
[  409.705587][ T5911] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  409.745488][ T5911] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  409.784631][ T5911] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  409.813186][ T5911] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  409.869822][ T5911] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  409.893573][ T5911] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  409.949052][ T5911] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  410.906205][ T5911] usb 6-1: config 7 has 0 interfaces, different from the descriptor's value: 1
[  410.954823][ T5911] usb 6-1: unable to read config index 7 descriptor/start: -71
[  410.968313][ T5911] usb 6-1: can't read configurations, error -71
[  411.060759][T11157] openvswitch: netlink: Unexpected mask (mask=200040, allowed=10048)
[  411.088837][T11159] netlink: 'syz.2.1162': attribute type 2 has an invalid length.
[  411.188755][   T30] audit: type=1400 audit(1758592970.675:1121): avc:  denied  { sqpoll } for  pid=11153 comm="syz.0.1163" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  411.208338][   T30] audit: type=1400 audit(1758592970.685:1122): avc:  denied  { getopt } for  pid=11153 comm="syz.0.1163" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  411.423337][T11164] IPVS: length: 24 != 792
[  411.663661][T11168] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  411.677218][T11168] Error validating options; rc = [-22]
[  412.747256][T11155] bridge0: left promiscuous mode
[  412.793434][T11157] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  412.801430][T11157] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  412.828729][ T7810] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  412.861890][ T7810] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  412.870781][ T7810] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  412.937437][ T7810] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  412.994702][T11157] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  413.000668][T11157] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  413.099850][T11157] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  413.129502][T11157] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  413.142745][T11157] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  413.149303][T11157] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  413.167980][T11157] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  413.190477][T11157] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  413.211667][ T5869] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  413.363177][ T5869] usb 3-1: Using ep0 maxpacket: 32
[  413.377482][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  413.391003][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  413.411786][ T5869] usb 3-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  413.417241][T11187] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  413.421048][ T5869] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.442563][T11187] Error validating options; rc = [-22]
[  414.368516][ T5869] usb 3-1: config 0 descriptor??
[  414.716239][ T5869] uclogic 0003:5543:0781.0009: reserved main item tag 0xe
[  414.775286][ T5869] uclogic 0003:5543:0781.0009: hidraw0: USB HID v0.00 Device [HID 5543:0781] on usb-dummy_hcd.2-1/input0
[  415.121006][ T5869] usb 3-1: USB disconnect, device number 32
[  415.334890][ T5859] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  415.341690][ T5860] Bluetooth: hci5: command 0xfc11 tx timeout
[  415.579869][T11218] fuse: Bad value for 'user_id'
[  415.584890][T11218] fuse: Bad value for 'user_id'
[  416.389887][T11199] fido_id[11199]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  416.440824][T11209] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  416.758863][T11228] vimc link validate: Scaler:src:16x16 (0x33424752, 1, 2, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  416.857237][T11169] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  416.880667][T11228] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1180'.
[  416.889892][T11228] netlink: 'syz.5.1180': attribute type 7 has an invalid length.
[  416.903127][T11228] netlink: 'syz.5.1180': attribute type 8 has an invalid length.
[  416.910860][T11228] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1180'.
[  417.024049][T11169] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  417.051581][T11169] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  417.067538][T11236] FAULT_INJECTION: forcing a failure.
[  417.067538][T11236] name failslab, interval 1, probability 0, space 0, times 0
[  417.081208][T11236] CPU: 1 UID: 0 PID: 11236 Comm: syz.2.1182 Not tainted syzkaller #0 PREEMPT(full) 
[  417.081233][T11236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  417.081243][T11236] Call Trace:
[  417.081248][T11236]  <TASK>
[  417.081256][T11236]  dump_stack_lvl+0x16c/0x1f0
[  417.081283][T11236]  should_fail_ex+0x512/0x640
[  417.081305][T11236]  ? fs_reclaim_acquire+0xae/0x150
[  417.081329][T11236]  ? tomoyo_encode2+0x100/0x3e0
[  417.081354][T11236]  should_failslab+0xc2/0x120
[  417.081374][T11236]  __kmalloc_noprof+0xd2/0x510
[  417.081392][T11236]  ? d_absolute_path+0x136/0x1a0
[  417.081421][T11236]  tomoyo_encode2+0x100/0x3e0
[  417.081450][T11236]  tomoyo_encode+0x29/0x50
[  417.081473][T11236]  tomoyo_realpath_from_path+0x18f/0x6e0
[  417.081507][T11236]  tomoyo_path_number_perm+0x245/0x580
[  417.081528][T11236]  ? tomoyo_path_number_perm+0x237/0x580
[  417.081552][T11236]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  417.081576][T11236]  ? find_held_lock+0x2b/0x80
[  417.081622][T11236]  ? find_held_lock+0x2b/0x80
[  417.081641][T11236]  ? hook_file_ioctl_common+0x145/0x410
[  417.081664][T11236]  ? __fget_files+0x20e/0x3c0
[  417.081688][T11236]  security_file_ioctl+0x9b/0x240
[  417.081715][T11236]  __x64_sys_ioctl+0xb7/0x210
[  417.081744][T11236]  do_syscall_64+0xcd/0x4e0
[  417.081770][T11236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.081787][T11236] RIP: 0033:0x7f3b14d8eec9
[  417.081801][T11236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.081818][T11236] RSP: 002b:00007f3b15bfe038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  417.081836][T11236] RAX: ffffffffffffffda RBX: 00007f3b14fe5fa0 RCX: 00007f3b14d8eec9
[  417.081848][T11236] RDX: 00002000000001c0 RSI: 00000000c040563e RDI: 0000000000000003
[  417.081858][T11236] RBP: 00007f3b15bfe090 R08: 0000000000000000 R09: 0000000000000000
[  417.081869][T11236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  417.081879][T11236] R13: 00007f3b14fe6038 R14: 00007f3b14fe5fa0 R15: 00007ffe8e69c908
[  417.081903][T11236]  </TASK>
[  417.345356][T11169] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  417.345371][T11236] ERROR: Out of memory at tomoyo_realpath_from_path.
[  417.362654][T11169] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  417.411732][T11169] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  417.434037][T11169] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  417.459232][T11169] usb 4-1: Product: syz
[  417.492031][T11169] usb 4-1: Manufacturer: syz
[  417.560397][T11169] cdc_wdm 4-1:1.0: skipping garbage
[  417.580058][   T30] audit: type=1400 audit(1758592977.075:1123): avc:  denied  { ioctl } for  pid=11240 comm="syz.4.1184" path="socket:[37128]" dev="sockfs" ino=37128 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  417.616608][T11169] cdc_wdm 4-1:1.0: skipping garbage
[  417.637900][T11169] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22
[  417.965405][T11250] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  418.102664][   T30] audit: type=1400 audit(1758592977.155:1124): avc:  denied  { write } for  pid=11242 comm="syz.5.1185" name="usbmon8" dev="devtmpfs" ino=740 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  418.102726][T11253] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  418.180801][T11254] netlink: 'syz.4.1187': attribute type 4 has an invalid length.
[  418.225114][   T30] audit: type=1400 audit(1758592977.155:1125): avc:  denied  { name_bind } for  pid=11242 comm="syz.5.1185" src=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  418.261576][   T30] audit: type=1400 audit(1758592977.705:1126): avc:  denied  { connect } for  pid=11242 comm="syz.5.1185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  420.110116][T11169] usb 4-1: USB disconnect, device number 32
[  421.166674][   T30] audit: type=1400 audit(1758592980.555:1127): avc:  denied  { map } for  pid=11280 comm="syz.2.1196" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  421.350214][   T30] audit: type=1400 audit(1758592980.555:1128): avc:  denied  { execute } for  pid=11280 comm="syz.2.1196" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  422.715200][T11301] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  422.788712][T11301] Error validating options; rc = [-22]
[  423.033417][   T30] audit: type=1400 audit(1758592982.515:1129): avc:  denied  { write } for  pid=11304 comm="syz.0.1200" path="socket:[38298]" dev="sockfs" ino=38298 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  423.098398][T11315] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1203'.
[  424.857339][T11340] fuse: Unknown parameter '0xffffffffffffffff'
[  424.916970][   T30] audit: type=1400 audit(1758592984.415:1130): avc:  denied  { setopt } for  pid=11347 comm="syz.5.1211" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  425.161059][T11351] sp0: Synchronizing with TNC
[  425.191884][   T30] audit: type=1400 audit(1758592984.675:1131): avc:  denied  { read write } for  pid=11347 comm="syz.5.1211" name="autofs" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  425.709119][   T30] audit: type=1400 audit(1758592985.135:1132): avc:  denied  { create } for  pid=11343 comm="syz.0.1210" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  426.822223][T11347] [U] è
[  426.917034][T11372] openvswitch: netlink: Flow key attr not present in new flow.
[  429.357553][T11396] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1220'.
[  429.386647][T11396] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=11396 comm=syz.4.1220
[  429.552753][T11400] netlink: 830 bytes leftover after parsing attributes in process `syz.0.1221'.
[  430.166034][T11407] fuse: Bad value for 'fd'
[  431.142062][T11419] binder: 11418:11419 ioctl c0306201 0 returned -14
[  431.718039][T11420] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  431.731680][T11420] Error validating options; rc = [-22]
[  432.281733][ T5974] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  433.201810][ T5974] usb 3-1: Using ep0 maxpacket: 16
[  433.202083][   T30] audit: type=1326 audit(1758592992.565:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.1230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a238eec9 code=0x7ffc0000
[  433.354942][ T5974] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 78, changing to 10
[  433.391645][ T5974] usb 3-1: New USB device found, idVendor=04d8, idProduct=00df, bcdDevice= 0.00
[  433.431350][ T5974] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.446645][   T30] audit: type=1326 audit(1758592992.565:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.1230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a238eec9 code=0x7ffc0000
[  433.508020][   T30] audit: type=1326 audit(1758592992.565:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.1230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f16a238eec9 code=0x7ffc0000
[  433.574476][ T5974] usb 3-1: config 0 descriptor??
[  433.612626][   T30] audit: type=1326 audit(1758592992.565:1136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.1230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a238eec9 code=0x7ffc0000
[  433.812073][   T30] audit: type=1326 audit(1758592992.565:1137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.1230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f16a238d710 code=0x7ffc0000
[  433.842668][   T30] audit: type=1326 audit(1758592992.565:1138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.1230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a238eec9 code=0x7ffc0000
[  433.996530][T11426] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  434.201818][T11426] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  434.231783][   T30] audit: type=1326 audit(1758592992.565:1139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.1230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f16a238eec9 code=0x7ffc0000
[  434.282952][   T30] audit: type=1326 audit(1758592992.565:1140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.1230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a238eec9 code=0x7ffc0000
[  434.342991][   T30] audit: type=1326 audit(1758592992.565:1141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.1230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f16a238eec9 code=0x7ffc0000
[  434.856135][ T5974] mcp2200 0003:04D8:00DF.000A: item fetching failed at offset 1/5
[  434.878418][   T30] audit: type=1326 audit(1758592992.565:1142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11429 comm="syz.5.1230" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f16a238eec9 code=0x7ffc0000
[  435.150139][ T5974] mcp2200 0003:04D8:00DF.000A: can't parse reports
[  435.191791][ T5974] mcp2200 0003:04D8:00DF.000A: probe with driver mcp2200 failed with error -22
[  435.289162][T11456] netlink: 'syz.0.1234': attribute type 10 has an invalid length.
[  435.500618][ T5974] usb 3-1: USB disconnect, device number 33
[  436.492684][T11463] fuse: Bad value for 'fd'
[  439.571987][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  439.578375][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  441.097502][   T30] kauditd_printk_skb: 82 callbacks suppressed
[  441.097515][   T30] audit: type=1400 audit(1758593000.595:1225): avc:  denied  { create } for  pid=11515 comm="syz.4.1251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  441.124712][    C0] vkms_vblank_simulate: vblank timer overrun
[  441.202366][T11516] CUSE: info not properly terminated
[  442.395005][   T30] audit: type=1326 audit(1758593001.895:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  442.573907][T11529] sd 0:0:1:0: device reset
[  442.672337][   T30] audit: type=1326 audit(1758593001.925:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  442.695839][    C0] vkms_vblank_simulate: vblank timer overrun
[  442.702344][   T30] audit: type=1326 audit(1758593001.935:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  442.725824][    C0] vkms_vblank_simulate: vblank timer overrun
[  442.732217][   T30] audit: type=1326 audit(1758593001.935:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  442.756064][   T30] audit: type=1326 audit(1758593001.935:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f061258d710 code=0x7ffc0000
[  442.779515][    C0] vkms_vblank_simulate: vblank timer overrun
[  442.880996][   T30] audit: type=1326 audit(1758593001.935:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  443.354863][   T30] audit: type=1326 audit(1758593001.935:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  443.378370][    C0] vkms_vblank_simulate: vblank timer overrun
[  443.385164][   T30] audit: type=1326 audit(1758593001.935:1233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  443.408658][    C0] vkms_vblank_simulate: vblank timer overrun
[  443.518572][   T30] audit: type=1326 audit(1758593001.945:1234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11525 comm="syz.3.1255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061258eec9 code=0x7ffc0000
[  444.506020][T11537] FAULT_INJECTION: forcing a failure.
[  444.506020][T11537] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  444.531137][T11537] CPU: 1 UID: 0 PID: 11537 Comm: syz.4.1258 Not tainted syzkaller #0 PREEMPT(full) 
[  444.531166][T11537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  444.531176][T11537] Call Trace:
[  444.531183][T11537]  <TASK>
[  444.531190][T11537]  dump_stack_lvl+0x16c/0x1f0
[  444.531219][T11537]  should_fail_ex+0x512/0x640
[  444.531246][T11537]  _copy_from_user+0x2e/0xd0
[  444.531272][T11537]  copy_msghdr_from_user+0x98/0x160
[  444.531296][T11537]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  444.531330][T11537]  ___sys_sendmsg+0xfe/0x1d0
[  444.531354][T11537]  ? __pfx____sys_sendmsg+0x10/0x10
[  444.531408][T11537]  __sys_sendmsg+0x16d/0x220
[  444.531430][T11537]  ? __pfx___sys_sendmsg+0x10/0x10
[  444.531469][T11537]  do_syscall_64+0xcd/0x4e0
[  444.531495][T11537]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  444.531513][T11537] RIP: 0033:0x7f4a8178eec9
[  444.531528][T11537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  444.531545][T11537] RSP: 002b:00007f4a82575038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  444.531564][T11537] RAX: ffffffffffffffda RBX: 00007f4a819e5fa0 RCX: 00007f4a8178eec9
[  444.531578][T11537] RDX: 0000000000008000 RSI: 0000200000000280 RDI: 0000000000000003
[  444.531589][T11537] RBP: 00007f4a82575090 R08: 0000000000000000 R09: 0000000000000000
[  444.531598][T11537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  444.531608][T11537] R13: 00007f4a819e6038 R14: 00007f4a819e5fa0 R15: 00007ffdd4aaac68
[  444.531632][T11537]  </TASK>
[  444.716102][T11524] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  445.087770][T11546] tipc: Started in network mode
[  445.094050][T11546] tipc: Node identity 5a7634585e0e, cluster identity 4711
[  445.101398][T11546] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  445.106903][T11548] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  445.134769][T11546] syzkaller0: entered promiscuous mode
[  445.140263][T11546] syzkaller0: entered allmulticast mode
[  445.516389][T11546] tipc: Resetting bearer <eth:syzkaller0>
[  445.591048][T11546] tipc: Disabling bearer <eth:syzkaller0>
[  446.318280][T11567] binder: 11566:11567 ioctl c0306201 0 returned -14
[  446.763742][ T5859] Bluetooth: hci0: command tx timeout
[  450.458446][T11623] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  450.472440][T11623] Error validating options; rc = [-22]
[  450.552094][T11626] netlink: 'syz.4.1283': attribute type 3 has an invalid length.
[  450.559976][T11626] FAULT_INJECTION: forcing a failure.
[  450.559976][T11626] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  450.561286][T11626] 
[  450.561291][T11626] ======================================================
[  450.561296][T11626] WARNING: possible circular locking dependency detected
[  450.561301][T11626] syzkaller #0 Not tainted
[  450.561307][T11626] ------------------------------------------------------
[  450.561310][T11626] syz.4.1283/11626 is trying to acquire lock:
[  450.561316][T11626] ffffffff8e4cebc0 (console_owner){-.-.}-{0:0}, at: console_lock_spinning_enable+0x9f/0xd0
[  450.561347][T11626] 
[  450.561347][T11626] but task is already holding lock:
[  450.561350][T11626] ffff8880b843a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  450.561374][T11626] 
[  450.561374][T11626] which lock already depends on the new lock.
[  450.561374][T11626] 
[  450.561378][T11626] 
[  450.561378][T11626] the existing dependency chain (in reverse order) is:
[  450.561381][T11626] 
[  450.561381][T11626] -> #4 (&rq->__lock){-.-.}-{2:2}:
[  450.561394][T11626]        _raw_spin_lock_nested+0x31/0x40
[  450.561406][T11626]        raw_spin_rq_lock_nested+0x29/0x130
[  450.561418][T11626]        task_rq_lock+0xcf/0x490
[  450.561430][T11626]        cgroup_move_task+0x81/0x2a0
[  450.561444][T11626]        css_set_move_task+0x288/0x5f0
[  450.561454][T11626]        cgroup_post_fork+0x201/0x9e0
[  450.561466][T11626]        copy_process+0x5cfa/0x7690
[  450.561481][T11626]        kernel_clone+0xfc/0x930
[  450.561494][T11626]        user_mode_thread+0xc7/0x110
[  450.561507][T11626]        rest_init+0x23/0x2b0
[  450.561523][T11626]        start_kernel+0x3ee/0x4d0
[  450.561535][T11626]        x86_64_start_reservations+0x18/0x30
[  450.561547][T11626]        x86_64_start_kernel+0x130/0x190
[  450.561559][T11626]        common_startup_64+0x13e/0x148
[  450.561574][T11626] 
[  450.561574][T11626] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[  450.561591][T11626]        _raw_spin_lock_irqsave+0x3a/0x60
[  450.561603][T11626]        try_to_wake_up+0xb7/0x1870
[  450.561614][T11626]        __wake_up_common+0x135/0x1f0
[  450.561631][T11626]        __wake_up+0x31/0x60
[  450.561644][T11626]        tty_port_default_wakeup+0x2a/0x40
[  450.561659][T11626]        serial8250_tx_chars+0x68e/0x860
[  450.561679][T11626]        serial8250_handle_irq+0x761/0xcb0
[  450.561694][T11626]        serial8250_default_handle_irq+0x9a/0x250
[  450.561709][T11626]        serial8250_interrupt+0xf5/0x1b0
[  450.561725][T11626]        __handle_irq_event_percpu+0x22c/0x7d0
[  450.561737][T11626]        handle_irq_event+0xab/0x1e0
[  450.561749][T11626]        handle_edge_irq+0x3ca/0x9e0
[  450.561761][T11626]        __common_interrupt+0xcd/0x2f0
[  450.561775][T11626]        common_interrupt+0xba/0xe0
[  450.561792][T11626]        asm_common_interrupt+0x26/0x40
[  450.561802][T11626]        pv_native_safe_halt+0xf/0x20
[  450.561814][T11626]        default_idle+0x13/0x20
[  450.561828][T11626]        default_idle_call+0x6d/0xb0
[  450.561843][T11626]        do_idle+0x391/0x510
[  450.561854][T11626]        cpu_startup_entry+0x4f/0x60
[  450.561866][T11626]        start_secondary+0x21d/0x2b0
[  450.561882][T11626]        common_startup_64+0x13e/0x148
[  450.561892][T11626] 
[  450.561892][T11626] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[  450.561906][T11626]        _raw_spin_lock_irqsave+0x3a/0x60
[  450.561916][T11626]        __wake_up+0x1c/0x60
[  450.561929][T11626]        tty_port_default_wakeup+0x2a/0x40
[  450.561942][T11626]        serial8250_tx_chars+0x68e/0x860
[  450.561956][T11626]        serial8250_handle_irq+0x761/0xcb0
[  450.561970][T11626]        serial8250_default_handle_irq+0x9a/0x250
[  450.561985][T11626]        serial8250_interrupt+0xf5/0x1b0
[  450.562001][T11626]        __handle_irq_event_percpu+0x22c/0x7d0
[  450.562013][T11626]        handle_irq_event+0xab/0x1e0
[  450.562025][T11626]        handle_edge_irq+0x3ca/0x9e0
[  450.562035][T11626]        __common_interrupt+0xcd/0x2f0
[  450.562049][T11626]        common_interrupt+0xba/0xe0
[  450.562064][T11626]        asm_common_interrupt+0x26/0x40
[  450.562074][T11626]        pv_native_safe_halt+0xf/0x20
[  450.562085][T11626]        default_idle+0x13/0x20
[  450.562099][T11626]        default_idle_call+0x6d/0xb0
[  450.562114][T11626]        do_idle+0x391/0x510
[  450.562125][T11626]        cpu_startup_entry+0x4f/0x60
[  450.562137][T11626]        start_secondary+0x21d/0x2b0
[  450.562152][T11626]        common_startup_64+0x13e/0x148
[  450.562162][T11626] 
[  450.562162][T11626] -> #1 (&port_lock_key){-.-.}-{3:3}:
[  450.562175][T11626]        _raw_spin_lock_irqsave+0x3a/0x60
[  450.562185][T11626]        serial8250_console_write+0x181/0x1890
[  450.562201][T11626]        console_flush_all+0x801/0xc60
[  450.562213][T11626]        console_unlock+0xd8/0x210
[  450.562224][T11626]        vprintk_emit+0x418/0x6d0
[  450.562236][T11626]        _printk+0xc7/0x100
[  450.562244][T11626]        register_console+0xc2d/0x11b0
[  450.562256][T11626]        univ8250_console_init+0x5f/0x90
[  450.562270][T11626]        console_init+0x14f/0x680
[  450.562283][T11626]        start_kernel+0x29f/0x4d0
[  450.562294][T11626]        x86_64_start_reservations+0x18/0x30
[  450.562306][T11626]        x86_64_start_kernel+0x130/0x190
[  450.562318][T11626]        common_startup_64+0x13e/0x148
[  450.562328][T11626] 
[  450.562328][T11626] -> #0 (console_owner){-.-.}-{0:0}:
[  450.562341][T11626]        __lock_acquire+0x12a6/0x1ce0
[  450.562356][T11626]        lock_acquire+0x179/0x350
[  450.562364][T11626]        console_lock_spinning_enable+0xb0/0xd0
[  450.562376][T11626]        console_flush_all+0x7aa/0xc60
[  450.562387][T11626]        console_unlock+0xd8/0x210
[  450.562398][T11626]        vprintk_emit+0x418/0x6d0
[  450.562410][T11626]        _printk+0xc7/0x100
[  450.562418][T11626]        should_fail_ex+0x4e7/0x640
[  450.562431][T11626]        strncpy_from_user+0x3b/0x2e0
[  450.562442][T11626]        strncpy_from_user_nofault+0x7f/0x180
[  450.562455][T11626]        bpf_probe_read_user_str+0x26/0x70
[  450.562470][T11626]        bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[  450.562478][T11626]        bpf_trace_run4+0x252/0x5b0
[  450.562488][T11626]        __bpf_trace_sched_switch+0x145/0x190
[  450.562500][T11626]        __traceiter_sched_switch+0x6f/0xc0
[  450.562511][T11626]        __schedule+0x183b/0x5de0
[  450.562521][T11626]        preempt_schedule_irq+0x51/0x90
[  450.562533][T11626]        irqentry_exit+0x36/0x90
[  450.562545][T11626]        asm_sysvec_reschedule_ipi+0x1a/0x20
[  450.562555][T11626]        __nla_validate_parse+0x23e/0x2880
[  450.562571][T11626]        __nla_parse+0x40/0x60
[  450.562586][T11626]        tc_action_load_ops+0x111/0x3e0
[  450.562602][T11626]        tcf_action_init+0x22f/0xa50
[  450.562610][T11626]        tcf_action_add+0xee/0x5c0
[  450.562619][T11626]        tc_ctl_action+0x35b/0x470
[  450.562627][T11626]        rtnetlink_rcv_msg+0x3c6/0xe90
[  450.562641][T11626]        netlink_rcv_skb+0x155/0x420
[  450.562655][T11626]        netlink_unicast+0x5aa/0x870
[  450.562671][T11626]        netlink_sendmsg+0x8d1/0xdd0
[  450.562683][T11626]        ____sys_sendmsg+0xa98/0xc70
[  450.562698][T11626]        ___sys_sendmsg+0x134/0x1d0
[  450.562710][T11626]        __sys_sendmsg+0x16d/0x220
[  450.562721][T11626]        do_syscall_64+0xcd/0x4e0
[  450.562734][T11626]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.562744][T11626] 
[  450.562744][T11626] other info that might help us debug this:
[  450.562744][T11626] 
[  450.562747][T11626] Chain exists of:
[  450.562747][T11626]   console_owner --> &p->pi_lock --> &rq->__lock
[  450.562747][T11626] 
[  450.562762][T11626]  Possible unsafe locking scenario:
[  450.562762][T11626] 
[  450.562764][T11626]        CPU0                    CPU1
[  450.562767][T11626]        ----                    ----
[  450.562770][T11626]   lock(&rq->__lock);
[  450.562776][T11626]                                lock(&p->pi_lock);
[  450.562783][T11626]                                lock(&rq->__lock);
[  450.562790][T11626]   lock(console_owner);
[  450.562796][T11626] 
[  450.562796][T11626]  *** DEADLOCK ***
[  450.562796][T11626] 
[  450.562798][T11626] 5 locks held by syz.4.1283/11626:
[  450.562804][T11626]  #0: ffffffff90385608 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x371/0xe90
[  450.562831][T11626]  #1: ffff8880b843a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[  450.562857][T11626]  #2: ffffffff8e5c15a0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x1d5/0x5b0
[  450.562880][T11626]  #3: ffffffff8e5af000 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100
[  450.562901][T11626]  #4: ffffffff8e5af070 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60
[  450.562927][T11626] 
[  450.562927][T11626] stack backtrace:
[  450.562932][T11626] CPU: 0 UID: 0 PID: 11626 Comm: syz.4.1283 Not tainted syzkaller #0 PREEMPT(full) 
[  450.562945][T11626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  450.562952][T11626] Call Trace:
[  450.562956][T11626]  <TASK>
[  450.562960][T11626]  dump_stack_lvl+0x116/0x1f0
[  450.562974][T11626]  print_circular_bug+0x275/0x350
[  450.562990][T11626]  check_noncircular+0x14c/0x170
[  450.563008][T11626]  __lock_acquire+0x12a6/0x1ce0
[  450.563027][T11626]  lock_acquire+0x179/0x350
[  450.563035][T11626]  ? console_lock_spinning_enable+0x9f/0xd0
[  450.563048][T11626]  ? console_lock_spinning_enable+0x88/0xd0
[  450.563062][T11626]  console_lock_spinning_enable+0xb0/0xd0
[  450.563074][T11626]  ? console_lock_spinning_enable+0x9f/0xd0
[  450.563087][T11626]  console_flush_all+0x7aa/0xc60
[  450.563100][T11626]  ? __pfx_console_flush_all+0x10/0x10
[  450.563115][T11626]  ? is_printk_cpu_sync_owner+0x32/0x40
[  450.563131][T11626]  console_unlock+0xd8/0x210
[  450.563143][T11626]  ? __pfx_console_unlock+0x10/0x10
[  450.563155][T11626]  ? do_raw_spin_unlock+0xa0/0x230
[  450.563167][T11626]  ? _printk+0xc7/0x100
[  450.563176][T11626]  ? __down_trylock_console_sem+0xb0/0x140
[  450.563187][T11626]  vprintk_emit+0x418/0x6d0
[  450.563200][T11626]  ? __pfx_vprintk_emit+0x10/0x10
[  450.563214][T11626]  ? strncpy_from_user+0x1d2/0x2e0
[  450.563225][T11626]  ? strncpy_from_user+0x1d9/0x2e0
[  450.563237][T11626]  _printk+0xc7/0x100
[  450.563246][T11626]  ? __pfx__printk+0x10/0x10
[  450.563256][T11626]  ? __pfx____ratelimit+0x10/0x10
[  450.563270][T11626]  should_fail_ex+0x4e7/0x640
[  450.563284][T11626]  strncpy_from_user+0x3b/0x2e0
[  450.563295][T11626]  ? lock_acquire+0x179/0x350
[  450.563304][T11626]  strncpy_from_user_nofault+0x7f/0x180
[  450.563317][T11626]  bpf_probe_read_user_str+0x26/0x70
[  450.563333][T11626]  bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[  450.563341][T11626]  bpf_trace_run4+0x252/0x5b0
[  450.563352][T11626]  ? __pfx_bpf_trace_run4+0x10/0x10
[  450.563364][T11626]  ? __lock_acquire+0xb97/0x1ce0
[  450.563382][T11626]  __bpf_trace_sched_switch+0x145/0x190
[  450.563394][T11626]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  450.563407][T11626]  ? psi_group_change+0x471/0xbe0
[  450.563424][T11626]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  450.563438][T11626]  __traceiter_sched_switch+0x6f/0xc0
[  450.563450][T11626]  __schedule+0x183b/0x5de0
[  450.563462][T11626]  ? tick_nohz_tick_stopped+0x6c/0xa0
[  450.563480][T11626]  ? __pfx___schedule+0x10/0x10
[  450.563492][T11626]  ? __wake_up_klogd.part.0+0x99/0xf0
[  450.563504][T11626]  ? mark_held_locks+0x49/0x80
[  450.563521][T11626]  preempt_schedule_irq+0x51/0x90
[  450.563534][T11626]  irqentry_exit+0x36/0x90
[  450.563546][T11626]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  450.563557][T11626] RIP: 0010:__nla_validate_parse+0x23e/0x2880
[  450.563575][T11626] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 01 0f 8e 7b 25 00 00 48 8b 44 24 18 31 ff 44 0f b7 68 08 <44> 89 ee e8 0a 01 a5 fc 66 45 85 ed 0f 85 46 05 00 00 8b 44 24 20
[  450.563586][T11626] RSP: 0000:ffffc9000346ed30 EFLAGS: 00000246
[  450.563594][T11626] RAX: ffffffff8ce97e60 RBX: 000000000000000c RCX: 0000000000000008
[  450.563601][T11626] RDX: 1ffffffff19d2fcd RSI: ffffffff8516974d RDI: 0000000000000000
[  450.563607][T11626] RBP: ffff88802bc5b4c2 R08: 0000000000000004 R09: 000000000000000b
[  450.563614][T11626] R10: 0000000000000008 R11: 0000000000000001 R12: 000000000000000c
[  450.563620][T11626] R13: 0000000000000000 R14: 1ffff9200068ddb1 R15: ffff88802bc5b4c0
[  450.563628][T11626]  ? __nla_validate_parse+0x20d/0x2880
[  450.563647][T11626]  ? __pfx___nla_validate_parse+0x10/0x10
[  450.563664][T11626]  ? lock_acquire+0x179/0x350
[  450.563676][T11626]  ? find_held_lock+0x2b/0x80
[  450.563690][T11626]  __nla_parse+0x40/0x60
[  450.563706][T11626]  tc_action_load_ops+0x111/0x3e0
[  450.563723][T11626]  ? __pfx_tc_action_load_ops+0x10/0x10
[  450.563743][T11626]  ? __nla_parse+0x40/0x60
[  450.563759][T11626]  tcf_action_init+0x22f/0xa50
[  450.563768][T11626]  ? __lock_acquire+0x62e/0x1ce0
[  450.563786][T11626]  ? __pfx_tcf_action_init+0x10/0x10
[  450.563808][T11626]  ? arch_stack_walk+0xa6/0x100
[  450.563825][T11626]  ? __kasan_slab_free+0x60/0x70
[  450.563837][T11626]  ? __lock_acquire+0x62e/0x1ce0
[  450.563854][T11626]  tcf_action_add+0xee/0x5c0
[  450.563865][T11626]  ? __pfx_tcf_action_add+0x10/0x10
[  450.563884][T11626]  ? __nla_parse+0x40/0x60
[  450.563900][T11626]  tc_ctl_action+0x35b/0x470
[  450.563910][T11626]  ? __pfx_tc_ctl_action+0x10/0x10
[  450.563922][T11626]  ? __pfx_tc_ctl_action+0x10/0x10
[  450.563931][T11626]  rtnetlink_rcv_msg+0x3c6/0xe90
[  450.563946][T11626]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  450.563962][T11626]  ? ref_tracker_free+0x37c/0x830
[  450.563976][T11626]  netlink_rcv_skb+0x155/0x420
[  450.563990][T11626]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  450.564004][T11626]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  450.564021][T11626]  ? netlink_deliver_tap+0x1ae/0xd30
[  450.564035][T11626]  netlink_unicast+0x5aa/0x870
[  450.564049][T11626]  ? __pfx_netlink_unicast+0x10/0x10
[  450.564063][T11626]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  450.564079][T11626]  netlink_sendmsg+0x8d1/0xdd0
[  450.564093][T11626]  ? __pfx_netlink_sendmsg+0x10/0x10
[  450.564110][T11626]  ____sys_sendmsg+0xa98/0xc70
[  450.564125][T11626]  ? copy_msghdr_from_user+0x10a/0x160
[  450.564138][T11626]  ? __pfx_____sys_sendmsg+0x10/0x10
[  450.564157][T11626]  ___sys_sendmsg+0x134/0x1d0
[  450.564170][T11626]  ? __pfx____sys_sendmsg+0x10/0x10
[  450.564190][T11626]  __sys_sendmsg+0x16d/0x220
[  450.564203][T11626]  ? __pfx___sys_sendmsg+0x10/0x10
[  450.564219][T11626]  do_syscall_64+0xcd/0x4e0
[  450.564233][T11626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.564244][T11626] RIP: 0033:0x7f4a8178eec9
[  450.564251][T11626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  450.564261][T11626] RSP: 002b:00007f4a82554038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  450.564271][T11626] RAX: ffffffffffffffda RBX: 00007f4a819e6090 RCX: 00007f4a8178eec9
[  450.564278][T11626] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000009
[  450.564284][T11626] RBP: 00007f4a82554090 R08: 0000000000000000 R09: 0000000000000000
[  450.564290][T11626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  450.564296][T11626] R13: 00007f4a819e6128 R14: 00007f4a819e6090 R15: 00007ffdd4aaac68
[  450.564306][T11626]  </TASK>
[  451.982804][T11626] CPU: 0 UID: 0 PID: 11626 Comm: syz.4.1283 Not tainted syzkaller #0 PREEMPT(full) 
[  451.982819][T11626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  451.982826][T11626] Call Trace:
[  451.982832][T11626]  <TASK>
[  451.982837][T11626]  dump_stack_lvl+0x116/0x1f0
[  451.982857][T11626]  should_fail_ex+0x512/0x640
[  451.982873][T11626]  strncpy_from_user+0x3b/0x2e0
[  451.982885][T11626]  ? lock_acquire+0x179/0x350
[  451.982896][T11626]  strncpy_from_user_nofault+0x7f/0x180
[  451.982910][T11626]  bpf_probe_read_user_str+0x26/0x70
[  451.982927][T11626]  bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[  451.982936][T11626]  bpf_trace_run4+0x252/0x5b0
[  451.982948][T11626]  ? __pfx_bpf_trace_run4+0x10/0x10
[  451.982960][T11626]  ? __lock_acquire+0xb97/0x1ce0
[  451.982978][T11626]  __bpf_trace_sched_switch+0x145/0x190
[  451.982993][T11626]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[  451.983006][T11626]  ? psi_group_change+0x471/0xbe0
[  451.983023][T11626]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  451.983038][T11626]  __traceiter_sched_switch+0x6f/0xc0
[  451.983050][T11626]  __schedule+0x183b/0x5de0
[  451.983063][T11626]  ? tick_nohz_tick_stopped+0x6c/0xa0
[  451.983082][T11626]  ? __pfx___schedule+0x10/0x10
[  451.983094][T11626]  ? __wake_up_klogd.part.0+0x99/0xf0
[  451.983107][T11626]  ? mark_held_locks+0x49/0x80
[  451.983124][T11626]  preempt_schedule_irq+0x51/0x90
[  451.983137][T11626]  irqentry_exit+0x36/0x90
[  451.983150][T11626]  asm_sysvec_reschedule_ipi+0x1a/0x20
[  451.983162][T11626] RIP: 0010:__nla_validate_parse+0x23e/0x2880
[  451.983180][T11626] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 08 3c 01 0f 8e 7b 25 00 00 48 8b 44 24 18 31 ff 44 0f b7 68 08 <44> 89 ee e8 0a 01 a5 fc 66 45 85 ed 0f 85 46 05 00 00 8b 44 24 20
[  451.983190][T11626] RSP: 0000:ffffc9000346ed30 EFLAGS: 00000246
[  451.983200][T11626] RAX: ffffffff8ce97e60 RBX: 000000000000000c RCX: 0000000000000008
[  451.983206][T11626] RDX: 1ffffffff19d2fcd RSI: ffffffff8516974d RDI: 0000000000000000
[  451.983213][T11626] RBP: ffff88802bc5b4c2 R08: 0000000000000004 R09: 000000000000000b
[  451.983219][T11626] R10: 0000000000000008 R11: 0000000000000001 R12: 000000000000000c
[  451.983225][T11626] R13: 0000000000000000 R14: 1ffff9200068ddb1 R15: ffff88802bc5b4c0
[  451.983233][T11626]  ? __nla_validate_parse+0x20d/0x2880
[  451.983254][T11626]  ? __pfx___nla_validate_parse+0x10/0x10
[  451.983270][T11626]  ? lock_acquire+0x179/0x350
[  451.983279][T11626]  ? find_held_lock+0x2b/0x80
[  451.983293][T11626]  __nla_parse+0x40/0x60
[  451.983310][T11626]  tc_action_load_ops+0x111/0x3e0
[  451.983328][T11626]  ? __pfx_tc_action_load_ops+0x10/0x10
[  451.983348][T11626]  ? __nla_parse+0x40/0x60
[  451.983364][T11626]  tcf_action_init+0x22f/0xa50
[  451.983373][T11626]  ? __lock_acquire+0x62e/0x1ce0
[  451.983391][T11626]  ? __pfx_tcf_action_init+0x10/0x10
[  451.983413][T11626]  ? arch_stack_walk+0xa6/0x100
[  451.983432][T11626]  ? __kasan_slab_free+0x60/0x70
[  451.983444][T11626]  ? __lock_acquire+0x62e/0x1ce0
[  451.983461][T11626]  tcf_action_add+0xee/0x5c0
[  451.983472][T11626]  ? __pfx_tcf_action_add+0x10/0x10
[  451.983490][T11626]  ? __nla_parse+0x40/0x60
[  451.983507][T11626]  tc_ctl_action+0x35b/0x470
[  451.983517][T11626]  ? __pfx_tc_ctl_action+0x10/0x10
[  451.983529][T11626]  ? __pfx_tc_ctl_action+0x10/0x10
[  451.983539][T11626]  rtnetlink_rcv_msg+0x3c6/0xe90
[  451.983555][T11626]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  451.983571][T11626]  ? ref_tracker_free+0x37c/0x830
[  451.983586][T11626]  netlink_rcv_skb+0x155/0x420
[  451.983601][T11626]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  451.983615][T11626]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  451.983632][T11626]  ? netlink_deliver_tap+0x1ae/0xd30
[  451.983646][T11626]  netlink_unicast+0x5aa/0x870
[  451.983661][T11626]  ? __pfx_netlink_unicast+0x10/0x10
[  451.983675][T11626]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  451.983691][T11626]  netlink_sendmsg+0x8d1/0xdd0
[  451.983706][T11626]  ? __pfx_netlink_sendmsg+0x10/0x10
[  451.983722][T11626]  ____sys_sendmsg+0xa98/0xc70
[  451.983739][T11626]  ? copy_msghdr_from_user+0x10a/0x160
[  451.983752][T11626]  ? __pfx_____sys_sendmsg+0x10/0x10
[  451.983771][T11626]  ___sys_sendmsg+0x134/0x1d0
[  451.983784][T11626]  ? __pfx____sys_sendmsg+0x10/0x10
[  451.983804][T11626]  __sys_sendmsg+0x16d/0x220
[  451.983817][T11626]  ? __pfx___sys_sendmsg+0x10/0x10
[  451.983834][T11626]  do_syscall_64+0xcd/0x4e0
[  451.983849][T11626]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.983863][T11626] RIP: 0033:0x7f4a8178eec9
[  451.983872][T11626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  451.983882][T11626] RSP: 002b:00007f4a82554038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  451.983892][T11626] RAX: ffffffffffffffda RBX: 00007f4a819e6090 RCX: 00007f4a8178eec9
[  451.983898][T11626] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000009
[  451.983905][T11626] RBP: 00007f4a82554090 R08: 0000000000000000 R09: 0000000000000000
[  451.983911][T11626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  451.983917][T11626] R13: 00007f4a819e6128 R14: 00007f4a819e6090 R15: 00007ffdd4aaac68
[  451.983927][T11626]  </TASK>
[  452.487119][T11626] netlink: 'syz.4.1283': attribute type 3 has an invalid length.