last executing test programs:

12m33.919989326s ago: executing program 3 (id=367):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000100000000000000000000000010"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

12m32.714022688s ago: executing program 3 (id=370):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = syz_open_procfs(0x0, &(0x7f0000000a80)='fdinfo\x00')
fchdir(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000400)={0x28, 0x13, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @u32=0x9}, @typed={0x8, 0x0, 0x0, 0x0, @ipv4=@broadcast}, @typed={0x8, 0x13, 0x0, 0x0, @pid}]}, 0x28}], 0x1}, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)=0xfe8e, 0x12)
copy_file_range(0xffffffffffffffff, &(0x7f0000000180)=0x7, r0, 0x0, 0xffffffffffffffd3, 0x0)
r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r3, 0x400448c8, &(0x7f00000000c0)={r0, r0, 0x206, 0x0, 0x0, 0x2, 0x72, 0x400, 0x3, 0x801, 0x0, 0x8, 'syz1\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1})

12m30.798099967s ago: executing program 3 (id=374):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f00000001c0))
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, 0x0, 0x0)
listen(r2, 0x9)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_COMPAT_GET(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x2c, 0x0, 0xb, 0x5, 0x0, 0x0, {0x3, 0x0, 0x9}, [@NFTA_COMPAT_NAME={0x8, 0x1, 'u32\x00'}, @NFTA_COMPAT_REV={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_COMPAT_TYPE={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004045}, 0x20000000)

12m30.600480016s ago: executing program 3 (id=376):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet(0x2, 0x1, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000540)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000002100)='./file0/file0\x00', 0x0, 0x2187017, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000002100), 0x1004003, &(0x7f00000013c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@default_permissions}]}})
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2020)

12m30.465316128s ago: executing program 3 (id=378):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x50, &(0x7f0000000000)={0x0, 0x0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r3=>0x0})
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r4, &(0x7f0000000080)={0x1d, r3, 0x0, {0x0, 0x0, 0x4}}, 0x18)
sendmsg$can_j1939(r4, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
bind$can_j1939(0xffffffffffffffff, &(0x7f00000000c0), 0x18)
connect$can_j1939(0xffffffffffffffff, &(0x7f0000000140)={0x1d, 0x0, 0x0, {}, 0xfe}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0xf0ffffffffffff}, 0x0)

12m29.768063736s ago: executing program 3 (id=382):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0xa, 0x3, 0x3a)
socket$packet(0x11, 0x3, 0x300)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$inet_udp(0x2, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r2}, 0x8)
ioctl$SIOCSIFHWADDR(r1, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})

12m29.107702048s ago: executing program 32 (id=382):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0xa, 0x3, 0x3a)
socket$packet(0x11, 0x3, 0x300)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$inet_udp(0x2, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r2}, 0x8)
ioctl$SIOCSIFHWADDR(r1, 0x89f0, &(0x7f0000000900)={'bridge0\x00', @random='\x00\x00\x00 \x00'})

11m16.461444175s ago: executing program 2 (id=628):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2(&(0x7f0000001cc0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x800)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000500)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[{@cache_fscache}]}})

11m14.495912561s ago: executing program 2 (id=632):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_BATCH(0x1b, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0xc2800, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f00000000c0))
ppoll(&(0x7f0000000000)=[{r1}], 0x1, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_GETISPACE(r1, 0x8010500d, &(0x7f00000001c0))

11m12.682496129s ago: executing program 2 (id=638):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
close(r0)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x181)
fcntl$setlease(r1, 0x400, 0x1)
execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r2, 0x541b, &(0x7f0000000040)={<r3=>0xffffffffffffffff})
close_range(r3, 0xffffffffffffffff, 0x0)
r4 = syz_io_uring_setup(0x14f, &(0x7f0000000300)={0x0, 0x4941, 0x400, 0x0, 0x1d6, 0x0, r3}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x50, 0x4004, @fd, 0x0, 0x0})
io_uring_enter(r4, 0x5951, 0x7a89, 0x0, 0x0, 0x0)

11m12.017602761s ago: executing program 2 (id=642):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$inet(0x2, 0x1, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000540)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000002100)='./file0/file0\x00', 0x0, 0x2187017, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000002100), 0x1004003, &(0x7f00000013c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@default_permissions}]}})
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r1, &(0x7f0000002140)={0x2020}, 0x2020)

11m11.468724931s ago: executing program 2 (id=644):
socket$inet6(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.freeze\x00', 0x275a, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r1, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r2=>0x0], 0x1})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001280)={{}, 0x0, &(0x7f0000000200)=r0}, 0x20)
ioctl$DRM_IOCTL_MODE_ATOMIC(r1, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r2], &(0x7f0000000180), &(0x7f0000000200), &(0x7f0000000040)})

11m10.293091345s ago: executing program 2 (id=659):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
bind$unix(r2, &(0x7f0000000380)=@file={0x0, './bus\x00'}, 0x6e)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

11m9.963011936s ago: executing program 33 (id=659):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
bind$unix(r2, &(0x7f0000000380)=@file={0x0, './bus\x00'}, 0x6e)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4m51.358134868s ago: executing program 6 (id=1724):
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000580)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r5, 0x5, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0)
sendmsg$NL80211_CMD_DEL_INTERFACE(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x1c, r5, 0x201, 0x70bd25, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x700}, 0x40040)

4m49.256404986s ago: executing program 6 (id=1728):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000002c0)={0x1, "7458658a8839e5baedb409c963d89aaf9d23430a74b496c75cfa0097337ef7cefc8463eb0eccabe8faedc18c6ace2734006151628641822be7237b52e485da039e41fc4ea7b16b466325f90a79b43a2411b789d46e05f1022b31d2b37dc66f545eda2a851cca867d28cd79e00044cb75dde07fcbb52107ec45143b83484878e9722e730f82a2d3fba92921813c308614e8fd5bd4733606accd2414fd4f15c83f54f37b812c68a063fc17f53dabddc9f961ed9e1528382d6e300d815d155d6ff09add4f7fc09c9179df1bf1297ea882fae59638c0830f0dd8533a6b9c9b94f82902c4115436a56a7a832e9a2f81201fcb66c14645a85a6e882fbf229d28ad62096c7cbf6c70f7489d7bda7fda9e631505995e4c57ca6a3409f952f0abac0e9ec843053c73d0567007b885f1405e4a1c1bfb726836a5e033985af8d8ec15d462f78304d881fd560bc18991664e90f1b2490aa940afc229e90485c463720d3908728a43222778c926f4208ff8bc68dd8c63f64997f813826923efcadc5193e214d9c63127a2f2a7e43e948d9d62bdbc7972b7d5d3eb11fb54d5677c16986de7731b8aaff4c274ffca8145d2e355284e7b0d12075d45999dad13b18b10ac9dbea23c3a920bdb5b90ba61cc342437c2bb48a47932ca9ef08dfb4bfc457a1cafe13266ff8e8c2d7cbd1ba4306aa6d392aade1c4448b91c2590ffc9cdb9dddcd6cad0cb"})
r2 = gettid()
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0x4, 0x2003, 0xc, 0x0, 0xffffffffffffffff, 0xfffffffe, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
close(0x3)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x18, 0x1410, 0x1, 0x70bd30, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x40}]}, 0x18}, 0x1, 0xf000000, 0x0, 0x4011}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="190000000400000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_G_FMT(r4, 0xc0585604, &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00'}, 0x10)
sched_setscheduler(r2, 0x1, &(0x7f0000000040)=0x7)

4m49.164818264s ago: executing program 6 (id=1730):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000060000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket(0x10, 0x3, 0x0)
ioctl(0xffffffffffffffff, 0x8b32, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r4, &(0x7f0000001240)=""/102400, 0x200000, 0x0)

4m48.052415851s ago: executing program 6 (id=1733):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x922, 0x12)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141a82, 0x0)
ioperm(0x0, 0x1fb, 0x4)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = gettid()
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
move_mount(r3, &(0x7f0000000080)='./file0/file0\x00', r3, &(0x7f00000002c0)='./file0/../file0/file0\x00', 0x0)
tkill(r2, 0x1)
write$cgroup_int(r1, &(0x7f0000000040)=0x922, 0x12)

4m45.687429021s ago: executing program 6 (id=1738):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0)
ioctl$SW_SYNC_IOC_INC(r0, 0xc0105702, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x20c02)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000040)}], 0x1)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000440), 0x10)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000620000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000215c0000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c00008008000340000000020a0001"], 0xe0}}, 0x0)

4m45.532017163s ago: executing program 6 (id=1741):
r0 = syz_usb_connect(0x5, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000002c0)={0x44, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4m43.994243024s ago: executing program 34 (id=1741):
r0 = syz_usb_connect(0x5, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000002c0)={0x44, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

18.237631949s ago: executing program 7 (id=2306):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
write$P9_RGETLOCK(r4, &(0x7f00000000c0)=ANY=[], 0xffffff6a)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
tee(r3, r6, 0xfffffffffffffc01, 0x0)
tee(r3, r6, 0x60000000000, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x40, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f00000000c0)={0xc})

15.99230258s ago: executing program 1 (id=2311):
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r0 = open(0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
close_range(r0, r1, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
futex_waitv(0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x41, &(0x7f0000000080)=0x654a, 0x4)
bind$inet(r2, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xc}}, 0x61)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_opts(r3, 0x0, 0xf, 0x0, &(0x7f0000000000))
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
socket$inet6(0xa, 0x80002, 0x0)
r4 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r5=>0x0, &(0x7f0000000080)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r4, 0x47bc, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0)={0x5, 0x7f, 0x6, 0x8, 0x400, 0x0, 0xa20e, 0x6}, 0x0, &(0x7f0000000300)={0x8, 0x6, 0x0, 0x8000000000000001, 0x7fa1, 0x3, 0x7, 0xce}, &(0x7f0000000340)={0x0, 0x3938700}, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000002e40)=ANY=[], 0x0)

13.143541333s ago: executing program 1 (id=2316):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='blkio.bfq.sectors\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x26, &(0x7f0000000000)={0x1})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap$binder(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f00000000c0)=@nat={'nat\x00', 0x19, 0x1, 0x178, [0x200003c0, 0xfffffffffffffffd, 0x3, 0x200003f0, 0x20000420], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000000000f8ffffff000000000000000000000000000000000000000000000000000000000000feffffff00000000000000000000000000000000000000f00c0000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000050000000000000008006966623000000000000000000000000064756d6d79300000000000000000000069705f76746930000000000000000000697036746e6c30000000000000000000aaaaaaaaaabb0400000000000182c20000000000000000000000b8000000b8000000e80000006970000000000000000000000000000000000000000000a823c565625b8d720020000000000000007f00004dab14140000000000000000000084200400000000000000000000000041554449540000bcb92dfff07fca0000004600f58f5dc8438b000000000000000800"/376]}, 0x1f0)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x0, 0x10}, 0xc)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000400)={0x0, 0x2}, 0x8)
bind$inet6(r1, 0x0, 0x0)

12.978820305s ago: executing program 5 (id=2317):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$kvm(0x0, &(0x7f0000000040), 0x100002, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r3, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000280)={{0x1}})
readv(r3, &(0x7f0000000080)=[{&(0x7f0000000140)=""/144, 0x90}], 0x1)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f00000000c0)={0x0, 0x9, 0x0, 0x0, 0xf})
read(r3, &(0x7f00000002c0)=""/200, 0x39)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_PIT2(r2, 0xaea2, &(0x7f0000000040)={[{0x2, 0x81, 0x0, 0x3, 0x0, 0xc6, 0x70, 0x0, 0x7, 0xc, 0xda, 0xf8, 0x804}, {0x0, 0xf3f, 0x2, 0x7d, 0x8, 0x7, 0x2, 0x4, 0x0, 0x7, 0xd, 0x41, 0x6}, {0x4, 0x9, 0x13, 0xfc, 0x5, 0x7, 0x1, 0x10, 0x2, 0xf4, 0x55, 0xe, 0xffffffffffffffb5}]})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000018c0)={0x38, r5, 0x101, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x9}]}, 0x38}}, 0x200440c0)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r7, 0x0, 0xc8, &(0x7f0000000180), 0x4)
setsockopt$MRT_DONE(r7, 0x0, 0xc9, 0x0, 0x0)

11.804008073s ago: executing program 0 (id=2319):
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x80081, 0x1fb)
write$P9_RUNLINKAT(0xffffffffffffffff, &(0x7f0000000840)={0x7, 0x4d, 0x103}, 0x7)
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
socket$nl_xfrm(0x10, 0x3, 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe05000000000000000000009500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sched_switch\x00', r2, 0x0, 0x3}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44}, 0x810)
sendmsg$RDMA_NLDEV_CMD_SET(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000000214010028bd7000fddbdf250900020073797a3100000000080001000000000008004400", @ANYRES32, @ANYBLOB="050054000100b2ac08000100000000000900020073"], 0x48}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)

11.421952864s ago: executing program 1 (id=2320):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000380)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @remote, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, 0x0, @rand_addr=0x64010101, @multicast1}, "040022eb00000000"}}}}}, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000380)='source\xcf\x87\x86\x1bY\x0f\xde\xd6\xcd\xc0\x01\xd3\x19>K\x04\xfe\x86YG\xa5\x0f\xed\xa0\x9f\x1e\x14R\x9e\x04\xfa\xed\xd0TG&\x88\xeaz\x9aD\xf8Tt\x8c\x00{\x1fm\xfe\x9c\xf6_h\x9e\xfc\'', &(0x7f00000001c0)='sou\x01ce', 0x0)
r4 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r5 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r6)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r7 = syz_open_procfs(r5, &(0x7f0000000040)='status\x00')
preadv(r7, &(0x7f0000000680)=[{&(0x7f0000000400)=""/121, 0x79}], 0x1, 0xffffffff, 0x1)
readv(r2, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/145, 0x91}], 0x1)
tkill(r4, 0xb)

11.371636946s ago: executing program 4 (id=2321):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000840)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = memfd_create(&(0x7f00000008c0)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x0)
ftruncate(r3, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
lseek(r3, 0x1003ff, 0x4)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/protocols\x00')

11.358869119s ago: executing program 0 (id=2322):
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r0 = open(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELFLOWTABLE={0x60, 0x16, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'netdevsim0\x00'}]}]}]}], {0x14, 0x10}}, 0xa8}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPCTNL_MSG_EXP_NEW(r1, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x34, 0x0, 0x2, 0x101, 0x0, 0x0, {0x5, 0x0, 0x7}, [@CTA_EXPECT_FN={0x8, 0xb, 'sip\x00'}, @CTA_EXPECT_HELP_NAME={0xe, 0x6, 'irc-20000\x00'}, @CTA_EXPECT_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0xba7}]}, 0x34}, 0x1, 0x0, 0x0, 0x4045}, 0x40000d4)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
r2 = syz_open_dev$video(&(0x7f00000000c0), 0x17b4b522, 0x0)
ioctl$VIDIOC_G_CROP(r2, 0xc014563b, &(0x7f0000000080))
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x2000000000000021, 0x2, 0x10000000000002)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @remote}, 0x10)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
sendto(r4, &(0x7f0000000180)='%', 0x300000, 0x840, 0x0, 0x60)

11.276051474s ago: executing program 5 (id=2323):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000d6cff0)=[@in={0x2, 0x4e20, @loopback}], 0x10)
sendto$inet(r0, &(0x7f0000000280)='7', 0x1, 0x0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
readv(r0, &(0x7f0000000380)=[{&(0x7f0000000340)=""/3, 0x3}], 0x1)
mount$overlay(0x0, 0x0, 0x0, 0xa, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)

9.276736801s ago: executing program 4 (id=2324):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0x40046f41, 0x20000502)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r3}, 0x10)
getitimer(0x0, &(0x7f0000000380))
r4 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842)
r5 = dup(r4)
ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000240)={0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000400)={0x101, 0xffffffe, 0x8}, 0x10)

8.186804867s ago: executing program 4 (id=2325):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x1e, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfffffd9d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0xf0ffffff)
connect$inet(r0, &(0x7f00000009c0)={0x240, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
recvfrom$inet(r0, &(0x7f00000002c0)=""/231, 0xfffffffffffffee2, 0x40000102, 0x0, 0x0)

8.082652905s ago: executing program 7 (id=2326):
ioctl$KVM_GET_VCPU_MMAP_SIZE(0xffffffffffffffff, 0xae04)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
keyctl$join(0x1, &(0x7f0000000180)={'syz', 0x2})
openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x2, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x707b, 0x0, 0x4, 0x288}, 0x0, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000240), 0x12040, 0x0)
connect$pppoe(r3, &(0x7f00000002c0)={0x18, 0x0, {0x1, @broadcast, 'veth1_to_bridge\x00'}}, 0x1e)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000002840)={0xff}, &(0x7f0000002880)={0x0, 0x989680}, 0x0)

7.934146756s ago: executing program 0 (id=2327):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000de5e2e41d92884a9d94489d22177eff1364e93dd0f7d2820a55678e672e798347d3fed434aa96d9285703d9fcafe96a4b4697a7683fe46816c27660e0a033b35752b865d51b2f2982f653e33829bd6ed878baf8a0c9651068a01d548f510994b78c375685d27465e7069630f0dd1f70d91b15e5c28ad3811dfee514c7b269a"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000300)='sched_switch\x00', r2}, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(0xffffffffffffffff)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000540)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipip={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_TTL={0x5}, @IFLA_IPTUN_TOS={0x5}]}}}]}, 0x44}}, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[], 0x208}, 0x0)
setsockopt$sock_int(r3, 0x1, 0x22, &(0x7f0000000200)=0x1, 0x4)
recvmmsg$unix(r3, &(0x7f00000001c0), 0x4000000000000bd, 0x2, 0x0)

6.985630994s ago: executing program 5 (id=2328):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0), 0x20000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB, @ANYRES32=0x1, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r4}, 0x0, &(0x7f00000002c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000340)={r6, r6, 0x1, 0x0, 0x0, 0xb, 0x81, 0x6, 0xfff9, 0x10, 0x2, 0x8, 'syz0\x00'})
read$FUSE(r0, &(0x7f0000001740)={0x2020}, 0x2020)

6.314252446s ago: executing program 4 (id=2329):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x18, 0x1c, &(0x7f0000000140)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
gettid()
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x5, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000080)={0xd, 0x1, 0x0, "bb1e000064000080007f28becf0500063475de71000077a16c80b6db943400"})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x28, 0x0, 0x0, 0x7ffff024}, {0x6}]}, 0x10)
write$binfmt_misc(r3, &(0x7f0000000100), 0x7c)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtaction={0x64, 0x30, 0x1, 0x0, 0x0, {}, [{0x50, 0x1, [@m_vlan={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x300}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
socket$netlink(0x10, 0x3, 0xe)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}}], {0x14, 0x10}}, 0x3c}}, 0x0)
r6 = mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000040)={0x0, 0x6, 0x101})
ppoll(&(0x7f0000000100)=[{r6}], 0x1, 0x0, 0x0, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x0, 0x0)
mq_timedreceive(r6, &(0x7f0000000140)=""/4096, 0x1000, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)

6.198735853s ago: executing program 7 (id=2330):
r0 = syz_open_dev$usbmon(&(0x7f00000005c0), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
ioctl$MON_IOCX_GETX(r0, 0x4018920a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x1)
ioctl$TCSBRKP(r3, 0x5425, 0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r7}, 0x18)
dup3(r0, r1, 0x0)

6.16591868s ago: executing program 1 (id=2331):
getpid()
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$unix(0x1, 0x2, 0x0)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r5=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(r5, r5, r5)
semctl$IPC_STAT(0x0, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

5.012562552s ago: executing program 5 (id=2332):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0x7c}], 0x1}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r4, 0x0, 0x218, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)

4.961807277s ago: executing program 1 (id=2333):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap(&(0x7f0000502000/0x3000)=nil, 0x3000, 0x3000003, 0x10, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000580)=""/102392, 0x18ff8)
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
setresuid(0xee01, 0xee01, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x22, &(0x7f0000000000)=0x1, 0x4)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect$uac1(0x3, 0xac, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029a0003010000000904000000010100000a24010000000201020c2402000000000000000000052405000008240800000000e40c240700000000a3e82f07070d240701010000fd8000000000092403000000000100", @ANYRES64=r4], 0x0)

3.675325235s ago: executing program 1 (id=2334):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000026c0)=[{{&(0x7f0000000800)={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000ac0)=[{0x0}], 0x1, &(0x7f0000000c40)}}], 0x1, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=@newsa={0x138, 0x10, 0x1, 0x0, 0x0, {{@in=@empty, @in6=@remote, 0x4e22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@remote, 0x0, 0x6c}, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, {}, {}, {}, 0x0, 0x3505, 0xa, 0x0, 0x0, 0x28}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}]}, 0x138}}, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r5, 0x0, 0x0, 0x20020084, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000b80)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000295000000000000009f33ef60916e6e893f1eeb0be2566cd0723043c47c896ce0bce66a245ad99b817fd98cd824498949714ffaac8a6f77ef26dcca5582054d54d53cd2b6db714e4b94bdae214fa68a0557eb2c5ca683a4b6fc89398f2b9000f224891060017cfa6fa26fa7a34701008c61897d4a6148a1c11428607c40de60beac671e8e8fdecb03588aa623fa71f871ab5c2ff88afc6002084e5b52710800e835cf0d78e45f70983826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174bed9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632fd30bf05121438bb74e4670ab5dfe447a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffb426e1230bc1cd4c02c4c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd78a9f3fdc1f50c445e3f30e703cf05b90fbf940e6652d377474ed5f816f66ac3027460ae991e7f834dd7a7fc2a7003d1a6cf5478533584961c329fcf4fed5c9455640dcd28273dc9753cc979113f2915a3039c3ca60ec53bb1130c2d27fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc51177cce5ef265c92b7957a334ff7be2ca867fd94286e016febfdb5827efc7a6efb01d66a396f84c1ca75daa4ead099694ed03d449b185cc836bab1a41a61bd6f03a54fafcee554bbb52adf8f1d7ede9f9a711256fb45e6c3d12ff560ee69d68733d522d9bbecf52396f15976381c27015403778139808142b48ced145ca8a6da5f322d413d09cc38b832fa05dd3c799042588f9eea6f443baa759257a000000000000000000bed1dad228e11f80cfea5848e436acf6e89dfae0b3d95b911af1818e0081504811a5f3c5d1ced3e592224f1d2ca3bdb2cc89001605db6987899eb99f94265401a95ff0a5a266438f1db461b7ebedd419bc038f7d36bd2bd4b3f92cd1469b63b1ce456a96152d353a8ab65f8bae521db73ff00b5d5cac7a439ab40d97e57f23e703fd6395930b9c3485ab181a83ed568cade43111530ec584cfb48e0cc5d63e2807b2e98525a84f9ac59cf74f3ba279e228e2a0dc8da8017cba3996541008785ab8f041f0a8d1399d88a3a58765e5a0149b9d0ea54b323675149783ec057ec6d6e8e600b9eced07ddcc56b77d8ea08223"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x16, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000150400003d0301000000000095000f00000000006926000000000000bf67000000000000450700000fff07003506000002000000170600000ee50014bf250000000000005d670000000000006507000006000000070500004c0001000f75000000000000bf54000000000000070400000400f9ff2d4401000000000095000000000000000500000000000000950007000000000001722fabb733a0e757c7c45402000000a2d23da04d1ffc187f9955911aa1a2ba7ba030c7267c2de00435fd253cc0f0d9b2c3127c46b0f4f95345de3188f0d808398d09ee4dc258d726eae098804de25df627a64ab8efde50fd7f1d58d67e684c45e506598bae66ea1a7cd29032de94983dfab0e5043daf1b46bef5135c65377bdbe65d525743d88ef4b2ee62652b07e8a4b6e6155cecc13a5ddf4157f2bfab7201112a30274101fceee66eca91bd5fecb254ab358488c400330171128be291297947d474c570a385a44dd9ff4ae730ae9d0ae42d8814a8c96f101df7da839bcdd7b7c33c8cfe74d599543ac604d8dd42fc66cdb79cd09ceeedce1e69f11967919f82b0276c90420d08897ee8514b43533f07132589a0a37110fd8571b1e69251bba35cd06c8bd430aafbecfd33757b7dc4803123e9107e5cceaec2a391f9b9b577295ac3864f6c1e30e6190a055953e18bedd1859acdd15af7209d15950f9195b401e74f8b5210e28d46dde2658b4695d9ac9ce7cbefc164a5454fc4da6104db281e18a8992b9f8c82b895da647e6ea4cb622314c5c48abfd620adf7757c23a31a619edcfb45a402c5fced05e5274e08a313d6c5fdd0a8d36b1a268056e6f7e9a6daa5632cda5ad2a9ebfac980c7db63137c226f71b7eb70c174d885232e522aad0f13b0e5b43d837d040f813d0115387e36f092d9aaafe7afc637d3d107451f4854613cfd43ac63ad6141ddb0311b8c96fef49af414e49be7c23b2e8eb686fbcdd2dab4cbdb02e30e4e1a6c25b2791facac56e4c5dc036c8d80e5c7c206d24603be75850927e02fd4eea168681498d1170478408c43bb90d9df3964b64fee41745f6785419ac8de8788398e3653f34970988866043136ada4771bf8d96eeb0f565d626a3e9089"], &(0x7f00000000c0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x253, 0x10, &(0x7f0000000000), 0x19f, 0x0, 0xffffffffffffffff, 0xffffffffffffff74, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

3.448348308s ago: executing program 0 (id=2335):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00'}, 0x10)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0x8502, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0x18, 0x20000000, 0x0)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x2}, {0x3, 0x2, 0x3, 0xa, 0x9, 0xfe00}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x9, 0xfe04, 0xe1}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {}, {0x18, 0x2, 0x2, 0x0, r5}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000001380)=[{0x6, 0x0, 0x0, 0x0, @tick, {0x4}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time={0xffff, 0xa5}, {}, {0x2}, @connect={{0x2, 0x3}, {0x3}}}, {0x0, 0x0, 0x0, 0x0, @time={0x2, 0x2}, {0x0, 0x8}, {}, @control}, {0x0, 0x0, 0x1, 0x0, @time, {}, {}, @connect={{}, {0x0, 0x5}}}], 0x68)

3.282956078s ago: executing program 5 (id=2336):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="680000002000010000000000000000000a801400000000070000000014000200fc02c9ecde2a00000000000000000001080006000700000014000200fc000000000000000000000000000000050016003200000014000100200100000000000000"], 0x68}}, 0x40000)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'virt_wifi0\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="400000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="00100000000000002000128008000100687372001400028008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r4], 0x40}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000002c0)=@newlink={0x5c, 0x10, 0x439, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @private2}]}}}]}, 0x5c}}, 0x0)
syz_emit_ethernet(0x376, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "0200", 0x340, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1, 0x0, 0x10, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030003004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af0502"}, {0x0, 0x1, "000000050000000026000400"}, {0x0, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x1d, "06aa85616177c61bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee4df24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6bc1ba42399907ccd0a562db212baa39eb8164e240069f656d3a05fecf894222a141123f5ac010000000000000090aa235a670670ffc5dc49dfb58d00000000000000"}, {0x0, 0xb, "17dcea46805d4809c20547406b18901b0aeff04c6e119f0478bcde9ed5749dd7e4b326390300f3c75dc2d227a83b89483b1084743475671545e65eb2e9ac946a3f0e2bc4619f91394c02bcfbbb7d71138537d68e2d2c63"}, {0x19, 0x7, "b8a3e10000a3e1100000006f00ffc0ffff00000000600000ff0bc0fe000000000000000000000000d9a0274400"/55}, {0x0, 0x11, "3f14f0e74d2d42cfb3f27fafb60845f90b6dfc2e37bc87c6905bbc94d33e1ea71a28105f543e868a8a53b360a9d33e2b1e2eeb1d18065daa7628cf9ef083611c9f6ae2e1eb3d8bf9c6ab2642c4808288e62afbf03269f1f98aea6ab3beb5fdc5fdaabc2c676d8800871a6aa54155dea2d995cb22c9924e0ad38c6967052cc7786d779b8353aac33a57d79b05"}]}}}}}}, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
sendto$inet(r6, &(0x7f0000000140)="6061feb3a4f5113b5de5cc16d57f04c00e62ab416f5d3ca280a014666a20e81beb5e5b13ae17782d963752703bc39be000dfcec9157cbd42c671e3d9edd0c0d37906606f6e487510e55f11fe681c64446c6374577f68c6abc2f5ff3dff545974de4488cdd7257defa61d97624ca3c697b8d57ad5602c7bf5", 0x78, 0x400c002, &(0x7f00000000c0)={0x2, 0x4e22, @multicast1}, 0x10)
r7 = dup(r5)
write$6lowpan_enable(r7, &(0x7f0000000000)='0', 0xfffffd2c)
r8 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r9=>0x0}, &(0x7f0000cab000)=0x32)
setresuid(0x0, r9, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x10, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r10}}, {}, [@ldst={0x3, 0x0, 0x6, 0x0, 0x9, 0xc, 0x1}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$ITER_CREATE(0x21, &(0x7f0000000000)={r7}, 0x8)

3.106814251s ago: executing program 4 (id=2337):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000500)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_ext_features={{0x23, 0xd}, {0x3, 0xc8, 0x5, 0x7, "ca7d3a40d9b7a97a"}}}, 0x10)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x3, 0x0, &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x22040300)
mmap(&(0x7f000074b000/0x2000)=nil, 0x2000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r4)
sendmsg$NLBL_CIPSOV4_C_ADD(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)={0x3c, r5, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x10, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6bd9}]}]}]}, 0x3c}}, 0x0)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, &(0x7f00000000c0)=0x8124, 0x4)
ioctl$sock_bt_hidp_HIDPCONNADD(r3, 0x400448c8, &(0x7f0000003900)={r2, r2, 0x11, 0x5, &(0x7f00000036c0)="3722c57657", 0xf, 0x0, 0x7fff, 0x8, 0x2, 0x2, 0x10000000, 'syz1\x00'})
ioctl$sock_bt_hidp_HIDPCONNDEL(0xffffffffffffffff, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

3.076444597s ago: executing program 7 (id=2338):
syz_emit_ethernet(0x2a, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0008060001080006040001aaaa00000000000000ac1414aa1b59df688d41ad5b47796bf82598a7fcc93b294d727a95d38bf6db9ede703d10b45aa67645476c1f644c520bab90d52e1aa44534a95f608b636a19d3e615e81b89f3b20c1ad191acf15d7e6cda23975c7e75c6df20e8278f6beaa171ff61ea8bdd2884274002c1f0ca8eadbb18baae137061dd77b7d4cb2261589f"], 0x0)
r0 = fsopen(&(0x7f0000000200)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='\x00\x00\x00\x00\x00', &(0x7f0000000300)='\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$sysctl(0xffffff9c, &(0x7f0000000040)='/proc/self/clear_refs\x00', 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r3, 0x84, 0x20, 0x0, &(0x7f00000000c0))
mount$bind(0x0, 0x0, 0x0, 0x11080, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)

2.291903057s ago: executing program 0 (id=2339):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
unshare(0x22020600)
r3 = syz_open_procfs(r0, &(0x7f00000000c0)='net/wireless\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000402000008"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x1}, 0x38)
lseek(r3, 0x10001, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r4, 0x0, 0x40080)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x4048aec9, &(0x7f0000000740)={0x1, 0x0, @ioapic={0x4, 0x296a, 0xf7c, 0x3, 0x0, [{0x98, 0x27, 0x81, '\x00', 0x7f}, {0x1, 0xc, 0x81, '\x00', 0xf5}, {0xe5, 0x4, 0x9, '\x00', 0xe}, {0x6, 0x8, 0x3, '\x00', 0x8f}, {0xff, 0x7c, 0xb1, '\x00', 0x7}, {0xf, 0x2, 0x28, '\x00', 0xaa}, {0x7f, 0x8, 0x1, '\x00', 0x8}, {0x1, 0x7, 0x2, '\x00', 0x67}, {0x2, 0x7, 0x91, '\x00', 0x8}, {0x8, 0x3, 0x43, '\x00', 0x80}, {0xfc, 0x8, 0x4, '\x00', 0x3}, {0x2, 0x3, 0x3, '\x00', 0x8}, {0x6, 0x6, 0x0, '\x00', 0xa6}, {0xf, 0x0, 0x8, '\x00', 0x9}, {0x4, 0x4e, 0x9}, {0x6, 0x5e, 0x4, '\x00', 0x3}, {0x5, 0x4, 0x7, '\x00', 0x5}, {0x0, 0x3, 0x3, '\x00', 0xff}, {0x5, 0x0, 0xf, '\x00', 0x3}, {0x4, 0x6, 0xb, '\x00', 0x3}, {0x7f, 0x5, 0x7, '\x00', 0x4}, {0x7, 0x40, 0x9, '\x00', 0x10}, {0x2, 0x8, 0x1, '\x00', 0x7}, {0x2, 0xc, 0x92, '\x00', 0x8}]}})

1.112301993s ago: executing program 7 (id=2340):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r3 = syz_open_dev$tty1(0xc, 0x4, 0x3)
dup(r3)
r4 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000006640)=[{{0x0, 0x0, 0x0}, 0x5d}], 0x1, 0x40000000, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000100002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r5, &(0x7f0000001800)=[{{&(0x7f0000000200)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)

1.044914232s ago: executing program 4 (id=2341):
r0 = socket$inet6(0xa, 0x806, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000280)={@local, @local, @void, {@ipv6={0x86dd, @dccp_packet={0x5, 0x6, "41521a", 0x10, 0x21, 0xff, @mcast1, @mcast1, {[], {{0x4e23, 0x4e20, 0x4, 0x1, 0x2, 0x0, 0x0, 0x6, 0x2, "f93f1c", 0x40, "7c7b92"}}}}}}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141301)
openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, 0x0, 0x1a01, 0x0)
r3 = dup(r2)
write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r1, 0x8983, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(0xffffffffffffffff, 0x3)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x800)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

1.024728553s ago: executing program 0 (id=2342):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000000)={0x18, 0x0, {0x7, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x35}, 'macvlan1\x00'}}, 0x1e)
madvise(&(0x7f00004bd000/0x2000)=nil, 0x2000, 0x17)
sendmmsg(r0, &(0x7f00000006c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000011c0)=ANY=[], 0x210}}], 0x1, 0x40884)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000080)=@o_path={&(0x7f0000000040)='./file0\x00', 0x0, 0x10, r0}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@fallback=r0, 0x0, 0x1, 0xe, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x0, &(0x7f0000000100), &(0x7f0000000140), 0x0, <r2=>0x0}, 0x40)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtaction={0x48, 0x30, 0xb, 0x0, 0x0, {}, [{0x34, 0x1, [@m_vlan={0x30, 0x1, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x48}}, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cgroup.procs\x00', 0x1, 0x0)
brk(0x20ffc004)
close(r4)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)=ANY=[@ANYRES32=r1, @ANYBLOB='*\x00\x00\x00\b\x00', @ANYRES32=r4, @ANYBLOB, @ANYRES64=r2], 0x20)
socket$igmp6(0xa, 0x3, 0x2)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x19)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000140), 0x4000, 0x0)
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r5, 0x3b87, &(0x7f00000003c0)={0x18, 0x0, 0xebeca118d3cab70c, 0x0, 0x0, 0x1})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)

761.624342ms ago: executing program 5 (id=2343):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x400000000000000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = add_key$user(&(0x7f0000000380), 0x0, &(0x7f0000000400)='_', 0x1, 0xfffffffffffffffe)
r3 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r4 = add_key$user(&(0x7f0000006400), &(0x7f0000006c00)={'syz', 0x3}, &(0x7f0000006900)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51", 0x4d, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r2, r3, r4}, 0x0, 0x0, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
getsockopt$inet6_mptcp_buf(0xffffffffffffffff, 0x11c, 0x3, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f00000006c0)={'\x00', 0x27ff, 0x200006, 0x2, 0xb, 0x59c})

0s ago: executing program 7 (id=2344):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x26, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x3d, &(0x7f0000000040), 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$dsp(0xffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r4, 0xc0044dff, &(0x7f00000000c0)=0x33)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)

kernel console output (not intermixed with test programs):

 hid-steam 0003:28DE:1205.0007: Steam Controller 'XXXXXXXXXX' disconnected
[  383.494573][   T29] audit: type=1804 audit(2000000055.490:542): pid=11347 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.1167" name="/newroot/157/file1" dev="fuse" ino=1 res=1 errno=0
[  383.548850][   T29] audit: type=1800 audit(2000000055.510:543): pid=11347 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.1167" name="/" dev="fuse" ino=1 res=0 errno=0
[  383.624569][   T29] audit: type=1804 audit(2000000055.520:544): pid=11347 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.1167" name="/newroot/157/file1" dev="fuse" ino=1 res=1 errno=0
[  383.662521][   T29] audit: type=1804 audit(2000000055.520:545): pid=11347 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=ToMToU comm="syz.5.1167" name="/newroot/157/file1" dev="fuse" ino=1 res=1 errno=0
[  384.291629][ T5900] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  384.314693][   T29] audit: type=1800 audit(2000000055.520:546): pid=11347 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.5.1167" name="/" dev="fuse" ino=1 res=0 errno=0
[  384.461679][ T5900] usb 2-1: Using ep0 maxpacket: 16
[  384.477975][ T5900] usb 2-1: config 0 has an invalid interface number: 214 but max is 0
[  384.520265][ T5900] usb 2-1: config 0 has no interface number 0
[  384.554158][ T5900] usb 2-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64
[  384.559476][T11359] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1170'.
[  384.597237][ T5900] usb 2-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  384.626824][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.656461][ T5900] usb 2-1: Product: syz
[  384.680184][ T5900] usb 2-1: Manufacturer: syz
[  384.690273][ T5813] Bluetooth: hci5: sending frame failed (-49)
[  384.695791][ T5900] usb 2-1: SerialNumber: syz
[  384.702828][ T5818] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  384.712031][ T5900] usb 2-1: config 0 descriptor??
[  384.717640][T11365] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  384.966888][ T5900] usbtouchscreen 2-1:0.214: Failed to read FW rev: 0
[  384.979547][ T5900] usbtouchscreen 2-1:0.214: probe with driver usbtouchscreen failed with error -5
[  385.482470][T11377] netlink: 64 bytes leftover after parsing attributes in process `syz.6.1174'.
[  385.831214][   T25] usb 2-1: USB disconnect, device number 15
[  385.837461][ T5891] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  385.996849][ T5891] usb 6-1: Using ep0 maxpacket: 8
[  386.158315][ T5891] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  386.316354][ T5891] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.349366][ T5891] usb 6-1: Product: syz
[  386.353760][ T5891] usb 6-1: Manufacturer: syz
[  386.367921][ T5891] usb 6-1: SerialNumber: syz
[  386.384032][ T5891] usb 6-1: config 0 descriptor??
[  386.452173][   T29] audit: type=1400 audit(2000000058.450:547): avc:  denied  { create } for  pid=11382 comm="syz.4.1177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  386.867937][   T29] audit: type=1400 audit(2000000058.770:548): avc:  denied  { bind } for  pid=11382 comm="syz.4.1177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  387.355575][ T5891] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  387.377659][   T29] audit: type=1400 audit(2000000058.790:549): avc:  denied  { write } for  pid=11382 comm="syz.4.1177" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  387.491221][T11394] tipc: Started in network mode
[  387.520139][T11394] tipc: Node identity bea8e97eccd1, cluster identity 4711
[  387.534881][T11394] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  387.704658][T11399] syzkaller0: entered promiscuous mode
[  387.710393][T11399] syzkaller0: entered allmulticast mode
[  387.747351][T11394] tipc: Resetting bearer <eth:syzkaller0>
[  387.772024][T11392] tipc: Resetting bearer <eth:syzkaller0>
[  388.740896][   T29] audit: type=1400 audit(2000000060.300:550): avc:  denied  { write } for  pid=11401 comm="syz.6.1183" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  388.794750][T11392] tipc: Disabling bearer <eth:syzkaller0>
[  389.063256][ T5862] tipc: Node number set to 1920592254
[  390.415007][T11412] syz.4.1185 (11412) used greatest stack depth: 20032 bytes left
[  390.518373][ T5891] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  390.538054][ T5891] usb 6-1: USB disconnect, device number 13
[  393.050913][T11437] syz.5.1191 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  394.018628][T11446] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  394.043683][T11446] syzkaller0: entered promiscuous mode
[  394.058440][T11446] syzkaller0: entered allmulticast mode
[  394.109617][T11446] tipc: Resetting bearer <eth:syzkaller0>
[  394.374055][T11445] tipc: Resetting bearer <eth:syzkaller0>
[  395.035570][T11445] tipc: Disabling bearer <eth:syzkaller0>
[  395.228280][   T29] audit: type=1400 audit(2000000067.220:551): avc:  denied  { mount } for  pid=11439 comm="syz.1.1192" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  395.318619][   T29] audit: type=1400 audit(2000000067.250:552): avc:  denied  { mounton } for  pid=11439 comm="syz.1.1192" path="/237/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  395.344289][T11459] netlink: 'syz.0.1198': attribute type 12 has an invalid length.
[  396.003170][T11465] overlayfs: failed to get inode (-116)
[  396.033231][T11465] overlayfs: failed to look up (file0) for ino (-116)
[  396.138513][   T29] audit: type=1400 audit(2000000068.130:553): avc:  denied  { unmount } for  pid=5811 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  396.181264][T11470] netlink: 288 bytes leftover after parsing attributes in process `syz.0.1203'.
[  396.199327][T11470] unsupported nlmsg_type 40
[  399.684646][T11509] netlink: 'syz.4.1216': attribute type 1 has an invalid length.
[  399.694714][T11509] netlink: 'syz.4.1216': attribute type 2 has an invalid length.
[  402.732863][T11538] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1224'.
[  403.281580][  T933] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  403.844404][  T933] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  403.897052][  T933] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  403.910486][  T933] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  403.920690][  T933] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.152410][T11549] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  404.169258][  T933] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  406.982780][ T5900] usb 2-1: USB disconnect, device number 16
[  411.774234][   T29] audit: type=1400 audit(2000000083.760:554): avc:  denied  { mounton } for  pid=11614 comm="syz.1.1245" path="/246/file0" dev="tmpfs" ino=1348 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  412.255511][   T29] audit: type=1400 audit(2000000083.800:555): avc:  denied  { setattr } for  pid=11614 comm="syz.1.1245" name="/" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  412.541934][ T5861] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  412.691735][ T5861] usb 6-1: Using ep0 maxpacket: 8
[  412.699737][ T5861] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  413.300360][ T5861] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  413.315713][ T5861] usb 6-1: config 0 descriptor??
[  413.460923][T11642] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1252'.
[  414.682117][T11654] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1255'.
[  414.734599][T11654] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1255'.
[  416.001937][ T5813] Bluetooth: hci3: command 0x0405 tx timeout
[  416.127499][   T29] audit: type=1400 audit(2000000087.500:556): avc:  denied  { accept } for  pid=11657 comm="syz.0.1258" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  416.561889][   T29] audit: type=1400 audit(2000000088.530:557): avc:  denied  { bind } for  pid=11664 comm="syz.0.1259" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  417.069390][ T5861] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  417.069516][ T5861] asix 6-1:0.0: probe with driver asix failed with error -71
[  417.073140][ T5861] usb 6-1: USB disconnect, device number 14
[  417.162754][   T29] audit: type=1400 audit(2000000089.160:558): avc:  denied  { setopt } for  pid=11666 comm="syz.6.1260" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  417.409353][T11675] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  417.671703][   T29] audit: type=1326 audit(2000000089.660:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11681 comm="syz.6.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd314585d29 code=0x7ffc0000
[  417.707163][   T29] audit: type=1326 audit(2000000089.700:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11681 comm="syz.6.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd314585d29 code=0x7ffc0000
[  417.730717][   T29] audit: type=1326 audit(2000000089.700:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11681 comm="syz.6.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd314585d29 code=0x7ffc0000
[  417.756934][   T29] audit: type=1326 audit(2000000089.700:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11681 comm="syz.6.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fd314585d29 code=0x7ffc0000
[  418.002644][ T5861] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  418.146695][   T29] audit: type=1326 audit(2000000089.700:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11681 comm="syz.6.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd314585d29 code=0x7ffc0000
[  418.283385][   T29] audit: type=1326 audit(2000000089.700:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11681 comm="syz.6.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=245 compat=0 ip=0x7fd314585d29 code=0x7ffc0000
[  418.340755][   T29] audit: type=1326 audit(2000000089.700:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11681 comm="syz.6.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd314585d29 code=0x7ffc0000
[  418.361670][ T5861] usb 5-1: Using ep0 maxpacket: 8
[  418.376694][ T5861] usb 5-1: config 0 has an invalid interface number: 33 but max is 1
[  418.390471][ T5861] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  418.449150][   T29] audit: type=1326 audit(2000000089.700:566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11681 comm="syz.6.1264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd314585d29 code=0x7ffc0000
[  418.461851][ T5861] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  418.520824][ T5861] usb 5-1: config 0 has no interface number 0
[  418.537450][ T5861] usb 5-1: config 0 interface 33 altsetting 0 endpoint 0x6 has an invalid bInterval 0, changing to 7
[  418.593687][ T5861] usb 5-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1
[  418.621745][ T5861] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.642237][ T5861] usb 5-1: Product: syz
[  418.652096][T11687] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  418.669208][ T5861] usb 5-1: Manufacturer: syz
[  418.685015][ T5861] usb 5-1: SerialNumber: syz
[  418.688896][T11687] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  418.706771][ T5861] usb 5-1: config 0 descriptor??
[  418.724828][ T5861] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx
[  418.741108][T11687] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  418.762900][T11687] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  418.904267][T11687] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  418.977974][T11687] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  419.023969][T11677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  419.033528][T11687] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  419.041339][T11687] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  419.049397][T11677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  419.124318][ T2327] pvrusb2: Invalid write control endpoint
[  419.486727][ T2327] usb 5-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2
[  419.501899][   T25] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  419.948566][T11687] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  420.013014][ T2327] usb 5-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw
[  420.031024][ T5861] usb 5-1: USB disconnect, device number 19
[  420.103820][   T25] usb 2-1: unable to get BOS descriptor or descriptor too short
[  420.122649][   T25] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  420.160334][   T25] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  420.230722][   T25] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  420.270809][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  420.331921][   T25] usb 2-1: Product: syz
[  420.336128][   T25] usb 2-1: Manufacturer: syz
[  420.340722][   T25] usb 2-1: SerialNumber: syz
[  421.152115][T11711] /dev/sg0: Can't lookup blockdev
[  421.218977][   T29] audit: type=1400 audit(2000000093.200:567): avc:  denied  { accept } for  pid=11703 comm="syz.1.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  422.172711][   T25] usb 2-1: bad CDC descriptors
[  422.203240][   T25] usb 2-1: USB disconnect, device number 17
[  422.292959][ T5862] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  422.496570][ T5862] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  422.509733][ T5862] usb 7-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  422.521200][ T5862] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  423.138978][ T5862] usb 7-1: config 0 descriptor??
[  423.153062][ T5862] pwc: Askey VC010 type 2 USB webcam detected.
[  423.954078][ T5862] pwc: recv_control_msg error -32 req 02 val 2b00
[  423.981257][ T5862] pwc: recv_control_msg error -32 req 02 val 2700
[  424.074813][T11754] bridge0: port 3(hsr_slave_1) entered blocking state
[  424.082193][ T5862] pwc: recv_control_msg error -32 req 02 val 2c00
[  424.098798][T11754] bridge0: port 3(hsr_slave_1) entered disabled state
[  424.106520][T11754] hsr_slave_1: entered allmulticast mode
[  424.116139][ T5862] pwc: recv_control_msg error -32 req 04 val 1000
[  424.126756][T11754] hsr_slave_1: left allmulticast mode
[  424.147188][ T5862] pwc: recv_control_msg error -32 req 04 val 1300
[  424.187502][ T5862] pwc: recv_control_msg error -32 req 04 val 1400
[  424.202362][ T5862] pwc: recv_control_msg error -32 req 02 val 2000
[  424.221461][ T5862] pwc: recv_control_msg error -32 req 02 val 2100
[  424.246726][ T5862] pwc: recv_control_msg error -32 req 04 val 1500
[  424.264981][ T5862] pwc: recv_control_msg error -32 req 02 val 2500
[  424.273269][ T5862] pwc: recv_control_msg error -32 req 02 val 2400
[  424.595210][ T5862] pwc: recv_control_msg error -71 req 02 val 2900
[  424.736132][ T5862] pwc: recv_control_msg error -71 req 02 val 2800
[  424.908679][ T5862] pwc: recv_control_msg error -71 req 04 val 1100
[  424.938887][ T5862] pwc: recv_control_msg error -71 req 04 val 1200
[  424.958182][ T5862] pwc: Registered as video103.
[  424.969114][ T5862] input: PWC snapshot button as /devices/platform/dummy_hcd.6/usb7/7-1/input/input19
[  424.998061][ T5862] usb 7-1: USB disconnect, device number 11
[  425.505369][   T29] kauditd_printk_skb: 3 callbacks suppressed
[  425.505386][   T29] audit: type=1400 audit(2000000097.500:571): avc:  denied  { getopt } for  pid=11767 comm="syz.0.1286" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  426.032225][T11773] netlink: 'syz.0.1286': attribute type 2 has an invalid length.
[  427.750826][   T29] audit: type=1400 audit(2000000099.740:572): avc:  denied  { write } for  pid=11803 comm="syz.0.1294" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  427.871207][   T29] audit: type=1400 audit(2000000099.740:573): avc:  denied  { open } for  pid=11803 comm="syz.0.1294" path="/250/file0" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  429.801094][   T29] audit: type=1400 audit(2000000101.750:574): avc:  denied  { read } for  pid=11817 comm="syz.5.1297" dev="9p" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  429.915017][   T29] audit: type=1800 audit(2000000101.760:575): pid=11820 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.1297" name="/" dev="9p" ino=2 res=0 errno=0
[  431.707747][T11838] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  431.778452][ T5900] wlan1: authenticate with 08:02:11:00:00:00 (local address=08:02:11:00:00:01)
[  431.808109][T11838] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  431.838867][T11838] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  431.841755][ T5900] wlan1: send auth to 08:02:11:00:00:00 (try 1/3)
[  431.888634][ T8572] wlan1: authenticated
[  432.089171][ T8572] wlan1: associate with 08:02:11:00:00:00 (try 1/3)
[  432.096147][ T8572] wlan1: associate with 08:02:11:00:00:00 (try 2/3)
[  432.103327][ T8572] wlan1: associate with 08:02:11:00:00:00 (try 3/3)
[  432.724184][ T8572] wlan1: association with 08:02:11:00:00:00 timed out
[  432.995069][T11853] overlayfs: failed to get index nlink (file1/file0, err=-61)
[  433.458185][T11862] syz.4.1310[11862] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  433.468915][T11862] syz.4.1310[11862] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  433.829172][T11862] syz.4.1310[11862] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  434.320674][T11870] netlink: 'syz.1.1311': attribute type 1 has an invalid length.
[  434.592389][T11870] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1311'.
[  436.620609][   T29] audit: type=1400 audit(2000000108.610:576): avc:  denied  { accept } for  pid=11892 comm="syz.5.1319" path=2F3138362FE91F7189591E9233614B scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  436.781697][ T5891] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  436.957087][T11891] netlink: 1068 bytes leftover after parsing attributes in process `syz.0.1318'.
[  436.966769][T11891] netlink: 1068 bytes leftover after parsing attributes in process `syz.0.1318'.
[  436.977417][ T5891] usb 7-1: Using ep0 maxpacket: 8
[  436.978322][T11891] netlink: 1068 bytes leftover after parsing attributes in process `syz.0.1318'.
[  436.988171][ T5891] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  436.992236][T11891] netlink: 1068 bytes leftover after parsing attributes in process `syz.0.1318'.
[  437.001585][ T5891] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  437.011166][T11891] netlink: 1068 bytes leftover after parsing attributes in process `syz.0.1318'.
[  437.369693][   T29] audit: type=1400 audit(2000000109.070:577): avc:  denied  { write } for  pid=11897 comm="syz.5.1321" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  437.389178][    C0] vkms_vblank_simulate: vblank timer overrun
[  437.609265][ T5891] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  437.619304][ T5891] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  437.708008][T11891] netlink: 1068 bytes leftover after parsing attributes in process `syz.0.1318'.
[  437.709953][ T5891] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  437.717895][T11891] netlink: 1068 bytes leftover after parsing attributes in process `syz.0.1318'.
[  437.742241][T11891] netlink: 1068 bytes leftover after parsing attributes in process `syz.0.1318'.
[  437.782359][ T5891] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  437.814662][T11891] netlink: 1068 bytes leftover after parsing attributes in process `syz.0.1318'.
[  438.023772][ T5891] usb 7-1: GET_CAPABILITIES returned 0
[  438.071081][ T5891] usbtmc 7-1:16.0: can't read capabilities
[  438.810478][T11889] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  439.226086][T11889] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  439.739220][    T9] usb 7-1: USB disconnect, device number 12
[  440.143869][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  440.150443][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  441.098959][T11934] bridge0: port 3(erspan0) entered blocking state
[  441.106560][T11934] bridge0: port 3(erspan0) entered disabled state
[  441.114929][T11934] erspan0: entered allmulticast mode
[  441.126194][T11934] erspan0: entered promiscuous mode
[  441.136319][T11934] bridge0: port 3(erspan0) entered blocking state
[  441.143053][T11934] bridge0: port 3(erspan0) entered forwarding state
[  443.972036][T11958] block device autoloading is deprecated and will be removed.
[  443.991634][T11958] syz.6.1337: attempt to access beyond end of device
[  443.991634][T11958] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  444.614969][ T5862] libceph: connect (1)[c::]:6789 error -101
[  444.881718][ T5862] libceph: mon0 (1)[c::]:6789 connect error
[  444.910399][ T5863] libceph: connect (1)[c::]:6789 error -101
[  444.935415][ T5863] libceph: mon0 (1)[c::]:6789 connect error
[  444.971163][T11966] ceph: No mds server is up or the cluster is laggy
[  445.437333][   T29] audit: type=1400 audit(2000000117.420:578): avc:  denied  { getopt } for  pid=11982 comm="syz.0.1343" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  446.912474][T11992] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1344'.
[  449.943591][   T29] audit: type=1400 audit(2000000121.940:579): avc:  denied  { cmd } for  pid=12010 comm="syz.4.1352" path="socket:[31061]" dev="sockfs" ino=31061 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  450.088469][T12023] vlan0: entered promiscuous mode
[  450.095349][T12023] vlan0: entered allmulticast mode
[  450.100557][T12023] hsr_slave_1: entered allmulticast mode
[  450.151237][T12023] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1355'.
[  450.192103][    T8] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  450.321115][T12023] hsr_slave_1 (unregistering): left allmulticast mode
[  450.344956][    T8] usb 2-1: Using ep0 maxpacket: 16
[  450.353461][    T8] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 65, using maximum allowed: 30
[  450.366145][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  450.376471][    T8] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 65
[  450.389880][    T8] usb 2-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  450.399990][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.410466][    T8] usb 2-1: config 0 descriptor??
[  450.889199][T12023] hsr_slave_1 (unregistering): left promiscuous mode
[  451.198048][    T8] hid-u2fzero 0003:10C4:8ACF.0009: unknown main item tag 0x0
[  451.207664][    T8] hid-u2fzero 0003:10C4:8ACF.0009: unknown main item tag 0x0
[  451.241033][    T8] hid-u2fzero 0003:10C4:8ACF.0009: unknown main item tag 0x0
[  451.267155][    T8] hid-u2fzero 0003:10C4:8ACF.0009: unknown main item tag 0x0
[  451.288270][    T8] hid-u2fzero 0003:10C4:8ACF.0009: unknown main item tag 0x0
[  451.297972][    T8] hid-u2fzero 0003:10C4:8ACF.0009: unknown main item tag 0x0
[  451.307411][    T8] hid-u2fzero 0003:10C4:8ACF.0009: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.1-1/input0
[  451.325385][    T8] hid-u2fzero 0003:10C4:8ACF.0009: U2F Zero LED initialised
[  451.333011][    T8] hid-u2fzero 0003:10C4:8ACF.0009: U2F Zero RNG initialised
[  451.427491][    T8] usb 2-1: USB disconnect, device number 18
[  454.324822][   T29] audit: type=1400 audit(2000000126.320:580): avc:  denied  { append } for  pid=12062 comm="syz.0.1366" name="sg0" dev="devtmpfs" ino=755 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  454.381042][T12066] vlan3: entered promiscuous mode
[  454.391875][T12066] bridge0: port 3(vlan3) entered blocking state
[  454.401084][T12066] bridge0: port 3(vlan3) entered disabled state
[  454.420625][T12066] vlan3: entered allmulticast mode
[  454.951978][   T29] audit: type=1400 audit(2000000126.940:581): avc:  denied  { wake_alarm } for  pid=12071 comm="syz.0.1369" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  456.950493][   T29] audit: type=1326 audit(2000000128.940:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12085 comm="syz.6.1372" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd314585d29 code=0x0
[  458.856101][T12109] sp0: Synchronizing with TNC
[  460.262327][T12107] xt_socket: unknown flags 0x50
[  460.511608][   T29] audit: type=1400 audit(2000000132.500:583): avc:  denied  { mounton } for  pid=12122 comm="syz.4.1382" path="/proc/1196/task" dev="proc" ino=32250 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  460.567622][   T29] audit: type=1326 audit(2000000132.510:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12122 comm="syz.4.1382" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f27daf85d29 code=0x0
[  462.866916][   T29] audit: type=1400 audit(2000000134.820:585): avc:  denied  { create } for  pid=12142 comm="syz.1.1387" name="#43" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  462.910891][   T29] audit: type=1400 audit(2000000134.830:586): avc:  denied  { link } for  pid=12142 comm="syz.1.1387" name="#43" dev="tmpfs" ino=1485 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  463.514777][   T29] audit: type=1400 audit(2000000134.830:587): avc:  denied  { rename } for  pid=12142 comm="syz.1.1387" name="#44" dev="tmpfs" ino=1485 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  463.612832][   T29] audit: type=1800 audit(2000000134.830:588): pid=12145 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz.1.1387" name="bus" dev="overlay" ino=1484 res=0 errno=0
[  466.360056][   T29] audit: type=1400 audit(2000000138.340:589): avc:  denied  { connect } for  pid=12168 comm="syz.4.1393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  472.262142][   T29] audit: type=1400 audit(2000000144.200:590): avc:  denied  { accept } for  pid=12206 comm="syz.6.1404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  473.369091][   T29] audit: type=1400 audit(2000000145.360:591): avc:  denied  { read write } for  pid=12224 comm="syz.0.1407" name="uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  473.624033][T12229] bridge2: trying to set multicast query interval below minimum, setting to 100 (1000ms)
[  473.634050][T12229] bridge2: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  474.291604][   T29] audit: type=1400 audit(2000000145.360:592): avc:  denied  { open } for  pid=12224 comm="syz.0.1407" path="/dev/uhid" dev="devtmpfs" ino=1273 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  474.388611][ T5862] hid-generic 0000:0003:0000.000A: unknown main item tag 0x0
[  475.401627][ T5862] hid-generic 0000:0003:0000.000A: unknown main item tag 0x0
[  475.841931][ T5862] hid-generic 0000:0003:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  476.243343][T12244] ptrace attach of "./syz-executor exec"[7170] was attempted by "./syz-executor exec"[12244]
[  477.219226][   T29] audit: type=1400 audit(2000000149.210:593): avc:  denied  { read } for  pid=12238 comm="syz.4.1412" path="socket:[32440]" dev="sockfs" ino=32440 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  477.961151][   T29] audit: type=1400 audit(2000000149.950:594): avc:  denied  { read } for  pid=12255 comm="syz.0.1417" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  480.192298][T12274] dvmrp0: entered allmulticast mode
[  480.481463][T12271] dvmrp0: left allmulticast mode
[  481.049435][ T2327] pvrusb2: request_firmware fatal error with code=-110
[  481.076316][ T2327] pvrusb2: Failure uploading firmware1
[  481.097112][ T2327] pvrusb2: Device initialization was not successful.
[  481.114203][ T2327] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  481.146557][ T2327] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  481.238727][ T5861] pvrusb2: Device being rendered inoperable
[  482.741692][   T29] audit: type=1400 audit(2000000154.730:595): avc:  denied  { read } for  pid=12305 comm="syz.1.1430" name="usbmon2" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  483.303725][   T29] audit: type=1400 audit(2000000154.730:596): avc:  denied  { open } for  pid=12305 comm="syz.1.1430" path="/dev/usbmon2" dev="devtmpfs" ino=722 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  483.381633][   T29] audit: type=1400 audit(2000000155.050:597): avc:  denied  { read } for  pid=12280 comm="syz.6.1424" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  483.501760][   T29] audit: type=1400 audit(2000000155.050:598): avc:  denied  { open } for  pid=12280 comm="syz.6.1424" path="/dev/snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  484.096980][   T29] audit: type=1400 audit(2000000156.090:599): avc:  denied  { execute } for  pid=12317 comm="syz.0.1432" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=31617 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  484.195005][T12312] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  484.202127][T12312] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  485.601657][ T5813] Bluetooth: hci3: command 0x0405 tx timeout
[  488.435809][ T5813] Bluetooth: hci3: command 0x0405 tx timeout
[  488.543515][   T29] audit: type=1800 audit(2000000159.910:600): pid=12377 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.1446" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  490.513239][T12392] ip6t_REJECT: ECHOREPLY is not supported
[  490.993584][   T29] audit: type=1400 audit(2000000162.990:601): avc:  denied  { write } for  pid=12393 comm="syz.5.1453" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  491.110738][ T5891] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  492.001852][   T29] audit: type=1400 audit(2000000163.600:602): avc:  denied  { nlmsg_write } for  pid=12396 comm="syz.6.1454" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  492.056342][ T5891] usb 5-1: device descriptor read/all, error -71
[  492.885829][T12412] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  492.955388][T12412] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.030543][T12412] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.209168][T12412] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  493.384593][T12412] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  493.400496][T12412] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  493.416707][T12412] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  493.430311][T12412] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  494.572575][T12428] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12428 comm=syz.1.1463
[  495.421627][ T5861] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  495.502591][T12431] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  495.556458][T12431] batadv_slave_0: entered promiscuous mode
[  495.596372][ T5861] usb 2-1: config 0 has an invalid interface number: 172 but max is 0
[  495.734493][ T5861] usb 2-1: config 0 has no interface number 0
[  496.386226][ T5861] usb 2-1: New USB device found, idVendor=2304, idProduct=020f, bcdDevice=3b.de
[  496.397534][ T5861] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.483171][ T5861] usb 2-1: Product: syz
[  496.488020][ T5861] usb 2-1: Manufacturer: syz
[  496.492931][ T5861] usb 2-1: SerialNumber: syz
[  496.522828][ T5861] usb 2-1: config 0 descriptor??
[  496.542561][ T5861] dvb-usb: found a 'Pinnacle 400e DVB-S USB2.0' in warm state.
[  496.607596][ T5861] dvb-usb: bulk message failed: -22 (4/0)
[  496.613864][ T5861] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  496.624521][ T5861] dvb-usb: bulk message failed: -22 (5/0)
[  496.630269][ T5861] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  497.361261][ T5861] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  497.653682][ T5861] dvbdev: DVB: registering new adapter (Pinnacle 400e DVB-S USB2.0)
[  497.666455][ T5861] usb 2-1: media controller created
[  497.858295][ T5861] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  497.898198][ T5861] ttusb2: set interface to alts=3 failed
[  498.983517][T12463] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  499.612886][ T5861] DVB: Unable to find symbol tda10086_attach()
[  499.619223][ T5861] dvb-usb: no frontend was attached by 'Pinnacle 400e DVB-S USB2.0'
[  499.676592][T12463] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  499.676723][ T5861] dvb-usb: bulk message failed: -22 (4/0)
[  499.703313][T12463] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  499.795537][ T5861] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  499.821012][ T5861] dvb-usb: bulk message failed: -22 (5/0)
[  499.862098][ T5861] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  500.059300][ T5861] dvb-usb: Pinnacle 400e DVB-S USB2.0 successfully initialized and connected.
[  500.071133][ T5861] usb 2-1: USB disconnect, device number 19
[  500.090955][ T5861] dvb-usb: Pinnacle 400e DVB-S USB2.0 successfully deinitialized and disconnected.
[  500.874288][T12480] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=12480 comm=syz.1.1477
[  501.136845][   T29] audit: type=1400 audit(2000000173.130:603): avc:  denied  { create } for  pid=12488 comm="syz.5.1479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  501.217961][   T29] audit: type=1400 audit(2000000173.150:604): avc:  denied  { bind } for  pid=12488 comm="syz.5.1479" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  501.808948][   T29] audit: type=1400 audit(2000000173.150:605): avc:  denied  { write } for  pid=12488 comm="syz.5.1479" path="socket:[33100]" dev="sockfs" ino=33100 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  501.837059][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  501.851642][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  505.329073][   T29] audit: type=1400 audit(2000000177.320:606): avc:  denied  { create } for  pid=12528 comm="syz.6.1488" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  509.933155][   T29] audit: type=1400 audit(2000000181.900:607): avc:  denied  { bind } for  pid=12572 comm="syz.5.1499" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  510.326613][   T29] audit: type=1400 audit(2000000182.310:608): avc:  denied  { unlink } for  pid=8532 comm="syz-executor" name="file0" dev="tmpfs" ino=911 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  512.360440][   T29] audit: type=1400 audit(2000000184.350:609): avc:  denied  { mount } for  pid=12601 comm="syz.5.1506" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  513.601987][    T8] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  513.901677][    T8] usb 6-1: Using ep0 maxpacket: 16
[  513.923240][    T8] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  514.482429][T12623] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1510'.
[  514.493358][    T8] usb 6-1: New USB device found, idVendor=102c, idProduct=6151, bcdDevice=2c.ae
[  514.502573][   T29] audit: type=1400 audit(2000000185.960:610): avc:  denied  { map } for  pid=12614 comm="syz.0.1511" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  514.502621][   T29] audit: type=1400 audit(2000000185.960:611): avc:  denied  { execute } for  pid=12614 comm="syz.0.1511" path="/dev/dri/card0" dev="devtmpfs" ino=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dri_device_t tclass=chr_file permissive=1
[  514.526150][    C0] vkms_vblank_simulate: vblank timer overrun
[  514.576416][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  514.584784][    T8] usb 6-1: Product: syz
[  514.588996][    T8] usb 6-1: Manufacturer: syz
[  514.593721][    T8] usb 6-1: SerialNumber: syz
[  514.608328][    T8] usb 6-1: config 0 descriptor??
[  514.692695][    T8] gspca_main: etoms-2.14.0 probing 102c:6151
[  514.910908][    T8] usb 6-1: USB disconnect, device number 15
[  515.051717][   T29] audit: type=1400 audit(2000000187.030:612): avc:  denied  { getopt } for  pid=12630 comm="syz.1.1514" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  515.071363][    C0] vkms_vblank_simulate: vblank timer overrun
[  516.446762][   T29] audit: type=1400 audit(2000000188.440:613): avc:  denied  { unmount } for  pid=7170 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  522.393545][   T29] audit: type=1400 audit(2000000194.130:614): avc:  denied  { ioctl } for  pid=12687 comm="syz.5.1531" path="socket:[33691]" dev="sockfs" ino=33691 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  523.711705][T12713] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  525.065269][T12717] xt_l2tp: v2 tid > 0xffff: 262144
[  525.903809][    T8] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  525.963753][   T29] audit: type=1326 audit(2000000197.960:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12726 comm="syz.1.1543" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3de4785d29 code=0x0
[  526.271908][T12722] syz.4.1541 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  526.283369][T12722] CPU: 0 UID: 0 PID: 12722 Comm: syz.4.1541 Not tainted 6.13.0-syzkaller #0
[  526.292046][T12722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  526.302097][T12722] Call Trace:
[  526.305370][T12722]  <TASK>
[  526.308293][T12722]  dump_stack_lvl+0x16c/0x1f0
[  526.312979][T12722]  dump_header+0x101/0x900
[  526.317400][T12722]  oom_kill_process+0x270/0xa60
[  526.322250][T12722]  ? mem_cgroup_out_of_memory+0x8d/0x270
[  526.327892][T12722]  out_of_memory+0x351/0x1700
[  526.332575][T12722]  ? __pfx_out_of_memory+0x10/0x10
[  526.337681][T12722]  ? rcu_read_unlock+0x17/0x60
[  526.342460][T12722]  ? find_held_lock+0x2d/0x110
[  526.347259][T12722]  mem_cgroup_out_of_memory+0x207/0x270
[  526.352824][T12722]  ? __pfx_mem_cgroup_out_of_memory+0x10/0x10
[  526.358905][T12722]  ? do_raw_spin_unlock+0x172/0x230
[  526.364111][T12722]  try_charge_memcg+0x54c/0xaf0
[  526.368970][T12722]  ? __pfx_try_charge_memcg+0x10/0x10
[  526.374343][T12722]  ? __pfx_lock_release+0x10/0x10
[  526.379365][T12722]  ? trace_lock_acquire+0x14e/0x1f0
[  526.384575][T12722]  mem_cgroup_swapin_charge_folio+0x14c/0x380
[  526.390645][T12722]  __read_swap_cache_async+0x436/0x660
[  526.396105][T12722]  ? __pfx___read_swap_cache_async+0x10/0x10
[  526.402083][T12722]  ? lock_acquire+0x2f/0xb0
[  526.406582][T12722]  ? mlock_drain_local+0x6f/0x4f0
[  526.411613][T12722]  swap_cluster_readahead+0x4e2/0x740
[  526.416987][T12722]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  526.422877][T12722]  ? filemap_get_entry+0x1a8/0x3c0
[  526.428002][T12722]  ? get_vma_policy+0x248/0x3c0
[  526.432865][T12722]  swapin_readahead+0x12c/0xd60
[  526.437720][T12722]  ? get_swap_device+0x362/0x5e0
[  526.442658][T12722]  ? __pfx_swapin_readahead+0x10/0x10
[  526.448024][T12722]  ? __filemap_get_folio+0x2a5/0xaf0
[  526.453314][T12722]  ? swap_cache_get_folio+0x1e0/0x460
[  526.458682][T12722]  ? get_swap_device+0x245/0x5e0
[  526.463616][T12722]  ? __pfx_swap_cache_get_folio+0x10/0x10
[  526.469331][T12722]  ? __pfx___lock_acquire+0x10/0x10
[  526.474532][T12722]  do_swap_page+0x680/0x5970
[  526.479124][T12722]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  526.484751][T12722]  ? rcu_is_watching+0x12/0xc0
[  526.489534][T12722]  ? trace_lock_acquire+0x14e/0x1f0
[  526.494746][T12722]  ? __pfx_do_swap_page+0x10/0x10
[  526.499778][T12722]  ? lock_acquire+0x2f/0xb0
[  526.504301][T12722]  ? ___pte_offset_map+0x42/0x540
[  526.509355][T12722]  ? __pfx_default_wake_function+0x10/0x10
[  526.515189][T12722]  ? ___pte_offset_map+0x1b9/0x540
[  526.520323][T12722]  __handle_mm_fault+0x1055/0x2a40
[  526.525443][T12722]  ? lock_vma_under_rcu+0x6b9/0x980
[  526.530641][T12722]  ? __pfx___handle_mm_fault+0x10/0x10
[  526.536142][T12722]  handle_mm_fault+0x3fa/0xaa0
[  526.540927][T12722]  do_user_addr_fault+0x60d/0x13f0
[  526.546056][T12722]  exc_page_fault+0x5c/0xc0
[  526.550568][T12722]  asm_exc_page_fault+0x26/0x30
[  526.555424][T12722] RIP: 0033:0x7f27daf85c86
[  526.559844][T12722] Code: fb e8 9e 03 02 00 85 c0 b8 00 00 00 00 48 0f 45 d8 48 89 d8 5b c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 83 ec 28 31 f6 <64> 48 8b 04 25 28 00 00 00 48 89 44 24 18 31 c0 89 f8 48 69 c0 83
[  526.579444][T12722] RSP: 002b:00007ffc890f5240 EFLAGS: 00010246
[  526.585507][T12722] RAX: 0000000000080771 RBX: 00007f27db175fa0 RCX: 00000000000806b0
[  526.593477][T12722] RDX: 00000000000000c1 RSI: 0000000000000000 RDI: 00000000000003e8
[  526.601440][T12722] RBP: 00007f27db177ba0 R08: 000000000001908a R09: 00007f27dbdcc000
[  526.609403][T12722] R10: 0000000000000001 R11: 000adab3154ab138 R12: 0000000000080815
[  526.617366][T12722] R13: 00007f27db176160 R14: 0000000000000032 R15: ffffffffffffffff
[  526.625346][T12722]  </TASK>
[  526.629487][T12722] memory: usage 307200kB, limit 307200kB, failcnt 192
[  526.636904][T12722] memory+swap: usage 307712kB, limit 9007199254740988kB, failcnt 0
[  526.645052][T12722] kmem: usage 306844kB, limit 9007199254740988kB, failcnt 0
[  526.652379][T12722] Memory cgroup stats for /syz4:
[  526.652809][T12722] cache 364544
[  526.661085][T12722] rss 0
[  526.663895][T12722] rss_huge 0
[  526.667084][T12722] shmem 0
[  526.670009][T12722] mapped_file 364544
[  526.673920][T12722] dirty 364544
[  526.677278][T12722] writeback 0
[  526.680549][T12722] workingset_refault_anon 101
[  526.685270][T12722] workingset_refault_file 0
[  526.689757][T12722] swap 524288
[  526.693056][T12722] swapcached 0
[  526.696434][T12722] pgpgin 250125
[  526.699879][T12722] pgpgout 250036
[  526.703460][T12722] pgfault 283833
[  526.706998][T12722] pgmajfault 47
[  526.710442][T12722] inactive_anon 0
[  526.714119][T12722] active_anon 0
[  526.717566][T12722] inactive_file 0
[  526.721183][T12722] active_file 364544
[  526.725129][T12722] unevictable 0
[  526.728576][T12722] hierarchical_memory_limit 314572800
[  526.733976][T12722] hierarchical_memsw_limit 9223372036854771712
[  526.740662][T12722] total_cache 364544
[  526.744606][T12722] total_rss 0
[  526.747882][T12722] total_rss_huge 0
[  526.751628][T12722] total_shmem 0
[  526.755074][T12722] total_mapped_file 364544
[  526.759499][T12722] total_dirty 364544
[  526.763436][T12722] total_writeback 0
[  526.767230][T12722] total_workingset_refault_anon 101
[  526.772439][T12722] total_workingset_refault_file 0
[  526.777450][T12722] total_swap 524288
[  526.781243][T12722] total_swapcached 0
[  526.785165][T12722] total_pgpgin 250125
[  526.789133][T12722] total_pgpgout 250036
[  526.793227][T12722] total_pgfault 283833
[  526.797282][T12722] total_pgmajfault 47
[  526.801247][T12722] total_inactive_anon 0
[  526.805444][T12722] total_active_anon 0
[  526.809411][T12722] total_inactive_file 0
[  526.813602][T12722] total_active_file 364544
[  526.818006][T12722] total_unevictable 0
[  526.822041][T12722] anon_cost 0
[  526.825319][T12722] file_cost 0
[  526.828591][T12722] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.1541,pid=12722,uid=0
[  526.846586][T12722] Memory cgroup out of memory: Killed process 12722 (syz.4.1541) total-vm:103892kB, anon-rss:804kB, file-rss:22900kB, shmem-rss:0kB, UID:0 pgtables:124kB oom_score_adj:1000
[  527.503346][    T8] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  527.526658][    T8] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  527.592055][    T8] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  527.601473][    T8] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  527.657722][    T8] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  527.672939][    T8] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  527.688488][    T8] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  527.702966][    T8] usb 6-1: Product: syz
[  527.757837][    T8] usb 6-1: Manufacturer: syz
[  527.774820][    T8] cdc_wdm 6-1:1.0: skipping garbage
[  527.806432][    T8] cdc_wdm 6-1:1.0: skipping garbage
[  527.823453][    T8] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  527.861673][    T8] cdc_wdm 6-1:1.0: Unknown control protocol
[  528.263334][T12724] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  529.112366][T12750] kvm: kvm [12749]: vcpu1, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x800
[  530.283979][    T8] usb 6-1: USB disconnect, device number 16
[  530.567679][T12766] netlink: 'syz.4.1551': attribute type 1 has an invalid length.
[  531.103625][T12766] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.1551'.
[  531.322965][T12776] macsec1: entered promiscuous mode
[  531.328831][T12776] macsec1: entered allmulticast mode
[  531.337130][T12776] bond0: (slave macsec1): Error -34 calling dev_set_mtu
[  532.664539][T12792] ubi0: attaching mtd0
[  532.676047][T12792] ubi0: scanning is finished
[  532.711635][T12792] ubi0: empty MTD device detected
[  532.771836][   T29] audit: type=1400 audit(2000000204.750:616): avc:  denied  { write } for  pid=12785 comm="syz.4.1560" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=caif_socket permissive=1
[  532.825052][T12789] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  533.100039][T12789] kvm: pic: non byte read
[  533.117780][T12789] kvm: pic: level sensitive irq not supported
[  533.117842][T12789] kvm: pic: non byte read
[  533.843747][T12792] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB)
[  533.851263][T12792] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  533.905542][T12792] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1
[  534.517004][T12792] ubi0: VID header offset: 64 (aligned 64), data offset: 128
[  534.704478][T12818] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  534.854587][T12792] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  534.922070][T12821] bridge0: port 2(bridge_slave_1) entered disabled state
[  534.929325][T12821] bridge0: port 1(bridge_slave_0) entered disabled state
[  534.946298][T12821] bridge0: entered allmulticast mode
[  534.969967][T12792] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23
[  535.048332][T12792] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 2739186672
[  535.319167][T12792] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  535.383530][T12806] ubi0: background thread "ubi_bgt0d" started, PID 12806
[  535.409871][T12826] vlan3: left allmulticast mode
[  535.447571][T12826] bridge0: port 3(vlan3) entered disabled state
[  535.574256][T12826] bridge_slave_1: left allmulticast mode
[  535.583644][T12826] bridge_slave_1: left promiscuous mode
[  535.622653][T12826] bridge0: port 2(bridge_slave_1) entered disabled state
[  536.096720][T12826] bridge_slave_0: left allmulticast mode
[  536.105127][T12826] bridge_slave_0: left promiscuous mode
[  536.121775][T12826] bridge0: port 1(bridge_slave_0) entered disabled state
[  542.370380][T12894] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1574'.
[  542.575885][T12894] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  544.134993][ T5861] libceph: connect (1)[c::]:6789 error -101
[  544.146544][ T5861] libceph: mon0 (1)[c::]:6789 connect error
[  544.472942][ T5861] libceph: connect (1)[c::]:6789 error -101
[  544.504783][ T5861] libceph: mon0 (1)[c::]:6789 connect error
[  544.682384][T12916] ceph: No mds server is up or the cluster is laggy
[  545.080100][T12934] xt_TPROXY: Can be used only with -p tcp or -p udp
[  546.128377][ T5813] Bluetooth: hci3: unexpected event for opcode 0x2028
[  554.006509][T13002] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1601'.
[  554.204309][T13002] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1601'.
[  554.274999][T13002] netlink: 'syz.4.1601': attribute type 1 has an invalid length.
[  554.317230][T13002] nbd: error processing sock list
[  554.367733][   T29] audit: type=1400 audit(2000000226.360:617): avc:  denied  { getopt } for  pid=13018 comm="syz.5.1606" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  556.612773][T13034] TCP: out of memory -- consider tuning tcp_mem
[  556.907983][   T29] audit: type=1400 audit(2000000228.870:618): avc:  denied  { write } for  pid=13041 comm="syz.5.1612" name="mouse0" dev="devtmpfs" ino=1000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  557.205630][   T29] audit: type=1400 audit(2000000229.200:619): avc:  denied  { read } for  pid=13048 comm="syz.4.1614" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  558.349926][T13055] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  558.408352][   T29] audit: type=1400 audit(2000000230.400:620): avc:  denied  { execmem } for  pid=13060 comm="syz.4.1617" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  560.175487][T13075] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  560.186353][T13074] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1620'.
[  560.204943][T13075] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  560.247475][T13071] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(3)
[  560.254732][T13071] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  560.275454][T13071] vhci_hcd vhci_hcd.0: Device attached
[  560.408075][T13079] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  560.439597][T13059] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1616'.
[  560.473188][ T5862] vhci_hcd: vhci_device speed not set
[  560.555882][ T5862] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[  560.993981][T13071] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  561.002408][T13075] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  561.039013][T13071] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  561.060680][T13071] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  561.203606][T13071] vhci_hcd vhci_hcd.0: port 0 already used
[  562.337186][   T29] audit: type=1400 audit(2000000233.600:621): avc:  denied  { write } for  pid=13089 comm="syz.4.1623" name="route" dev="proc" ino=4026533239 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  562.604230][T13073] vhci_hcd: connection reset by peer
[  562.659171][   T53] vhci_hcd: stop threads
[  562.664953][   T53] vhci_hcd: release socket
[  562.709455][   T53] vhci_hcd: disconnect device
[  562.846968][T13109] overlayfs: metacopy with no lower data found - abort lookup (/bus)
[  563.591767][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  563.598126][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  564.791737][   T25] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  565.963103][   T25] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  566.927166][ T5862] vhci_hcd: vhci_device speed not set
[  566.936081][   T25] usb 6-1: config 0 has no interfaces?
[  566.965391][   T25] usb 6-1: New USB device found, idVendor=056a, idProduct=0028, bcdDevice= 0.00
[  567.163784][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.196029][   T25] usb 6-1: config 0 descriptor??
[  568.720749][T13159] xt_socket: unknown flags 0x50
[  568.723605][T13167] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  569.111619][T13156] sg_write: process 1386 (syz.4.1639) changed security contexts after opening file descriptor, this is not allowed.
[  569.732551][   T29] audit: type=1400 audit(2000000241.730:622): avc:  denied  { accept } for  pid=13173 comm="syz.1.1643" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  569.880285][    T8] usb 6-1: USB disconnect, device number 17
[  570.971551][   T29] audit: type=1400 audit(2000000242.940:623): avc:  denied  { listen } for  pid=13180 comm="syz.4.1645" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  571.761373][T12886] udevd[12886]: failed to send result of seq 16906 to main daemon: Connection refused
[  571.762795][T12920] udevd[12920]: failed to send result of seq 16905 to main daemon: Transport endpoint is not connected
[  571.790555][T12893] udevd[12893]: failed to send result of seq 16907 to main daemon: Transport endpoint is not connected
[  575.378915][T13220] netlink: 'syz.1.1655': attribute type 3 has an invalid length.
[  575.387028][T13220] netlink: 666 bytes leftover after parsing attributes in process `syz.1.1655'.
[  579.399656][T13257] kvm: kvm [13244]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x10000fa88
[  579.484323][T13257] kvm: kvm [13244]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x11e) = 0xcb04
[  579.511101][T13257] kvm: kvm [13244]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x11e) = 0xbe702111
[  580.622476][T13275] x_tables: ip_tables: ah match: only valid for protocol 51
[  583.350508][T13291] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1671'.
[  588.406351][T13339] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1684'.
[  588.780559][T13339] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1684'.
[  589.821751][   T29] audit: type=1400 audit(2000000261.770:624): avc:  denied  { create } for  pid=13349 comm="syz.5.1688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  590.224547][   T29] audit: type=1400 audit(2000000261.770:625): avc:  denied  { write } for  pid=13349 comm="syz.5.1688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  590.291996][   T29] audit: type=1400 audit(2000000261.770:626): avc:  denied  { nlmsg_write } for  pid=13349 comm="syz.5.1688" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  597.948408][T13423] tmpfs: Bad value for 'mpol'
[  598.405206][T13414] kvm_intel: kvm [13413]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x1d9) = 0xe700007771
[  598.460619][T13414] kvm: kvm [13413]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0x187) = 0x17d00009a25
[  600.547300][T13448] random: crng reseeded on system resumption
[  600.547429][   T29] audit: type=1400 audit(2000000272.540:627): avc:  denied  { write } for  pid=13441 comm="syz.6.1710" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  604.261830][ T5863] libceph: connect (1)[c::]:6789 error -101
[  604.271728][ T5863] libceph: mon0 (1)[c::]:6789 connect error
[  604.299138][   T29] audit: type=1400 audit(2000000276.290:628): avc:  denied  { listen } for  pid=13505 comm="syz.6.1719" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  604.325895][   T29] audit: type=1400 audit(2000000276.290:629): avc:  denied  { accept } for  pid=13505 comm="syz.6.1719" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netrom_socket permissive=1
[  604.574437][ T5863] libceph: connect (1)[c::]:6789 error -101
[  604.770896][ T5863] libceph: mon0 (1)[c::]:6789 connect error
[  604.782330][T13514] tmpfs: Bad value for 'mpol'
[  605.040284][T13501] ceph: No mds server is up or the cluster is laggy
[  607.136524][T13529] block device autoloading is deprecated and will be removed.
[  608.024693][T13544] netlink: 'syz.5.1727': attribute type 4 has an invalid length.
[  608.071687][T13544] netlink: 17 bytes leftover after parsing attributes in process `syz.5.1727'.
[  610.177184][T13558] block device autoloading is deprecated and will be removed.
[  610.208715][T13558] syz.6.1733: attempt to access beyond end of device
[  610.208715][T13558] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  610.313516][T13559] syz.6.1733: attempt to access beyond end of device
[  610.313516][T13559] md34: rw=2048, sector=0, nr_sectors = 8 limit=0
[  611.818195][T13580] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13580 comm=syz.1.1737
[  614.342013][ T5818] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  614.354141][ T5818] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  614.362854][ T5818] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  614.388294][ T5818] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  614.403803][ T5818] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  614.414260][ T5818] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  615.548889][T13591] ntfs3(nullb0): Primary boot signature is not NTFS.
[  615.622326][T13591] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  616.751626][ T5813] Bluetooth: hci3: command tx timeout
[  617.489673][T13640] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  618.504832][T13607] chnl_net:caif_netlink_parms(): no params data found
[  618.736850][T13607] bridge0: port 1(bridge_slave_0) entered blocking state
[  618.759056][T13607] bridge0: port 1(bridge_slave_0) entered disabled state
[  618.766791][T13607] bridge_slave_0: entered allmulticast mode
[  618.773687][T13607] bridge_slave_0: entered promiscuous mode
[  618.783481][T13607] bridge0: port 2(bridge_slave_1) entered blocking state
[  618.790595][T13607] bridge0: port 2(bridge_slave_1) entered disabled state
[  618.798029][T13607] bridge_slave_1: entered allmulticast mode
[  618.801627][ T5813] Bluetooth: hci3: command tx timeout
[  618.805010][T13607] bridge_slave_1: entered promiscuous mode
[  619.187751][T13607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  619.559375][ T5900] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  619.569025][T13607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  619.642574][ T5863] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  619.646029][T13607] team0: Port device team_slave_0 added
[  620.592343][T13607] team0: Port device team_slave_1 added
[  620.612595][ T5900] usb 2-1: Using ep0 maxpacket: 32
[  620.641753][ T5863] usb 6-1: Using ep0 maxpacket: 8
[  620.653137][ T5863] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[  620.662449][ T5863] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  620.670453][ T5863] usb 6-1: Product: syz
[  620.676609][ T5863] usb 6-1: Manufacturer: syz
[  620.681226][ T5863] usb 6-1: SerialNumber: syz
[  621.008966][ T5813] Bluetooth: hci3: command tx timeout
[  621.445115][T13607] batman_adv: batadv0: Adding interface: batadv_slave_0
[  621.460986][T13607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  621.493152][T13607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  621.505784][T13607] batman_adv: batadv0: Adding interface: batadv_slave_1
[  621.512869][ T5900] usb 2-1: config 0 interface 0 has no altsetting 0
[  621.519579][T13607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  621.527085][ T5863] usb 6-1: config 0 descriptor??
[  621.547564][T13607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  621.671357][ T5900] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  621.701314][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.710353][ T5900] usb 2-1: Product: syz
[  621.716311][ T5900] usb 2-1: config 0 descriptor??
[  621.727314][ T5900] usb 2-1: can't set config #0, error -71
[  621.751926][ T5900] usb 2-1: USB disconnect, device number 20
[  621.792015][ T5863] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  621.805222][T13607] hsr_slave_0: entered promiscuous mode
[  621.864546][T13607] hsr_slave_1: entered promiscuous mode
[  621.893725][T13607] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  621.906715][T13607] Cannot create hsr debugfs directory
[  622.444005][ T5863] dvb_usb_rtl28xxu 6-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  622.534426][ T5863] usb 6-1: USB disconnect, device number 18
[  622.553277][T13607] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  622.596759][T13607] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  622.623549][T13607] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  622.632902][T13607] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  622.722952][T13607] 8021q: adding VLAN 0 to HW filter on device bond0
[  622.738859][T13607] 8021q: adding VLAN 0 to HW filter on device team0
[  622.752827][T12851] bridge0: port 1(bridge_slave_0) entered blocking state
[  622.759953][T12851] bridge0: port 1(bridge_slave_0) entered forwarding state
[  622.774849][T12851] bridge0: port 2(bridge_slave_1) entered blocking state
[  622.781995][T12851] bridge0: port 2(bridge_slave_1) entered forwarding state
[  623.765253][ T5813] Bluetooth: hci3: command tx timeout
[  624.422144][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  624.428975][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  625.931438][T13747] x_tables: ip6_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  626.006388][T13751] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1770'.
[  626.887664][T13607] 8021q: adding VLAN 0 to HW filter on device batadv0
[  627.164835][T13765] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  627.214893][T13765] kvm: pic: level sensitive irq not supported
[  627.214965][T13765] kvm: pic: non byte read
[  627.245225][T13765] kvm: pic: level sensitive irq not supported
[  627.245292][T13765] kvm: pic: non byte read
[  627.266473][T13765] kvm: pic: level sensitive irq not supported
[  627.266537][T13765] kvm: pic: non byte read
[  627.760418][T13607] veth0_vlan: entered promiscuous mode
[  627.808394][T13607] veth1_vlan: entered promiscuous mode
[  627.877775][T13607] veth0_macvtap: entered promiscuous mode
[  627.924114][T13607] veth1_macvtap: entered promiscuous mode
[  628.101359][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.204236][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.285876][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.337271][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.400390][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  628.425694][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  628.542311][T13607] batman_adv: batadv0: Interface activated: batadv_slave_0
[  629.204254][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  629.360819][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.370986][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  629.387355][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.397878][T13607] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  629.410479][T13607] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  629.435358][T13607] batman_adv: batadv0: Interface activated: batadv_slave_1
[  629.538775][T13788] delete_channel: no stack
[  629.562088][T13788] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1778'.
[  629.927434][T13607] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  630.113984][T13607] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  630.164900][T13607] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  630.201603][T13607] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  631.795286][T12864] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.467286][T12864] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  632.524199][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.553160][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  633.029531][   T29] audit: type=1400 audit(2000000305.010:630): avc:  denied  { mounton } for  pid=13607 comm="syz-executor" path="/sys/fs/fuse/connections" dev="fusectl" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  638.861698][    T9] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  639.934688][    T9] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  639.946450][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  639.962185][    T9] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  639.983249][    T9] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  640.111623][    T9] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  640.120697][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.134785][    T9] usb 8-1: config 0 descriptor??
[  641.567243][    T9] plantronics 0003:047F:FFFF.000B: ignoring exceeding usage max
[  641.582403][T13862] vivid-007: disconnect
[  641.592755][T13862] vivid-007: reconnect
[  641.606359][    T9] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  642.751791][    T9] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[  643.944446][   T29] audit: type=1400 audit(2000000315.940:631): avc:  denied  { append } for  pid=13870 comm="syz.5.1799" name="ptp0" dev="devtmpfs" ino=1265 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  644.079437][   T25] hid-generic 0009:0006:53D2.000C: unexpected long global item
[  644.082061][ T5900] usb 8-1: USB disconnect, device number 2
[  644.108488][   T25] hid-generic 0009:0006:53D2.000C: probe with driver hid-generic failed with error -22
[  645.585307][T13901] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1806'.
[  645.594987][T13899] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1807'.
[  645.839867][T13897] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  650.883694][T13936] veth0_to_team: entered promiscuous mode
[  650.889551][T13936] veth0_to_team: entered allmulticast mode
[  651.056812][   T29] audit: type=1400 audit(2000000323.040:632): avc:  denied  { recv } for  pid=13937 comm="syz.5.1815" saddr=10.128.0.169 src=43542 daddr=10.128.0.2 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  652.854748][ T5862] hid-generic 0000:0000:0000.000D: item fetching failed at offset 0/1
[  652.870730][ T5862] hid-generic 0000:0000:0000.000D: probe with driver hid-generic failed with error -22
[  654.624215][   T29] audit: type=1400 audit(2000000326.480:633): avc:  denied  { sendto } for  pid=16 comm="ksoftirqd/0" saddr=fe80::1b daddr=ff02::2 netif=teql0 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:node_t tclass=node permissive=1
[  655.447422][   T29] audit: type=1400 audit(2000000327.370:634): avc:  denied  { nlmsg_read } for  pid=13973 comm="syz.4.1822" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  656.141597][    T9] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  656.346829][    T9] usb 5-1: Using ep0 maxpacket: 16
[  656.399349][    T9] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  656.441953][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.446461][T13987] smc: net device bond_slave_1 applied user defined pnetid SYZ1
[  656.450102][    T9] usb 5-1: Product: syz
[  656.499258][    T9] usb 5-1: Manufacturer: syz
[  656.509022][    T9] usb 5-1: SerialNumber: syz
[  656.523754][    T9] r8152-cfgselector 5-1: Unknown version 0x0000
[  656.539774][    T9] r8152-cfgselector 5-1: config 0 descriptor??
[  657.488642][    T9] r8152-cfgselector 5-1: USB disconnect, device number 22
[  658.084160][T13997] xt_CT: No such helper "snmp_trap"
[  659.433261][T14011] kvm: kvm [14007]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  660.176822][T14011] kvm: kvm [14007]: vcpu0, guest rIP: 0x1be Unhandled WRMSR(0xc2) = 0x4000
[  660.244477][   T29] audit: type=1400 audit(2000000332.230:635): avc:  denied  { ioctl } for  pid=14018 comm="syz.1.1834" path="/dev/usbmon0" dev="devtmpfs" ino=716 ioctlcmd=0x9203 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  660.571587][ T5900] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  660.607784][   T29] audit: type=1400 audit(2000000332.580:636): avc:  denied  { create } for  pid=14021 comm="syz.4.1835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  660.647987][   T29] audit: type=1400 audit(2000000332.580:637): avc:  denied  { setopt } for  pid=14021 comm="syz.4.1835" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  660.842311][ T5900] usb 2-1: Using ep0 maxpacket: 16
[  660.854596][ T5900] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  660.871131][ T5900] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  661.538193][ T5900] usb 2-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  661.636039][ T5900] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  661.851391][ T5900] usb 2-1: config 0 descriptor??
[  662.111481][T14033] smc: net device bond0 applied user defined pnetid SYZ0
[  663.079069][ T5900] usbhid 2-1:0.0: can't add hid device: -32
[  663.085318][ T5900] usbhid 2-1:0.0: probe with driver usbhid failed with error -32
[  663.126323][ T5900] usb 2-1: USB disconnect, device number 21
[  663.760200][T14041] [U] vÔ3
[  664.457266][   T29] audit: type=1400 audit(2000000336.430:638): avc:  denied  { write } for  pid=14056 comm="syz.1.1845" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  664.602209][   T29] audit: type=1400 audit(2000000336.590:639): avc:  denied  { ioctl } for  pid=14056 comm="syz.1.1845" path="/dev/input/mouse0" dev="devtmpfs" ino=1000 ioctlcmd=0x5442 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  664.655395][T14054] bridge0: port 2(bridge_slave_1) entered disabled state
[  664.662711][T14054] bridge0: port 1(bridge_slave_0) entered disabled state
[  664.914192][T14054] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  664.946916][T14054] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  665.246957][T14054] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  665.266471][T14054] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  665.279928][T14064] Falling back ldisc for ttyS3.
[  665.321620][T14054] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  665.339435][T14078] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=14078 comm=syz.1.1847
[  665.360402][T14054] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  665.380792][   T29] audit: type=1400 audit(2000000337.350:640): avc:  denied  { read } for  pid=14076 comm="syz.1.1847" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  665.963660][T14085] Invalid ELF header type: 0 != 1
[  667.338720][T14098] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1852'.
[  667.347904][T14098] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1852'.
[  669.433361][T14116] binder: 14103:14116 ioctl 4018620d 0 returned -22
[  670.332502][T14116] binder: 14103:14116 ioctl c0306201 0 returned -14
[  670.521789][   T29] audit: type=1400 audit(2000000342.510:641): avc:  denied  { write } for  pid=14119 comm="syz.4.1860" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  670.876469][T14124] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1859'.
[  670.885791][T14124] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1859'.
[  671.428379][T14122] xt_TPROXY: Can be used only with -p tcp or -p udp
[  671.471726][T14135] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1863'.
[  672.028157][T14132] kvm: kvm [14131]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x718e
[  672.048369][T14132] kvm: kvm [14131]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x790e
[  672.384780][T14132] kvm: kvm [14131]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x790e
[  672.407540][T14132] kvm: kvm [14131]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x790e
[  672.426744][T14132] kvm: kvm [14131]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc1) = 0x790e
[  673.156494][   T29] audit: type=1400 audit(2000000345.150:642): avc:  denied  { getopt } for  pid=14152 comm="syz.4.1868" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  680.901687][T14223] random: crng reseeded on system resumption
[  682.631876][   T29] audit: type=1400 audit(2000000354.550:643): avc:  denied  { create } for  pid=14230 comm="syz.4.1886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  682.652262][   T29] audit: type=1400 audit(2000000354.560:644): avc:  denied  { write } for  pid=14230 comm="syz.4.1886" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  683.814049][   T29] audit: type=1400 audit(2000000355.000:645): avc:  denied  { name_connect } for  pid=14234 comm="syz.0.1888" dest=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  683.981249][   T29] audit: type=1400 audit(2000000355.970:646): avc:  denied  { connect } for  pid=14245 comm="syz.4.1890" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  685.633797][   T29] audit: type=1400 audit(2000000357.610:647): avc:  denied  { append } for  pid=14258 comm="syz.5.1893" name="event3" dev="devtmpfs" ino=1001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  685.657250][    C1] vkms_vblank_simulate: vblank timer overrun
[  685.691711][T14031] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  685.824071][T14265] delete_channel: no stack
[  685.849425][T14265] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1894'.
[  685.869351][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  685.876695][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  685.899680][T14031] usb 8-1: New USB device found, idVendor=0681, idProduct=0010, bcdDevice=6d.59
[  685.989841][T14031] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  686.250940][T14031] usb 8-1: config 0 descriptor??
[  686.648105][T14256] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1892'.
[  686.785783][ T5863] usb 8-1: USB disconnect, device number 3
[  694.683795][   T29] audit: type=1400 audit(2000000365.900:648): avc:  denied  { ioctl } for  pid=14328 comm="syz.1.1913" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x125f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  694.988127][T14336] netlink: 132 bytes leftover after parsing attributes in process `syz.7.1914'.
[  695.932004][   T29] audit: type=1400 audit(2000000366.140:649): avc:  denied  { bind } for  pid=14331 comm="syz.7.1914" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  696.619509][   T29] audit: type=1400 audit(2000000368.160:650): avc:  denied  { name_bind } for  pid=14342 comm="syz.0.1918" src=20005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  697.589110][T14361] xt_cgroup: invalid path, errno=-2
[  699.296121][T14390] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  700.573908][T14401] netlink: 'syz.5.1930': attribute type 1 has an invalid length.
[  700.727187][   T29] audit: type=1400 audit(2000000372.720:651): avc:  denied  { read } for  pid=14399 comm="syz.5.1930" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  701.273455][T14406] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  702.063931][   T29] audit: type=1400 audit(2000000374.060:652): avc:  denied  { read write } for  pid=14405 comm="syz.7.1932" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  702.094274][T14406] kvm: pic: level sensitive irq not supported
[  702.094329][T14406] kvm: pic: non byte read
[  702.106321][T14406] kvm: pic: level sensitive irq not supported
[  702.106365][T14406] kvm: pic: non byte read
[  702.752369][T14406] kvm: pic: level sensitive irq not supported
[  702.752679][T14406] kvm: pic: non byte read
[  702.763501][   T29] audit: type=1400 audit(2000000374.060:653): avc:  denied  { open } for  pid=14405 comm="syz.7.1932" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  702.807112][T14406] kvm: pic: level sensitive irq not supported
[  702.807176][T14406] kvm: pic: non byte read
[  707.077031][   T29] audit: type=1400 audit(2000000379.010:654): avc:  denied  { bind } for  pid=14474 comm="syz.7.1942" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  707.961805][  T933] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  708.187902][   T29] audit: type=1400 audit(2000000380.180:655): avc:  denied  { getopt } for  pid=14491 comm="syz.0.1948" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  708.231623][  T933] usb 2-1: Using ep0 maxpacket: 16
[  708.384826][  T933] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  708.666137][T14031] libceph: connect (1)[c::]:6789 error -101
[  708.672486][T14031] libceph: mon0 (1)[c::]:6789 connect error
[  708.672959][  T933] usb 2-1: config 0 has no interface number 0
[  708.839344][  T933] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 208, changing to 11
[  708.850619][  T933] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 25296, setting to 1024
[  708.863334][  T933] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  708.881705][  T933] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  708.889820][  T933] usb 2-1: Product: syz
[  708.904207][  T933] usb 2-1: SerialNumber: syz
[  709.491126][T14031] libceph: connect (1)[c::]:6789 error -101
[  709.497344][T14031] libceph: mon0 (1)[c::]:6789 connect error
[  709.571633][  T933] usb 2-1: config 0 descriptor??
[  709.579278][  T933] cm109 2-1:0.8: invalid payload size 1024, expected 4
[  709.587556][  T933] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input21
[  710.497790][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  710.504331][T14031] libceph: connect (1)[c::]:6789 error -101
[  710.508039][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  710.510811][T14031] libceph: mon0 (1)[c::]:6789 connect error
[  710.518846][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  710.531595][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  710.538970][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  710.546318][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  710.553497][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  710.560658][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  710.567862][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  710.575012][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[  710.666228][  T933] usb 2-1: USB disconnect, device number 22
[  710.666282][    C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  710.671658][T14493] ceph: No mds server is up or the cluster is laggy
[  711.405625][  T933] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  712.796311][T14526] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1955'.
[  713.861759][T14537] tc_dump_action: action bad kind
[  715.952423][   T29] audit: type=1400 audit(2000000387.740:656): avc:  denied  { write } for  pid=14534 comm="syz.1.1958" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  716.554998][T14562] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate.
[  718.120927][T14571] infiniband syz2: set active
[  718.125754][T14571] infiniband syz2: added team_slave_1
[  718.148040][T14568] netlink: 'syz.5.1967': attribute type 10 has an invalid length.
[  718.165887][T14568] bridge0: port 3(erspan0) entered disabled state
[  718.172515][T14568] bridge0: port 2(bridge_slave_1) entered disabled state
[  718.179745][T14568] bridge0: port 1(bridge_slave_0) entered disabled state
[  718.190808][T14571] RDS/IB: syz2: added
[  718.195092][T14571] smc: adding ib device syz2 with port count 1
[  718.201258][T14571] smc:    ib device syz2 port 1 has pnetid 
[  718.209950][T14575] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1967'.
[  718.223373][T14568] bridge0: port 3(erspan0) entered blocking state
[  718.229887][T14568] bridge0: port 3(erspan0) entered forwarding state
[  718.238203][T14568] bridge0: port 2(bridge_slave_1) entered blocking state
[  718.245356][T14568] bridge0: port 2(bridge_slave_1) entered forwarding state
[  718.252773][T14568] bridge0: port 1(bridge_slave_0) entered blocking state
[  718.259928][T14568] bridge0: port 1(bridge_slave_0) entered forwarding state
[  718.271230][T14568] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  718.629646][T13117] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:a8aa:aaff:feaa:aa17 error=-28
[  718.645825][T14575] erspan0: left allmulticast mode
[  718.748297][T14575] erspan0: left promiscuous mode
[  718.784212][T14575] bridge0: port 3(erspan0) entered disabled state
[  719.041097][T14575] bridge_slave_1: left allmulticast mode
[  719.058736][T14575] bridge_slave_1: left promiscuous mode
[  719.074854][T14575] bridge0: port 2(bridge_slave_1) entered disabled state
[  719.131693][   T29] audit: type=1400 audit(2000000391.120:657): avc:  denied  { mount } for  pid=14581 comm="syz.4.1969" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[  719.163306][T14575] bridge_slave_0: left allmulticast mode
[  719.211199][T14575] bridge_slave_0: left promiscuous mode
[  719.286602][T14575] bridge0: port 1(bridge_slave_0) entered disabled state
[  719.374224][    T8] SELinux: failure in sel_netif_sid_slow(), invalid network interface (13)
[  719.376327][T14589] syz.1.1971[14589] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  719.399052][T14589] syz.1.1971[14589] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  719.434287][T14589] syz.1.1971[14589] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  719.453102][T14575] bond0: (slave bridge0): Releasing backup interface
[  719.832533][T14594] bridge_slave_0: left allmulticast mode
[  719.962381][T14594] bridge_slave_0: left promiscuous mode
[  720.060926][T14594] bridge0: port 1(bridge_slave_0) entered disabled state
[  720.186737][T14594] bridge_slave_1: left allmulticast mode
[  720.217425][T14594] bridge_slave_1: left promiscuous mode
[  720.237800][T14594] bridge0: port 2(bridge_slave_1) entered disabled state
[  720.255178][T14594] bond0: (slave bond_slave_0): Releasing backup interface
[  720.266146][T14594] bond0: (slave bond_slave_1): Releasing backup interface
[  720.283019][T14594] team0: Port device team_slave_0 removed
[  720.290879][T14594] team0: Port device team_slave_1 removed
[  720.297102][T14594] batman_adv: batadv0: Removing interface: batadv_slave_0
[  720.371816][T14594] batman_adv: batadv0: Removing interface: batadv_slave_1
[  720.394834][T14596] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  720.451647][T14596] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  720.460395][T14596] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  720.489266][T14596] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  720.498923][T14596] geneve2: entered promiscuous mode
[  720.512171][T14596] geneve2: entered allmulticast mode
[  720.549694][T14596] batman_adv: batadv0: Adding interface: geneve2
[  720.647562][T14596] batman_adv: batadv0: Interface activated: geneve2
[  726.226202][T14660] futex_wake_op: syz.5.1988 tries to shift op by -1; fix this program
[  727.042275][T14660] uprobe: syz.5.1988:14660 failed to unregister, leaking uprobe
[  728.141684][   T29] audit: type=1400 audit(2000000399.900:658): avc:  denied  { read } for  pid=14668 comm="syz.0.1993" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  728.641680][   T29] audit: type=1326 audit(2000000400.160:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14652 comm="syz.5.1988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f20a9785d29 code=0x7fc00000
[  730.537398][   T29] audit: type=1400 audit(2000000402.460:660): avc:  denied  { listen } for  pid=14691 comm="syz.5.2000" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  730.821072][   T29] audit: type=1400 audit(2000000402.810:661): avc:  denied  { getopt } for  pid=14681 comm="syz.1.1996" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  730.873919][T14695] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2001'.
[  730.899612][   T29] audit: type=1400 audit(2000000402.870:662): avc:  denied  { mount } for  pid=14694 comm="syz.0.1999" name="/" dev="nfsd" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfsd_fs_t tclass=filesystem permissive=1
[  730.932490][T14693] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  731.028026][   T29] audit: type=1400 audit(2000000403.020:663): avc:  denied  { mount } for  pid=14704 comm="syz.1.2003" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  731.358679][T14712] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  731.370991][T14712] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  731.613467][   T29] audit: type=1400 audit(2000000403.430:664): avc:  denied  { read } for  pid=14704 comm="syz.1.2003" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  732.631623][   T29] audit: type=1400 audit(2000000403.430:665): avc:  denied  { open } for  pid=14704 comm="syz.1.2003" path="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  732.836549][   T29] audit: type=1400 audit(2000000403.440:666): avc:  denied  { search } for  pid=14704 comm="syz.1.2003" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[  732.954227][   T29] audit: type=1400 audit(2000000403.440:667): avc:  denied  { getattr } for  pid=14704 comm="syz.1.2003" name="saved_tgids" dev="tracefs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=file permissive=1
[  733.688924][T14727] netlink: 'syz.4.2007': attribute type 13 has an invalid length.
[  733.715285][   T29] audit: type=1400 audit(2000000403.920:668): avc:  denied  { unmount } for  pid=5811 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[  733.752900][   T29] audit: type=1400 audit(2000000405.600:669): avc:  denied  { create } for  pid=14722 comm="syz.5.2008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  733.784328][   T29] audit: type=1400 audit(2000000405.600:670): avc:  denied  { bind } for  pid=14722 comm="syz.5.2008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  733.903591][   T29] audit: type=1400 audit(2000000405.600:671): avc:  denied  { connect } for  pid=14722 comm="syz.5.2008" lport=20001 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  736.974053][T14762] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2015'.
[  739.611636][T14780] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2021'.
[  739.951610][ T5813] Bluetooth: hci3: command 0x0406 tx timeout
[  740.181959][T14780] xt_connbytes: Forcing CT accounting to be enabled
[  740.188652][T14780] Cannot find del_set index 1 as target
[  741.401638][   T29] audit: type=1400 audit(2000000412.810:672): avc:  denied  { create } for  pid=14782 comm="syz.4.2022" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  741.688479][T14791] program syz.1.2024 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  741.785378][   T29] audit: type=1400 audit(2000000413.700:673): avc:  denied  { view } for  pid=14785 comm="syz.1.2024" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  742.109421][   T29] audit: type=1400 audit(2000000414.100:674): avc:  denied  { ioctl } for  pid=14781 comm="syz.5.2023" path="/dev/nvram" dev="devtmpfs" ino=623 ioctlcmd=0x5005 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  742.207436][T14799] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2027'.
[  743.153899][T14808] snd_dummy snd_dummy.0: control 2:16:0:syz0:-3 is already present
[  744.437449][   T29] audit: type=1400 audit(2000000416.430:675): avc:  denied  { setopt } for  pid=14815 comm="syz.4.2031" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  745.521600][T14031] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  745.672844][T14031] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 242, using maximum allowed: 30
[  745.684300][T14031] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 254, changing to 11
[  745.695549][T14031] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 242
[  745.909284][T14031] usb 8-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[  745.922420][T14031] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  745.942208][T14031] usb 8-1: config 0 descriptor??
[  746.390227][T14031] zydacron 0003:13EC:0006.000E: hidraw0: USB HID v0.03 Device [HID 13ec:0006] on usb-dummy_hcd.7-1/input0
[  747.123665][T14812] netlink: 'syz.7.2033': attribute type 1 has an invalid length.
[  747.151722][T14812] netlink: 'syz.7.2033': attribute type 2 has an invalid length.
[  747.341372][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  747.349980][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  747.426863][T14834] fuse: Bad value for 'fd'
[  748.481045][  T971] usb 8-1: USB disconnect, device number 4
[  751.326428][T14862] can0: slcan on ptm0.
[  754.302034][T14862] can0 (unregistered): slcan off ptm0.
[  756.014358][T14902] x_tables: ip_tables: osf match: only valid for protocol 6
[  759.638288][   T29] audit: type=1400 audit(2000000431.550:676): avc:  denied  { bind } for  pid=14907 comm="syz.7.2057" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[  767.124550][   T29] audit: type=1400 audit(2000000439.100:677): avc:  denied  { accept } for  pid=14944 comm="syz.7.2066" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  767.332491][   T29] audit: type=1400 audit(2000000439.320:678): avc:  denied  { setopt } for  pid=14958 comm="syz.5.2069" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  770.609666][   T29] audit: type=1400 audit(2000000442.600:679): avc:  denied  { getopt } for  pid=14987 comm="syz.5.2076" laddr=::ffff:0.0.0.0 lport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  770.657028][   T29] audit: type=1400 audit(2000000442.620:680): avc:  denied  { create } for  pid=14990 comm="syz.7.2077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  770.672067][T14993] sch_tbf: burst 4398 is lower than device lo mtu (1075109906) !
[  770.814667][   T29] audit: type=1400 audit(2000000442.620:681): avc:  denied  { setopt } for  pid=14990 comm="syz.7.2077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  771.041571][   T29] audit: type=1400 audit(2000000442.620:682): avc:  denied  { bind } for  pid=14990 comm="syz.7.2077" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  771.218518][   T29] audit: type=1400 audit(2000000443.210:683): avc:  denied  { write } for  pid=14987 comm="syz.5.2076" laddr=::ffff:172.20.20.10 lport=20000 faddr=::ffff:172.20.20.170 fport=20000 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  772.631639][    T8] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  772.704488][T14991] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2077'.
[  772.725751][T14991] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  773.601944][    T8] usb 6-1: device descriptor read/64, error -71
[  774.091751][ T5818] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  774.164447][T14998] can0: slcan on ptm0.
[  774.232255][    T8] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  775.059322][   T29] audit: type=1400 audit(2000000446.010:684): avc:  denied  { mount } for  pid=15018 comm="syz.7.2085" name="/" dev="hugetlbfs" ino=44994 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  775.614119][    T8] usb 6-1: device descriptor read/64, error -71
[  775.731736][   T29] audit: type=1400 audit(2000000447.660:685): avc:  denied  { unmount } for  pid=13607 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  775.752659][    T8] usb usb6-port1: attempt power cycle
[  775.803271][T14998] can0 (unregistered): slcan off ptm0.
[  775.866688][   T29] audit: type=1326 audit(2000000447.860:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15027 comm="syz.4.2087" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f27daf85d29 code=0x0
[  777.893328][  T971] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  778.218915][  T971] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  778.219052][  T971] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  778.219102][  T971] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  778.219222][  T971] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  778.219292][  T971] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  778.241238][T15055] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  778.895176][  T971] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  778.896752][  T971] usb 2-1: invalid MIDI out EP 0
[  779.108073][T15059] netlink: 44 bytes leftover after parsing attributes in process `syz.7.2094'.
[  780.111071][  T971] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[  780.396319][  T971] usb 2-1: USB disconnect, device number 23
[  780.508997][T15071] vivid-007: =================  START STATUS  =================
[  780.510731][T15071] vivid-007: Generate PTS: true
[  780.510963][T15071] vivid-007: Generate SCR: true
[  780.511164][T15071] tpg source WxH: 640x360 (Y'CbCr)
[  780.511197][T15071] tpg field: 1
[  780.511249][T15071] tpg crop: 640x360@0x0
[  780.511305][T15071] tpg compose: 640x360@0x0
[  780.511337][T15071] tpg colorspace: 8
[  780.511392][T15071] tpg transfer function: 0/0
[  780.511420][T15071] tpg Y'CbCr encoding: 0/0
[  780.511472][T15071] tpg quantization: 0/0
[  780.511627][T15071] tpg RGB range: 0/2
[  780.511682][T15071] vivid-007: ==================  END STATUS  ==================
[  780.971618][T15074] loop2: detected capacity change from 0 to 7
[  781.151915][T15074] Dev loop2: unable to read RDB block 7
[  781.151954][T15074]  loop2: unable to read partition table
[  781.152040][T15074] loop2: partition table beyond EOD, truncated
[  781.152055][T15074] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  784.302252][ T5813] Bluetooth: hci3: Invalid connection link type handle 0x00c9
[  784.747403][T15104] BTRFS info: 'norecovery' is for compatibility only, recommended to use 'rescue=nologreplay'
[  787.872969][   T29] audit: type=1400 audit(2000000459.460:687): avc:  denied  { listen } for  pid=15098 comm="syz.1.2105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  787.946295][   T29] audit: type=1400 audit(2000000459.560:688): avc:  denied  { accept } for  pid=15098 comm="syz.1.2105" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  789.660117][T15140] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2114'.
[  791.897101][T15164] 9pnet_virtio: no channels available for device syz
[  792.705586][T15168] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  793.969672][T15176] hub 9-0:1.0: USB hub found
[  793.978674][T15176] hub 9-0:1.0: 1 port detected
[  794.217033][T15178] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2124'.
[  794.390370][   T29] audit: type=1400 audit(2000000466.380:689): avc:  denied  { map } for  pid=15173 comm="syz.0.2124" path="socket:[46047]" dev="sockfs" ino=46047 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  794.694566][   T29] audit: type=1400 audit(2000000466.450:690): avc:  denied  { ioctl } for  pid=15173 comm="syz.0.2124" path="socket:[46257]" dev="sockfs" ino=46257 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  795.899234][T15192] TCP: out of memory -- consider tuning tcp_mem
[  797.653451][   T29] audit: type=1400 audit(2000000469.630:691): avc:  denied  { ioctl } for  pid=15203 comm="syz.5.2133" path="/dev/fuse" dev="devtmpfs" ino=99 ioctlcmd=0xe501 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  797.751899][   T29] audit: type=1400 audit(2000000469.720:692): avc:  denied  { ioctl } for  pid=15203 comm="syz.5.2133" path="socket:[46310]" dev="sockfs" ino=46310 ioctlcmd=0x89e7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[  798.581597][ T5900] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[  798.873220][ T5900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  798.885480][ T5900] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  798.898216][ T5900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  798.912704][ T5900] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  799.041901][ T5900] usb 6-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  799.050960][ T5900] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  799.086581][ T5900] usb 6-1: Product: syz
[  799.090790][ T5900] usb 6-1: Manufacturer: syz
[  799.117747][ T5900] usb 6-1: SerialNumber: syz
[  799.147141][ T5900] usb 6-1: config 0 descriptor??
[  799.165279][ T5900] ums-isd200 6-1:0.0: USB Mass Storage device detected
[  799.460684][T15228] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2135'.
[  799.476503][ T5900] scsi host1: usb-storage 6-1:0.0
[  799.541995][ T5900] usb 6-1: USB disconnect, device number 22
[  807.170935][T15295] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2153'.
[  807.189201][   T29] audit: type=1326 audit(2000000479.160:693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15288 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f5b85d29 code=0x7ffc0000
[  807.189440][   T29] audit: type=1326 audit(2000000479.160:694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15288 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f5b85d29 code=0x7ffc0000
[  807.189563][   T29] audit: type=1326 audit(2000000479.160:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15288 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f56f5b85d29 code=0x7ffc0000
[  807.189918][   T29] audit: type=1326 audit(2000000479.160:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15288 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f5b85d29 code=0x7ffc0000
[  807.190029][   T29] audit: type=1326 audit(2000000479.160:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15288 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f5b85d29 code=0x7ffc0000
[  807.190147][   T29] audit: type=1326 audit(2000000479.160:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15288 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f56f5b85d29 code=0x7ffc0000
[  807.190249][   T29] audit: type=1326 audit(2000000479.160:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15288 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f5b85d29 code=0x7ffc0000
[  807.190461][   T29] audit: type=1326 audit(2000000479.160:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15288 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f5b85d29 code=0x7ffc0000
[  807.190587][   T29] audit: type=1326 audit(2000000479.160:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15288 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f56f5b85d29 code=0x7ffc0000
[  807.190690][   T29] audit: type=1326 audit(2000000479.160:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15288 comm="syz.0.2153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f56f5b85d29 code=0x7ffc0000
[  809.080829][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  809.080876][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  809.430568][T15302] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  809.561297][T15308] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  809.561427][T15308] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  810.768767][T15314] : entered promiscuous mode
[  814.598418][T15352] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  814.609915][T15352] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  815.447249][   T29] kauditd_printk_skb: 13 callbacks suppressed
[  815.447266][   T29] audit: type=1400 audit(2000000487.440:716): avc:  denied  { unmount } for  pid=13607 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  821.275663][T15390] A link change request failed with some changes committed already. Interface ip6gre0 may have been left with an inconsistent configuration, please check.
[  821.941870][   T29] audit: type=1400 audit(2000000493.360:717): avc:  denied  { name_bind } for  pid=15402 comm="syz.5.2180" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  822.002397][T15401] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  822.010049][T15401] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  824.127307][ T5813] Bluetooth: hci3: command 0x0406 tx timeout
[  825.128565][T15433] vhci_hcd vhci_hcd.0: pdev(7) rhport(0) sockfd(3)
[  825.135124][T15433] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  825.161555][T15433] vhci_hcd vhci_hcd.0: Device attached
[  825.348936][T15449] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  825.413576][T15438] vhci_hcd vhci_hcd.0: pdev(7) rhport(1) sockfd(7)
[  825.420137][T15438] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  825.542247][T15453] netlink: 1788 bytes leftover after parsing attributes in process `syz.4.2190'.
[  826.113362][T15438] vhci_hcd vhci_hcd.0: Device attached
[  826.191926][   T29] audit: type=1400 audit(2000000497.520:718): avc:  denied  { bind } for  pid=15441 comm="syz.4.2190" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  826.231750][ T5813] Bluetooth: hci3: command 0x0406 tx timeout
[  826.254235][  T933] vhci_hcd: vhci_device speed not set
[  826.265919][   T29] audit: type=1400 audit(2000000497.520:719): avc:  denied  { name_bind } for  pid=15441 comm="syz.4.2190" src=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=icmp_socket permissive=1
[  826.293847][   T29] audit: type=1400 audit(2000000497.520:720): avc:  denied  { node_bind } for  pid=15441 comm="syz.4.2190" saddr=6d66:7300:: src=627 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  826.321976][  T933] usb 47-1: new full-speed USB device number 2 using vhci_hcd
[  826.376830][T15449] vhci_hcd vhci_hcd.0: pdev(7) rhport(3) sockfd(12)
[  826.383479][T15449] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  826.434495][   T29] audit: type=1400 audit(2000000498.410:721): avc:  denied  { map } for  pid=15429 comm="syz.0.2187" path="/proc/1472/net/route" dev="proc" ino=4026533323 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  826.632903][T15449] vhci_hcd vhci_hcd.0: Device attached
[  826.642211][T15433] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  826.712021][T15433] vhci_hcd vhci_hcd.0: pdev(7) rhport(5) sockfd(15)
[  826.718659][T15433] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  826.732163][T15438] vhci_hcd vhci_hcd.0: pdev(7) rhport(6) sockfd(18)
[  826.738796][T15438] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  826.747183][T15438] vhci_hcd vhci_hcd.0: Device attached
[  826.753036][T15433] vhci_hcd vhci_hcd.0: Device attached
[  826.891862][T15438] vhci_hcd vhci_hcd.0: pdev(7) rhport(7) sockfd(20)
[  826.898461][T15438] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  827.096241][T15438] vhci_hcd vhci_hcd.0: Device attached
[  827.784486][T15449] mkiss: ax0: crc mode is auto.
[  827.880682][T15433] vhci_hcd vhci_hcd.0: port 0 already used
[  829.532972][T15454] vhci_hcd: connection closed
[  829.534873][T15460] vhci_hcd: connection closed
[  829.534938][T15458] vhci_hcd: connection closed
[  829.540334][T15434] vhci_hcd: connection reset by peer
[  829.544492][T15446] vhci_hcd: connection closed
[  829.554565][T13126] vhci_hcd: stop threads
[  829.564322][T15465] vhci_hcd: connection closed
[  829.567054][T13126] vhci_hcd: release socket
[  829.579435][T13126] vhci_hcd: disconnect device
[  829.589173][T13126] vhci_hcd: stop threads
[  829.598924][T13126] vhci_hcd: release socket
[  829.622693][T13126] vhci_hcd: disconnect device
[  829.637152][T13126] vhci_hcd: stop threads
[  829.647287][T13126] vhci_hcd: release socket
[  829.671359][T13126] vhci_hcd: disconnect device
[  829.712147][T13126] vhci_hcd: stop threads
[  829.720879][T15488] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2197'.
[  829.742919][T13126] vhci_hcd: release socket
[  829.779147][T15490] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=2051 sclass=netlink_route_socket pid=15490 comm=syz.0.2197
[  829.800110][T15490] netlink: del zone limit has 8 unknown bytes
[  829.801668][T13126] vhci_hcd: disconnect device
[  829.824506][T13126] vhci_hcd: stop threads
[  830.076353][T13126] vhci_hcd: release socket
[  830.462608][T13126] vhci_hcd: disconnect device
[  830.599970][T13126] vhci_hcd: stop threads
[  830.604607][T13126] vhci_hcd: release socket
[  830.609139][T13126] vhci_hcd: disconnect device
[  831.432834][  T933] vhci_hcd: vhci_device speed not set
[  833.226932][   T29] audit: type=1800 audit(2000000505.000:722): pid=15520 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.1.2205" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  835.372398][T15526] xt_TPROXY: Can be used only with -p tcp or -p udp
[  835.979015][T15522] mkiss: ax0: crc mode is auto.
[  836.183228][T15547] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap2
[  836.193538][T15547] batman_adv: batadv0: Adding interface: gretap2
[  836.199858][T15547] batman_adv: batadv0: The MTU of interface gretap2 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  836.867526][T15547] batman_adv: batadv0: Not using interface gretap2 (retrying later): interface not active
[  839.837286][   T29] audit: type=1400 audit(2000000511.780:723): avc:  denied  { mount } for  pid=15564 comm="syz.0.2217" name="/" dev="rpc_pipefs" ino=46842 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:rpc_pipefs_t tclass=filesystem permissive=1
[  840.807410][T15585] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  840.821417][T15585] Error validating options; rc = [-22]
[  842.934338][   T29] audit: type=1400 audit(2000000514.930:724): avc:  denied  { shutdown } for  pid=15599 comm="syz.4.2226" lport=48059 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  843.242975][T15605] ALSA: mixer_oss: invalid OSS volume ''
[  845.076008][T15630] syz.5.2234: attempt to access beyond end of device
[  845.076008][T15630] nbd5: rw=2048, sector=0, nr_sectors = 8 limit=0
[  845.089258][T15630] SQUASHFS error: Failed to read block 0x0: -5
[  845.095669][T15630] unable to read squashfs_super_block
[  848.128605][   T29] audit: type=1326 audit(2000000519.520:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15639 comm="syz.4.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  848.329159][   T29] audit: type=1326 audit(2000000519.520:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15639 comm="syz.4.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  848.373806][   T29] audit: type=1326 audit(2000000519.620:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15639 comm="syz.4.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  849.196609][   T29] audit: type=1326 audit(2000000519.620:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15639 comm="syz.4.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  849.283835][   T29] audit: type=1326 audit(2000000519.620:729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15639 comm="syz.4.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  849.958901][   T29] audit: type=1326 audit(2000000519.720:730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15639 comm="syz.4.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  849.999224][   T29] audit: type=1326 audit(2000000519.720:731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15639 comm="syz.4.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  850.883863][   T29] audit: type=1326 audit(2000000519.720:732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15639 comm="syz.4.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  850.923262][   T29] audit: type=1326 audit(2000000519.820:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15639 comm="syz.4.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=285 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  850.947691][   T29] audit: type=1326 audit(2000000519.820:734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15639 comm="syz.4.2238" exe="/root/syz-executor" sig=0 arch=c000003e syscall=96 compat=0 ip=0xffffffffff600000 code=0x7ffc0000
[  853.381617][   T29] kauditd_printk_skb: 8 callbacks suppressed
[  853.381637][   T29] audit: type=1326 audit(2000000525.130:743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.4.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  854.418477][   T29] audit: type=1326 audit(2000000525.130:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15675 comm="syz.4.2248" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f27daf85d29 code=0x7ffc0000
[  855.607735][   T29] audit: type=1400 audit(2000000527.570:745): avc:  denied  { mounton } for  pid=15696 comm="syz.5.2253" path="/379/file0" dev="configfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  855.861627][   T29] audit: type=1400 audit(2000000527.580:746): avc:  denied  { read } for  pid=15696 comm="syz.5.2253" name="/" dev="configfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  855.885072][   T29] audit: type=1400 audit(2000000527.580:747): avc:  denied  { open } for  pid=15696 comm="syz.5.2253" path="/379/file0" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  860.273687][T15732] netlink: 1788 bytes leftover after parsing attributes in process `syz.5.2260'.
[  860.295263][T15738] siw: device registration error -23
[  861.288182][T13117] __ib_cache_gid_add: unable to add gid fe80:0000:0000:0000:a8aa:aaff:feaa:aa18 error=-28
[  861.751808][   T29] audit: type=1400 audit(2000000533.730:748): avc:  denied  { name_bind } for  pid=15750 comm="syz.7.2267" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=rawip_socket permissive=1
[  862.410652][   T29] audit: type=1400 audit(2000000533.730:749): avc:  denied  { accept } for  pid=15750 comm="syz.7.2267" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  867.694341][T15798] 9pnet_fd: Insufficient options for proto=fd
[  868.002384][T15796] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  868.552084][   T29] audit: type=1400 audit(2000000540.470:750): avc:  denied  { search } for  pid=15803 comm="syz.5.2280" name="/" dev="configfs" ino=121 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  870.233259][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  870.239540][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[  870.354849][T15820] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  871.299307][T15831] overlayfs: missing 'lowerdir'
[  872.024831][   T29] audit: type=1400 audit(2000003104.018:751): avc:  denied  { remount } for  pid=15834 comm="syz.7.2288" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  874.668304][T15859] ipt_REJECT: TCP_RESET invalid for non-tcp
[  875.199735][   T29] audit: type=1800 audit(2000003107.118:752): pid=15868 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.5.2295" name="SYSV00000000" dev="hugetlbfs" ino=3 res=0 errno=0
[  876.801482][T15879] syz.5.2299[15879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  876.801567][T15879] syz.5.2299[15879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  876.813149][T15879] syz.5.2299[15879] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  878.547363][  T933] IPVS: starting estimator thread 0...
[  878.642170][T15892] netlink: 'syz.5.2302': attribute type 4 has an invalid length.
[  878.803936][T15891] IPVS: using max 25 ests per chain, 60000 per kthread
[  878.990805][T15884] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2303'.
[  879.101769][T15888] netlink: 165 bytes leftover after parsing attributes in process `syz.0.2301'.
[  881.447982][   T29] audit: type=1400 audit(2000003113.349:753): avc:  denied  { watch } for  pid=15912 comm="syz.5.2309" path="/393/net_prio.prioidx" dev="tmpfs" ino=2102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  881.930181][   T29] audit: type=1400 audit(2000003113.349:754): avc:  denied  { watch_sb } for  pid=15912 comm="syz.5.2309" path="/393/net_prio.prioidx" dev="tmpfs" ino=2102 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  882.569191][   T29] audit: type=1800 audit(2000003114.469:755): pid=15924 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.4.2312" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  883.352421][T15929] befs: (nbd5): No write support. Marking filesystem read-only
[  883.361851][T15929] syz.5.2313: attempt to access beyond end of device
[  883.361851][T15929] nbd5: rw=0, sector=0, nr_sectors = 2 limit=0
[  883.374896][T15929] befs: (nbd5): unable to read superblock
[  885.684171][   T25] libceph: connect (1)[c::]:6789 error -101
[  885.719995][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  887.043426][   T29] audit: type=1400 audit(2000003119.040:756): avc:  denied  { read } for  pid=15961 comm="syz.5.2323" path="socket:[49505]" dev="sockfs" ino=49505 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  887.051983][   T25] libceph: connect (1)[c::]:6789 error -101
[  888.121000][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  888.773293][   T25] libceph: connect (1)[c::]:6789 error -101
[  888.779430][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  888.783847][T15953] ceph: No mds server is up or the cluster is laggy
[  889.009858][   T25] libceph: connect (1)[c::]:6789 error -101
[  889.019461][   T25] libceph: mon0 (1)[c::]:6789 connect error
[  891.048131][ T5900] libceph: connect (1)[c::]:6789 error -101
[  891.069473][ T5900] libceph: mon0 (1)[c::]:6789 connect error
[  891.717962][   T29] audit: type=1400 audit(2000003123.710:757): avc:  denied  { create } for  pid=15986 comm="syz.4.2329" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_dnrt_socket permissive=1
[  891.750310][ T5900] libceph: connect (1)[c::]:6789 error -101
[  892.074591][   T29] audit: type=1400 audit(2000003123.950:758): avc:  denied  { read write } for  pid=7170 comm="syz-executor" name="loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  892.128651][ T5900] libceph: mon0 (1)[c::]:6789 connect error
[  892.216830][   T29] audit: type=1400 audit(2000003123.950:759): avc:  denied  { open } for  pid=7170 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=652 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  892.241061][   T29] audit: type=1400 audit(2000003123.950:760): avc:  denied  { ioctl } for  pid=7170 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=652 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  892.486074][T15988] ceph: No mds server is up or the cluster is laggy
[  893.258999][ T5900] libceph: connect (1)[c::]:6789 error -101
[  893.286800][ T5900] libceph: mon0 (1)[c::]:6789 connect error
[  894.018633][T16026] dlm: no local IP address has been set
[  894.024922][T16026] dlm: cannot start dlm midcomms -107
[  896.954502][T16048] 
[  896.956859][T16048] ======================================================
[  896.963874][T16048] WARNING: possible circular locking dependency detected
[  896.970880][T16048] 6.13.0-syzkaller #0 Not tainted
[  896.975886][T16048] ------------------------------------------------------
[  896.982887][T16048] syz.5.2343/16048 is trying to acquire lock:
[  896.988935][T16048] ffff88803773b2a0 (&mm->mmap_lock){++++}-{4:4}, at: __might_fault+0xe3/0x190
[  896.997819][T16048] 
[  896.997819][T16048] but task is already holding lock:
[  897.005171][T16048] ffff888143fec3c8 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_setup+0x33/0x70
[  897.014407][T16048] 
[  897.014407][T16048] which lock already depends on the new lock.
[  897.014407][T16048] 
[  897.024794][T16048] 
[  897.024794][T16048] the existing dependency chain (in reverse order) is:
[  897.033787][T16048] 
[  897.033787][T16048] -> #5 (&q->debugfs_mutex){+.+.}-{4:4}:
[  897.041603][T16048]        __mutex_lock+0x19b/0xa60
[  897.046628][T16048]        blk_mq_init_sched+0x42b/0x640
[  897.052083][T16048]        elevator_init_mq+0x2cd/0x420
[  897.057441][T16048]        add_disk_fwnode+0x113/0x1300
[  897.062805][T16048]        sd_probe+0xa86/0x1000
[  897.067569][T16048]        really_probe+0x23e/0xa90
[  897.072587][T16048]        __driver_probe_device+0x1de/0x440
[  897.078395][T16048]        driver_probe_device+0x4c/0x1b0
[  897.083930][T16048]        __device_attach_driver+0x1df/0x310
[  897.089813][T16048]        bus_for_each_drv+0x157/0x1e0
[  897.095175][T16048]        __device_attach_async_helper+0x1d3/0x290
[  897.101579][T16048]        async_run_entry_fn+0x9c/0x530
[  897.107032][T16048]        process_one_work+0x9c5/0x1ba0
[  897.112481][T16048]        worker_thread+0x6c8/0xf00
[  897.117587][T16048]        kthread+0x2c1/0x3a0
[  897.122179][T16048]        ret_from_fork+0x45/0x80
[  897.127110][T16048]        ret_from_fork_asm+0x1a/0x30
[  897.132396][T16048] 
[  897.132396][T16048] -> #4 (&q->q_usage_counter(queue)#50){++++}-{0:0}:
[  897.141255][T16048]        blk_queue_enter+0x50f/0x640
[  897.146539][T16048]        blk_mq_alloc_request+0x59b/0x950
[  897.152252][T16048]        scsi_execute_cmd+0x1da/0xf40
[  897.157615][T16048]        read_capacity_16+0x213/0xe10
[  897.162979][T16048]        sd_revalidate_disk.isra.0+0x1a06/0xa8d0
[  897.169299][T16048]        sd_probe+0x904/0x1000
[  897.174055][T16048]        really_probe+0x23e/0xa90
[  897.179069][T16048]        __driver_probe_device+0x1de/0x440
[  897.184862][T16048]        driver_probe_device+0x4c/0x1b0
[  897.190396][T16048]        __device_attach_driver+0x1df/0x310
[  897.196277][T16048]        bus_for_each_drv+0x157/0x1e0
[  897.201631][T16048]        __device_attach_async_helper+0x1d3/0x290
[  897.208040][T16048]        async_run_entry_fn+0x9c/0x530
[  897.213491][T16048]        process_one_work+0x9c5/0x1ba0
[  897.218937][T16048]        worker_thread+0x6c8/0xf00
[  897.224038][T16048]        kthread+0x2c1/0x3a0
[  897.228621][T16048]        ret_from_fork+0x45/0x80
[  897.233543][T16048]        ret_from_fork_asm+0x1a/0x30
[  897.238822][T16048] 
[  897.238822][T16048] -> #3 (&q->limits_lock){+.+.}-{4:4}:
[  897.246453][T16048]        __mutex_lock+0x19b/0xa60
[  897.251469][T16048]        __nbd_set_size+0x2c0/0x730
[  897.256662][T16048]        nbd_start_device+0x8fd/0xd70
[  897.262021][T16048]        nbd_ioctl+0x21a/0xfd0
[  897.266773][T16048]        blkdev_ioctl+0x276/0x6d0
[  897.271790][T16048]        __x64_sys_ioctl+0x190/0x200
[  897.277068][T16048]        do_syscall_64+0xcd/0x250
[  897.282084][T16048]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  897.288489][T16048] 
[  897.288489][T16048] -> #2 (&q->q_usage_counter(io)#51){++++}-{0:0}:
[  897.297081][T16048]        blk_mq_submit_bio+0x1fb6/0x24c0
[  897.302699][T16048]        __submit_bio+0x384/0x540
[  897.307708][T16048]        submit_bio_noacct_nocheck+0x698/0xd70
[  897.313854][T16048]        submit_bio_noacct+0x93a/0x1e20
[  897.319388][T16048]        block_read_full_folio+0x812/0xa50
[  897.325182][T16048]        filemap_read_folio+0xc6/0x2a0
[  897.330628][T16048]        filemap_get_pages+0x155f/0x1be0
[  897.336246][T16048]        filemap_read+0x3ca/0xd70
[  897.341255][T16048]        blkdev_read_iter+0x187/0x480
[  897.346612][T16048]        vfs_read+0x87f/0xbe0
[  897.351277][T16048]        ksys_read+0x12b/0x250
[  897.356026][T16048]        do_syscall_64+0xcd/0x250
[  897.361041][T16048]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  897.367450][T16048] 
[  897.367450][T16048] -> #1 (mapping.invalidate_lock#2){++++}-{4:4}:
[  897.375954][T16048]        down_read+0x9a/0x330
[  897.380624][T16048]        filemap_fault+0x62c/0x2820
[  897.385809][T16048]        __do_fault+0x10a/0x490
[  897.390648][T16048]        do_pte_missing+0xebd/0x3e00
[  897.395924][T16048]        __handle_mm_fault+0x103c/0x2a40
[  897.401542][T16048]        handle_mm_fault+0x3fa/0xaa0
[  897.406815][T16048]        do_user_addr_fault+0x7a3/0x13f0
[  897.412434][T16048]        exc_page_fault+0x5c/0xc0
[  897.417448][T16048]        asm_exc_page_fault+0x26/0x30
[  897.422810][T16048]        rep_movs_alternative+0x4a/0x70
[  897.428339][T16048]        _copy_from_iter+0x385/0x1560
[  897.433700][T16048]        tipc_msg_build+0x308/0x1120
[  897.438979][T16048]        __tipc_sendstream+0x6fa/0x1190
[  897.444519][T16048]        tipc_sendstream+0x4f/0x70
[  897.449620][T16048]        sock_write_iter+0x4fe/0x5b0
[  897.454895][T16048]        vfs_write+0x5ae/0x1150
[  897.459730][T16048]        ksys_write+0x207/0x250
[  897.464565][T16048]        do_syscall_64+0xcd/0x250
[  897.469578][T16048]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  897.475984][T16048] 
[  897.475984][T16048] -> #0 (&mm->mmap_lock){++++}-{4:4}:
[  897.483526][T16048]        __lock_acquire+0x249e/0x3c40
[  897.488885][T16048]        lock_acquire.part.0+0x11b/0x380
[  897.494511][T16048]        __might_fault+0x11b/0x190
[  897.499613][T16048]        _copy_from_user+0x29/0xd0
[  897.504731][T16048]        __blk_trace_setup+0xa8/0x180
[  897.510113][T16048]        blk_trace_setup+0x47/0x70
[  897.515226][T16048]        sg_ioctl+0x65e/0x2750
[  897.519998][T16048]        __x64_sys_ioctl+0x190/0x200
[  897.525280][T16048]        do_syscall_64+0xcd/0x250
[  897.530303][T16048]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  897.536714][T16048] 
[  897.536714][T16048] other info that might help us debug this:
[  897.536714][T16048] 
[  897.546921][T16048] Chain exists of:
[  897.546921][T16048]   &mm->mmap_lock --> &q->q_usage_counter(queue)#50 --> &q->debugfs_mutex
[  897.546921][T16048] 
[  897.561259][T16048]  Possible unsafe locking scenario:
[  897.561259][T16048] 
[  897.568699][T16048]        CPU0                    CPU1
[  897.574044][T16048]        ----                    ----
[  897.579387][T16048]   lock(&q->debugfs_mutex);
[  897.583961][T16048]                                lock(&q->q_usage_counter(queue)#50);
[  897.592107][T16048]                                lock(&q->debugfs_mutex);
[  897.599200][T16048]   rlock(&mm->mmap_lock);
[  897.603608][T16048] 
[  897.603608][T16048]  *** DEADLOCK ***
[  897.603608][T16048] 
[  897.611729][T16048] 1 lock held by syz.5.2343/16048:
[  897.616819][T16048]  #0: ffff888143fec3c8 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_setup+0x33/0x70
[  897.626479][T16048] 
[  897.626479][T16048] stack backtrace:
[  897.632349][T16048] CPU: 0 UID: 0 PID: 16048 Comm: syz.5.2343 Not tainted 6.13.0-syzkaller #0
[  897.641009][T16048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  897.651048][T16048] Call Trace:
[  897.654313][T16048]  <TASK>
[  897.657230][T16048]  dump_stack_lvl+0x116/0x1f0
[  897.661903][T16048]  print_circular_bug+0x419/0x5d0
[  897.666920][T16048]  check_noncircular+0x31a/0x400
[  897.671845][T16048]  ? __pfx_check_noncircular+0x10/0x10
[  897.677292][T16048]  ? lockdep_lock+0xc6/0x200
[  897.681876][T16048]  ? __pfx_lockdep_lock+0x10/0x10
[  897.686892][T16048]  __lock_acquire+0x249e/0x3c40
[  897.691733][T16048]  ? __pfx___lock_acquire+0x10/0x10
[  897.696920][T16048]  ? trace_lock_acquire+0x14e/0x1f0
[  897.702111][T16048]  ? __pfx_mark_lock+0x10/0x10
[  897.706866][T16048]  lock_acquire.part.0+0x11b/0x380
[  897.711966][T16048]  ? __might_fault+0xe3/0x190
[  897.716640][T16048]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  897.722261][T16048]  ? rcu_is_watching+0x12/0xc0
[  897.727019][T16048]  ? trace_lock_acquire+0x14e/0x1f0
[  897.732208][T16048]  ? __might_fault+0xe3/0x190
[  897.736877][T16048]  ? lock_acquire+0x2f/0xb0
[  897.741373][T16048]  ? __might_fault+0xe3/0x190
[  897.746044][T16048]  ? __might_fault+0xe3/0x190
[  897.750718][T16048]  __might_fault+0x11b/0x190
[  897.755302][T16048]  ? __might_fault+0xe3/0x190
[  897.759974][T16048]  _copy_from_user+0x29/0xd0
[  897.764554][T16048]  __blk_trace_setup+0xa8/0x180
[  897.769402][T16048]  ? __pfx___blk_trace_setup+0x10/0x10
[  897.774858][T16048]  ? do_vfs_ioctl+0x513/0x1990
[  897.779633][T16048]  blk_trace_setup+0x47/0x70
[  897.784217][T16048]  sg_ioctl+0x65e/0x2750
[  897.788456][T16048]  ? ioctl_has_perm.constprop.0.isra.0+0x2fc/0x450
[  897.794951][T16048]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  897.801793][T16048]  ? __pfx_sg_ioctl+0x10/0x10
[  897.806460][T16048]  ? __pfx_lock_release+0x10/0x10
[  897.811478][T16048]  ? selinux_file_ioctl+0x180/0x270
[  897.816668][T16048]  ? selinux_file_ioctl+0xb4/0x270
[  897.821773][T16048]  ? __pfx_sg_ioctl+0x10/0x10
[  897.826441][T16048]  __x64_sys_ioctl+0x190/0x200
[  897.831199][T16048]  do_syscall_64+0xcd/0x250
[  897.835698][T16048]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  897.841585][T16048] RIP: 0033:0x7f20a9785d29
[  897.845984][T16048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  897.865579][T16048] RSP: 002b:00007f20aa683038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  897.873980][T16048] RAX: ffffffffffffffda RBX: 00007f20a9976080 RCX: 00007f20a9785d29
[  897.881940][T16048] RDX: 00000000200006c0 RSI: 00000000c0481273 RDI: 0000000000000006
[  897.889896][T16048] RBP: 00007f20a9801b08 R08: 0000000000000000 R09: 0000000000000000
[  897.897855][T16048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  897.905810][T16048] R13: 0000000000000000 R14: 00007f20a9976080 R15: 00007fff2b9f8558
[  897.913776][T16048]  </TASK>